Comments (7)
Creating ldap.toml
is currently not directly supported. However, the Grafana CR allows you to specify a list of secrets that are added to the Grafana pod as volumes (see the docs here). The name of the extra volume will be secret-<secret name>
. You could have a Secret with a key ldap.toml
and the file contents as the value and use this mechanism to mount it to a directory inside the Grafana pod.
An example of how we use this can be found here: https://github.com/integr8ly/application-monitoring-operator/blob/master/templates/grafana.yaml#L48
I agree that ConfigMaps would be more suitable but currently the Grafana CR only accepts a list of secrets. But i'm thinking about adding configmap mounting support for a while.
Please let me know if this works for you.
from grafana-operator.
Sorry, we don't currently create volume mounts for those extra volumes in the Grafana pod. So this won't work. But thats a good use case for it and we should probably implement it.
from grafana-operator.
I wonder why not implement handling of GrafanaConfigAuthLdap
instead?
from grafana-operator.
I'd like to keep it as generic as possible. Being able to mount files into the Grafana pod in combination with the the configuration in the Grafana CR should work for your use case and probably a number of others as well.
from grafana-operator.
I'd like to keep it as generic as possible.
So rather remove GrafanaConfigAuthLdap
and insert an init-container, which then copies content of configMaps
into volumes!?
from grafana-operator.
No, the idea is not to remove GrafanaConfigAuthLdap. I'm not familiar with LDAP configuration in Grafana, but it looks like the following is needed:
- Configure LDAP as described in the Grafana docs. This is already possible with GrafanaConfigAuthLdap. You need to provide a path to ldap.toml in that config, so...
- ...give users a way to provide ldap.toml in the Grafana pod. Using a ConfigMap is probably the way to go and the idea is to allow mounting configmaps as volumes (and volumemounts) via the Grafana CR.
It would probably look something like this:
apiVersion: integreatly.org/v1alpha1
kind: Grafana
...
spec:
config:
auth.ldap:
config_file: "/etc/configmaps/ldap-toml/ldap.toml"
configmaps:
- ldap-tomp
...
The operator would then automatically add a volumes for all configmaps to the Grafana pod and also mount every configmap under /etc/configmaps/<config map name>
. Keys in the configmap would be available as files in this directory.
This is also how its implemented in the Prometheus operator. Do you think that would cover all requirements for configuring LDAP?
from grafana-operator.
ping @abergmeier. The proposed solution is now implemented in #49 , mind giving it a try?
from grafana-operator.
Related Issues (20)
- Prometheus data source for "Azure Monitor for Prometheus" with workload identity does not work HOT 5
- [Bug] grafana operator 5.6.0 -> 5.6.1 upgrade issues openshift HOT 28
- [Bug] instanceSelector.matchExpressions not working for GrafanaDatasource HOT 1
- Dashboard from configmap using selector HOT 4
- Grafana deployment with a Persistent Volume HOT 4
- Service account automountServiceAccountToken should be set to false HOT 3
- Service Account for grafana instance does not get annotations HOT 2
- [Bug] Unable to set custom secrets without defining grafana container image HOT 6
- watch namespaces using a label selector
- [Bug] Unable to upgrade from v5.6.0 on OpenShift HOT 10
- [doc] Grafana deployment with a Persistent Volume HOT 6
- Unable to limit which Grafana can use which dashboards (v5 operator) HOT 4
- Add make it possible to disable editing of a dashboard from a grafanadashboard CRD HOT 9
- ArgoCD healthcheck and GrafanaDashboard HOT 5
- Apply the default Grafana Version to the CR spec HOT 3
- Pull JSON from GitHub into Grafana for persistent existance of a dashboard HOT 5
- Add status conditions to all objects HOT 2
- Report error when using alerting on older Grafana versions
- Add support for Notification Policies
- Add support for Contact Points HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grafana-operator.