Added the monitor-dashboard POC

playbooks/openshift-apps/monitor_dashboard.yml

@@ -0,0 +1,31 @@
+- name: make the app be real
+  hosts: os_masters_stg[0]:os_masters
+  user: root
+  gather_facts: False
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - "/srv/private/ansible/vars.yml"
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - role: openshift/project
+    app: monitor-dashboard
+    description: POC for the dashboards
+    appowners:
+    - cverna
+    - pingou
+    - asaleh
+    - nphilipp
+    - scoady
+    - wwoods
+
+  - role: openshift/object
+    app: monitor-dashboard
+    template: configmap.yml
+    objectname: configmap.yml
+
+  - role: openshift/object
+    app: monitor-dashboard
+    template: deploymentconfig.yml
+    objectname: deploymentconfig.yml

roles/openshift-apps/monitor-dashboard/templates/configmap.yml

@@ -0,0 +1,26 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: grafana-datasources
+  labels:
+    app: monitor-dashboard
+data:
+  datasource.yml: |-
+    apiVersion: 1
+    datasources:
+      - name: Datanommer
+        type: postgres
+        url: db-datanommer01.iad2.fedoraproject.org:5432
+        database: datanommer
+        user: datanommer_ro
+        secureJsonData:
+          password: "{{ datanommer_ro_password }}"
+        jsonData:
+          sslmode: "disable" # disable/require/verify-ca/verify-full
+          maxOpenConns: 0         # Grafana v5.4+
+          maxIdleConns: 2         # Grafana v5.4+
+          connMaxLifetime: 14400  # Grafana v5.4+
+          postgresVersion: 12000 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10
+          timescaledb: false
+

roles/openshift-apps/monitor-dashboard/templates/deploymentconfig.yml

@@ -0,0 +1,67 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: grafana
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: grafana
+  template:
+    metadata:
+      labels:
+        name: grafana
+      name: grafana
+    spec:
+      containers:
+        - args:
+            - "-provider=openshift"
+            - "-openshift-service-account=grafana"
+            - "-upstream=http://localhost:3000"
+            - "-client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token"
+            - "-cookie-secret=SECRET"
+            - "-tls-cert=/etc/tls/private/tls.crt"
+            - "-tls-key=/etc/tls/private/tls.key"
+            - "-pass-basic-auth=false"
+          image: registry.hub.docker.com/openshift/oauth-proxy:latest
+          name: oauth-proxy
+          ports:
+            - containerPort: 8443
+          volumeMounts:
+            - mountPath: /etc/tls/private
+              name: grafana-tls
+        - env:
+            - name: GF_INSTALL_PLUGINS
+              value: "grafana-clock-panel,simpod-json-datasource,grafana-googlesheets-datasource"
+            - name: GF_AUTH_BASIC_ENABLED
+              value: 'true'
+            - name: GF_AUTH_PROXY_ENABLED
+              value: 'true'
+            - name: GF_AUTH_PROXY_HEADER_NAME
+              value: X-Forwarded-User
+            - name: GF_AUTH_PROXY_HEADER_PROPERTY
+              value: username
+            - name: GF_AUTH_PROXY_AUTO_SIGN_UP
+              value: 'true'
+            - name: GF_AUTH_DISABLE_LOGIN_FORM
+              value: 'true'
+            - name: GF_USERS_ALLOW_SIGN_UP
+              value: 'false'
+            - name: 'GF_USERS_AUTO_ASSIGN_ORG_ROLE'
+              value: 'Editor'
+          image: registry.hub.docker.com/grafana/grafana:latest
+          name: grafana
+          ports:
+            - containerPort: 3000
+          volumeMounts:
+            - mountPath: /etc/grafana/provisioning/datasources
+              name: grafana-datasources
+      serviceAccountName: grafana
+      volumes:
+        - name: grafana-tls
+          secret:
+            secretName: grafana-tls
+        - configMap:
+            name: grafana-datasources
+          name: grafana-datasources