github.com/cilium/cilium@v1.16.2/Documentation/observability/grafana.rst (about) 1 .. only:: not (epub or latex or html) 2 3 WARNING: You are looking at unreleased Cilium documentation. 4 Please use the official rendered version released here: 5 https://docs.cilium.io 6 7 .. _install_metrics: 8 9 **************************** 10 Running Prometheus & Grafana 11 **************************** 12 13 Install Prometheus & Grafana 14 ============================ 15 16 This is an example deployment that includes Prometheus and Grafana in a single 17 deployment. 18 19 .. admonition:: Video 20 :class: attention 21 22 You can also see Cilium and Grafana in action on `eCHO episode 68: Cilium & Grafana <https://www.youtube.com/watch?v=DdWksYq5Pv4>`__. 23 24 The default installation contains: 25 26 - **Grafana**: A visualization dashboard with Cilium Dashboard pre-loaded. 27 - **Prometheus**: a time series database and monitoring system. 28 29 .. parsed-literal:: 30 31 $ kubectl apply -f \ |SCM_WEB|\/examples/kubernetes/addons/prometheus/monitoring-example.yaml 32 namespace/cilium-monitoring created 33 serviceaccount/prometheus-k8s created 34 configmap/grafana-config created 35 configmap/grafana-cilium-dashboard created 36 configmap/grafana-cilium-operator-dashboard created 37 configmap/grafana-hubble-dashboard created 38 configmap/prometheus created 39 clusterrole.rbac.authorization.k8s.io/prometheus unchanged 40 clusterrolebinding.rbac.authorization.k8s.io/prometheus unchanged 41 service/grafana created 42 service/prometheus created 43 deployment.apps/grafana created 44 deployment.apps/prometheus created 45 46 This example deployment of Prometheus and Grafana will automatically scrape the 47 Cilium and Hubble metrics. See the :ref:`metrics` configuration guide on how to 48 configure a custom Prometheus instance. 49 50 Deploy Cilium and Hubble with metrics enabled 51 ============================================= 52 53 *Cilium*, *Hubble*, and *Cilium Operator* do not expose metrics by 54 default. Enabling metrics for these services will open ports ``9962``, ``9965``, 55 and ``9963`` respectively on all nodes of your cluster where these components 56 are running. 57 58 The metrics for Cilium, Hubble, and Cilium Operator can all be enabled 59 independently of each other with the following Helm values: 60 61 - ``prometheus.enabled=true``: Enables metrics for ``cilium-agent``. 62 - ``operator.prometheus.enabled=true``: Enables metrics for ``cilium-operator``. 63 - ``hubble.metrics.enabled``: Enables the provided list of Hubble metrics. 64 For Hubble metrics to work, Hubble itself needs to be enabled with 65 ``hubble.enabled=true``. See 66 :ref:`Hubble exported metrics<hubble_exported_metrics>` for the list of 67 available Hubble metrics. 68 69 Refer to :ref:`metrics` for more details about the individual metrics. 70 71 .. include:: ../installation/k8s-install-download-release.rst 72 73 Deploy Cilium via Helm as follows to enable all metrics: 74 75 .. parsed-literal:: 76 77 helm install cilium |CHART_RELEASE| \\ 78 --namespace kube-system \\ 79 --set prometheus.enabled=true \\ 80 --set operator.prometheus.enabled=true \\ 81 --set hubble.enabled=true \\ 82 --set hubble.metrics.enableOpenMetrics=true \\ 83 --set hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,httpV2:exemplars=true;labelsContext=source_ip\\,source_namespace\\,source_workload\\,destination_ip\\,destination_namespace\\,destination_workload\\,traffic_direction}" 84 85 .. note:: 86 87 You can combine the above Helm options with any of the other installation 88 guides. 89 90 91 How to access Grafana 92 ===================== 93 94 Expose the port on your local machine 95 96 .. code-block:: shell-session 97 98 kubectl -n cilium-monitoring port-forward service/grafana --address 0.0.0.0 --address :: 3000:3000 99 100 Access it via your browser: http://localhost:3000 101 102 How to access Prometheus 103 ======================== 104 105 Expose the port on your local machine 106 107 .. code-block:: shell-session 108 109 kubectl -n cilium-monitoring port-forward service/prometheus --address 0.0.0.0 --address :: 9090:9090 110 111 Access it via your browser: http://localhost:9090 112 113 Examples 114 ======== 115 116 Generic 117 ------- 118 119 .. image:: images/grafana_generic.png 120 121 Network 122 ------- 123 124 .. image:: images/grafana_network.png 125 126 Policy 127 ------- 128 129 .. image:: images/grafana_policy.png 130 .. image:: images/grafana_policy2.png 131 132 Endpoints 133 --------- 134 135 .. image:: images/grafana_endpoints.png 136 137 Controllers 138 ----------- 139 140 .. image:: images/grafana_controllers.png 141 142 Kubernetes 143 ---------- 144 145 .. image:: images/grafana_k8s.png 146 147 Hubble General Processing 148 ------------------------- 149 150 .. image:: images/grafana_hubble_general_processing.png 151 152 Hubble Networking 153 ----------------- 154 .. note:: 155 156 The ``port-distribution`` metric is disabled by default. 157 Refer to :ref:`metrics` for more details about the individual metrics. 158 159 .. image:: images/grafana_hubble_network.png 160 .. image:: images/grafana_hubble_tcp.png 161 .. image:: images/grafana_hubble_icmp.png 162 163 Hubble DNS 164 ---------- 165 166 .. image:: images/grafana_hubble_dns.png 167 168 Hubble HTTP 169 ----------- 170 171 .. image:: images/grafana_hubble_http.png 172 173 Hubble Network Policy 174 --------------------- 175 176 .. image:: images/grafana_hubble_network_policy.png