grafana job from prometheus/26.3.0
Github source:
5cc2ed7
or
master branch
Properties¶
env
¶
http_proxy
¶HTTP proxy to use
https_proxy
¶HTTPS proxy to use
no_proxy
¶List of comma-separated hosts that should skip connecting to the proxy
grafana
¶
alerting
¶
concurrent_render_limit
¶This limit will protect the server from render overloading and make sure notifications are sent out quickly
enabled
¶Enable alerting engine & UI featuresn
error_or_timeout
¶Default setting for new alert rules (alerting, keep_state)
evaluation_timeout_seconds
¶Default setting for alert calculation timeout
execute_alerts
¶Makes it possible to turn off alert rule execution
max_attempts
¶Default setting for max attempts to sending alert notifications
min_interval_seconds
¶Makes it possible to enforce a minimal interval between evaluations, to reduce load on the backend
nodata_or_nullvalues
¶Default setting for how Grafana handles nodata or null values in alerting (alerting, no_data, keep_state, ok)
notification_timeout_seconds
¶Default setting for alert notification timeout
analytics
¶
check_for_updates
¶Set to false to disable all checks to https://grafana.net
google_analytics_ua_id
¶Google Analytics universal tracking code, only enabled if you specify an id here
google_tag_manager_id
¶Google Tag Manager ID
reporting_enabled
¶Change this option to false to disable reporting.
app_mode
¶possible values : production, development
auth
¶
anonymous
¶
enabled
¶enable anonymous access
hide_version
¶mask the Grafana version number for unauthenticated users
org_name
¶specify organization name that should be used for unauthenticated users
org_role
¶specify role for unauthenticated users
api_key_max_seconds_to_live
¶Limit of api_key seconds to live before expiration
azuread
¶
allow_sign_up
¶Azure AD auth allow sign up
allowed_domains
¶Azure AD auth allowed domains
allowed_groups
¶Azure AD auth allowed groups
auth_url
¶Azure AD auth url
client_id
¶Azure AD auth client id
client_secret
¶Azure AD auth client secret
enabled
¶Azure AD auth enabled
name
¶Azure AD auth name
scopes
¶Azure AD auth scopes
token_url
¶Azure AD auth token url
basic
¶
enabled
¶Auth basic enabled
disable_login_form
¶Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
disable_signout_menu
¶Set to true to disable the signout link in the side menu
generic_oauth
¶
allow_sign_up
¶Generic OAuth allow sign up
allowed_domains
¶Generic OAuth allowed organizations
api_url
¶Generic OAuth api url
auth_url
¶Generic OAuth url
client_id
¶Generic OAuth client id
client_secret
¶Generic OAuth client secret
email_attribute_name
¶Generic OAuth email attribute name
email_attribute_path
¶Generic OAuth email attribute path
enabled
¶Generic OAuth enabled
name
¶Generic OAuth name
role_attribute_path
¶Generic OAuth role attribute path
scopes
¶Generic OAuth scopes
team_ids
¶Generic OAuth team ids
tls_client_ca
¶Generic OAuth TLS Client CA
tls_client_cert
¶Generic OAuth TLS Client cert
tls_client_key
¶Generic OAuth TLS Client key
tls_skip_verify_insecure
¶Generic OAuth TLS skip verification
token_url
¶Generic OAuth token url
github
¶
allow_sign_up
¶Github auth allow sign up
allowed_domains
¶Github auth allowed domains
allowed_organizations
¶Github auth allowed organizations
api_url
¶Github auth api url
auth_url
¶Github auth url
client_id
¶Github auth client id
client_secret
¶Github auth client secret
enabled
¶Github auth enabled
scopes
¶Github auth scopes
team_ids
¶Github auth team ids
token_url
¶Github auth token url
gitlab
¶
allow_sign_up
¶Gitlab auth allow sign up
allowed_domains
¶Gitlab auth allowed domains
allowed_groups
¶Gitlab auth allowed groups
api_url
¶Gitlab auth api url
auth_url
¶Gitlab auth url
client_id
¶Gitlab auth client id
client_secret
¶Gitlab auth client secret
enabled
¶Gitlab auth enabled
scopes
¶Gitlab auth scopes
token_url
¶Gitlab auth token url
allow_sign_up
¶Google auth allow sign up
allowed_domains
¶Google auth allowed domains
api_url
¶Google auth api url
auth_url
¶Google auth url
client_id
¶Google auth client id
client_secret
¶Google auth client secret
enabled
¶Google auth enabled
hosted_domain
¶Google auth hosted domain
scopes
¶Google auth scopes
token_url
¶Google auth token url
grafanacom
¶
allow_sign_up
¶Grafana.net auth allow sign up
allowed_organizations
¶Grafana.net auth allowed organizations
client_id
¶Grafana.net auth client id
client_secret
¶Grafana.net auth client secret
enabled
¶Grafana.net auth enabled
scopes
¶Grafana.net auth scopes
grafananet
¶
allow_sign_up
¶Grafana.net auth allow sign up
allowed_organizations
¶Grafana.net auth allowed organizations
client_id
¶Grafana.net auth client id
client_secret
¶Grafana.net auth client secret
enabled
¶Grafana.net auth enabled
scopes
¶Grafana.net auth scopes
ldap
¶
active_sync_enabled
¶LDAP backround sync (Enterprise only)
allow_sign_up
¶Auth LDAP allow sign up
config
¶LDAP configuration (toml)
enabled
¶Auth LDAP enable
sync_cron
¶LDAP backround sync (Enterprise only)”
login_cookie_name
¶Login cookie name
login_maximum_inactive_lifetime_days
¶The lifetime (days) an authenticated user can be inactive before being required to login at next visit
login_maximum_lifetime_days
¶he maximum lifetime (days) an authenticated user can be logged in since login time before being required to login
oauth_auto_login
¶Set to true to attempt login with OAuth automatically, skipping the login screen
oauth_state_cookie_max_age
¶Auth state max age cookie duration
okta
¶
allow_sign_up
¶Okta auth allow sign up
allowed_domains
¶Okta auth allowed domains
allowed_groups
¶Okta auth allowed groups
auth_url
¶Okta auth url
client_id
¶OktaD auth client id
client_secret
¶Okta auth client secret
enabled
¶Okta auth enabled
name
¶Okta auth name
role_attribute_path
¶Okta auth role attribute path
scopes
¶Okta auth scopes
token_url
¶Okta auth token url
proxy
¶
auto_sign_up
¶Auth proxy auto sign up
enable_login_token
¶Auth proxy enable login token
enabled
¶Auth proxy enabled
header_name
¶Auth proxy header name
header_property
¶Auth proxy header property
headers
¶Auth proxy headers
sync_ttl
¶Auth proxy LDAP sync TTL
whitelist
¶Auth proxy whitelist
saml
¶
assertion_attribute_email
¶Friendly name or name of the attribute within the SAML assertion to use as the user’s email
assertion_attribute_login
¶Friendly name or name of the attribute within the SAML assertion to use as the user’s login handle
assertion_attribute_name
¶Friendly name or name of the attribute within the SAML assertion to use as the user’s name
certificate
¶Base64-encoded public X.509 certificate. Used to sign requests to the IdP
enabled
¶Auth SAML enabled
idp_metadata
¶Base64-encoded IdP SAML metadata XML. Used to verify and obtain binding locations from the IdP
idp_metadata_url
¶URL to fetch SAML IdP metadata. Used to verify and obtain binding locations from the IdP
max_issue_delay
¶Duration, since the IdP issued a response and the SP is allowed to process it
metadata_valid_duration
¶Duration, for how long the SP’s metadata should be valid
private_key
¶Base64-encoded private key. Used to decrypt assertions from the IdP
signout_redirect_url
¶URL to redirect the user to after sign out
token_rotation_interval_minutes
¶How often should auth tokens be rotated for authenticated users when being active
dashboards
¶
custom_homepage_json
¶Override the default homepage with a custom dashboard in JSON format (http://docs.grafana.org/reference/dashboard/)
min_refresh_interval
¶Minimum dashboard refresh interval
versions_to_keep
¶Number dashboard versions to keep (per dashboard)
database
¶
cache_mode
¶(SQLite3 only) Cache mode setting used for connecting to the database
conn_max_lifetime
¶Connection Max Lifetime
host
¶(MySQL & PostgreSQL only) Database Host. If not set, a ‘database’ link is expected
log_queries
¶Set to true to log the sql calls and execution times
max_idle_conn
¶(MySQL & PostgreSQL only) Database max idle connections
max_open_conn
¶(MySQL & PostgreSQL only) Database max open connections
name
¶(MySQL & PostgreSQL only) Database Name
password
¶(MySQL & PostgreSQL only) Database Password
port
¶(MySQL & PostgreSQL only) Database Port
server_cert_name
¶(MySQL only) The common name field of the certificate used by the mysql server. Not necessary if ssl_mode is set to ‘skip-verify’
ssl_mode
¶(MySQL & PostgreSQL only) For Postgres, use either ‘disable’, ‘require’ or ‘verify-full’. For MySQL, use either ‘true’, ‘false’, or ‘skip-verify’
tls_client_ca
¶(MySQL & PostgreSQL only) Database TLS client CA
tls_client_cert
¶(MySQL & PostgreSQL only) Database TLS client cert
tls_client_key
¶(MySQL & PostgreSQL only) Database TLS client key
type
¶Database Type, either ‘mysql’, ‘postgres’ or ‘sqlite3’
- Default
sqlite3
user
¶(MySQL & PostgreSQL only) Database User
dataproxy
¶
logging_enabled
¶Enable data proxy logging
send_user_header
¶If enabled and user is not anonymous, data proxy will add X-Grafana-User header with username into the request
timeout
¶How long the data proxy should wait before timing out
datasources
¶
create
¶List of datasources in YAML format that Grafana will add or update during start up
delete
¶List of datasources in YAML format that Grafana will delete before inserting/updating those in create list
emails
¶
welcome_email_on_sign_up
¶Welcome email on sign up
enterprise
¶
license
¶Enterprise license
explore
¶
enabled
¶Enable the Explore section
external_image_storage
¶
azure
¶
account_key
¶Azure account key
account_name
¶Azure account name
container_name
¶Azure container name
gcs
¶
bucket
¶GCS bucket
json_key
¶GCS JSON Key
path
¶GCS path
provider
¶Used for uploading images to public servers so they can be included in slack/email messages (s3, webdav, gcs, azure_blob, local)
s3
¶
access_key
¶S3 Access Key
bucket
¶S3 Bucket
bucket_url
¶S3 Bucket URL
endpoint
¶S3 Endpoint
path
¶S3 Bucket Path
path_style_access
¶S3 Path Style Access
region
¶S3 Region
secret_key
¶S3 Secret Key
webdav
¶
password
¶Webdav Password
public_url
¶Webdav public URL
url
¶Webdav URL
username
¶Webdav Username
feature_toggles
¶
enable
¶Enable features, separated by spaces
grafana_com
¶
url
¶Url used to to import dashboards directly from Grafana.com
grafana_net
¶
url
¶Url used to to import dashboards directly from Grafana.net
influxdb
¶
database
¶InfluxDB database to configure as Grafana data source
datasource_input_name
¶Name of the InfluxDB datasource input name
- Default
DS_INFLUXDB
datasource_name
¶Name of the InfluxDB datasource
- Default
influxdb
password
¶InfluxDB password to configure as Grafana data source
url
¶InfluxDB URL to configure as Grafana data source
username
¶InfluxDB user to configure as Grafana data source
log
¶
console
¶
format
¶log line format, valid options are text, console and json
level
¶log level
file
¶
daily_rotate
¶Segment log daily
format
¶log line format, valid options are text, console and json
level
¶log level
log_rotate
¶This enables automated log rotate(switch of following options)
max_days
¶Expired days of log file(delete after max days)
max_lines
¶Max line number of single file
max_size_shift
¶Max size shift of single file
filters
¶Optional settings to set different levels for specific loggers
level
¶log level. Either ‘trace’, ‘debug’, ‘info’, ‘warn’, ‘error’, ‘critical’
mode
¶Either ‘console’, ‘file’, ‘syslog’. Use space to separate multiple modes
syslog
¶
address
¶Syslog address
facility
¶Syslog facility. user, daemon and local0 through local7 are valid.
format
¶log line format, valid options are text, console and json
level
¶log level
network
¶Syslog network type. This can be udp, tcp, or unix
tag
¶Syslog tag
metrics
¶
basic_auth
¶
password
¶Basic auth password for the metrics endpoint
username
¶Basic auth username for the metrics endpoint
disable_total_stats
¶Disable total stats (stattotals*) metrics to be generated
enabled
¶Enable internal metrics
graphite
¶
address
¶Graphite address
prefix
¶Graphite prefix
interval_seconds
¶Publish interval
panels
¶
disable_sanitize_html
¶Disable sanitize HTML
enable_alpha
¶Enable alpha panels
paths
¶
temp_data_lifetime
¶Temporary files in data directory older than given duration will be removed
plugin
¶
grafana_image_renderer
¶
grpc_host
¶Change the listening host of the gRPC server
grpc_port
¶Change the listening port of the gRPC server
rendering_args
¶Additional arguments to pass to the headless browser instance
rendering_chrome_bin
¶You can configure the plugin to use a different browser binary instead of the pre-packaged version of Chromium
rendering_clustering_max_concurrency
¶When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently
rendering_clustering_mode
¶When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently
rendering_dumpio
¶Instruct headless browser instance whether to output its debug and error messages into running process of remote rendering service
rendering_ignore_https_errors
¶Instruct headless browser instance whether to ignore HTTPS errors during navigation
rendering_language
¶Instruct headless browser instance to use a default language when not provided by Grafana
rendering_mode
¶Instruct how headless browser instances are created
rendering_timezone
¶Instruct headless browser instance to use a default timezone when not provided by Grafana
rendering_verbose_logging
¶Instruct headless browser instance whether to capture and log verbose information when rendering an image
rendering_viewport_device_scale_factor
¶Instruct headless browser instance to use a default device scale factor when not provided by Grafana
rendering_viewport_max_device_scale_factor
¶Limit the maximum viewport device scale factor that can be requested
rendering_viewport_max_height
¶Limit the maximum viewport height that can be requested
rendering_viewport_max_width
¶Limit the maximum viewport width that can be requested
plugins
¶
allow_loading_unsigned_plugins
¶Enter a comma-separated list of plugin identifiers to identify plugins that are allowed to be loaded even if they lack a valid signature
app_tls_skip_verify_insecure
¶Skip verify insecure for app tls
enable_alpha
¶Enable alpha plugins
prometheus
¶
dashboard_files
¶Array of dashboard json file locations or glob patterns
dashboard_folders
¶Array of grafana folders and dashboard json file locations or glob patterns
- Example
- disable_deletion: true editable: false files: - /var/vcap/packages/my_dashboards/* name: My Dashboards
datasource_input_name
¶Name of the Prometehus datasource input name
- Default
DS_PROMETHEUS
datasource_name
¶Name of the Prometheus datasource
- Default
prometheus
tls_skip_verify
¶Skip TLS verification
use_external_url
¶If true and prometheus provides one, use the external url to reach prometheus
- Default
true
quota
¶
enabled
¶Enable Usage Quotas
global_api_key
¶global limit of api_keys
global_dashboard
¶global limit of dashboards
global_org
¶global limit of orgs
global_session
¶global limit on number of logged in users
global_user
¶Global limit of users
org_api_key
¶limit number of api_keys per Org
org_dashboard
¶limit number of dashboards per Org
org_data_source
¶limit number of data_sources per Org
org_user
¶limit number of users per Org
user_org
¶limit number of orgs a user can create
remote_cache
¶
connstr
¶Connection string
type
¶Either ‘redis’, ‘memcached’, ‘database’
- Default
database
rendering
¶
callback_url
¶External image rendering callback URL
concurrent_render_request_limit
¶External image rendering concurrent render request limit
server_url
¶External image rendering server URL
security
¶
admin_password
¶default admin password
admin_user
¶default admin user
- Default
admin
allow_embedding
¶Set to true if you want to allow browsers to render Grafana in a
cookie_samesite
¶Set cookie SameSite attribute (lax, strict and none)
cookie_secure
¶Set to true if you host Grafana behind HTTPS
cstrict_transport_security_max_age_seconds
¶Sets how long a browser should cache HSTS. Only applied if strict_transport_security is enabled
data_source_proxy_whitelist
¶data source proxy whitelist (ip_or_domain:port separated by spaces)
disable_brute_force_login_protection
¶disable protection against brute force login attempts
disable_gravatar
¶disable gravatar profile images
disable_initial_admin_creation
¶Disable creation of admin user on first start of grafana
secret_key
¶used for signing
strict_transport_security
¶Set to true if you want to enable http strict transport security (HSTS) response header
strict_transport_security_preload
¶Set to true if to enable HSTS preloading option. Only applied if strict_transport_security is enabled
strict_transport_security_subdomains
¶Set to true if to enable the HSTS includeSubDomains option. Only applied if strict_transport_security is enabled
x_content_type_options
¶Set to true to enable the X-Content-Type-Options response header
x_xss_protection
¶Set to true to enable the X-XSS-Protection header, which tells browsers to stop pages from loadingwhen they detect reflected cross-site scripting (XSS) attacks
server
¶
domain
¶The public facing domain name used to access grafana from a browser
enable_gzip
¶Enable gzip
enforce_domain
¶Redirect to correct domain if host header does not match domain
http_addr
¶The ip address to bind to, empty will bind to all interfaces
http_port
¶The http port to bind to
- Default
3000
protocol
¶Protocol (http or https)
root_url
¶The full public facing url
router_logging
¶Log web requests
serve_from_sub_path
¶Serve Grafana from subpath specified in root_url setting
ssl_cert
¶SSL certificate (PEM encoded)
ssl_key
¶SSL private key (PEM encoded)
static_root_path
¶The relative working path
smtp
¶
ehlo_identity
¶EHLO identity in SMTP dialog (defaults to instance_name)
enabled
¶SMTP enabled
from_address
¶SMTP from address
from_name
¶SMTP from name
host
¶SMTP host
password
¶SMTP password
skip_verify
¶SMTP skip SSL verification
ssl_cert
¶SMTP SSL certificate
ssl_key
¶SMTP SSL private key
starttls_policy
¶SMTP Start TLS policy
user
¶SMTP user
snapshots
¶
external_enabled
¶Extenal snaphot enabled
external_snapshot_name
¶External snapshot name
external_snapshot_url
¶External snapshot URL
public_mode
¶Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for creating and deleting snapshots
remove_expired
¶Remove expired snapshots
tracing
¶
jaeger
¶
address
¶jaeger destination (ex localhost:6831)
always_included_tag
¶tag that will always be included in when creating new spans
disable_shared_zipkin_spans
¶Setting this to true disables shared RPC spans
sampler_param
¶jaeger samplerconfig param
sampler_type
¶Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
zipkin_propagation
¶Whether or not to use Zipkin span propagation (x-b3- HTTP headers)
users
¶
allow_org_create
¶Allow non admin users to create organizations
allow_sign_up
¶disable user signup / registration
auto_assign_org
¶Set to true to automatically assign new users to the default organization (id 1)
auto_assign_org_id
¶Set this value to automatically add new users to the provided organization (if auto_assign_org above is set to true)
auto_assign_org_role
¶Default role new users will be automatically assigned (if disabled above is set to true)
default_theme
¶Default UI theme (‘dark’ or ‘light’)
editors_can_admin
¶Editors can administrate dashboard, folders and teams they create
external_manage_info
¶External user management info
external_manage_link_name
¶External user management link name
external_manage_link_url
¶External user management link URL
login_hint
¶Background text for the user field on the login page
password_hint
¶Background text for the password field on the login page
seeded_global_users
¶Array of Grafana users to be seeded
- Default
[]- Example
- email: [email protected] login: user name: user name password: userpassword
verify_email_enabled
¶Require email validation before sign up completes
viewers_can_edit
¶Viewers can edit/inspect dashboard settings in the browser but not save the dashboard
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/grafana/
directory
(learn more).
bin/grafana-admin-password
(frombin/grafana-admin-password
)bin/grafana-homepage
(frombin/grafana-homepage
)bin/grafana-users
(frombin/grafana-users
)bin/grafana_ctl
(frombin/grafana_ctl
)bin/post-start
(frombin/post-start
)bin/pre-start
(frombin/pre-start
)bin/prometheus-dashboards
(frombin/prometheus-dashboards
)config/database_tls_client_ca.pem
(fromconfig/database_tls_client_ca.pem
)config/database_tls_client_cert.pem
(fromconfig/database_tls_client_cert.pem
)config/database_tls_client_key.pem
(fromconfig/database_tls_client_key.pem
)config/gcs_key.json
(fromconfig/gcs_key.json
)config/generic_oauth_tls_client_ca.pem
(fromconfig/generic_oauth_tls_client_ca.pem
)config/generic_oauth_tls_client_cert.pem
(fromconfig/generic_oauth_tls_client_cert.pem
)config/generic_oauth_tls_client_key.pem
(fromconfig/generic_oauth_tls_client_key.pem
)config/grafana.ini
(fromconfig/grafana.ini
)config/ldap.toml
(fromconfig/ldap.toml
)config/license.jwt
(fromconfig/license.jwt
)config/provisioning/dashboards/default.yml
(fromconfig/provisioning/dashboards/default.yml
)config/provisioning/dashboards/folders.yml
(fromconfig/provisioning/dashboards/folders.yml
)config/provisioning/datasources/custom.yml
(fromconfig/provisioning/datasources/custom.yml
)config/provisioning/datasources/influxdb.yml
(fromconfig/provisioning/datasources/influxdb.yml
)config/provisioning/datasources/prometheus.yml
(fromconfig/provisioning/datasources/prometheus.yml
)config/saml_certificate.pem
(fromconfig/saml_certificate.pem
)config/saml_ipd_metadata.xml
(fromconfig/saml_ipd_metadata.xml
)config/saml_private_key.pem
(fromconfig/saml_private_key.pem
)config/smtp_cert.pem
(fromconfig/smtp_cert.pem
)config/smtp_key.pem
(fromconfig/smtp_key.pem
)config/ssl_cert.pem
(fromconfig/ssl_cert.pem
)config/ssl_key.pem
(fromconfig/ssl_key.pem
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.