Grafana - Monitoring-Dashboards erstellen

Grafana ist eine Open-Source-Plattform für Monitoring und Observability. Sie visualisiert Metriken aus verschiedenen Datenquellen in anpassbaren Dashboards.

Features

Übersicht

- Multi-Datasource-Support
- Anpassbare Dashboards
- Alerting
- Annotations
- Templates & Variablen
- Plugins
- Benutzer- & Team-Management
- LDAP/OAuth-Integration

Unterstützte Datenquellen

| Datenquelle | Typ | |-------------|-----| | Prometheus | Time Series | | InfluxDB | Time Series | | Elasticsearch | Logs & Metriken | | MySQL/PostgreSQL | SQL | | Loki | Logs | | CloudWatch | AWS Metriken |

Installation

Debian/Ubuntu

apt install -y apt-transport-https software-properties-common wget
wget -q -O - https://packages.grafana.com/gpg.key | gpg --dearmor > /etc/apt/trusted.gpg.d/grafana.gpg
echo "deb https://packages.grafana.com/oss/deb stable main" > /etc/apt/sources.list.d/grafana.list

apt update
apt install grafana

systemctl enable grafana-server
systemctl start grafana-server

Docker

version: '3'

services:
  grafana:
    image: grafana/grafana:latest
    container_name: grafana
    restart: unless-stopped
    ports:
      - "3000:3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=admin123
      - GF_USERS_ALLOW_SIGN_UP=false
    volumes:
      - grafana_data:/var/lib/grafana
      - ./provisioning:/etc/grafana/provisioning

volumes:
  grafana_data:

Erster Zugriff

URL: http://localhost:3000
User: admin
Password: admin (ändern!)

Konfiguration

grafana.ini

# /etc/grafana/grafana.ini

[server]
http_port = 3000
domain = grafana.example.de
root_url = https://grafana.example.de/

[security]
admin_user = admin
admin_password = sicheres_passwort

[users]
allow_sign_up = false
allow_org_create = false

[auth.anonymous]
enabled = false

[smtp]
enabled = true
host = smtp.example.de:587
user = grafana@example.de
password = mail_passwort
from_address = grafana@example.de
from_name = Grafana

[alerting]
enabled = true
execute_alerts = true

Nginx Reverse Proxy

server {
    listen 443 ssl http2;
    server_name grafana.example.de;

    ssl_certificate /etc/letsencrypt/live/grafana.example.de/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/grafana.example.de/privkey.pem;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # WebSocket für Live-Updates
    location /api/live/ {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
    }
}

Datenquellen hinzufügen

Prometheus

Configuration → Data Sources → Add data source → Prometheus

URL: http://localhost:9090
Access: Server (default)

InfluxDB

Configuration → Data Sources → Add data source → InfluxDB

URL: http://localhost:8086
Database: telegraf
User: grafana
Password: xxx
HTTP Method: GET

MySQL

Configuration → Data Sources → Add data source → MySQL

Host: localhost:3306
Database: metrics
User: grafana
Password: xxx

Provisioning (automatisch)

# /etc/grafana/provisioning/datasources/prometheus.yml

apiVersion: 1

datasources:
  - name: Prometheus
    type: prometheus
    access: proxy
    url: http://localhost:9090
    isDefault: true
    editable: false

Dashboard erstellen

Neues Dashboard

Create → Dashboard → Add new panel

Panel-Typen

| Typ | Verwendung | |-----|------------| | Time Series | Zeitreihen | | Stat | Einzelwerte | | Gauge | Füllstandsanzeige | | Bar Chart | Balkendiagramm | | Table | Tabellen | | Logs | Log-Ausgabe | | Alert List | Alarm-Liste | | Heatmap | Heatmaps |

Prometheus-Query

# CPU-Auslastung
100 - (avg by(instance) (rate(node_cpu_seconds_total{mode="idle"}[5m])) * 100)

# Memory-Auslastung
(node_memory_MemTotal_bytes - node_memory_MemAvailable_bytes) / node_memory_MemTotal_bytes * 100

# Disk-Auslastung
100 - ((node_filesystem_avail_bytes{mountpoint="/"} / node_filesystem_size_bytes{mountpoint="/"}) * 100)

# Netzwerk-Traffic
rate(node_network_receive_bytes_total{device="eth0"}[5m])

Dashboard JSON

{
  "dashboard": {
    "title": "Server Overview",
    "panels": [
      {
        "title": "CPU Usage",
        "type": "timeseries",
        "datasource": "Prometheus",
        "targets": [
          {
            "expr": "100 - (avg by(instance) (rate(node_cpu_seconds_total{mode=\"idle\"}[5m])) * 100)",
            "legendFormat": "{{instance}}"
          }
        ],
        "gridPos": {"x": 0, "y": 0, "w": 12, "h": 8}
      }
    ]
  }
}

Variablen (Templates)

Variable erstellen

Dashboard Settings → Variables → Add variable

Name: server
Type: Query
Data source: Prometheus
Query: label_values(node_uname_info, instance)

Variable verwenden

# In Queries
node_cpu_seconds_total{instance="$server"}

# In Panel-Titel
CPU Usage - $server

Multi-Value

Multi-value: enabled
Include All option: enabled

# Query mit Regex
node_cpu_seconds_total{instance=~"$server"}

Alerting

Alert Rule erstellen

Alerting → Alert rules → Create alert rule

Name: High CPU Usage
Condition: WHEN avg() OF query(A) IS ABOVE 80
For: 5m

Contact Points

Alerting → Contact points → Add contact point

Name: Email
Type: Email
Addresses: admin@example.de

Notification Policies

Alerting → Notification policies → Edit

Default policy:
  Contact point: Email
  Group by: alertname

Alert im Panel

{
  "alert": {
    "name": "High CPU",
    "conditions": [
      {
        "evaluator": {
          "params": [80],
          "type": "gt"
        },
        "operator": {"type": "and"},
        "query": {"params": ["A", "5m", "now"]},
        "reducer": {"type": "avg"}
      }
    ],
    "frequency": "1m",
    "for": "5m"
  }
}

Dashboard importieren

Von Grafana.com

Create → Import → Import via grafana.com

Dashboard ID: 1860 (Node Exporter Full)
Dashboard ID: 11074 (Node Exporter for Prometheus)
Dashboard ID: 13659 (Blackbox Exporter)

Aus JSON

Create → Import → Upload JSON file

Oder: Dashboard JSON einfügen

Plugins

Installation

# CLI
grafana-cli plugins install grafana-piechart-panel

# Docker
GF_INSTALL_PLUGINS=grafana-piechart-panel

# Neustart erforderlich
systemctl restart grafana-server

Empfohlene Plugins

- grafana-piechart-panel
- grafana-clock-panel
- grafana-worldmap-panel
- grafana-polystat-panel

Provisioning

Dashboards provisionieren

# /etc/grafana/provisioning/dashboards/default.yml

apiVersion: 1

providers:
  - name: 'default'
    orgId: 1
    folder: 'Provisioned'
    type: file
    disableDeletion: false
    editable: true
    options:
      path: /var/lib/grafana/dashboards

Struktur

/etc/grafana/provisioning/
├── dashboards/
│   └── default.yml
├── datasources/
│   └── prometheus.yml
├── alerting/
│   └── alerts.yml
└── notifiers/
    └── email.yml

Sicherheit

LDAP-Integration

# /etc/grafana/ldap.toml

[[servers]]
host = "ldap.example.de"
port = 389
use_ssl = false
start_tls = true
bind_dn = "cn=admin,dc=example,dc=de"
bind_password = "password"
search_filter = "(sAMAccountName=%s)"
search_base_dns = ["dc=example,dc=de"]

[servers.attributes]
name = "givenName"
surname = "sn"
username = "sAMAccountName"
member_of = "memberOf"
email = "mail"

OAuth (GitHub)

# grafana.ini

[auth.github]
enabled = true
allow_sign_up = true
client_id = xxx
client_secret = xxx
scopes = user:email,read:org
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user
allowed_organizations = my-org

Backup

#!/bin/bash
# Grafana-Backup

BACKUP_DIR=/backup/grafana
DATE=$(date +%Y-%m-%d)

mkdir -p $BACKUP_DIR

# SQLite-Datenbank
cp /var/lib/grafana/grafana.db $BACKUP_DIR/grafana-$DATE.db

# Oder via API
curl -s -H "Authorization: Bearer $API_KEY" \
    "http://localhost:3000/api/dashboards/uid/xxx" \
    > $BACKUP_DIR/dashboard-xxx-$DATE.json

Zusammenfassung

| Panel-Typ | Verwendung | |-----------|------------| | Time Series | Zeitverläufe | | Stat | Einzelwerte, KPIs | | Gauge | Auslastung (%) | | Table | Detaildaten | | Logs | Log-Anzeige |

| Datei | Funktion | |-------|----------| | /etc/grafana/grafana.ini | Hauptkonfiguration | | /etc/grafana/provisioning/ | Auto-Provisioning | | /var/lib/grafana/grafana.db | SQLite-Datenbank |

| Dashboard-ID | Beschreibung | |--------------|--------------| | 1860 | Node Exporter Full | | 11074 | Node Exporter | | 13659 | Blackbox Exporter | | 14282 | Cadvisor (Docker) |

Fazit

Grafana ist das Standard-Tool für Monitoring-Visualisierung. Die Kombination mit Prometheus liefert umfassende Infrastruktur-Dashboards. Templates und Variablen ermöglichen dynamische Dashboards. Das Alerting-System informiert proaktiv über Probleme. Mit Provisioning lässt sich die Konfiguration als Code verwalten. Für DevOps-Teams ist Grafana unverzichtbar.