willie-yao / brigade-metrics-archive Goto Github PK
View Code? Open in Web Editor NEWOne-Step Monitoring for Brigade 2
License: Apache License 2.0
brigade-metrics-archive's People
Contributors
Stargazers
Watchers
brigade-metrics-archive's Issues
Flesh out the README
It's not too early to start adding some (very basic) docs on installing and configuring this.
Probably the minimum things to call out are:
-
The dependency on Brigade 2 (currently in alpha)
-
Where to get the chart from (at this stage, it is fine to require users to clone this repository to obtain the chart)
-
How to set up a service account in Brigade with correct permissions and plug the token into brigade-prometheus at install (
helm install) time
Suggest merging latest work to master
Looks like a lot of good work has piled up in the first-metrics branch.
I'd suggest merging that work into master. That will enable better collaboration so that myself and others can open PRs without requiring special knowledge of which branch has the latest and greatest stuff in it.
Offer two options for access model
We've seen that the admin user can do things we might not want them to do-- like delete the dashboard that we're pre-provisioning. This means we should want most users (if not all) to only be viewers.
If an operator wants to deploy brigade-prometheus and take on responsibility of administering Grafana, then they can create user accounts for others with lesser permissions (e.g. view-only). This puts the onus of managing the system responsibly on just one privileged user and that seems reasonable. If they do something stupid like deleting the dashboard-- that's on them-- and they presumably will know how to fix that by re-installing.
Not everyone will want to take this approach.
The threat model here doesn't suggest that these metrics are high value data, and as such, I'd propose that opting into a shared username/password would be acceptable as long as the shared "account" isn't an admin.
I want to propose offering two options to the operator who installs this software:
-
Option to specify admin username/password in values.yaml and onus for Grafana user management falls to the operator.
-
Option to specify a shared username/password in values.yaml. Grafana doesn't have a way of pre-provisioning users, so the way this would have to work is that we'd enable anonymous view access on Grafana itself, then use Nginx as a reverse proxy (probably in a sidecar container) to enforce basic auth.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.