Grafana是一款用Go语言开发的开源数据可视化工具,可以做数据监控和数据统计,带有告警功能,本文简要说明如何将基于docker安装的GrafanaLDAP集成实现快捷登录。

  1. 创建一个名为grafana的文件夹,在其下建立一个名为docker-compose.yml的文件,输入如下内容

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

    version: "3"
services:
  grafana:
    image: grafana/grafana
    container_name: "grafana"
	privileged: true
    ports:
      - "3000:3000"
    restart: always
    volumes:
      - "$PWD/grafana_data:/var/lib/grafana"
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=Pass@word

  2. 输入下述命令创建相关的挂载目录

    1

    mkdir grafana_data && chmod 777 grafana_data

  3. 输入docker-compose up -d启动容器,等待2-3分钟后利用docker logs grafana查看其日志,若日志中出现类似如下信息,则表示SonarQube初步安装成功

    docker中启动grafana成功

  4. 输入http://ip:3000可打开如下图所示的登录界面,采用前述设置的账号密码可正常登录

    grafana登录页

  5. $PWD/grafana目录下建立一个名为ldap.toml的文件,写入类似如下内容

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

    [[servers]]
host = "10.xxx.xx.xx"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = "cn=xxx,dc=xxx,dc=com"
bind_password = 'xxx'
search_filter = "(uid=%s)"
search_base_dns = ["dc=xxx,dc=com"]

[servers.attributes]
name = "givenName"
surname = "displayName"
username = "uid"
#member_of = "cn"
email =  "mail"

[[servers.group_mappings]]
group_dn = "grafana-admins"
org_role = "Admin"

[[servers.group_mappings]]
group_dn = "grafana-editors"
org_role = "Editor"

[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"

    同时将docker-compose.yml修改如下

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

    version: "3"
services:
  grafana:
    image: grafana/grafana
    container_name: "grafana"
	privileged: true
    ports:
      - "3000:3000"
    restart: always
    volumes:
      - "$PWD/grafana_data:/var/lib/grafana"
	  - "$PWD/ldap.toml:/etc/grafana/ldap.toml"
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=Pass@word
	  - GF_AUTH_LDAP_ENABLED=true

  6. 输入docker-compose restart重启之后即可采用LDAP账户登录。

  7. 若需要同时安装Prometheus,则可将docker-compose.yml修改为类似如下:

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

    version: "3"
services:
  prometheus:
    image: prom/prometheus:latest
    container_name: "prometheus"
    restart: always
    ports:
      - "9090:9090"
    volumes:
      - "./prometheus.yml:/etc/prometheus/prometheus.yml"
      - "./prometheus_data:/prometheus"
  grafana:
    image: grafana/grafana
    container_name: "grafana"
    ports:
      - "3000:3000"
    restart: always
    volumes:
      - "./grafana_data:/var/lib/grafana"
      - "./ldap.toml:/etc/grafana/ldap.toml"
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=Pass@word
      - GF_AUTH_LDAP_ENABLED=true