Create a Grafana Docker image

Create a Grafana Docker image

Grafana's configuration is set up using environment variables rather than directly editing the configuration file when running in a Docker image. You must also designate persistent storage or bind mounts for the Grafana container if you wish to save your data.

This example uses the Grafana Enterprise Docker image. Grafana Open Source edition can be used by changing the docker image to grafana/grafana-oss.

Backup your Grafana data.

Grafana data disappears as soon as your container is stopped if you don't designate an information storage location. For your container, you will need to set up persistent storage or bind mounts.

Use persistent storage when running the Grafana container.

"# create a persistent volume for your data in /var/lib/grafana (database and plugins)

docker volume create grafana-storage

# start grafana

docker run -d -p 3000:3000 --name=grafana -v grafana-storage:/var/lib/grafana grafana/grafana-enterprise"

Bind mounts are used to run the Grafana container

Grafana can be run in Docker, but the database and configuration can be stored in folders on your host. Consequently, it becomes critical to start the container with a user that is able to access and write to the folder you map into the container.

"mkdir data # creates a folder for your data

ID=$(id -u) # saves your user id in the ID variable

# starts grafana with your user id and using the data folder

docker run -d --user $ID --volume "$PWD/data:/var/lib/grafana" -p 3000:3000 grafana/grafana-enterprise:8.2.1"

Paths by default

The following configurations are hard-coded when launching the Grafana Docker container and can be overridden only using environment variables, not through conf/grafana.ini.

Setting the Default value

GF_PATHS_CONFIG     /etc/grafana/grafana.ini

GF_PATHS_DATA             /var/lib/grafana

GF_PATHS_HOME     /usr/share/grafana

GF_PATHS_LOGS    /var/log/grafana

GF_PATHS_PLUGINS                /var/lib/grafana/plugins

GF_PATHS_PROVISIONING  /etc/grafana/provisioning

Logging

Docker containers log to standard out by default, as is common in Docker world. The logging mode can be changed.

Example:

"# Run Grafana while logging to both standard out and /var/log/grafana/grafana.log

docker run -p 3000:3000 -e "GF_LOG_MODE=console file" grafana/grafana-enterprise"

Configure Grafana with Docker Secrets

Only available in Grafana v5.2 and later.

t’s possible to supply Grafana with configuration through files. This works well with Docker Secrets as the secrets by default gets mapped into /run/secrets/ of the container.

You can do this with any of the configuration options in conf/grafana.ini by setting GF___FILE to the path of the file holding the secret.

For example, you could set the admin password this way:

  • Admin password secret: /run/secrets/admin_password
  • Environment variable: GF_SECURITY_ADMIN_PASSWORD__FILE=/run/secrets/admin_password

Configure AWS credentials for CloudWatch Support

"docker run -d \

-p 3000:3000 \

--name=grafana \

-e "GF_AWS_PROFILES=default" \

-e "GF_AWS_default_ACCESS_KEY_ID=YOUR_ACCESS_KEY" \

-e "GF_AWS_default_SECRET_ACCESS_KEY=YOUR_SECRET_KEY" \

-e "GF_AWS_default_REGION=us-east-1" \

grafana/grafana-enterprise"

You may also specify multiple profiles to GF_AWS_PROFILES (e.g. GF_AWS_PROFILES=default another).

Supported variables:

  • GF_AWS_${profile}_ACCESS_KEY_ID: AWS access key ID (required).
  • GF_AWS_${profile}_SECRET_ACCESS_KEY: AWS secret access key (required).
  • GF_AWS_${profile}_REGION: AWS region (optional).