1
2
3
4
5

docker run -d \
  -p 3000:3000 \
  --name grafana \
  -v grafana-storage:/var/lib/grafana \
  grafana/grafana-oss

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

version: '3.8'
services:
  grafana:
    image: grafana/grafana-oss
    ports:
      - "3000:3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=admin
    volumes:
      - grafana-data:/var/lib/grafana

  prometheus:
    image: prom/prometheus
    ports:
      - "9090:9090"
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml

  loki:
    image: grafana/loki
    ports:
      - "3100:3100"

  promtail:
    image: grafana/promtail
    volumes:
      - /var/log:/var/log
      - ./promtail-config.yml:/etc/promtail/config.yml

volumes:
  grafana-data:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

# datasources/mysql.yaml
apiVersion: 1
datasources:
  - name: MySQL
    type: mysql
    url: mysql:3306
    database: mydb
    user: grafana
    secureJsonData:
      password: secret

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

# CPU 使用率
100 - (avg by(instance) (rate(node_cpu_seconds_total{mode="idle"}[5m])) * 100)

# 記憶體使用率
(1 - (node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes)) * 100

# HTTP 請求率
sum(rate(http_requests_total[5m])) by (status)

# P95 延遲
histogram_quantile(0.95, sum(rate(http_request_duration_seconds_bucket[5m])) by (le))

1
2
3
4
5
6
7
8

# 查詢特定應用日誌
{app="nginx"} |= "error"

# JSON 解析
{app="api"} | json | response_code >= 500

# 統計錯誤數
sum(rate({app="api"} |= "error" [5m])) by (level)

1
2
3
4
5
6
7
8

# 範例：CPU 高使用率告警
alert: HighCPUUsage
expr: 100 - (avg by(instance) (rate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80
for: 5m
labels:
  severity: warning
annotations:
  summary: "High CPU usage on {{ $labels.instance }}"

1
2
3
4
5
6
7
8

# provisioning/dashboards/default.yaml
apiVersion: 1
providers:
  - name: 'default'
    folder: ''
    type: file
    options:
      path: /var/lib/grafana/dashboards

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

resource "grafana_dashboard" "metrics" {
  config_json = file("dashboard.json")
}

resource "grafana_alert_rule" "cpu" {
  name      = "High CPU"
  folder_id = grafana_folder.alerts.id
  rule_group {
    name     = "cpu_alerts"
    interval = "1m"
  }
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

# promtail-config.yml
server:
  http_listen_port: 9080

positions:
  filename: /tmp/positions.yaml

clients:
  - url: http://loki:3100/loki/api/v1/push

scrape_configs:
  - job_name: containers
    static_configs:
      - targets:
          - localhost
        labels:
          job: containerlogs
          __path__: /var/lib/docker/containers/*/*.log
    pipeline_stages:
      - json:
          expressions:
            log: log
            stream: stream
            time: time

1
2
3
4
5

# 最近錯誤
{job="containerlogs"} |= "error" | limit 100

# 按級別統計
sum by (level) (count_over_time({app="api"}[1h]))

1
2
3
4
5
6
7
8
9

# prometheus.yml
global:
  scrape_interval: 15s
  evaluation_interval: 15s

storage:
  tsdb:
    retention.time: 15d
    retention.size: 50GB

1
2
3
4

# grafana.ini
[caching]
enabled = true
ttl = 300

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

# grafana.ini
[auth]
disable_login_form = false

[auth.ldap]
enabled = true
config_file = /etc/grafana/ldap.toml

[auth.generic_oauth]
enabled = true
name = Keycloak
client_id = grafana
client_secret = secret
auth_url = https://keycloak/auth
token_url = https://keycloak/token
api_url = https://keycloak/userinfo

1
2
3
4

[server]
protocol = https
cert_file = /etc/grafana/cert.pem
cert_key = /etc/grafana/key.pem