Deploy Grafana using Docker, AWS ECS and Terraform
Grafana's ability to run in Docker containers and easily connect to AWS Cloudwatch to grab metrics and logs makes it an ideal candidate for your AWS infrastructure monitoring needs.
At 56K.cloud, we usually deploy it as a replacement for the Cloudwatch interface as we are fans of Grafana's powerful features and look. The easiness with which it can be run "serverless" and its deployment automated with Terraform transformed it into a standard piece of our recommended infrastructure.
Before we get started, I would like to mention that we have open-sourced this module and, it is available at 56k.cloud's Github account: https://github.com/56kcloud/terraform-grafana
Prerequisites
SSM Parameters
Before we deploy Grafana in ECS, we need to preconfigure it. This is done by adding and adjusting parameters in AWS' Systems Manager - Parameter Store.
When ECS starts the Grafana service and task, it pulls these parameters and sets them as env variables for Grafana. Without them, the Grafana ECS task won't start.
You can see all the required SSM parameters here. They match the config env variables found in the documentation. Add and tweak these parameters before moving on.
SSL certificate
This module assumes that you want - and enforces - HTTPS on the load balancer that serves Grafana to your users. This means that you will need to have an SSL certificate created/imported in AWS's Certificate Manager (ACM). How to do that is outside the scope of this article.
Network setup
Another assumption this module makes is that you have at least one private subnet (inaccessible from the Internet) and one public subnet (accessible from the Internet) in your VPC. This is a standard, recommended setup.
In the background, the module deploys Grafana in the private subnet(s) and the Load balancer that serves it in the public subnet(s).
Terraform setup
Last but not least, you should have a working Terraform setup. The assumption here is that if you plan to import a module like this one, you already have a working Terraform codebase to manage your infrastructure.
Deployment with Terraform
- Git clone the module from Github:
git clone git@github.com:56kcloud/terraform-grafana.git - Move the module to wherever you store your Terraform modules. As an example, let's assume you have a
infrastructure/terraformdirectory for your Terraform codebase:mkdir -p infrastructure/terraform/modules && mv terraform-grafana.git infrastructure/terraform/modules/grafana - Call the module in your main
.tffile and configure it. Continuing with our assumptions, let's say you have amain.tffile where you instantiate your modules. Add to that file the following code:
module "grafana" { source = "<path_to_the_grafana_module_relative_to_this_file>" aws_region = "<region_where_to_deploy>" service_name = "grafana" platform_version = "1.4.0" #required ecs_cluster = "<the_id_of_ecs_cluster_to_deploy>" image = "grafana/grafana" image_version = "7.0.0-beta3" container_port = 3000 cloudwatch_log_group_name = "/ecs/grafana" cpu = 1024 memory = 2048 desired_number_of_tasks = 1 allow_inbound_from_cidr_blocks = "0.0.0.0/0" vpc_id = <the_id_of_vpc> private_subnet_ids = [<list_of_private_subnet_ids>] public_subnet_ids = [<list_of_public_subnet_ids>] create_route53_entry = true ssl_cert_arn = <the_arn_of_the_acm_ssl_cert> }
- Run Terraform! It should deploy all the required resourced. In the end you should have a load balancer available serving Grafana. You can point a DNS entry to that load balancer.
- Access that Grafana instance and you should be able to manage it like any other Grafana deployment.
Connecting to AWS Cloudwatch
Grafana's admin interface offers a AWS Cloudwatch connecter. Install and configure it to be able to pull data from Cloudwatch and build nice dashboards based on it.
Find out more about 56K.Cloud
We love Cloud, IoT, Containers, DevOps, and Infrastructure as Code. If you are interested in chatting connect with us on Twitter or drop us an email: info@56K.Cloud. We hope you found this article helpful. If there is anything you would like to contribute or you have questions, please let us know!