PMM3 Helm Chart - Grafana LDAP configuration file

Percona Monitoring and Management (PMM) PMM 3.x
1

Hi there!

I was trying to configure ldap auth on my pmm3 server installed on k8s with the official helm chart but, as per the offical grafana docs, you need to configure the server parameters in a toml file specified by the ‘GF_AUTH_LDAP_CONFIG_FILE’ env var.

Here’s a snippet of my values.yaml:

image:
  repository: <proxy-repo-url>/percona/pmm-server
ingress:
  enabled: true
  ingressClassName: nginx
  hosts:
    - host: xxx
      paths:
        - '/'
storage:
  storageClassName: longhorn
  size: 10Gi
pmmEnv:
  PMM_ENABLE_UPDATES: 'false'
  # Mail alerts
  GF_SMTP_ENABLED: 'true'
  GF_SMTP_SKIP_VERIFY: 'true'
  GF_SMTP_HOST: xxx
  GF_SMTP_FROM_ADDRESS: xxx
  GF_SMTP_FROM_NAME: 'Percona Monitoring and Management'
  # Ldap Auth
  GF_AUTH_LDAP_ENABLED: 'true'
  GF_AUTH_LDAP_SKIP_ORG_ROLE_SYNC: 'true'
  GF_AUTH_LDAP_CONFIG_FILE: /etc/grafana/ldap.toml
  GF_LOG_FILTERS: ldap:debug

I can see in the chart’s template values.yaml file that there are the extraVolumeMounts and extraVolumes parameters, but there is no example configuration provided, is there any ‘standard’ way to configure that file in the values.yaml? Has anyone done this before?

Thanks.

2

Hi, while trying stuff out i came up with the following configuration that does what i need, you need to apply the following configmap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: pmm-ldap-config
  namespace: <pmm-namespace>
data:
  ldap.toml: |
    # LDAP Configuration file for Grafana

and add the following parameters to the values.yaml:

extraVolumes:
  - name: ldap-config
    configMap:
      name: pmm-ldap-config
extraVolumeMounts:
  - name: ldap-config
    mountPath: /etc/grafana/ldap.toml
    subPath: ldap.toml

Now i just need to get it working with Active directory :sweat_smile:.
Happy thinkering!

2 Likes