add persistent volumes to prometheus/grafana

4 files changed, 114 insertions, 31 deletions

diff --git a/f3s/prometheus/Justfile b/f3s/prometheus/Justfile
new file mode 100644
index 0000000..2eae235
--- /dev/null
+++ b/f3s/prometheus/Justfile
@@ -0,0 +1,9 @@
+install:
+    kubectl apply -f persistent-volumes.yaml
+    helm install prometheus prometheus-community/kube-prometheus-stack --namespace monitoring -f persistence-values.yaml
+    just -f grafana-ingress/Justfile install
+
+uninstall:
+    just -f grafana-ingress/Justfile delete
+    helm uninstall prometheus --namespace monitoring
+    kubectl delete -f persistent-volumes.yaml
\ No newline at end of file
diff --git a/f3s/prometheus/README.md b/f3s/prometheus/README.md
index 5a1ede1..1ac093c 100644
--- a/f3s/prometheus/README.md
+++ b/f3s/prometheus/README.md
@@ -1,46 +1,41 @@
 # Prometheus installation
 
-## Prometheus stack installation
+This directory contains the configuration to deploy the kube-prometheus-stack, with persistent storage for Prometheus and Grafana, and a Grafana ingress.
 
-First, install the Prometheus Helm chart using the following commands:
+## Prerequisites
 
-```sh
-kubectl greate ns monitoring
-helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
-helm repo update
-```
+1.  Create the monitoring namespace:
 
-Followed by the actual installation into the monitoring namespace:
-  
-```sh
-helm install prometheus prometheus-community/kube-prometheus-stack --namespace monitoring
+    ```sh
+    kubectl create ns monitoring
+    ```
 
-NAME: prometheus
-LAST DEPLOYED: Wed Oct 22 09:22:00 2025
-NAMESPACE: monitoring
-STATUS: deployed
-REVISION: 1
-NOTES:
-kube-prometheus-stack has been installed. Check its status by running:
-  kubectl --namespace monitoring get pods -l "release=prometheus"
+2.  Add the Prometheus Helm chart repository:
 
-Get Grafana 'admin' user password by running:
+    ```sh
+    helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+    helm repo update
+    ```
 
-  kubectl --namespace monitoring get secrets prometheus-grafana -o jsonpath="{.data.admin-password}" | base64 -d ; echo
+3.  Create the directories on your NFS server:
 
-Access Grafana local instance:
+    ```sh
+    mkdir -p /data/nfs/k3svolumes/prometheus/data
+    mkdir -p /data/nfs/k3svolumes/grafana/data
+    ```
 
-  export POD_NAME=$(kubectl --namespace monitoring get pod -l "app.kubernetes.io/name=grafana,app.kubernetes.io/instance=prometheus" -oname)
-  kubectl --namespace monitoring port-forward $POD_NAME 3000
+## Automation with Justfile
 
-Visit https://github.com/prometheus-operator/kube-prometheus for instructions on how to create & configure Alertmanager and Prometheus instances using the Operator.
+A `Justfile` is provided to automate the installation and uninstallation process.
 
-```
+-   To install everything, run:
 
-## Grafana Ingress
+    ```sh
+    just install
+    ```
 
-After this, deploy Grafana Ingress:
+-   To uninstall everything, run:
 
-```
-helm install grafana-ingress ./grafana-ingress
-```
+    ```sh
+    just uninstall
+    ```
diff --git a/f3s/prometheus/persistence-values.yaml b/f3s/prometheus/persistence-values.yaml
new file mode 100644
index 0000000..5bdd996
--- /dev/null
+++ b/f3s/prometheus/persistence-values.yaml
@@ -0,0 +1,31 @@
+prometheus:
+  prometheusSpec:
+    storageSpec:
+      volumeClaimTemplate:
+        spec:
+          storageClassName: ""
+          accessModes: ["ReadWriteOnce"]
+          resources:
+            requests:
+              storage: 10Gi
+          selector:
+            matchLabels:
+              type: local
+              app: prometheus
+
+grafana:
+  persistence:
+    enabled: true
+    type: pvc
+    existingClaim: "grafana-data-pvc"
+
+  # Disable the init container that chowns the data directory.
+  # This is necessary when using NFS volumes, as the chown operation will fail.
+  initChownData: false
+
+  # Set the security context for the grafana pod.
+  # The fsGroup should match the group that owns the data directory on the NFS server.
+  podSecurityContext:
+    fsGroup: 911
+    runAsUser: 911
+    runAsGroup: 911
\ No newline at end of file
diff --git a/f3s/prometheus/persistent-volumes.yaml b/f3s/prometheus/persistent-volumes.yaml
new file mode 100644
index 0000000..ec1e03b
--- /dev/null
+++ b/f3s/prometheus/persistent-volumes.yaml
@@ -0,0 +1,48 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: prometheus-data-pv
+  labels:
+    type: local
+    app: prometheus
+spec:
+  capacity:
+    storage: 10Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /data/nfs/k3svolumes/prometheus/data
+    type: Directory
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: grafana-data-pv
+spec:
+  capacity:
+    storage: 2Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /data/nfs/k3svolumes/grafana/data
+    type: Directory
+  claimRef:
+    namespace: monitoring
+    name: grafana-data-pvc
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: grafana-data-pvc
+  namespace: monitoring
+spec:
+  storageClassName: ""
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 2Gi