Running Prometheus & Grafana


This is an example deployment that includes Prometheus and Grafana in a single deployment.

The default installation contains:

  • Grafana: A visualization dashboard with Cilium Dashboard pre-loaded.
  • Prometheus: a time series database and monitoring system.
$ kubectl apply -f
configmap/cilium-metrics-config created
namespace/cilium-monitoring created
configmap/prometheus created
deployment.extensions/prometheus created created created
serviceaccount/prometheus-k8s created
service/prometheus created
deployment.extensions/grafana created
service/grafana created
configmap/grafana-config created

Deploy Cilium with metrics enabled

Both cilium-agent and cilium-operator do not expose metrics by default. Enabling metrics for these services will open ports 9090 and 6942 on all nodes of your cluster where these components are running.

To deploy Cilium with metrics enabled, set the global.prometheus.enabled=true Helm value:


First, make sure you have Helm 3 installed.

If you have (or planning to have) Helm 2 charts (and Tiller) in the same cluster, there should be no issue as both version are mutually compatible in order to support gradual migration. Cilium chart is targeting Helm 3 (v3.0.3 and above).

Setup helm repository:

helm repo add cilium

Deploy Cilium release via Helm:

helm install cilium cilium/cilium --version 1.7.6 \
   --namespace kube-system \
   --set global.prometheus.enabled=true


You can combine the global.prometheus.enabled=true option with any of the other installation guides.

How to access Grafana

Expose the port on your local machine

kubectl -n cilium-monitoring port-forward service/grafana 3000:3000

Access it via your browser: https://localhost:3000

How to access Prometheus

Expose the port on your local machine

kubectl -n cilium-monitoring port-forward service/prometheus 9090:9090

Access it via your browser: https://localhost:9090







../../_images/grafana_policy.png ../../_images/grafana_policy2.png