Prometheus and Grafana are a classic combo for Kubernetes observability. Helm charts make it quick to deploy, configure scraping, and stand up dashboards without hand-rolling manifests.

Prerequisites

• A Kubernetes cluster with kubectl and Helm configured.
• Admin access to create namespaces, services, and secrets.

Step 1: Add Helm repos

helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update

Step 2: Create a namespace

kubectl create namespace observability

Step 3: Install Prometheus (stack)

The kube-prometheus-stack chart bundles Prometheus, Alertmanager, exporters, and Grafana. If you prefer Grafana separately, you can disable it in values.

helm install prom prometheus-community/kube-prometheus-stack \
  -n observability \
  --set grafana.enabled=false

This sets up ServiceMonitors, scraping, and CRDs for the stack. If you want Grafana included, set grafana.enabled=true (default) and skip the separate Grafana install below.

Step 4: Install Grafana (separate)

helm install grafana grafana/grafana \
  -n observability \
  --set adminPassword='change-me' \
  --set service.type=LoadBalancer

Adjust service.type to ClusterIP + ingress if you use an ingress controller.

Step 5: Connect Grafana to Prometheus

• Get the Prometheus service URL:

  kubectl get svc -n observability prom-kube-prometheus-stack-prometheus

• Port-forward temporarily:

  kubectl port-forward -n observability svc/prom-kube-prometheus-stack-prometheus 9090:9090

• In Grafana: Configuration → Data sources → Add Prometheus → URL http://prom-kube-prometheus-stack-prometheus.observability:9090 → Save & test.

Step 6: Dashboards

• Import popular IDs (e.g., 6417 “Kubernetes cluster monitoring”, 1860 “Node exporter full”).
• Set the Prometheus data source for each imported dashboard.

Step 7: Secure access

• Use Ingress with TLS for Grafana; restrict with network policies if needed.
• Rotate the admin password or use an auth proxy/OIDC.
• Limit Prometheus endpoints via network policies and RBAC.

Step 8: Alerts

• kube-prometheus-stack ships with Alertmanager; configure receivers (email/Slack/PagerDuty) in alertmanager.yaml values.
• Tune alert rules to match SLOs; avoid noisy defaults.

Step 9: Customize scraping

• Create ServiceMonitor resources for in-cluster apps; label services with release: prom (or your chosen release) to match the selector.
• For external targets, use PodMonitor or static configs via values overrides.

Values overrides (example)

helm upgrade --install prom prometheus-community/kube-prometheus-stack -n observability -f - <<'EOF'
grafana:
  enabled: false
prometheus:
  prometheusSpec:
    retention: 15d
    resources:
      requests:
        memory: 1Gi
        cpu: 250m
alertmanager:
  alertmanagerSpec:
    resources:
      requests:
        memory: 512Mi
        cpu: 100m
EOF

Cleanup

helm uninstall prom -n observability
helm uninstall grafana -n observability
kubectl delete namespace observability

With Helm, Prometheus and Grafana go from zero to usable in a few commands. Secure the endpoints, tune alerts, and import the dashboards your team needs to make Kubernetes behavior visible.