Grafana
Grafana
Section titled “Grafana”Grafana is an open-source analytics and visualization platform used to build dashboards from metrics, logs, and time-series data. Running it as a container on RouterOS lets you visualize router and network metrics without a separate server.
The official grafana/grafana image supports ARM32, ARM64, and AMD64 architectures via a multi-arch manifest. Recommended minimum requirements are 256 MB RAM and 500 MB available storage for the container image and persistent data.
Prerequisites
Section titled “Prerequisites”- RouterOS v7.4 or later
containerpackage installed- External storage device (USB, SATA, or NVMe recommended)
- Device mode with container support enabled
Container Mode
Section titled “Container Mode”Enable container support in device mode and reboot:
/system/device-mode/update container=yesAfter executing this command, confirm by pressing the reset button (or cold-rebooting x86 devices). The router must restart before container functionality is available.
Networking Configuration
Section titled “Networking Configuration”Create a dedicated bridge and veth interface for the Grafana container:
/interface/bridge/add name=containers/ip/address/add address=172.19.0.1/24 interface=containers/interface/veth/add name=veth-grafana address=172.19.0.2/24 gateway=172.19.0.1/interface/bridge/port/add bridge=containers interface=veth-grafana/ip/firewall/nat/add chain=srcnat src-address=172.19.0.0/24 action=masqueradeIf you are already running other containers, use a different subnet (e.g., 172.19.0.0/24) to avoid overlap with existing container networks.
Port Forwarding
Section titled “Port Forwarding”Expose the Grafana web UI to your LAN:
/ip/firewall/nat/add chain=dstnat in-interface=ether2 protocol=tcp dst-port=3000 action=dst-nat to-addresses=172.19.0.2 to-ports=3000If your firewall forward chain default policy is drop, add an explicit accept rule:
/ip/firewall/filter/add chain=forward dst-address=172.19.0.2 protocol=tcp dst-port=3000 action=accept place-before=0Storage Configuration
Section titled “Storage Configuration”Grafana stores its database, plugins, and configuration under /var/lib/grafana inside the container. Create the directory and register the mount:
/file/add name=disk1/grafana/data type=directory/container/mounts/add name=grafana-data src=disk1/grafana/data dst=/var/lib/grafanaEnvironment Variables
Section titled “Environment Variables”Set the admin credentials and optional timezone:
/container/envs/add list=grafana-env key=GF_SECURITY_ADMIN_USER value=admin/container/envs/add list=grafana-env key=GF_SECURITY_ADMIN_PASSWORD value=ChangeMeStrong!/container/envs/add list=grafana-env key=TZ value=UTC| Variable | Description | Default |
|---|---|---|
GF_SECURITY_ADMIN_USER | Initial admin username | admin |
GF_SECURITY_ADMIN_PASSWORD | Initial admin password | admin |
GF_SERVER_HTTP_PORT | HTTP port Grafana listens on | 3000 |
GF_PATHS_DATA | Override data directory path | /var/lib/grafana |
TZ | Timezone for displayed timestamps | UTC |
Pulling the Image
Section titled “Pulling the Image”Configure the registry and create the container:
/container/config/set registry-url=https://registry-1.docker.io tmpdir=disk1/tmp/container/add \ remote-image=grafana/grafana:latest \ interface=veth-grafana \ root-dir=disk1/grafana/root \ mounts=grafana-data \ envlist=grafana-env \ logging=yes \ start-on-boot=yesMonitor image extraction:
/container/printWait until status=stopped before starting the container.
Starting the Container
Section titled “Starting the Container”/container/start 0Verify the container is running:
/container/printThe status should change to status=running within a few seconds.
Accessing the Web UI
Section titled “Accessing the Web UI”Open a browser and navigate to http://<router-LAN-IP>:3000. Log in with the admin credentials set in the environment variables.
On first login, Grafana prompts you to change the default password if you used the built-in default. After login, add a data source such as Prometheus and create dashboards.
Connecting to Prometheus
Section titled “Connecting to Prometheus”If you are also running Prometheus as a container on the same router, add it as a Grafana data source:
- Navigate to Connections → Data sources → Add data source.
- Select Prometheus.
- Set the URL to
http://172.18.0.2:9090(the Prometheus container’s veth IP and port). - Click Save & test.
Resource Usage
Section titled “Resource Usage”| Resource | Typical Usage (idle) |
|---|---|
| RAM | 150–300 MB |
| CPU | < 5% at idle |
| Storage | ~300 MB image + data directory (grows with dashboards and plugins) |
Container logs are accessible via:
/log print where topics~"container"Troubleshooting
Section titled “Troubleshooting”Container fails to start
Section titled “Container fails to start”Check that the data directory exists and the mount is correctly registered:
/container/mounts/print/file/print where name~"grafana"Enable logging and inspect the output:
/container/set 0 logging=yes/container/start 0/log printPort 3000 not accessible
Section titled “Port 3000 not accessible”Confirm the container is running and the veth interface has an address:
/container/print/interface/veth/printCheck that the NAT and firewall forward rules are in place. If the browser shows a connection refused error, verify Grafana finished starting — it can take 10–15 seconds on first boot.
Permission errors on /var/lib/grafana
Section titled “Permission errors on /var/lib/grafana”Grafana runs as UID 472 by default. If you see permission errors in the logs after mounting external storage, set the container user explicitly:
/container/set 0 user=472:472Related Information
Section titled “Related Information”- Container — core container feature documentation
- VETH — virtual ethernet interface details
- Prometheus — metrics collection to pair with Grafana dashboards
- Diagnostics and Monitoring — RouterOS built-in monitoring tools