Closed onedr0p closed 3 months ago
--- kubernetes/storage/apps/observability/promtail/app Kustomization: flux-system/promtail HelmRelease: observability/promtail
+++ kubernetes/storage/apps/observability/promtail/app Kustomization: flux-system/promtail HelmRelease: observability/promtail
@@ -25,13 +25,13 @@
cleanupOnFail: true
remediation:
retries: 3
values:
config:
clients:
- - url: http://loki-gateway.observability.svc.cluster.local/loki/api/v1/push
+ - url: http://loki-headless.observability.svc.cluster.local:3100/loki/api/v1/push
snippets:
extraScrapeConfigs: |
- job_name: journal
journal:
path: /var/log/journal
max_age: 12h
--- kubernetes/storage/apps/observability/loki/app Kustomization: flux-system/loki HelmRelease: observability/loki
+++ kubernetes/storage/apps/observability/loki/app Kustomization: flux-system/loki HelmRelease: observability/loki
@@ -36,17 +36,13 @@
backend:
replicas: 0
chunksCache:
enabled: false
deploymentMode: SingleBinary
gateway:
- image:
- registry: ghcr.io
- ingress:
- enabled: false
- replicas: 1
+ replicas: 0
loki:
commonConfig:
replication_factor: 1
ingester:
chunk_encoding: snappy
schemaConfig:
--- kubernetes/storage/apps/observability/grafana/app Kustomization: flux-system/grafana HelmRelease: observability/grafana
+++ kubernetes/storage/apps/observability/grafana/app Kustomization: flux-system/grafana HelmRelease: observability/grafana
@@ -168,13 +168,13 @@
- access: proxy
jsonData:
maxLines: 250
name: Loki
type: loki
uid: loki
- url: http://loki-gateway.observability.svc.cluster.local
+ url: http://loki-headless.observability.svc.cluster.local:3100
- access: proxy
jsonData:
implementation: prometheus
name: Alertmanager
type: alertmanager
uid: alertmanager
--- HelmRelease: observability/loki Deployment: observability/loki-gateway
+++ HelmRelease: observability/loki Deployment: observability/loki-gateway
@@ -7,13 +7,13 @@
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: gateway
spec:
- replicas: 1
+ replicas: 0
strategy:
type: RollingUpdate
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
@@ -33,13 +33,13 @@
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101
terminationGracePeriodSeconds: 30
containers:
- name: nginx
- image: ghcr.io/nginxinc/nginx-unprivileged:1.24-alpine
+ image: docker.io/nginxinc/nginx-unprivileged:1.24-alpine
imagePullPolicy: IfNotPresent
ports:
- name: http-metrics
containerPort: 8080
protocol: TCP
readinessProbe:
--- HelmRelease: observability/grafana ConfigMap: observability/grafana
+++ HelmRelease: observability/grafana ConfigMap: observability/grafana
@@ -42,13 +42,13 @@
- access: proxy
jsonData:
maxLines: 250
name: Loki
type: loki
uid: loki
- url: http://loki-gateway.observability.svc.cluster.local
+ url: http://loki-headless.observability.svc.cluster.local:3100
- access: proxy
jsonData:
implementation: prometheus
name: Alertmanager
type: alertmanager
uid: alertmanager
--- kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/loki
+++ kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/loki
@@ -12,14 +12,12 @@
labels:
app.kubernetes.io/name: loki
decryption:
provider: sops
secretRef:
name: sops-age
- dependsOn:
- - name: external-secrets-stores
interval: 30m
path: ./kubernetes/main/apps/observability/loki/app
postBuild:
substituteFrom:
- kind: ConfigMap
name: cluster-settings
--- kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/vector
+++ kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/vector
@@ -1,36 +0,0 @@
----
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
- labels:
- kustomize.toolkit.fluxcd.io/name: cluster-apps
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector
- namespace: flux-system
-spec:
- commonMetadata:
- labels:
- app.kubernetes.io/name: vector
- decryption:
- provider: sops
- secretRef:
- name: sops-age
- dependsOn:
- - name: external-secrets-stores
- interval: 30m
- path: ./kubernetes/main/apps/observability/vector/app
- postBuild:
- substituteFrom:
- - kind: ConfigMap
- name: cluster-settings
- - kind: Secret
- name: cluster-secrets
- prune: true
- retryInterval: 1m
- sourceRef:
- kind: GitRepository
- name: home-kubernetes
- targetNamespace: observability
- timeout: 15m
- wait: false
-
--- kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/promtail
+++ kubernetes/main/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/promtail
@@ -0,0 +1,34 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: promtail
+ namespace: flux-system
+spec:
+ commonMetadata:
+ labels:
+ app.kubernetes.io/name: promtail
+ decryption:
+ provider: sops
+ secretRef:
+ name: sops-age
+ interval: 30m
+ path: ./kubernetes/main/apps/observability/promtail/app
+ postBuild:
+ substituteFrom:
+ - kind: ConfigMap
+ name: cluster-settings
+ - kind: Secret
+ name: cluster-secrets
+ prune: true
+ retryInterval: 1m
+ sourceRef:
+ kind: GitRepository
+ name: home-kubernetes
+ targetNamespace: observability
+ timeout: 5m
+ wait: false
+
--- kubernetes/main/apps/observability/loki/app Kustomization: flux-system/loki ObjectBucketClaim: observability/loki-bucket
+++ kubernetes/main/apps/observability/loki/app Kustomization: flux-system/loki ObjectBucketClaim: observability/loki-bucket
@@ -1,14 +0,0 @@
----
-apiVersion: objectbucket.io/v1alpha1
-kind: ObjectBucketClaim
-metadata:
- labels:
- app.kubernetes.io/name: loki
- kustomize.toolkit.fluxcd.io/name: loki
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: loki-bucket
- namespace: observability
-spec:
- bucketName: loki
- storageClassName: ceph-bucket
-
--- kubernetes/main/apps/observability/loki/app Kustomization: flux-system/loki HelmRelease: observability/loki
+++ kubernetes/main/apps/observability/loki/app Kustomization: flux-system/loki HelmRelease: observability/loki
@@ -17,18 +17,12 @@
name: grafana
namespace: flux-system
version: 6.6.3
dependsOn:
- name: openebs
namespace: openebs-system
- - name: rook-ceph-cluster
- namespace: rook-ceph
- - name: vector-agent
- namespace: observability
- - name: vector-aggregator
- namespace: observability
install:
crds: Skip
remediation:
retries: 3
interval: 30m
timeout: 15m
@@ -37,120 +31,51 @@
crds: Skip
remediation:
retries: 3
strategy: rollback
values:
backend:
- persistence:
- size: 20Gi
- storageClass: openebs-hostpath
- replicas: 2
- deploymentMode: SimpleScalable
+ replicas: 0
+ chunksCache:
+ enabled: false
+ deploymentMode: SingleBinary
gateway:
- image:
- registry: ghcr.io
- ingress:
- annotations:
- external-dns.alpha.kubernetes.io/target: internal.devbu.io
- enabled: true
- hosts:
- - host: loki.devbu.io
- paths:
- - path: /
- pathType: Prefix
- ingressClassName: internal
- tls: []
- replicas: 2
+ replicas: 0
loki:
+ commonConfig:
+ replication_factor: 1
ingester:
chunk_encoding: snappy
- podAnnotations:
- configmap.reloader.stakater.com/reload: loki-bucket
- secret.reloader.stakater.com/reload: loki-bucket
schemaConfig:
configs:
- from: '2024-04-01'
index:
period: 24h
prefix: loki_index_
- object_store: s3
+ object_store: filesystem
schema: v13
store: tsdb
storage:
- s3:
- insecure: true
- s3ForcePathStyle: true
- type: s3
+ type: filesystem
structuredConfig:
analytics:
reporting_enabled: false
auth_enabled: false
- frontend:
- max_outstanding_per_tenant: 4096
- limits_config:
- ingestion_burst_size_mb: 128
- ingestion_rate_mb: 64
- max_query_parallelism: 100
- per_stream_rate_limit: 64M
- per_stream_rate_limit_burst: 128M
- reject_old_samples: true
- reject_old_samples_max_age: 168h
- retention_period: 30d
- shard_streams:
- enabled: true
- split_queries_by_interval: 1h
- query_scheduler:
- max_outstanding_requests_per_tenant: 4096
- ruler:
- alertmanager_url: http://alertmanager-operated.observability.svc.cluster.local:9093
- enable_alertmanager_v2: true
- enable_api: true
- rule_path: /rules/fake
- storage:
- local:
- directory: /rules
- type: local
server:
- grpc_listen_port: 9095
- grpc_server_max_recv_msg_size: 8388608
- grpc_server_max_send_msg_size: 8388608
- http_listen_port: 3100
log_level: info
lokiCanary:
enabled: false
read:
- replicas: 2
- sidecar:
- image:
- repository: ghcr.io/kiwigrid/k8s-sidecar
- rules:
- folder: /rules/fake
- searchNamespace: ALL
+ replicas: 0
+ resultsCache:
+ enabled: false
+ singleBinary:
+ persistence:
+ enabled: true
+ size: 50Gi
+ storageClass: openebs-hostpath
+ replicas: 1
test:
enabled: false
write:
- persistence:
- size: 20Gi
- storageClass: openebs-hostpath
- replicas: 2
- valuesFrom:
- - kind: ConfigMap
- name: loki-bucket
- targetPath: loki.storage.bucketNames.chunks
- valuesKey: BUCKET_NAME
- - kind: ConfigMap
- name: loki-bucket
- targetPath: loki.storage.s3.endpoint
- valuesKey: BUCKET_HOST
- - kind: ConfigMap
- name: loki-bucket
- targetPath: loki.storage.s3.region
- valuesKey: BUCKET_REGION
- - kind: Secret
- name: loki-bucket
- targetPath: loki.storage.s3.accessKeyId
- valuesKey: AWS_ACCESS_KEY_ID
- - kind: Secret
- name: loki-bucket
- targetPath: loki.storage.s3.secretAccessKey
- valuesKey: AWS_SECRET_ACCESS_KEY
+ replicas: 0
--- kubernetes/main/apps/observability/grafana/app Kustomization: flux-system/grafana HelmRelease: observability/grafana
+++ kubernetes/main/apps/observability/grafana/app Kustomization: flux-system/grafana HelmRelease: observability/grafana
@@ -262,13 +262,13 @@
- access: proxy
jsonData:
maxLines: 250
name: Loki
type: loki
uid: loki
- url: http://loki-gateway.observability.svc.cluster.local
+ url: http://loki-headless.observability.svc.cluster.local:3100
- access: proxy
jsonData:
implementation: prometheus
name: Alertmanager
type: alertmanager
uid: alertmanager
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector HelmRelease: observability/vector-agent
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector HelmRelease: observability/vector-agent
@@ -1,110 +0,0 @@
----
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-agent
- namespace: observability
-spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.2.1
- dependsOn:
- - name: vector-aggregator
- namespace: observability
- install:
- remediation:
- retries: 3
- interval: 30m
- timeout: 15m
- upgrade:
- cleanupOnFail: true
- remediation:
- retries: 3
- strategy: rollback
- values:
- controllers:
- vector-agent:
- annotations:
- reloader.stakater.com/auto: 'true'
- containers:
- app:
- args:
- - --config
- - /etc/vector/vector.yaml
- env:
- PROCFS_ROOT: /host/proc
- SYSFS_ROOT: /host/sys
- VECTOR_SELF_NODE_NAME:
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: spec.nodeName
- VECTOR_SELF_POD_NAME:
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- VECTOR_SELF_POD_NAMESPACE:
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image:
- repository: docker.io/timberio/vector
- tag: 0.39.0-alpine@sha256:018e43618e374eb3f52ec0d1067a056c75c4c90ffcec967d4019e0731d31afc7
- securityContext:
- privileged: true
- strategy: RollingUpdate
- type: daemonset
- persistence:
- config:
- enabled: true
- globalMounts:
- - path: /etc/vector/vector.yaml
- readOnly: true
- subPath: vector.yaml
- name: vector-agent-configmap
- type: configMap
- data:
- globalMounts:
- - path: /vector-data-dir
- type: emptyDir
- procfs:
- globalMounts:
- - path: /host/proc
- readOnly: true
- hostPath: /proc
- hostPathType: Directory
- type: hostPath
- sysfs:
- globalMounts:
- - path: /host/sys
- readOnly: true
- hostPath: /sys
- hostPathType: Directory
- type: hostPath
- var-lib:
- globalMounts:
- - readOnly: true
- hostPath: /var/lib
- hostPathType: Directory
- type: hostPath
- var-log:
- globalMounts:
- - readOnly: true
- hostPath: /var/log
- hostPathType: Directory
- type: hostPath
- serviceAccount:
- create: true
- name: vector-agent
-
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ClusterRole: flux-system/vector-agent
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ClusterRole: flux-system/vector-agent
@@ -1,20 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-agent
-rules:
-- apiGroups:
- - ''
- resources:
- - namespaces
- - nodes
- - pods
- verbs:
- - list
- - watch
-
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ClusterRoleBinding: flux-system/vector-agent
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ClusterRoleBinding: flux-system/vector-agent
@@ -1,18 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-agent
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: vector-agent
-subjects:
-- kind: ServiceAccount
- name: vector-agent
- namespace: observability
-
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ConfigMap: observability/vector-agent-configmap
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ConfigMap: observability/vector-agent-configmap
@@ -1,38 +0,0 @@
----
-apiVersion: v1
-data:
- vector.yaml: |
- ---
- data_dir: /vector-data-dir
-
- sources:
- kubernetes_source:
- type: kubernetes_logs
- use_apiserver_cache: true
- pod_annotation_fields:
- container_image: container_image
- container_name: container_name
- pod_labels: pod_labels
- pod_name: pod_name
- pod_annotations: ""
- namespace_annotation_fields:
- namespace_labels: ""
- node_annotation_fields:
- node_labels: ""
-
- sinks:
- kubernetes:
- type: vector
- compression: true
- version: "2"
- address: vector-aggregator.observability.svc.cluster.local:6010
- inputs: ["kubernetes_source"]
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-agent-configmap
- namespace: observability
-
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector HelmRelease: observability/vector-aggregator
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector HelmRelease: observability/vector-aggregator
@@ -1,76 +0,0 @@
----
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-aggregator
- namespace: observability
-spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.2.1
- install:
- remediation:
- retries: 3
- interval: 30m
- timeout: 15m
- upgrade:
- cleanupOnFail: true
- remediation:
- retries: 3
- strategy: rollback
- values:
- controllers:
- vector-aggregator:
- annotations:
- reloader.stakater.com/auto: 'true'
- containers:
- app:
- args:
- - --config
- - /etc/vector/vector.yaml
- image:
- repository: docker.io/timberio/vector
- tag: 0.39.0-alpine@sha256:018e43618e374eb3f52ec0d1067a056c75c4c90ffcec967d4019e0731d31afc7
- probes:
- liveness:
- enabled: true
- readiness:
- enabled: true
- strategy: RollingUpdate
- persistence:
- config:
- globalMounts:
- - path: /etc/vector/vector.yaml
- readOnly: true
- subPath: vector.yaml
- name: vector-aggregator-configmap
- type: configMap
- data:
- globalMounts:
- - path: /vector-data-dir
- type: emptyDir
- service:
- app:
- annotations:
- external-dns.alpha.kubernetes.io/hostname: vector.devbu.io
- io.cilium/lb-ipam-ips: 192.168.42.127
- controller: vector-aggregator
- ports:
- http:
- port: 8686
- primary: true
- journald:
- port: 6000
- kubernetes:
- port: 6010
- type: LoadBalancer
-
--- kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ConfigMap: observability/vector-aggregator-configmap
+++ kubernetes/main/apps/observability/vector/app Kustomization: flux-system/vector ConfigMap: observability/vector-aggregator-configmap
@@ -1,76 +0,0 @@
----
-apiVersion: v1
-data:
- vector.yaml: |
- ---
- data_dir: /vector-data-dir
- api:
- enabled: true
- address: 0.0.0.0:8686
-
- #
- # Sources
- #
-
- sources:
- journald_source:
- type: vector
- version: "2"
- address: 0.0.0.0:6000
-
- kubernetes_source:
- type: vector
- version: "2"
- address: 0.0.0.0:6010
-
- #
- # Transforms
- #
-
- transforms:
- kubernetes_remap:
- type: remap
- inputs: ["kubernetes_source"]
- source: |
- # Standardize 'app' index
- .custom_app_name = .pod_labels."app.kubernetes.io/name" || .pod_labels.app || .pod_labels."k8s-app" || "unknown"
- # Drop pod_labels
- del(.pod_labels)
-
- #
- # Sinks
- #
-
- sinks:
- journald:
- inputs: ["journald_source"]
- type: loki
- endpoint: http://loki-gateway.observability.svc.cluster.local
- encoding: { codec: json }
- out_of_order_action: accept
- remove_label_fields: true
- remove_timestamp: true
- labels:
- hostname: '{{ host }}'
-
- kubernetes:
- inputs: ["kubernetes_remap"]
- type: loki
- endpoint: http://loki-gateway.observability.svc.cluster.local
- encoding: { codec: json }
- out_of_order_action: accept
- remove_label_fields: true
- remove_timestamp: true
- labels:
- app: '{{ custom_app_name }}'
- namespace: '{{ kubernetes.pod_namespace }}'
- node: '{{ kubernetes.pod_node_name }}'
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: vector
- kustomize.toolkit.fluxcd.io/name: vector
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: vector-aggregator-configmap
- namespace: observability
-
--- kubernetes/main/apps/observability/promtail/app Kustomization: flux-system/promtail HelmRelease: observability/promtail
+++ kubernetes/main/apps/observability/promtail/app Kustomization: flux-system/promtail HelmRelease: observability/promtail
@@ -0,0 +1,35 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ labels:
+ app.kubernetes.io/name: promtail
+ kustomize.toolkit.fluxcd.io/name: promtail
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: promtail
+ namespace: observability
+spec:
+ chart:
+ spec:
+ chart: promtail
+ sourceRef:
+ kind: HelmRepository
+ name: grafana
+ namespace: flux-system
+ version: 6.15.5
+ install:
+ remediation:
+ retries: 3
+ interval: 30m
+ upgrade:
+ cleanupOnFail: true
+ remediation:
+ retries: 3
+ values:
+ config:
+ clients:
+ - url: http://loki-headless.observability.svc.cluster.local:3100/loki/api/v1/push
+ fullnameOverride: promtail
+ serviceMonitor:
+ enabled: true
+
--- HelmRelease: observability/vector-aggregator Service: observability/vector-aggregator
+++ HelmRelease: observability/vector-aggregator Service: observability/vector-aggregator
@@ -1,33 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: vector-aggregator
- labels:
- app.kubernetes.io/instance: vector-aggregator
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: vector-aggregator
- app.kubernetes.io/service: vector-aggregator
- annotations:
- external-dns.alpha.kubernetes.io/hostname: vector.devbu.io
- io.cilium/lb-ipam-ips: 192.168.42.127
-spec:
- type: LoadBalancer
- ports:
- - port: 8686
- targetPort: 8686
- protocol: TCP
- name: http
- - port: 6000
- targetPort: 6000
- protocol: TCP
- name: journald
- - port: 6010
- targetPort: 6010
- protocol: TCP
- name: kubernetes
- selector:
- app.kubernetes.io/component: vector-aggregator
- app.kubernetes.io/instance: vector-aggregator
- app.kubernetes.io/name: vector-aggregator
-
--- HelmRelease: observability/vector-aggregator Deployment: observability/vector-aggregator
+++ HelmRelease: observability/vector-aggregator Deployment: observability/vector-aggregator
@@ -1,70 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: vector-aggregator
- labels:
- app.kubernetes.io/component: vector-aggregator
- app.kubernetes.io/instance: vector-aggregator
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: vector-aggregator
- annotations:
- reloader.stakater.com/auto: 'true'
-spec:
- revisionHistoryLimit: 3
- replicas: 1
- strategy:
- type: RollingUpdate
- selector:
- matchLabels:
- app.kubernetes.io/component: vector-aggregator
- app.kubernetes.io/name: vector-aggregator
- app.kubernetes.io/instance: vector-aggregator
- template:
- metadata:
- labels:
- app.kubernetes.io/component: vector-aggregator
- app.kubernetes.io/instance: vector-aggregator
- app.kubernetes.io/name: vector-aggregator
- spec:
- enableServiceLinks: false
- serviceAccountName: default
- automountServiceAccountToken: true
- hostIPC: false
- hostNetwork: false
- hostPID: false
- dnsPolicy: ClusterFirst
- containers:
- - args:
- - --config
- - /etc/vector/vector.yaml
- image: docker.io/timberio/vector:0.39.0-alpine@sha256:018e43618e374eb3f52ec0d1067a056c75c4c90ffcec967d4019e0731d31afc7
- livenessProbe:
- failureThreshold: 3
- initialDelaySeconds: 0
- periodSeconds: 10
- tcpSocket:
- port: 8686
- timeoutSeconds: 1
- name: app
- readinessProbe:
- failureThreshold: 3
- initialDelaySeconds: 0
- periodSeconds: 10
- tcpSocket:
- port: 8686
- timeoutSeconds: 1
- volumeMounts:
- - mountPath: /etc/vector/vector.yaml
- name: config
- readOnly: true
- subPath: vector.yaml
- - mountPath: /vector-data-dir
- name: data
- volumes:
- - configMap:
- name: vector-aggregator-configmap
- name: config
- - emptyDir: {}
- name: data
-
--- HelmRelease: observability/vector-agent ServiceAccount: observability/vector-agent
+++ HelmRelease: observability/vector-agent ServiceAccount: observability/vector-agent
@@ -1,12 +0,0 @@
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: vector-agent
- labels:
- app.kubernetes.io/instance: vector-agent
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: vector-agent
-secrets:
-- name: vector-agent-sa-token
-
--- HelmRelease: observability/vector-agent DaemonSet: observability/vector-agent
+++ HelmRelease: observability/vector-agent DaemonSet: observability/vector-agent
@@ -1,105 +0,0 @@
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: vector-agent
- labels:
- app.kubernetes.io/component: vector-agent
- app.kubernetes.io/instance: vector-agent
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: vector-agent
- annotations:
- reloader.stakater.com/auto: 'true'
-spec:
- revisionHistoryLimit: 3
- selector:
- matchLabels:
- app.kubernetes.io/component: vector-agent
- app.kubernetes.io/name: vector-agent
- app.kubernetes.io/instance: vector-agent
- template:
- metadata:
- annotations:
- checksum/secrets: 4141e6981f3b767e75a4e744858b9ff414dba5d0ef6afd761f7700061fb6e32e
- labels:
- app.kubernetes.io/component: vector-agent
- app.kubernetes.io/instance: vector-agent
- app.kubernetes.io/name: vector-agent
- spec:
- enableServiceLinks: false
- serviceAccountName: vector-agent
- automountServiceAccountToken: true
- hostIPC: false
- hostNetwork: false
- hostPID: false
- dnsPolicy: ClusterFirst
- containers:
- - args:
- - --config
- - /etc/vector/vector.yaml
- env:
- - name: PROCFS_ROOT
- value: /host/proc
- - name: SYSFS_ROOT
- value: /host/sys
- - name: VECTOR_SELF_NODE_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: spec.nodeName
- - name: VECTOR_SELF_POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: VECTOR_SELF_POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: docker.io/timberio/vector:0.39.0-alpine@sha256:018e43618e374eb3f52ec0d1067a056c75c4c90ffcec967d4019e0731d31afc7
- name: app
- securityContext:
- privileged: true
- volumeMounts:
- - mountPath: /etc/vector/vector.yaml
- name: config
- readOnly: true
- subPath: vector.yaml
- - mountPath: /vector-data-dir
- name: data
- - mountPath: /host/proc
- name: procfs
- readOnly: true
- - mountPath: /host/sys
- name: sysfs
- readOnly: true
- - mountPath: /var/lib
- name: var-lib
- readOnly: true
- - mountPath: /var/log
- name: var-log
- readOnly: true
- volumes:
- - configMap:
- name: vector-agent-configmap
- name: config
- - emptyDir: {}
- name: data
- - hostPath:
- path: /proc
- type: Directory
- name: procfs
- - hostPath:
- path: /sys
- type: Directory
- name: sysfs
- - hostPath:
- path: /var/lib
- type: Directory
- name: var-lib
- - hostPath:
- path: /var/log
- type: Directory
- name: var-log
-
--- HelmRelease: observability/grafana ConfigMap: observability/grafana
+++ HelmRelease: observability/grafana ConfigMap: observability/grafana
@@ -42,13 +42,13 @@
- access: proxy
jsonData:
maxLines: 250
name: Loki
type: loki
uid: loki
- url: http://loki-gateway.observability.svc.cluster.local
+ url: http://loki-headless.observability.svc.cluster.local:3100
- access: proxy
jsonData:
implementation: prometheus
name: Alertmanager
type: alertmanager
uid: alertmanager
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-backend
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-backend
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-chunks-cache
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-chunks-cache
@@ -1,18 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-memcached-chunks-cache
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-gateway
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-gateway
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: gateway
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-read
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-read
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-results-cache
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-results-cache
@@ -1,18 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-memcached-results-cache
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-write
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-write
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- maxUnavailable: 1
-
--- HelmRelease: observability/loki ConfigMap: observability/loki
+++ HelmRelease: observability/loki ConfigMap: observability/loki
@@ -11,131 +11,71 @@
data:
config.yaml: |2
analytics:
reporting_enabled: false
auth_enabled: false
- chunk_store_config:
- chunk_cache_config:
- background:
- writeback_buffer: 500000
- writeback_goroutines: 1
- writeback_size_limit: 500MB
- default_validity: 0s
- memcached:
- batch_size: 4
- parallelism: 5
- memcached_client:
- addresses: dnssrvnoa+_memcached-client._tcp.loki-chunks-cache.observability.svc
- consistent_hash: true
- max_idle_conns: 72
- timeout: 2000ms
common:
- compactor_address: 'http://loki-backend:3100'
+ compactor_address: 'http://loki:3100'
path_prefix: /var/loki
- replication_factor: 3
+ replication_factor: 1
storage:
- s3:
- access_key_id: ""
- bucketnames: ""
- endpoint: ""
- insecure: true
- region: ""
- s3forcepathstyle: true
- secret_access_key: ""
+ filesystem:
+ chunks_directory: /var/loki/chunks
+ rules_directory: /var/loki/rules
frontend:
- max_outstanding_per_tenant: 4096
scheduler_address: ""
tail_proxy_url: http://loki-querier.observability.svc.cluster.local:3100
frontend_worker:
scheduler_address: ""
index_gateway:
mode: simple
ingester:
chunk_encoding: snappy
limits_config:
- ingestion_burst_size_mb: 128
- ingestion_rate_mb: 64
max_cache_freshness_per_query: 10m
- max_query_parallelism: 100
- per_stream_rate_limit: 64M
- per_stream_rate_limit_burst: 128M
query_timeout: 300s
reject_old_samples: true
reject_old_samples_max_age: 168h
- retention_period: 30d
- shard_streams:
- enabled: true
- split_queries_by_interval: 1h
+ split_queries_by_interval: 15m
volume_enabled: true
memberlist:
join_members:
- loki-memberlist
pattern_ingester:
enabled: false
query_range:
align_queries_with_step: true
- cache_results: true
- results_cache:
- cache:
- background:
- writeback_buffer: 500000
- writeback_goroutines: 1
- writeback_size_limit: 500MB
- default_validity: 12h
- memcached_client:
- addresses: dnssrvnoa+_memcached-client._tcp.loki-results-cache.observability.svc
- consistent_hash: true
- timeout: 500ms
- update_interval: 1m
- query_scheduler:
- max_outstanding_requests_per_tenant: 4096
ruler:
- alertmanager_url: http://alertmanager-operated.observability.svc.cluster.local:9093
- enable_alertmanager_v2: true
- enable_api: true
- rule_path: /rules/fake
storage:
- local:
- directory: /rules
- s3:
- access_key_id: ""
- bucketnames: null
- endpoint: ""
- insecure: true
- region: ""
- s3forcepathstyle: true
- secret_access_key: ""
type: local
runtime_config:
file: /etc/loki/runtime-config/runtime-config.yaml
schema_config:
configs:
- from: "2024-04-01"
index:
period: 24h
prefix: loki_index_
- object_store: s3
+ object_store: filesystem
schema: v13
store: tsdb
server:
grpc_listen_port: 9095
- grpc_server_max_recv_msg_size: 8388608
- grpc_server_max_send_msg_size: 8388608
http_listen_port: 3100
http_server_read_timeout: 600s
http_server_write_timeout: 600s
log_level: info
storage_config:
boltdb_shipper:
index_gateway_client:
- server_address: dns+loki-backend-headless.observability.svc.cluster.local:9095
+ server_address: ""
hedging:
at: 250ms
max_per_second: 20
up_to: 3
tsdb_shipper:
index_gateway_client:
- server_address: dns+loki-backend-headless.observability.svc.cluster.local:9095
+ server_address: ""
tracing:
enabled: false
--- HelmRelease: observability/loki ConfigMap: observability/loki-gateway
+++ HelmRelease: observability/loki ConfigMap: observability/loki-gateway
@@ -22,45 +22,45 @@
\ \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"\
';\n access_log /dev/stderr main;\n\n sendfile on;\n tcp_nopush on;\n\
\ resolver kube-dns.kube-system.svc.cluster.local.;\n \n\n server {\n listen\
\ 8080;\n listen [::]:8080;\n\n location = / {\n\
\ return 200 'OK';\n auth_basic off;\n }\n\n ########################################################\n\
\ # Configure backend targets# Distributor\n location = /api/prom/push {\n\
- \ proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/push {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /distributor/ring {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /otlp/v1/logs {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # Ingester\n location = /flush {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /ingester/ {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
+ \ proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /loki/api/v1/push {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /distributor/ring {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /otlp/v1/logs {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n\n # Ingester\n location = /flush {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location ^~ /ingester/ {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n location = /ingester {\n internal; # to suppress 301\n\
- \ }\n\n # Ring\n location = /ring {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n\n # Ring\n location = /ring {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n\n # MemberListKV\n location = /memberlist {\n proxy_pass \
- \ http://loki-write.observability.svc.cluster.local:3100$request_uri;\n \
- \ }\n\n # Ruler\n location = /ruler/ring {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /api/prom/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /api/prom/rules/ {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /loki/api/v1/rules/ {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /prometheus/api/v1/alerts {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /prometheus/api/v1/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n }\n\n\
+ \ # Ruler\n location = /ruler/ring {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /api/prom/rules {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location ^~ /api/prom/rules/ {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /loki/api/v1/rules {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location ^~ /loki/api/v1/rules/ {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /prometheus/api/v1/alerts {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location = /prometheus/api/v1/rules {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n\n # Compactor\n location = /compactor/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/delete {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n }\n\
+ \ location = /loki/api/v1/delete {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n location = /loki/api/v1/cache/generation_numbers {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # IndexGateway\n location = /indexgateway/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # QueryScheduler\n location = /scheduler/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # Config\n location = /config {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n }\n\
+ \n # IndexGateway\n location = /indexgateway/ring {\n proxy_pass \
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n }\n\n\
+ \ # QueryScheduler\n location = /scheduler/ring {\n proxy_pass \
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n }\n\n \
+ \ # Config\n location = /config {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n\n\n # QueryFrontend, Querier\n location = /api/prom/tail {\n \
- \ proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
+ \ proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection\
\ \"upgrade\";\n }\n location = /loki/api/v1/tail {\n proxy_pass \
- \ http://loki-read.observability.svc.cluster.local:3100$request_uri;\n \
- \ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection\
- \ \"upgrade\";\n }\n location ^~ /api/prom/ {\n proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
+ \ http://loki.observability.svc.cluster.local:3100$request_uri;\n proxy_set_header\
+ \ Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n \
+ \ }\n location ^~ /api/prom/ {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n location = /api/prom {\n internal; # to suppress 301\n\
- \ }\n location ^~ /loki/api/v1/ {\n proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
+ \ }\n location ^~ /loki/api/v1/ {\n proxy_pass http://loki.observability.svc.cluster.local:3100$request_uri;\n\
\ }\n location = /loki/api/v1 {\n internal; # to suppress 301\n\
\ }\n }\n}\n"
--- HelmRelease: observability/loki ClusterRole: observability/loki-clusterrole
+++ HelmRelease: observability/loki ClusterRole: observability/loki-clusterrole
@@ -1,20 +0,0 @@
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- name: loki-clusterrole
-rules:
-- apiGroups:
- - ''
- resources:
- - configmaps
- - secrets
- verbs:
- - get
- - watch
- - list
-
--- HelmRelease: observability/loki ClusterRoleBinding: observability/loki-clusterrolebinding
+++ HelmRelease: observability/loki ClusterRoleBinding: observability/loki-clusterrolebinding
@@ -1,18 +0,0 @@
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: loki-clusterrolebinding
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
-subjects:
-- kind: ServiceAccount
- name: loki
- namespace: observability
-roleRef:
- kind: ClusterRole
- name: loki-clusterrole
- apiGroup: rbac.authorization.k8s.io
-
--- HelmRelease: observability/loki Service: observability/loki-query-scheduler-discovery
+++ HelmRelease: observability/loki Service: observability/loki-query-scheduler-discovery
@@ -1,29 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-query-scheduler-discovery
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- publishNotReadyAddresses: true
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-backend-headless
+++ HelmRelease: observability/loki Service: observability/loki-backend-headless
@@ -1,29 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-backend-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-backend
+++ HelmRelease: observability/loki Service: observability/loki-backend
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-chunks-cache
+++ HelmRelease: observability/loki Service: observability/loki-chunks-cache
@@ -1,26 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-chunks-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-chunks-cache
- namespace: observability
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: memcached-client
- port: 11211
- targetPort: 11211
- - name: http-metrics
- port: 9150
- targetPort: 9150
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
-
--- HelmRelease: observability/loki Service: observability/loki-read-headless
+++ HelmRelease: observability/loki Service: observability/loki-read-headless
@@ -1,30 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-read-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- appProtocol: tcp
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
-
--- HelmRelease: observability/loki Service: observability/loki-read
+++ HelmRelease: observability/loki Service: observability/loki-read
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
-
--- HelmRelease: observability/loki Service: observability/loki-results-cache
+++ HelmRelease: observability/loki Service: observability/loki-results-cache
@@ -1,26 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-results-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-results-cache
- namespace: observability
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: memcached-client
- port: 11211
- targetPort: 11211
- - name: http-metrics
- port: 9150
- targetPort: 9150
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
-
--- HelmRelease: observability/loki Service: observability/loki-write-headless
+++ HelmRelease: observability/loki Service: observability/loki-write-headless
@@ -1,30 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-write-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- appProtocol: tcp
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
-
--- HelmRelease: observability/loki Service: observability/loki-write
+++ HelmRelease: observability/loki Service: observability/loki-write
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
-
--- HelmRelease: observability/loki Deployment: observability/loki-gateway
+++ HelmRelease: observability/loki Deployment: observability/loki-gateway
@@ -7,26 +7,23 @@
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: gateway
spec:
- replicas: 2
+ replicas: 0
strategy:
type: RollingUpdate
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/component: gateway
template:
metadata:
- annotations:
- configmap.reloader.stakater.com/reload: loki-bucket
- secret.reloader.stakater.com/reload: loki-bucket
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/component: gateway
spec:
serviceAccountName: loki
@@ -36,13 +33,13 @@
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101
terminationGracePeriodSeconds: 30
containers:
- name: nginx
- image: ghcr.io/nginxinc/nginx-unprivileged:1.24-alpine
+ image: docker.io/nginxinc/nginx-unprivileged:1.24-alpine
imagePullPolicy: IfNotPresent
ports:
- name: http-metrics
containerPort: 8080
protocol: TCP
readinessProbe:
--- HelmRelease: observability/loki Deployment: observability/loki-read
+++ HelmRelease: observability/loki Deployment: observability/loki-read
@@ -1,106 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/part-of: memberlist
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- replicas: 2
- strategy:
- rollingUpdate:
- maxSurge: 0
- maxUnavailable: 1
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- template:
- metadata:
- annotations:
- configmap.reloader.stakater.com/reload: loki-bucket
- secret.reloader.stakater.com/reload: loki-bucket
- labels:
- app.kubernetes.io/part-of: memberlist
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 30
- containers:
- - name: loki
- image: docker.io/grafana/loki:3.0.0
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=read
- - -legacy-read-mode=false
- - -common.compactor-grpc-address=loki-backend.observability.svc.cluster.local:9095
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: tmp
- mountPath: /tmp
- - name: data
- mountPath: /var/loki
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: read
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: tmp
- emptyDir: {}
- - name: data
- emptyDir: {}
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-backend
+++ HelmRelease: observability/loki StatefulSet: observability/loki-backend
@@ -1,146 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
- app.kubernetes.io/part-of: memberlist
-spec:
- replicas: 2
- podManagementPolicy: Parallel
- updateStrategy:
- rollingUpdate:
- partition: 0
- serviceName: loki-backend-headless
- revisionHistoryLimit: 10
- persistentVolumeClaimRetentionPolicy:
- whenDeleted: Delete
- whenScaled: Delete
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- template:
- metadata:
- annotations:
- configmap.reloader.stakater.com/reload: loki-bucket
- secret.reloader.stakater.com/reload: loki-bucket
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- app.kubernetes.io/part-of: memberlist
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 300
- containers:
- - name: loki-sc-rules
- image: ghcr.io/kiwigrid/k8s-sidecar:1.24.3
- imagePullPolicy: IfNotPresent
- env:
- - name: METHOD
- value: WATCH
- - name: LABEL
- value: loki_rule
- - name: FOLDER
- value: /rules/fake
- - name: RESOURCE
- value: both
- - name: NAMESPACE
- value: ALL
- - name: WATCH_SERVER_TIMEOUT
- value: '60'
- - name: WATCH_CLIENT_TIMEOUT
- value: '60'
- - name: LOG_LEVEL
- value: INFO
- volumeMounts:
- - name: sc-rules-volume
- mountPath: /rules/fake
- - name: loki
- image: docker.io/grafana/loki:3.0.0
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=backend
- - -legacy-read-mode=false
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: tmp
- mountPath: /tmp
- - name: data
- mountPath: /var/loki
- - name: sc-rules-volume
- mountPath: /rules/fake
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: backend
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: tmp
- emptyDir: {}
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
- - name: sc-rules-volume
- emptyDir: {}
- volumeClaimTemplates:
- - apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: data
- spec:
- accessModes:
- - ReadWriteOnce
- storageClassName: openebs-hostpath
- resources:
- requests:
- storage: 20Gi
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-chunks-cache
+++ HelmRelease: observability/loki StatefulSet: observability/loki-chunks-cache
@@ -1,88 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-chunks-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- namespace: observability
-spec:
- podManagementPolicy: Parallel
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- updateStrategy:
- type: RollingUpdate
- serviceName: loki-chunks-cache
- template:
- metadata:
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- annotations: null
- spec:
- serviceAccountName: loki
- securityContext: {}
- initContainers: []
- nodeSelector: {}
- affinity: {}
- topologySpreadConstraints: []
- tolerations: []
- terminationGracePeriodSeconds: 60
- containers:
- - name: memcached
- image: memcached:1.6.23-alpine
- imagePullPolicy: IfNotPresent
- resources:
- limits:
- memory: 9830Mi
- requests:
- cpu: 500m
- memory: 9830Mi
- ports:
- - containerPort: 11211
- name: client
- args:
- - -m 8192
- - --extended=modern,track_sizes
- - -I 5m
- - -c 16384
- - -v
- - -u 11211
- env: null
- envFrom: null
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- - name: exporter
- image: prom/memcached-exporter:v0.14.2
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9150
- name: http-metrics
- args:
- - --memcached.address=localhost:11211
- - --web.listen-address=0.0.0.0:9150
- resources:
- limits: {}
- requests: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-results-cache
+++ HelmRelease: observability/loki StatefulSet: observability/loki-results-cache
@@ -1,88 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-results-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- namespace: observability
-spec:
- podManagementPolicy: Parallel
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- updateStrategy:
- type: RollingUpdate
- serviceName: loki-results-cache
- template:
- metadata:
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- annotations: null
- spec:
- serviceAccountName: loki
- securityContext: {}
- initContainers: []
- nodeSelector: {}
- affinity: {}
- topologySpreadConstraints: []
- tolerations: []
- terminationGracePeriodSeconds: 60
- containers:
- - name: memcached
- image: memcached:1.6.23-alpine
- imagePullPolicy: IfNotPresent
- resources:
- limits:
- memory: 1229Mi
- requests:
- cpu: 500m
- memory: 1229Mi
- ports:
- - containerPort: 11211
- name: client
- args:
- - -m 1024
- - --extended=modern,track_sizes
- - -I 5m
- - -c 16384
- - -v
- - -u 11211
- env: null
- envFrom: null
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- - name: exporter
- image: prom/memcached-exporter:v0.14.2
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9150
- name: http-metrics
- args:
- - --memcached.address=localhost:11211
- - --web.listen-address=0.0.0.0:9150
- resources:
- limits: {}
- requests: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-write
+++ HelmRelease: observability/loki StatefulSet: observability/loki-write
@@ -1,112 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
- app.kubernetes.io/part-of: memberlist
-spec:
- replicas: 2
- podManagementPolicy: Parallel
- updateStrategy:
- rollingUpdate:
- partition: 0
- serviceName: loki-write-headless
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- template:
- metadata:
- annotations:
- configmap.reloader.stakater.com/reload: loki-bucket
- secret.reloader.stakater.com/reload: loki-bucket
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- app.kubernetes.io/part-of: memberlist
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- enableServiceLinks: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 300
- containers:
- - name: loki
- image: docker.io/grafana/loki:3.0.0
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=write
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: data
- mountPath: /var/loki
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: write
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
- volumeClaimTemplates:
- - apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: data
- spec:
- accessModes:
- - ReadWriteOnce
- storageClassName: openebs-hostpath
- resources:
- requests:
- storage: 20Gi
-
--- HelmRelease: observability/loki Ingress: observability/loki-gateway
+++ HelmRelease: observability/loki Ingress: observability/loki-gateway
@@ -1,27 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
- annotations:
- external-dns.alpha.kubernetes.io/target: internal.devbu.io
-spec:
- ingressClassName: internal
- rules:
- - host: loki.devbu.io
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: loki-gateway
- port:
- number: 80
-
--- HelmRelease: observability/loki Service: observability/loki-headless
+++ HelmRelease: observability/loki Service: observability/loki-headless
@@ -0,0 +1,23 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: loki-headless
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+ variant: headless
+ prometheus.io/service-monitor: 'false'
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+
--- HelmRelease: observability/loki Service: observability/loki
+++ HelmRelease: observability/loki Service: observability/loki
@@ -0,0 +1,26 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: loki
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+
--- HelmRelease: observability/loki StatefulSet: observability/loki
+++ HelmRelease: observability/loki StatefulSet: observability/loki
@@ -0,0 +1,116 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: loki
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/component: single-binary
+ app.kubernetes.io/part-of: memberlist
+spec:
+ replicas: 1
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: loki-headless
+ revisionHistoryLimit: 10
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: Delete
+ whenScaled: Delete
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+ app.kubernetes.io/part-of: memberlist
+ spec:
+ serviceAccountName: loki
+ automountServiceAccountToken: true
+ enableServiceLinks: true
+ securityContext:
+ fsGroup: 10001
+ runAsGroup: 10001
+ runAsNonRoot: true
+ runAsUser: 10001
+ terminationGracePeriodSeconds: 30
+ containers:
+ - name: loki
+ image: docker.io/grafana/loki:3.0.0
+ imagePullPolicy: IfNotPresent
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=all
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ readinessProbe:
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 30
+ timeoutSeconds: 1
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: storage
+ mountPath: /var/loki
+ resources: {}
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: single-binary
+ topologyKey: kubernetes.io/hostname
+ volumes:
+ - name: tmp
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: loki
+ items:
+ - key: config.yaml
+ path: config.yaml
+ - name: runtime-config
+ configMap:
+ name: loki-runtime
+ volumeClaimTemplates:
+ - apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: storage
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ storageClassName: openebs-hostpath
+ resources:
+ requests:
+ storage: 50Gi
+
--- HelmRelease: observability/promtail ServiceAccount: observability/promtail
+++ HelmRelease: observability/promtail ServiceAccount: observability/promtail
@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: promtail
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: observability/promtail ClusterRole: observability/promtail
+++ HelmRelease: observability/promtail ClusterRole: observability/promtail
@@ -0,0 +1,23 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: promtail
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+ - ''
+ resources:
+ - nodes
+ - nodes/proxy
+ - services
+ - endpoints
+ - pods
+ verbs:
+ - get
+ - watch
+ - list
+
--- HelmRelease: observability/promtail ClusterRoleBinding: observability/promtail
+++ HelmRelease: observability/promtail ClusterRoleBinding: observability/promtail
@@ -0,0 +1,18 @@
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: promtail
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+subjects:
+- kind: ServiceAccount
+ name: promtail
+ namespace: observability
+roleRef:
+ kind: ClusterRole
+ name: promtail
+ apiGroup: rbac.authorization.k8s.io
+
--- HelmRelease: observability/promtail Service: observability/promtail-metrics
+++ HelmRelease: observability/promtail Service: observability/promtail-metrics
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: promtail-metrics
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3101
+ targetPort: http-metrics
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+
--- HelmRelease: observability/promtail DaemonSet: observability/promtail
+++ HelmRelease: observability/promtail DaemonSet: observability/promtail
@@ -0,0 +1,89 @@
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: promtail
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+spec:
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ updateStrategy: {}
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ spec:
+ serviceAccountName: promtail
+ enableServiceLinks: true
+ securityContext:
+ runAsGroup: 0
+ runAsUser: 0
+ containers:
+ - name: promtail
+ image: docker.io/grafana/promtail:2.9.3
+ imagePullPolicy: IfNotPresent
+ args:
+ - -config.file=/etc/promtail/promtail.yaml
+ volumeMounts:
+ - name: config
+ mountPath: /etc/promtail
+ - mountPath: /run/promtail
+ name: run
+ - mountPath: /var/lib/docker/containers
+ name: containers
+ readOnly: true
+ - mountPath: /var/log/pods
+ name: pods
+ readOnly: true
+ env:
+ - name: HOSTNAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ ports:
+ - name: http-metrics
+ containerPort: 3101
+ protocol: TCP
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ readinessProbe:
+ failureThreshold: 5
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ tolerations:
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/master
+ operator: Exists
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/control-plane
+ operator: Exists
+ volumes:
+ - name: config
+ secret:
+ secretName: promtail
+ - hostPath:
+ path: /run/promtail
+ name: run
+ - hostPath:
+ path: /var/lib/docker/containers
+ name: containers
+ - hostPath:
+ path: /var/log/pods
+ name: pods
+
--- HelmRelease: observability/promtail ServiceMonitor: observability/promtail
+++ HelmRelease: observability/promtail ServiceMonitor: observability/promtail
@@ -0,0 +1,18 @@
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: promtail
+ labels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ app.kubernetes.io/managed-by: Helm
+spec:
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: promtail
+ app.kubernetes.io/instance: promtail
+ endpoints:
+ - port: http-metrics
+ scheme: http
+
TODO: Figure out alerting on logs