Prepare for Antelope branch (#1147)
This change contains a big bump of versions for many components
but some are not fully bumped to the latest which are:
Keycloak (in order to go to 23.X first, then B will go to 24.X)
RabbitMQ (In order to go to 3.11 first, then B will go to 3.12)
OVN (24.03 LTS packages don't exist yet)
Once we merge this, we should run some upgrade tests from the last
branch (in this case, stable/zed) to main before we branch
this out to stable/2023.1.
Closes: #1004
Reviewed-by: Mohammed Naser <mnaser@vexxhost.com>
Reviewed-by: Rico Lin <ricolin@ricolky.com>
diff --git a/charts/loki/Chart.lock b/charts/loki/Chart.lock
index e8c779c..5d6d291 100644
--- a/charts/loki/Chart.lock
+++ b/charts/loki/Chart.lock
@@ -5,5 +5,8 @@
- name: grafana-agent-operator
repository: https://grafana.github.io/helm-charts
version: 0.3.15
-digest: sha256:b7a42cd0e56544f6168a586fde03e26c801bb20cf69bc004a8f6000d93b98100
-generated: "2024-01-27T21:57:28.190462917+05:30"
+- name: rollout-operator
+ repository: https://grafana.github.io/helm-charts
+ version: 0.13.0
+digest: sha256:d0e60c2879039ee5e8b7b10530f0e8790d6d328ee8afca71f01128627e921587
+generated: "2024-04-07T14:12:43.317329844-04:00"
diff --git a/charts/loki/Chart.yaml b/charts/loki/Chart.yaml
index 16de80c..8a57dcd 100644
--- a/charts/loki/Chart.yaml
+++ b/charts/loki/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 2.9.6
+appVersion: 3.0.0
dependencies:
- alias: minio
condition: minio.enabled
@@ -11,6 +11,11 @@
name: grafana-agent-operator
repository: https://grafana.github.io/helm-charts
version: 0.3.15
+- alias: rollout_operator
+ condition: rollout_operator.enabled
+ name: rollout-operator
+ repository: https://grafana.github.io/helm-charts
+ version: 0.13.0
description: Helm chart for Grafana Loki in simple, scalable mode
home: https://grafana.github.io/helm-charts
icon: https://grafana.com/docs/loki/latest/logo_and_name.png
@@ -23,4 +28,4 @@
- https://grafana.com/oss/loki/
- https://grafana.com/docs/loki/latest/
type: application
-version: 5.47.2
+version: 6.3.3
diff --git a/charts/loki/README.md b/charts/loki/README.md
index 942498d..b9ce794 100644
--- a/charts/loki/README.md
+++ b/charts/loki/README.md
@@ -1,6 +1,6 @@
# loki
-  
+  
Helm chart for Grafana Loki in simple, scalable mode
@@ -16,5 +16,6 @@
|------------|------|---------|
| https://charts.min.io/ | minio(minio) | 4.0.15 |
| https://grafana.github.io/helm-charts | grafana-agent-operator(grafana-agent-operator) | 0.3.15 |
+| https://grafana.github.io/helm-charts | rollout_operator(rollout-operator) | 0.13.0 |
Find more information in the Loki Helm Chart [documentation](https://grafana.com/docs/loki/next/installation/helm).
diff --git a/charts/loki/charts/rollout-operator/.helmignore b/charts/loki/charts/rollout-operator/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/loki/charts/rollout-operator/Chart.yaml b/charts/loki/charts/rollout-operator/Chart.yaml
new file mode 100644
index 0000000..444204d
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/Chart.yaml
@@ -0,0 +1,8 @@
+apiVersion: v2
+appVersion: v0.11.0
+description: Grafana rollout-operator
+home: https://github.com/grafana/rollout-operator
+kubeVersion: ^1.10.0-0
+name: rollout-operator
+type: application
+version: 0.13.0
diff --git a/charts/loki/charts/rollout-operator/README.md b/charts/loki/charts/rollout-operator/README.md
new file mode 100644
index 0000000..3efeb2f
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/README.md
@@ -0,0 +1,71 @@
+# Grafana rollout-operator Helm Chart
+
+Helm chart for deploying [Grafana rollout-operator](https://github.com/grafana/rollout-operator) to Kubernetes.
+
+# rollout-operator
+
+  
+
+Grafana rollout-operator
+
+## Requirements
+
+Kubernetes: `^1.10.0-0`
+
+## Installation
+
+This section describes various use cases for installation, upgrade and migration from different systems and versions.
+
+### Preparation
+
+These are the common tasks to perform before any of the use cases.
+
+```bash
+# Add the repository
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo update
+```
+
+### Installation of Grafana Rollout Operator
+
+```bash
+helm install -n <namespace> <release> grafana/rollout-operator
+```
+
+The Grafana rollout-operator should be installed in the same namespace as the statefulsets it is operating upon.
+It is not a highly available application and runs as a single pod.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | |
+| fullnameOverride | string | `""` | |
+| hostAliases | list | `[]` | hostAliases to add |
+| image.pullPolicy | string | `"IfNotPresent"` | |
+| image.repository | string | `"grafana/rollout-operator"` | |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` | |
+| minReadySeconds | int | `10` | |
+| nameOverride | string | `""` | |
+| nodeSelector | object | `{}` | |
+| podAnnotations | object | `{}` | Pod Annotations |
+| podLabels | object | `{}` | Pod (extra) Labels |
+| podSecurityContext | object | `{}` | |
+| priorityClassName | string | `""` | |
+| resources.limits.memory | string | `"200Mi"` | |
+| resources.requests.cpu | string | `"100m"` | |
+| resources.requests.memory | string | `"100Mi"` | |
+| securityContext | object | `{}` | |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| serviceMonitor.annotations | object | `{}` | ServiceMonitor annotations |
+| serviceMonitor.enabled | bool | `false` | Create ServiceMonitor to scrape metrics for Prometheus |
+| serviceMonitor.interval | string | `nil` | ServiceMonitor scrape interval |
+| serviceMonitor.labels | object | `{}` | Additional ServiceMonitor labels |
+| serviceMonitor.namespace | string | `nil` | Alternative namespace for ServiceMonitor resources |
+| serviceMonitor.namespaceSelector | object | `{}` | Namespace selector for ServiceMonitor resources |
+| serviceMonitor.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig |
+| serviceMonitor.scrapeTimeout | string | `nil` | ServiceMonitor scrape timeout in Go duration format (e.g. 15s) |
+| tolerations | list | `[]` | |
diff --git a/charts/loki/charts/rollout-operator/README.md.gotmpl b/charts/loki/charts/rollout-operator/README.md.gotmpl
new file mode 100644
index 0000000..0ac2d47
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/README.md.gotmpl
@@ -0,0 +1,38 @@
+# Grafana rollout-operator Helm Chart
+
+Helm chart for deploying [Grafana rollout-operator]({{ template "chart.homepage" . }}) to Kubernetes.
+
+{{ template "chart.header" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+## Installation
+
+This section describes various use cases for installation, upgrade and migration from different systems and versions.
+
+### Preparation
+
+These are the common tasks to perform before any of the use cases.
+
+```bash
+# Add the repository
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo update
+```
+
+### Installation of Grafana Rollout Operator
+
+```bash
+helm install -n <namespace> <release> grafana/rollout-operator
+```
+
+The Grafana rollout-operator should be installed in the same namespace as the statefulsets it is operating upon.
+It is not a highly available application and runs as a single pod.
+
+{{ template "chart.valuesSection" . }}
diff --git a/charts/loki/charts/rollout-operator/templates/NOTES.txt b/charts/loki/charts/rollout-operator/templates/NOTES.txt
new file mode 100644
index 0000000..a76e5ba
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/NOTES.txt
@@ -0,0 +1,10 @@
+Repo : {{ .Chart.Home }}
+
+Validation:
+
+Check the logs of the pod and ensure messages for reconcilliation of the statefulsets are present.
+```
+kubectl logs -n {{ .Release.Namespace }} -l {{ include "cli.labels" . }}
+```
+Example log line:
+level=debug ts=2022-04-20T13:59:52.783051541Z msg="reconciling StatefulSet" statefulset=mimir-store-gateway-zone-a
diff --git a/charts/loki/charts/rollout-operator/templates/_helpers.tpl b/charts/loki/charts/rollout-operator/templates/_helpers.tpl
new file mode 100644
index 0000000..bf3553a
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/_helpers.tpl
@@ -0,0 +1,79 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "rollout-operator.name" -}}
+{{- default (include "rollout-operator.chartName" .) .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "rollout-operator.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default (include "rollout-operator.chartName" .) .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Recalculate the chart name, because it may be sub-chart included as rollout_operator,
+and _ is not valid in resource names.
+*/}}
+{{- define "rollout-operator.chartName" -}}
+{{- print .Chart.Name | replace "_" "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "rollout-operator.chart" -}}
+{{- printf "%s-%s" (include "rollout-operator.chartName" .) .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "rollout-operator.labels" -}}
+helm.sh/chart: {{ include "rollout-operator.chart" . }}
+{{ include "rollout-operator.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "rollout-operator.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "rollout-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "rollout-operator.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "rollout-operator.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+
+{{- define "cli.labels" -}}
+{{- $list := list -}}
+{{- range $k, $v := ( include "rollout-operator.selectorLabels" . | fromYaml ) -}}
+{{- $list = append $list (printf "%s=%s" $k $v) -}}
+{{- end -}}
+{{ join "," $list }}
+{{- end -}}
diff --git a/charts/loki/charts/rollout-operator/templates/deployment.yaml b/charts/loki/charts/rollout-operator/templates/deployment.yaml
new file mode 100644
index 0000000..d35b866
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/deployment.yaml
@@ -0,0 +1,74 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "rollout-operator.fullname" . }}
+ labels:
+ {{- include "rollout-operator.labels" . | nindent 4 }}
+spec:
+ replicas: 1
+ minReadySeconds: {{ .Values.minReadySeconds }}
+ selector:
+ matchLabels:
+ {{- include "rollout-operator.selectorLabels" . | nindent 6 }}
+ strategy:
+ rollingUpdate:
+ maxSurge: 0
+ maxUnavailable: 1
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "rollout-operator.selectorLabels" . | nindent 8 }}
+ {{- with .Values.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- with .Values.priorityClassName }}
+ priorityClassName: {{ . }}
+ {{- end }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "rollout-operator.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ containers:
+ - name: rollout-operator
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ args:
+ - -kubernetes.namespace={{ .Release.Namespace }}
+ ports:
+ - name: http-metrics
+ containerPort: 8001
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 5
+ timeoutSeconds: 1
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
diff --git a/charts/loki/charts/rollout-operator/templates/role.yaml b/charts/loki/charts/rollout-operator/templates/role.yaml
new file mode 100644
index 0000000..210c456
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/role.yaml
@@ -0,0 +1,28 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: {{ include "rollout-operator.fullname" . }}
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - list
+ - get
+ - watch
+ - delete
+- apiGroups:
+ - apps
+ resources:
+ - statefulsets
+ verbs:
+ - list
+ - get
+ - watch
+- apiGroups:
+ - apps
+ resources:
+ - statefulsets/status
+ verbs:
+ - update
diff --git a/charts/loki/charts/rollout-operator/templates/rolebinding.yaml b/charts/loki/charts/rollout-operator/templates/rolebinding.yaml
new file mode 100644
index 0000000..24fcd72
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/rolebinding.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: {{ include "rollout-operator.fullname" . }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: {{ include "rollout-operator.fullname" . }}
+subjects:
+- kind: ServiceAccount
+ name: {{ include "rollout-operator.serviceAccountName" . }}
diff --git a/charts/loki/charts/rollout-operator/templates/service.yaml b/charts/loki/charts/rollout-operator/templates/service.yaml
new file mode 100644
index 0000000..60ce5b1
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/service.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.serviceMonitor.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "rollout-operator.fullname" . }}
+ labels:
+ {{- include "rollout-operator.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: 8001
+ targetPort: http-metrics
+ protocol: TCP
+ name: http-metrics
+ selector:
+ {{- include "rollout-operator.selectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/charts/rollout-operator/templates/serviceaccount.yaml b/charts/loki/charts/rollout-operator/templates/serviceaccount.yaml
new file mode 100644
index 0000000..37698a4
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "rollout-operator.serviceAccountName" . }}
+ labels:
+ {{- include "rollout-operator.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/charts/rollout-operator/templates/servicemonitor.yaml b/charts/loki/charts/rollout-operator/templates/servicemonitor.yaml
new file mode 100644
index 0000000..7810843
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/templates/servicemonitor.yaml
@@ -0,0 +1,36 @@
+{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ include "rollout-operator.fullname" . }}
+ {{- with .Values.serviceMonitor.namespace }}
+ namespace: {{ . }}
+ {{- end }}
+ labels:
+ {{- include "rollout-operator.labels" . | nindent 4 }}
+ {{- with .Values.serviceMonitor.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- with .Values.serviceMonitor.namespaceSelector }}
+ namespaceSelector:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "rollout-operator.selectorLabels" . | nindent 6 }}
+ endpoints:
+ - port: http-metrics
+ {{- with .Values.serviceMonitor.interval }}
+ interval: {{ . }}
+ {{- end }}
+ {{- with .Values.serviceMonitor.scrapeTimeout }}
+ scrapeTimeout: {{ . }}
+ {{- end }}
+ relabelings:
+ {{- with .Values.serviceMonitor.relabelings }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ scheme: http
+{{- end -}}
diff --git a/charts/loki/charts/rollout-operator/values.yaml b/charts/loki/charts/rollout-operator/values.yaml
new file mode 100644
index 0000000..66f9486
--- /dev/null
+++ b/charts/loki/charts/rollout-operator/values.yaml
@@ -0,0 +1,83 @@
+# Default values for rollout-operator.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+ repository: grafana/rollout-operator
+ pullPolicy: IfNotPresent
+ # -- Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+imagePullSecrets: []
+
+# -- hostAliases to add
+hostAliases: []
+# - ip: 1.2.3.4
+# hostnames:
+# - domain.tld
+
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # -- Specifies whether a service account should be created
+ create: true
+ # -- Annotations to add to the service account
+ annotations: {}
+ # -- The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+# -- Pod Annotations
+podAnnotations: {}
+
+# -- Pod (extra) Labels
+podLabels: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+resources:
+ limits:
+ # cpu: "1"
+ memory: 200Mi
+ requests:
+ cpu: 100m
+ memory: 100Mi
+
+minReadySeconds: 10
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+priorityClassName: ""
+
+serviceMonitor:
+ # -- Create ServiceMonitor to scrape metrics for Prometheus
+ enabled: false
+ # -- Alternative namespace for ServiceMonitor resources
+ namespace: null
+ # -- Namespace selector for ServiceMonitor resources
+ namespaceSelector: {}
+ # -- ServiceMonitor annotations
+ annotations: {}
+ # -- Additional ServiceMonitor labels
+ labels: {}
+ # -- ServiceMonitor scrape interval
+ interval: null
+ # -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
+ scrapeTimeout: null
+ # -- ServiceMonitor relabel configs to apply to samples before scraping
+ # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
+ relabelings: []
diff --git a/charts/loki/distributed-values.yaml b/charts/loki/distributed-values.yaml
new file mode 100644
index 0000000..0016b72
--- /dev/null
+++ b/charts/loki/distributed-values.yaml
@@ -0,0 +1,70 @@
+---
+loki:
+ schemaConfig:
+ configs:
+ - from: 2024-04-01
+ store: tsdb
+ object_store: s3
+ schema: v13
+ index:
+ prefix: loki_index_
+ period: 24h
+ ingester:
+ chunk_encoding: snappy
+ tracing:
+ enabled: true
+ querier:
+ # Default is 4, if you have enough memory and CPU you can increase, reduce if OOMing
+ max_concurrent: 4
+
+#gateway:
+# ingress:
+# enabled: true
+# hosts:
+# - host: FIXME
+# paths:
+# - path: /
+# pathType: Prefix
+
+deploymentMode: Distributed
+
+ingester:
+ replicas: 3
+querier:
+ replicas: 3
+ maxUnavailable: 2
+queryFrontend:
+ replicas: 2
+ maxUnavailable: 1
+queryScheduler:
+ replicas: 2
+distributor:
+ replicas: 3
+ maxUnavailable: 2
+compactor:
+ replicas: 1
+indexGateway:
+ replicas: 2
+ maxUnavailable: 1
+
+bloomCompactor:
+ replicas: 0
+bloomGateway:
+ replicas: 0
+
+# Enable minio for storage
+minio:
+ enabled: true
+
+# Zero out replica counts of other deployment modes
+backend:
+ replicas: 0
+read:
+ replicas: 0
+write:
+ replicas: 0
+
+singleBinary:
+ replicas: 0
+
+
diff --git a/charts/loki/simple-scalable-values.yaml b/charts/loki/simple-scalable-values.yaml
new file mode 100644
index 0000000..78132b6
--- /dev/null
+++ b/charts/loki/simple-scalable-values.yaml
@@ -0,0 +1,63 @@
+---
+loki:
+ schemaConfig:
+ configs:
+ - from: 2024-04-01
+ store: tsdb
+ object_store: s3
+ schema: v13
+ index:
+ prefix: loki_index_
+ period: 24h
+ ingester:
+ chunk_encoding: snappy
+ tracing:
+ enabled: true
+ querier:
+ # Default is 4, if you have enough memory and CPU you can increase, reduce if OOMing
+ max_concurrent: 4
+
+#gateway:
+# ingress:
+# enabled: true
+# hosts:
+# - host: FIXME
+# paths:
+# - path: /
+# pathType: Prefix
+
+deploymentMode: SimpleScalable
+
+backend:
+ replicas: 3
+read:
+ replicas: 3
+write:
+ replicas: 3
+
+# Enable minio for storage
+minio:
+ enabled: true
+
+# Zero out replica counts of other deployment modes
+singleBinary:
+ replicas: 0
+
+ingester:
+ replicas: 0
+querier:
+ replicas: 0
+queryFrontend:
+ replicas: 0
+queryScheduler:
+ replicas: 0
+distributor:
+ replicas: 0
+compactor:
+ replicas: 0
+indexGateway:
+ replicas: 0
+bloomCompactor:
+ replicas: 0
+bloomGateway:
+ replicas: 0
diff --git a/charts/loki/single-binary-values.yaml b/charts/loki/single-binary-values.yaml
new file mode 100644
index 0000000..584f0fb
--- /dev/null
+++ b/charts/loki/single-binary-values.yaml
@@ -0,0 +1,79 @@
+---
+loki:
+ commonConfig:
+ replication_factor: 1
+ schemaConfig:
+ configs:
+ - from: 2024-04-01
+ store: tsdb
+ object_store: s3
+ schema: v13
+ index:
+ prefix: loki_index_
+ period: 24h
+ ingester:
+ chunk_encoding: snappy
+ tracing:
+ enabled: true
+ querier:
+ # Default is 4, if you have enough memory and CPU you can increase, reduce if OOMing
+ max_concurrent: 2
+
+#gateway:
+# ingress:
+# enabled: true
+# hosts:
+# - host: FIXME
+# paths:
+# - path: /
+# pathType: Prefix
+
+deploymentMode: SingleBinary
+singleBinary:
+ replicas: 1
+ resources:
+ limits:
+ cpu: 3
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ extraEnv:
+ # Keep a little bit lower than memory limits
+ - name: GOMEMLIMIT
+ value: 3750MiB
+
+chunksCache:
+ # default is 500MB, with limited memory keep this smaller
+ writebackSizeLimit: 10MB
+
+# Enable minio for storage
+minio:
+ enabled: true
+
+# Zero out replica counts of other deployment modes
+backend:
+ replicas: 0
+read:
+ replicas: 0
+write:
+ replicas: 0
+
+ingester:
+ replicas: 0
+querier:
+ replicas: 0
+queryFrontend:
+ replicas: 0
+queryScheduler:
+ replicas: 0
+distributor:
+ replicas: 0
+compactor:
+ replicas: 0
+indexGateway:
+ replicas: 0
+bloomCompactor:
+ replicas: 0
+bloomGateway:
+ replicas: 0
diff --git a/charts/loki/src/helm-test/Dockerfile b/charts/loki/src/helm-test/Dockerfile
index cf4420a..48ff7e8 100644
--- a/charts/loki/src/helm-test/Dockerfile
+++ b/charts/loki/src/helm-test/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.21.3 as build
+FROM golang:1.22.2 as build
# build via Makefile target helm-test-image in root
# Makefile. Building from this directory will not be
diff --git a/charts/loki/src/helm-test/canary_test.go b/charts/loki/src/helm-test/canary_test.go
index 24e9d6d..002cae4 100644
--- a/charts/loki/src/helm-test/canary_test.go
+++ b/charts/loki/src/helm-test/canary_test.go
@@ -7,19 +7,41 @@
"context"
"errors"
"fmt"
+ "io"
+ "net/http"
"os"
"testing"
"time"
"github.com/prometheus/client_golang/api"
v1 "github.com/prometheus/client_golang/api/prometheus/v1"
+ promConfig "github.com/prometheus/common/config"
"github.com/prometheus/common/model"
+ "github.com/prometheus/prometheus/model/labels"
+ "github.com/prometheus/prometheus/model/textparse"
"github.com/stretchr/testify/require"
)
+type testResultFunc func(t *testing.T, ctx context.Context, metric string, test func(model.SampleValue) bool, msg string) error
+
func TestCanary(t *testing.T) {
- totalEntriesQuery := "sum(loki_canary_entries_total)"
- totalEntriesMissingQuery := "sum(loki_canary_missing_entries_total)"
+
+ var testResult testResultFunc
+
+ // Default to directly querying a canary and looking for specific metrics.
+ testResult = testResultCanary
+ totalEntries := "loki_canary_entries_total"
+ totalEntriesMissing := "loki_canary_missing_entries_total"
+
+ // For backwards compatibility and also for anyone who wants to validate with prometheus instead of querying
+ // a canary directly, if the CANARY_PROMETHEUS_ADDRESS is specified we will use prometheus to validate.
+ address := os.Getenv("CANARY_PROMETHEUS_ADDRESS")
+ if address != "" {
+ testResult = testResultPrometheus
+ // Use the sum function to aggregate the results from multiple canaries.
+ totalEntries = "sum(loki_canary_entries_total)"
+ totalEntriesMissing = "sum(loki_canary_missing_entries_total)"
+ }
timeout := getEnv("CANARY_TEST_TIMEOUT", "1m")
timeoutDuration, err := time.ParseDuration(timeout)
@@ -32,30 +54,18 @@
})
t.Run("Canary should have entries", func(t *testing.T) {
- client := newClient(t)
-
eventually(t, func() error {
- result, _, err := client.Query(ctx, totalEntriesQuery, time.Now(), v1.WithTimeout(timeoutDuration))
- if err != nil {
- return err
- }
- return testResult(t, result, totalEntriesQuery, func(v model.SampleValue) bool {
+ return testResult(t, ctx, totalEntries, func(v model.SampleValue) bool {
return v > 0
- }, fmt.Sprintf("Expected %s to be greater than 0", totalEntriesQuery))
+ }, fmt.Sprintf("Expected %s to be greater than 0", totalEntries))
}, timeoutDuration, "Expected Loki Canary to have entries")
})
t.Run("Canary should not have missed any entries", func(t *testing.T) {
- client := newClient(t)
-
eventually(t, func() error {
- result, _, err := client.Query(ctx, totalEntriesMissingQuery, time.Now(), v1.WithTimeout(timeoutDuration))
- if err != nil {
- return err
- }
- return testResult(t, result, totalEntriesMissingQuery, func(v model.SampleValue) bool {
+ return testResult(t, ctx, totalEntriesMissing, func(v model.SampleValue) bool {
return v == 0
- }, fmt.Sprintf("Expected %s to equal 0", totalEntriesMissingQuery))
+ }, fmt.Sprintf("Expected %s to equal 0", totalEntriesMissing))
}, timeoutDuration, "Expected Loki Canary to not have any missing entries")
})
}
@@ -67,7 +77,13 @@
return fallback
}
-func testResult(t *testing.T, result model.Value, query string, test func(model.SampleValue) bool, msg string) error {
+func testResultPrometheus(t *testing.T, ctx context.Context, query string, test func(model.SampleValue) bool, msg string) error {
+ // TODO (ewelch): if we did a lot of these, we'd want to reuse the client but right now we only run a couple tests
+ client := newClient(t)
+ result, _, err := client.Query(ctx, query, time.Now())
+ if err != nil {
+ return err
+ }
if v, ok := result.(model.Vector); ok {
for _, s := range v {
t.Logf("%s => %v\n", query, s.Value)
@@ -75,7 +91,6 @@
return errors.New(msg)
}
}
-
return nil
}
@@ -94,6 +109,64 @@
return v1.NewAPI(client)
}
+func testResultCanary(t *testing.T, ctx context.Context, metric string, test func(model.SampleValue) bool, msg string) error {
+ address := os.Getenv("CANARY_SERVICE_ADDRESS")
+ require.NotEmpty(t, address, "CANARY_SERVICE_ADDRESS must be set to a valid kubernetes service for the Loki canaries")
+
+ // TODO (ewelch): if we did a lot of these, we'd want to reuse the client but right now we only run a couple tests
+ client, err := promConfig.NewClientFromConfig(promConfig.HTTPClientConfig{}, "canary-test")
+ require.NoError(t, err, "Failed to create Prometheus client")
+
+ req, err := http.NewRequestWithContext(ctx, http.MethodGet, address, nil)
+ require.NoError(t, err, "Failed to create request")
+
+ rsp, err := client.Do(req)
+ if rsp != nil {
+ defer rsp.Body.Close()
+ }
+ require.NoError(t, err, "Failed to scrape metrics")
+
+ body, err := io.ReadAll(rsp.Body)
+ require.NoError(t, err, "Failed to read response body")
+
+ p, err := textparse.New(body, rsp.Header.Get("Content-Type"), true, nil)
+ require.NoError(t, err, "Failed to create Prometheus parser")
+
+ for {
+ e, err := p.Next()
+ if err == io.EOF {
+ return errors.New("metric not found")
+ }
+
+ if e != textparse.EntrySeries {
+ continue
+ }
+
+ l := labels.Labels{}
+ p.Metric(&l)
+
+ // Currently we aren't validating any labels, just the metric name, however this could be extended to do so.
+ name := l.Get(model.MetricNameLabel)
+ if name != metric {
+ continue
+ }
+
+ _, _, val := p.Series()
+ t.Logf("%s => %v\n", metric, val)
+
+ // Note: SampleValue has functions for comparing the equality of two floats which is
+ // why we convert this back to a SampleValue here for easier use intests.
+ if !test(model.SampleValue(val)) {
+ return errors.New(msg)
+ }
+
+ // Returning here will only validate that one series was found matching the label name that met the condition
+ // it could be possible since we don't validate the rest of the labels that there is mulitple series
+ // but currently this meets the spirit of the test.
+ return nil
+ }
+}
+
func eventually(t *testing.T, test func() error, timeoutDuration time.Duration, msg string) {
require.Eventually(t, func() bool {
queryError := test()
diff --git a/charts/loki/templates/NOTES.txt b/charts/loki/templates/NOTES.txt
index ad192e7..6551a42 100644
--- a/charts/loki/templates/NOTES.txt
+++ b/charts/loki/templates/NOTES.txt
@@ -17,9 +17,20 @@
{{- if .Values.minio.enabled }}
* minio
{{- end }}
+{{- if eq (include "loki.deployment.isScalable" .) "true" }}
* read
* write
{{- if not .Values.read.legacyReadTarget }}
* backend
{{- end }}
+{{- else }}
+* compactor
+* index gateway
+* query scheduler
+* ruler
+* distributor
+* ingester
+* querier
+* query frontend
+{{- end }}
{{- end }}
diff --git a/charts/loki/templates/_helpers.tpl b/charts/loki/templates/_helpers.tpl
index 14fe800..2a1014d 100644
--- a/charts/loki/templates/_helpers.tpl
+++ b/charts/loki/templates/_helpers.tpl
@@ -50,18 +50,25 @@
Return if deployment mode is simple scalable
*/}}
{{- define "loki.deployment.isScalable" -}}
- {{- and (eq (include "loki.isUsingObjectStorage" . ) "true") (eq (int .Values.singleBinary.replicas) 0) }}
+ {{- and (eq (include "loki.isUsingObjectStorage" . ) "true") (or (eq .Values.deploymentMode "SingleBinary<->SimpleScalable") (eq .Values.deploymentMode "SimpleScalable") (eq .Values.deploymentMode "SimpleScalable<->Distributed")) }}
{{- end -}}
{{/*
Return if deployment mode is single binary
*/}}
{{- define "loki.deployment.isSingleBinary" -}}
- {{- $nonZeroReplicas := gt (int .Values.singleBinary.replicas) 0 }}
- {{- or (eq (include "loki.isUsingObjectStorage" . ) "false") ($nonZeroReplicas) }}
+ {{- or (eq .Values.deploymentMode "SingleBinary") (eq .Values.deploymentMode "SingleBinary<->SimpleScalable") }}
{{- end -}}
{{/*
+Return if deployment mode is distributed
+*/}}
+{{- define "loki.deployment.isDistributed" -}}
+ {{- and (eq (include "loki.isUsingObjectStorage" . ) "true") (or (eq .Values.deploymentMode "Distributed") (eq .Values.deploymentMode "SimpleScalable<->Distributed")) }}
+{{- end -}}
+
+
+{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
@@ -201,7 +208,7 @@
{{- if .Values.minio.enabled -}}
s3:
endpoint: {{ include "loki.minio" $ }}
- bucketnames: {{ $.Values.loki.storage.bucketNames.chunks }}
+ bucketnames: chunks
secret_access_key: {{ $.Values.minio.rootPassword }}
access_key_id: {{ $.Values.minio.rootUser }}
s3forcepathstyle: true
@@ -339,7 +346,7 @@
{{- if .Values.minio.enabled -}}
type: "s3"
s3:
- bucketnames: {{ $.Values.loki.storage.bucketNames.ruler }}
+ bucketnames: ruler
{{- else if eq .Values.loki.storage.type "s3" -}}
{{- with .Values.loki.storage.s3 }}
type: "s3"
@@ -448,7 +455,7 @@
{{- end }}
{{/*
-Calculate the config from structured and unstructred text input
+Calculate the config from structured and unstructured text input
*/}}
{{- define "loki.calculatedConfig" -}}
{{ tpl (mergeOverwrite (tpl .Values.loki.config . | fromYaml) .Values.loki.structuredConfig | toYaml) . }}
@@ -460,10 +467,10 @@
{{- define "loki.configVolume" -}}
{{- if eq .Values.loki.configStorageType "Secret" -}}
secret:
- secretName: {{ tpl .Values.loki.externalConfigSecretName . }}
-{{- else if eq .Values.loki.configStorageType "ConfigMap" -}}
+ secretName: {{ tpl .Values.loki.configObjectName . }}
+{{- else -}}
configMap:
- name: {{ tpl .Values.loki.externalConfigSecretName . }}
+ name: {{ tpl .Values.loki.configObjectName . }}
items:
- key: "config.yaml"
path: "config.yaml"
@@ -594,7 +601,7 @@
*/}}
{{- define "loki.minio" -}}
{{- if .Values.minio.enabled -}}
-{{- printf "%s-%s.%s.svc:%s" .Release.Name "minio" .Release.Namespace (.Values.minio.service.port | toString) -}}
+{{- .Values.minio.address | default (printf "%s-%s.%s.svc:%s" .Release.Name "minio" .Release.Namespace (.Values.minio.service.port | toString)) -}}
{{- end -}}
{{- end -}}
@@ -697,10 +704,17 @@
{{- end }}
server {
+ {{- if (.Values.gateway.nginxConfig.ssl) }}
+ listen 8080 ssl;
+ {{- if .Values.gateway.nginxConfig.enableIPv6 }}
+ listen [::]:8080 ssl;
+ {{- end }}
+ {{- else }}
listen 8080;
{{- if .Values.gateway.nginxConfig.enableIPv6 }}
listen [::]:8080;
{{- end }}
+ {{- end }}
{{- if .Values.gateway.basicAuth.enabled }}
auth_basic "Loki";
@@ -712,6 +726,9 @@
auth_basic off;
}
+ ########################################################
+ # Configure backend targets
+
{{- $backendHost := include "loki.backendFullname" .}}
{{- $readHost := include "loki.readFullname" .}}
{{- $writeHost := include "loki.writeFullname" .}}
@@ -720,15 +737,11 @@
{{- $backendHost = include "loki.readFullname" . }}
{{- end }}
- {{- if gt (int .Values.singleBinary.replicas) 0 }}
- {{- $backendHost = include "loki.singleBinaryFullname" . }}
- {{- $readHost = include "loki.singleBinaryFullname" .}}
- {{- $writeHost = include "loki.singleBinaryFullname" .}}
- {{- end }}
+ {{- $httpSchema := .Values.gateway.nginxConfig.schema }}
- {{- $writeUrl := printf "http://%s.%s.svc.%s:%s" $writeHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
- {{- $readUrl := printf "http://%s.%s.svc.%s:%s" $readHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
- {{- $backendUrl := printf "http://%s.%s.svc.%s:%s" $backendHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $writeUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $writeHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $readUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $readHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $backendUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $backendHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
{{- if .Values.gateway.nginxConfig.customWriteUrl }}
{{- $writeUrl = .Values.gateway.nginxConfig.customWriteUrl }}
@@ -740,24 +753,61 @@
{{- $backendUrl = .Values.gateway.nginxConfig.customBackendUrl }}
{{- end }}
+ {{- $singleBinaryHost := include "loki.singleBinaryFullname" . }}
+ {{- $singleBinaryUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $singleBinaryHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+
+ {{- $distributorHost := include "loki.distributorFullname" .}}
+ {{- $ingesterHost := include "loki.ingesterFullname" .}}
+ {{- $queryFrontendHost := include "loki.queryFrontendFullname" .}}
+ {{- $indexGatewayHost := include "loki.indexGatewayFullname" .}}
+ {{- $rulerHost := include "loki.rulerFullname" .}}
+ {{- $compactorHost := include "loki.compactorFullname" .}}
+ {{- $schedulerHost := include "loki.querySchedulerFullname" .}}
+
+
+ {{- $distributorUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $distributorHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) -}}
+ {{- $ingesterUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $ingesterHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $queryFrontendUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $queryFrontendHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $indexGatewayUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $indexGatewayHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $rulerUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $rulerHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $compactorUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $compactorHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+ {{- $schedulerUrl := printf "%s://%s.%s.svc.%s:%s" $httpSchema $schedulerHost .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.http_listen_port | toString) }}
+
+ {{- if eq (include "loki.deployment.isSingleBinary" .) "true"}}
+ {{- $distributorUrl = $singleBinaryUrl }}
+ {{- $ingesterUrl = $singleBinaryUrl }}
+ {{- $queryFrontendUrl = $singleBinaryUrl }}
+ {{- $indexGatewayUrl = $singleBinaryUrl }}
+ {{- $rulerUrl = $singleBinaryUrl }}
+ {{- $compactorUrl = $singleBinaryUrl }}
+ {{- $schedulerUrl = $singleBinaryUrl }}
+ {{- else if eq (include "loki.deployment.isScalable" .) "true"}}
+ {{- $distributorUrl = $writeUrl }}
+ {{- $ingesterUrl = $writeUrl }}
+ {{- $queryFrontendUrl = $readUrl }}
+ {{- $indexGatewayUrl = $backendUrl }}
+ {{- $rulerUrl = $backendUrl }}
+ {{- $compactorUrl = $backendUrl }}
+ {{- $schedulerUrl = $backendUrl }}
+ {{- end -}}
# Distributor
location = /api/prom/push {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $distributorUrl }}$request_uri;
}
location = /loki/api/v1/push {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $distributorUrl }}$request_uri;
}
location = /distributor/ring {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $distributorUrl }}$request_uri;
}
# Ingester
location = /flush {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $ingesterUrl }}$request_uri;
}
location ^~ /ingester/ {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $ingesterUrl }}$request_uri;
}
location = /ingester {
internal; # to suppress 301
@@ -765,62 +815,61 @@
# Ring
location = /ring {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $ingesterUrl }}$request_uri;
}
# MemberListKV
location = /memberlist {
- proxy_pass {{ $writeUrl }}$request_uri;
+ proxy_pass {{ $ingesterUrl }}$request_uri;
}
-
# Ruler
location = /ruler/ring {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location = /api/prom/rules {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location ^~ /api/prom/rules/ {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location = /loki/api/v1/rules {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location ^~ /loki/api/v1/rules/ {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location = /prometheus/api/v1/alerts {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
location = /prometheus/api/v1/rules {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $rulerUrl }}$request_uri;
}
# Compactor
location = /compactor/ring {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $compactorUrl }}$request_uri;
}
location = /loki/api/v1/delete {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $compactorUrl }}$request_uri;
}
location = /loki/api/v1/cache/generation_numbers {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $compactorUrl }}$request_uri;
}
# IndexGateway
location = /indexgateway/ring {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $indexGatewayUrl }}$request_uri;
}
# QueryScheduler
location = /scheduler/ring {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $schedulerUrl }}$request_uri;
}
# Config
location = /config {
- proxy_pass {{ $backendUrl }}$request_uri;
+ proxy_pass {{ $ingesterUrl }}$request_uri;
}
{{- if and .Values.enterprise.enabled .Values.enterprise.adminApi.enabled }}
@@ -836,29 +885,28 @@
# QueryFrontend, Querier
location = /api/prom/tail {
- proxy_pass {{ $readUrl }}$request_uri;
+ proxy_pass {{ $queryFrontendUrl }}$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location = /loki/api/v1/tail {
- proxy_pass {{ $readUrl }}$request_uri;
+ proxy_pass {{ $queryFrontendUrl }}$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location ^~ /api/prom/ {
- proxy_pass {{ $readUrl }}$request_uri;
+ proxy_pass {{ $queryFrontendUrl }}$request_uri;
}
location = /api/prom {
internal; # to suppress 301
}
location ^~ /loki/api/v1/ {
- proxy_pass {{ $readUrl }}$request_uri;
+ proxy_pass {{ $queryFrontendUrl }}$request_uri;
}
location = /loki/api/v1 {
internal; # to suppress 301
}
-
{{- with .Values.gateway.nginxConfig.serverSnippet }}
{{ . | nindent 4 }}
{{- end }}
@@ -893,10 +941,61 @@
{{/* Determine query-scheduler address */}}
{{- define "loki.querySchedulerAddress" -}}
-{{- $isSimpleScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
{{- $schedulerAddress := ""}}
-{{- if and $isSimpleScalable (not .Values.read.legacyReadTarget ) -}}
-{{- $schedulerAddress = printf "query-scheduler-discovery.%s.svc.%s.:%s" .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.grpc_listen_port | toString) -}}
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+{{- $schedulerAddress = printf "%s.%s.svc.%s:%s" (include "loki.querySchedulerFullname" .) .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.grpc_listen_port | toString) -}}
{{- end -}}
{{- printf "%s" $schedulerAddress }}
{{- end }}
+
+{{/* Determine querier address */}}
+{{- define "loki.querierAddress" -}}
+{{- $querierAddress := "" }}
+{{- if "loki.deployment.isDistributed "}}
+{{- $querierHost := include "loki.querierFullname" .}}
+{{- $querierUrl := printf "http://%s.%s.svc.%s:3100" $querierHost .Release.Namespace .Values.global.clusterDomain }}
+{{- $querierAddress = $querierUrl }}
+{{- end -}}
+{{- printf "%s" $querierAddress }}
+{{- end }}
+
+{{/* Determine index-gateway address */}}
+{{- define "loki.indexGatewayAddress" -}}
+{{- $idxGatewayAddress := ""}}
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- $isScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
+{{- if $isDistributed -}}
+{{- $idxGatewayAddress = printf "dns+%s-headless.%s.svc.%s:%s" (include "loki.indexGatewayFullname" .) .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.grpc_listen_port | toString) -}}
+{{- end -}}
+{{- if $isScalable -}}
+{{- $idxGatewayAddress = printf "dns+%s-headless.%s.svc.%s:%s" (include "loki.backendFullname" .) .Release.Namespace .Values.global.clusterDomain (.Values.loki.server.grpc_listen_port | toString) -}}
+{{- end -}}
+{{- printf "%s" $idxGatewayAddress }}
+{{- end }}
+
+{{- define "loki.config.checksum" -}}
+checksum/config: {{ include (print .Template.BasePath "/config.yaml") . | sha256sum }}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for PodDisruptionBudget.
+*/}}
+{{- define "loki.pdb.apiVersion" -}}
+ {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">=1.21-0" .Capabilities.KubeVersion.Version) -}}
+ {{- print "policy/v1" -}}
+ {{- else -}}
+ {{- print "policy/v1beta1" -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the object store type for use with the test schema.
+*/}}
+{{- define "loki.testSchemaObjectStore" -}}
+ {{- if .Values.minio.enabled -}}
+ s3
+ {{- else -}}
+ filesystem
+ {{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/admin-api/_helpers.yaml b/charts/loki/templates/admin-api/_helpers.yaml
new file mode 100644
index 0000000..e13ff8a
--- /dev/null
+++ b/charts/loki/templates/admin-api/_helpers.yaml
@@ -0,0 +1,24 @@
+{{/*
+adminApi fullname
+*/}}
+{{- define "enterprise-logs.adminApiFullname" -}}
+{{ include "loki.fullname" . }}-admin-api
+{{- end }}
+
+{{/*
+adminApi common labels
+*/}}
+{{- define "enterprise-logs.adminApiLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: admin-api
+target: admin-api
+{{- end }}
+
+{{/*
+adminApi selector labels
+*/}}
+{{- define "enterprise-logs.adminApiSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: admin-api
+target: admin-api
+{{- end }}
\ No newline at end of file
diff --git a/charts/loki/templates/admin-api/deployment-admin-api.yaml b/charts/loki/templates/admin-api/deployment-admin-api.yaml
new file mode 100644
index 0000000..1539166
--- /dev/null
+++ b/charts/loki/templates/admin-api/deployment-admin-api.yaml
@@ -0,0 +1,168 @@
+{{- if .Values.enterprise.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "enterprise-logs.adminApiFullname" . }}
+ labels:
+ {{- include "enterprise-logs.adminApiLabels" . | nindent 4 }}
+ {{- with .Values.adminApi.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ app.kubernetes.io/part-of: memberlist
+ annotations:
+ {{- with .Values.adminApi.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.adminApi.replicas }}
+ selector:
+ matchLabels:
+ {{- include "enterprise-logs.adminApiSelectorLabels" . | nindent 6 }}
+ strategy:
+ {{- toYaml .Values.adminApi.strategy | nindent 4 }}
+ template:
+ metadata:
+ labels:
+ {{- include "enterprise-logs.adminApiSelectorLabels" . | nindent 8 }}
+ {{- with .Values.adminApi.labels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ app.kubernetes.io/part-of: memberlist
+ annotations:
+ {{- if .Values.useExternalConfig }}
+ checksum/config: {{ .Values.externalConfigVersion }}
+ {{- else }}
+ checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
+ {{- end}}
+ {{- with .Values.adminApi.annotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ template "loki.serviceAccountName" . }}
+ {{- if .Values.adminApi.priorityClassName }}
+ priorityClassName: {{ .Values.adminApi.priorityClassName }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.adminApi.podSecurityContext | nindent 8 }}
+ initContainers:
+ # Taken from
+ # https://github.com/minio/charts/blob/a5c84bcbad884728bff5c9c23541f936d57a13b3/minio/templates/post-install-create-bucket-job.yaml
+ {{- if .Values.minio.enabled }}
+ - name: minio-mc
+ image: "{{ .Values.minio.mcImage.repository }}:{{ .Values.minio.mcImage.tag }}"
+ imagePullPolicy: {{ .Values.minio.mcImage.pullPolicy }}
+ command: ["/bin/sh", "/config/initialize"]
+ env:
+ - name: MINIO_ENDPOINT
+ value: {{ .Release.Name }}-minio
+ - name: MINIO_PORT
+ value: {{ .Values.minio.service.port | quote }}
+ volumeMounts:
+ - name: minio-configuration
+ mountPath: /config
+ {{- if .Values.minio.tls.enabled }}
+ - name: cert-secret-volume-mc
+ mountPath: {{ .Values.minio.configPathmc }}certs
+ {{ end }}
+ {{- end }}
+ {{- if .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- range .Values.imagePullSecrets }}
+ - name: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.adminApi.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: admin-api
+ image: "{{ template "loki.image" . }}"
+ imagePullPolicy: {{ .Values.enterprise.image.pullPolicy }}
+ args:
+ - -target=admin-api
+ - -config.file=/etc/loki/config/config.yaml
+ {{- if .Values.minio.enabled }}
+ - -admin.client.backend-type=s3
+ - -admin.client.s3.endpoint={{ template "loki.minio" . }}
+ - -admin.client.s3.bucket-name=enterprise-logs-admin
+ - -admin.client.s3.access-key-id={{ .Values.minio.accessKey }}
+ - -admin.client.s3.secret-access-key={{ .Values.minio.secretKey }}
+ - -admin.client.s3.insecure=true
+ {{- end }}
+ {{- range $key, $value := .Values.adminApi.extraArgs }}
+ - "-{{ $key }}={{ $value }}"
+ {{- end }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: license
+ mountPath: /etc/loki/license
+ - name: storage
+ mountPath: /data
+ {{- if .Values.adminApi.extraVolumeMounts }}
+ {{ toYaml .Values.adminApi.extraVolumeMounts | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ readinessProbe:
+ {{- toYaml .Values.adminApi.readinessProbe | nindent 12 }}
+ resources:
+ {{- toYaml .Values.adminApi.resources | nindent 12 }}
+ securityContext:
+ {{- toYaml .Values.adminApi.containerSecurityContext | nindent 12 }}
+ env:
+ {{- if .Values.adminApi.env }}
+ {{ toYaml .Values.adminApi.env | nindent 12 }}
+ {{- end }}
+ {{- with .Values.adminApi.extraContainers }}
+ {{ toYaml . | nindent 8 }}
+ {{- end }}
+ nodeSelector:
+ {{- toYaml .Values.adminApi.nodeSelector | nindent 8 }}
+ affinity:
+ {{- toYaml .Values.adminApi.affinity | nindent 8 }}
+ tolerations:
+ {{- toYaml .Values.adminApi.tolerations | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.adminApi.terminationGracePeriodSeconds }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ - name: storage
+ emptyDir: {}
+ {{- if .Values.adminApi.extraVolumes }}
+ {{ toYaml .Values.adminApi.extraVolumes | nindent 8 }}
+ {{- end }}
+ {{- if .Values.minio.enabled }}
+ - name: minio-configuration
+ projected:
+ sources:
+ - configMap:
+ name: {{ .Release.Name }}-minio
+ - secret:
+ name: {{ .Release.Name }}-minio
+ {{- if .Values.minio.tls.enabled }}
+ - name: cert-secret-volume-mc
+ secret:
+ secretName: {{ .Values.minio.tls.certSecret }}
+ items:
+ - key: {{ .Values.minio.tls.publicCrt }}
+ path: CAs/public.crt
+ {{- end }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/loki/templates/admin-api/service-admin-api.yaml b/charts/loki/templates/admin-api/service-admin-api.yaml
new file mode 100644
index 0000000..c7daa27
--- /dev/null
+++ b/charts/loki/templates/admin-api/service-admin-api.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.enterprise.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "enterprise-logs.adminApiFullname" . }}
+ labels:
+ {{- include "enterprise-logs.adminApiLabels" . | nindent 4 }}
+ {{- with .Values.adminApi.service.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ annotations:
+ {{- with .Values.adminApi.service.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ protocol: TCP
+ targetPort: http-metrics
+ - name: grpc
+ port: 9095
+ protocol: TCP
+ targetPort: grpc
+ selector:
+ {{- include "enterprise-logs.adminApiSelectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/loki/templates/backend/clusterrole.yaml b/charts/loki/templates/backend/clusterrole.yaml
index 176ada0..e8631c3 100644
--- a/charts/loki/templates/backend/clusterrole.yaml
+++ b/charts/loki/templates/backend/clusterrole.yaml
@@ -1,4 +1,5 @@
-{{- if and (not .Values.rbac.namespaced) (not .Values.rbac.useExistingRole) }}
+{{- $isSimpleScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
+{{- if and $isSimpleScalable (not .Values.rbac.namespaced) (not .Values.rbac.useExistingRole) }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
@@ -17,4 +18,4 @@
{{- else }}
rules: []
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/loki/templates/backend/clusterrolebinding.yaml b/charts/loki/templates/backend/clusterrolebinding.yaml
index 1021fd0..619b702 100644
--- a/charts/loki/templates/backend/clusterrolebinding.yaml
+++ b/charts/loki/templates/backend/clusterrolebinding.yaml
@@ -1,4 +1,5 @@
-{{- if and (not .Values.rbac.namespaced) }}
+{{- $isSimpleScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
+{{- if and $isSimpleScalable (not .Values.rbac.namespaced) }}
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
@@ -21,4 +22,4 @@
name: {{ .Values.rbac.useExistingRole }}
{{- end }}
apiGroup: rbac.authorization.k8s.io
-{{- end -}}
\ No newline at end of file
+{{- end -}}
diff --git a/charts/loki/templates/backend/query-scheduler-discovery.yaml b/charts/loki/templates/backend/query-scheduler-discovery.yaml
index 527fa13..14bca1f 100644
--- a/charts/loki/templates/backend/query-scheduler-discovery.yaml
+++ b/charts/loki/templates/backend/query-scheduler-discovery.yaml
@@ -4,7 +4,7 @@
apiVersion: v1
kind: Service
metadata:
- name: query-scheduler-discovery
+ name: {{ include "loki.querySchedulerFullname" . }}-discovery
namespace: {{ $.Release.Namespace }}
labels:
{{- include "loki.backendSelectorLabels" . | nindent 4 }}
diff --git a/charts/loki/templates/backend/statefulset-backend.yaml b/charts/loki/templates/backend/statefulset-backend.yaml
index 97e110e..3deb4aa 100644
--- a/charts/loki/templates/backend/statefulset-backend.yaml
+++ b/charts/loki/templates/backend/statefulset-backend.yaml
@@ -19,8 +19,12 @@
{{- end }}
{{- end }}
spec:
-{{- if not .Values.backend.autoscaling.enabled }}
- replicas: {{ .Values.backend.replicas }}
+{{- if not .Values.write.autoscaling.enabled }}
+ {{- if eq .Values.deploymentMode "SingleBinary" }}
+ replicas: 0
+ {{- else }}
+ replicas: {{ .Values.write.replicas }}
+ {{- end }}
{{- end }}
podManagementPolicy: {{ .Values.backend.podManagementPolicy }}
updateStrategy:
@@ -205,7 +209,7 @@
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- with .Values.backend.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.backend.dnsConfig }}
dnsConfig:
@@ -231,12 +235,7 @@
{{- toYaml .Values.backend.persistence.dataVolumeParameters | nindent 10 }}
{{- end}}
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
- {{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/templates/bloom-compactor/_helpers-bloom-compactor.tpl b/charts/loki/templates/bloom-compactor/_helpers-bloom-compactor.tpl
new file mode 100644
index 0000000..193a8f8
--- /dev/null
+++ b/charts/loki/templates/bloom-compactor/_helpers-bloom-compactor.tpl
@@ -0,0 +1,58 @@
+{{/*
+bloom compactor fullname
+*/}}
+{{- define "loki.bloomCompactorFullname" -}}
+{{ include "loki.fullname" . }}-bloom-compactor
+{{- end }}
+
+{{/*
+bloom compactor common labels
+*/}}
+{{- define "loki.bloomCompactorLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: bloom-compactor
+{{- end }}
+
+{{/*
+bloom compactor selector labels
+*/}}
+{{- define "loki.bloomCompactorSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: bloom-compactor
+{{- end }}
+
+{{/*
+bloom compactor readinessProbe
+*/}}
+{{- define "loki.bloomCompactor.readinessProbe" -}}
+{{- with .Values.bloomCompactor.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+bloom compactor priority class name
+*/}}
+{{- define "loki.bloomCompactorPriorityClassName" }}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.bloomCompactor.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the bloom compactor service account
+*/}}
+{{- define "loki.bloomCompactorServiceAccountName" -}}
+{{- if .Values.bloomCompactor.serviceAccount.create -}}
+ {{ default (print (include "loki.serviceAccountName" .) "-bloom-compactor") .Values.bloomCompactor.serviceAccount.name }}
+{{- else -}}
+ {{ default (include "loki.serviceAccountName" .) .Values.bloomCompactor.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/bloom-compactor/statefulset-bloom-compactor.yaml b/charts/loki/templates/bloom-compactor/statefulset-bloom-compactor.yaml
new file mode 100644
index 0000000..424fa4b
--- /dev/null
+++ b/charts/loki/templates/bloom-compactor/statefulset-bloom-compactor.yaml
@@ -0,0 +1,183 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+{{- if (gt (int .Values.bloomCompactor.replicas) 0) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.bloomCompactorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.bloomCompactorLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.bloomCompactor.replicas }}
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.bloomCompactorFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.bloomCompactor.persistence.enableStatefulSetAutoDeletePVC) }}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.bloomCompactor.persistence.whenDeleted }}
+ whenScaled: {{ .Values.bloomCompactor.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.bloomCompactorSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.bloomCompactorSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.bloomCompactorPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.bloomCompactor.terminationGracePeriodSeconds }}
+ {{- with .Values.bloomCompactor.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: bloom-compactor
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.bloomCompactor.command }}
+ command:
+ - {{ coalesce .Values.bloomCompactor.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=bloom-compactor
+ {{- with .Values.bloomCompactor.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.bloomCompactor.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.bloomCompactor.readinessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: temp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.bloomCompactor.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.bloomCompactor.extraContainers }}
+ {{- toYaml .Values.bloomCompactor.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.bloomCompactor.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomCompactor.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: temp
+ emptyDir: {}
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- if not .Values.bloomCompactor.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- with .Values.bloomCompactor.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.bloomCompactor.persistence.enabled }}
+ volumeClaimTemplates:
+ {{- range .Values.bloomCompactor.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/loki/templates/bloom-gateway/_helpers-bloom-gateway.tpl b/charts/loki/templates/bloom-gateway/_helpers-bloom-gateway.tpl
new file mode 100644
index 0000000..f0cef4f
--- /dev/null
+++ b/charts/loki/templates/bloom-gateway/_helpers-bloom-gateway.tpl
@@ -0,0 +1,58 @@
+{{/*
+bloom gateway fullname
+*/}}
+{{- define "loki.bloomGatewayFullname" -}}
+{{ include "loki.fullname" . }}-bloom-gateway
+{{- end }}
+
+{{/*
+bloom gateway common labels
+*/}}
+{{- define "loki.bloomGatewayLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: bloom-gateway
+{{- end }}
+
+{{/*
+bloom gateway selector labels
+*/}}
+{{- define "loki.bloomGatewaySelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: bloom-gateway
+{{- end }}
+
+{{/*
+bloom gateway readinessProbe
+*/}}
+{{- define "loki.bloomGateway.readinessProbe" -}}
+{{- with .Values.bloomGateway.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+bloom gateway priority class name
+*/}}
+{{- define "loki.bloomGatewayPriorityClassName" }}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.bloomGateway.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the bloom gateway service account
+*/}}
+{{- define "loki.bloomGatewayServiceAccountName" -}}
+{{- if .Values.bloomGateway.serviceAccount.create -}}
+ {{ default (print (include "loki.serviceAccountName" .) "-bloom-gateway") .Values.bloomGateway.serviceAccount.name }}
+{{- else -}}
+ {{ default (include "loki.serviceAccountName" .) .Values.bloomGateway.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/bloom-gateway/service-bloom-gateway-headless.yaml b/charts/loki/templates/bloom-gateway/service-bloom-gateway-headless.yaml
new file mode 100644
index 0000000..daa61c6
--- /dev/null
+++ b/charts/loki/templates/bloom-gateway/service-bloom-gateway-headless.yaml
@@ -0,0 +1,36 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+{{- if (gt (int .Values.bloomGateway.replicas) 0) -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.bloomGatewayFullname" . }}-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.bloomGatewaySelectorLabels" . | nindent 4 }}
+ {{- with .Values.bloomGateway.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.bloomGateway.appProtocol.grpc }}
+ appProtocol: {{ .Values.bloomGateway.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.bloomGatewaySelectorLabels" . | nindent 4 }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/bloom-gateway/statefulset-bloom-gateway.yaml b/charts/loki/templates/bloom-gateway/statefulset-bloom-gateway.yaml
new file mode 100644
index 0000000..e2ceefb
--- /dev/null
+++ b/charts/loki/templates/bloom-gateway/statefulset-bloom-gateway.yaml
@@ -0,0 +1,183 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+{{- if (gt (int .Values.bloomGateway.replicas) 0) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.bloomGatewayFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.bloomGatewayLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.bloomGateway.replicas }}
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.bloomGatewayFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.bloomGateway.persistence.enableStatefulSetAutoDeletePVC) }}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.bloomGateway.persistence.whenDeleted }}
+ whenScaled: {{ .Values.bloomGateway.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.bloomGatewaySelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.bloomGatewaySelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.bloomGatewayPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.bloomGateway.terminationGracePeriodSeconds }}
+ {{- with .Values.bloomGateway.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: bloom-gateway
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.bloomGateway.command }}
+ command:
+ - {{ coalesce .Values.bloomGateway.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=bloom-gateway
+ {{- with .Values.bloomGateway.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.bloomGateway.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.bloomGateway.readinessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: temp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.bloomGateway.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.bloomGateway.extraContainers }}
+ {{- toYaml .Values.bloomGateway.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.bloomGateway.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.bloomGateway.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: temp
+ emptyDir: {}
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- if not .Values.bloomGateway.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- with .Values.bloomGateway.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.bloomGateway.persistence.enabled }}
+ volumeClaimTemplates:
+ {{- range .Values.bloomGateway.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/loki/templates/chunks-cache/poddisruptionbudget-chunks-cache.yaml b/charts/loki/templates/chunks-cache/poddisruptionbudget-chunks-cache.yaml
new file mode 100644
index 0000000..da95adf
--- /dev/null
+++ b/charts/loki/templates/chunks-cache/poddisruptionbudget-chunks-cache.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.chunksCache.enabled }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.fullname" . }}-memcached-chunks-cache
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.selectorLabels" . | nindent 4 }}
+ app.kubernetes.io/component: memcached-chunks-cache
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.selectorLabels" . | nindent 6 }}
+ app.kubernetes.io/component: memcached-chunks-cache
+ maxUnavailable: 1
+{{- end -}}
diff --git a/charts/loki/templates/chunks-cache/service-chunks-cache-headless.yaml b/charts/loki/templates/chunks-cache/service-chunks-cache-headless.yaml
new file mode 100644
index 0000000..dc2ccd4
--- /dev/null
+++ b/charts/loki/templates/chunks-cache/service-chunks-cache-headless.yaml
@@ -0,0 +1 @@
+{{- include "loki.memcached.service" (dict "ctx" $ "valuesSection" "chunksCache" "component" "chunks-cache" ) }}
diff --git a/charts/loki/templates/chunks-cache/statefulset-chunks-cache.yaml b/charts/loki/templates/chunks-cache/statefulset-chunks-cache.yaml
new file mode 100644
index 0000000..6a54c57
--- /dev/null
+++ b/charts/loki/templates/chunks-cache/statefulset-chunks-cache.yaml
@@ -0,0 +1 @@
+{{- include "loki.memcached.statefulSet" (dict "ctx" $ "valuesSection" "chunksCache" "component" "chunks-cache" ) }}
diff --git a/charts/loki/templates/compactor/_helpers-compactor.tpl b/charts/loki/templates/compactor/_helpers-compactor.tpl
new file mode 100644
index 0000000..75c21db
--- /dev/null
+++ b/charts/loki/templates/compactor/_helpers-compactor.tpl
@@ -0,0 +1,81 @@
+{{/*
+compactor fullname
+*/}}
+{{- define "loki.compactorFullname" -}}
+{{ include "loki.fullname" . }}-compactor
+{{- end }}
+
+{{/*
+compactor common labels
+*/}}
+{{- define "loki.compactorLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: compactor
+{{- end }}
+
+{{/*
+compactor selector labels
+*/}}
+{{- define "loki.compactorSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: compactor
+{{- end }}
+
+{{/*
+compactor image
+*/}}
+{{- define "loki.compactorImage" -}}
+{{- $dict := dict "loki" .Values.loki.image "service" .Values.compactor.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
+{{- include "loki.lokiImage" $dict -}}
+{{- end }}
+
+{{/*
+compactor readinessProbe
+*/}}
+{{- define "loki.compactor.readinessProbe" -}}
+{{- with .Values.compactor.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+compactor livenessProbe
+*/}}
+{{- define "loki.compactor.livenessProbe" -}}
+{{- with .Values.compactor.livenessProbe }}
+livenessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.livenessProbe }}
+livenessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+compactor priority class name
+*/}}
+{{- define "loki.compactorPriorityClassName" }}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.compactor.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the compactor service account
+*/}}
+{{- define "loki.compactorServiceAccountName" -}}
+{{- if .Values.compactor.serviceAccount.create -}}
+ {{ default (print (include "loki.serviceAccountName" .) "-compactor") .Values.compactor.serviceAccount.name }}
+{{- else -}}
+ {{ default (include "loki.serviceAccountName" .) .Values.compactor.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/compactor/service-compactor.yaml b/charts/loki/templates/compactor/service-compactor.yaml
new file mode 100644
index 0000000..c75e1ce
--- /dev/null
+++ b/charts/loki/templates/compactor/service-compactor.yaml
@@ -0,0 +1,35 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.compactorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.labels" . | nindent 4 }}
+ {{- with .Values.compactor.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ app.kubernetes.io/component: compactor
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.compactor.appProtocol.grpc }}
+ appProtocol: {{ .Values.compactor.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.selectorLabels" . | nindent 4 }}
+ app.kubernetes.io/component: compactor
+{{- end }}
diff --git a/charts/loki/templates/compactor/statefulset-compactor.yaml b/charts/loki/templates/compactor/statefulset-compactor.yaml
new file mode 100644
index 0000000..98fab0a
--- /dev/null
+++ b/charts/loki/templates/compactor/statefulset-compactor.yaml
@@ -0,0 +1,193 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.compactorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.compactorLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.compactor.replicas }}
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.compactorFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.compactor.persistence.enableStatefulSetAutoDeletePVC) }}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.compactor.persistence.whenDeleted }}
+ whenScaled: {{ .Values.compactor.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.compactorSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.compactor.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.compactorSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.compactor.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.compactor.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- tpl . $ | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.compactor.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.compactorPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.compactor.terminationGracePeriodSeconds }}
+ {{- with .Values.compactor.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: compactor
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.compactor.command }}
+ command:
+ - {{ coalesce .Values.compactor.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=compactor
+ {{- with .Values.compactor.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.compactor.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.compactor.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.compactor.readinessProbe" . | nindent 10 }}
+ {{- include "loki.compactor.livenessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: temp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.compactor.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.compactor.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.compactor.lifecycle }}
+ lifecycle:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.compactor.extraContainers }}
+ {{- toYaml .Values.compactor.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.compactor.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.compactor.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.compactor.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: temp
+ emptyDir: {}
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- if not .Values.compactor.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- with .Values.compactor.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.compactor.persistence.enabled }}
+ volumeClaimTemplates:
+ {{- range .Values.compactor.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/config.yaml b/charts/loki/templates/config.yaml
index 101abc3..fe47590 100644
--- a/charts/loki/templates/config.yaml
+++ b/charts/loki/templates/config.yaml
@@ -1,4 +1,4 @@
-{{- if not .Values.loki.existingSecretForConfig -}}
+{{- if .Values.loki.generatedConfigObjectName -}}
apiVersion: v1
{{- if eq .Values.loki.configStorageType "Secret" }}
kind: Secret
@@ -6,7 +6,7 @@
kind: ConfigMap
{{- end }}
metadata:
- name: {{ tpl .Values.loki.externalConfigSecretName . }}
+ name: {{ tpl .Values.loki.generatedConfigObjectName . }}
namespace: {{ $.Release.Namespace }}
labels:
{{- include "loki.labels" . | nindent 4 }}
diff --git a/charts/loki/templates/distributor/_helpers-distributor.tpl b/charts/loki/templates/distributor/_helpers-distributor.tpl
new file mode 100644
index 0000000..c23179e
--- /dev/null
+++ b/charts/loki/templates/distributor/_helpers-distributor.tpl
@@ -0,0 +1,32 @@
+{{/*
+distributor fullname
+*/}}
+{{- define "loki.distributorFullname" -}}
+{{ include "loki.fullname" . }}-distributor
+{{- end }}
+
+{{/*
+distributor common labels
+*/}}
+{{- define "loki.distributorLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: distributor
+{{- end }}
+
+{{/*
+distributor selector labels
+*/}}
+{{- define "loki.distributorSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: distributor
+{{- end }}
+
+{{/*
+distributor priority class name
+*/}}
+{{- define "loki.distributorPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.distributor.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/distributor/deployment-distributor.yaml b/charts/loki/templates/distributor/deployment-distributor.yaml
new file mode 100644
index 0000000..be66bfc
--- /dev/null
+++ b/charts/loki/templates/distributor/deployment-distributor.yaml
@@ -0,0 +1,152 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "loki.distributorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.distributorLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.distributor.autoscaling.enabled }}
+ replicas: {{ .Values.distributor.replicas }}
+{{- end }}
+ strategy:
+ rollingUpdate:
+ maxSurge: {{ .Values.distributor.maxSurge }}
+ maxUnavailable: 1
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ selector:
+ matchLabels:
+ {{- include "loki.distributorSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.distributor.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.distributorSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.distributor.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.distributor.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.distributorPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.distributor.terminationGracePeriodSeconds }}
+ containers:
+ - name: distributor
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.distributor.command }}
+ command:
+ - {{ coalesce .Values.distributor.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=distributor
+ {{- if .Values.ingester.zoneAwareReplication.enabled }}
+ {{- if and (.Values.ingester.zoneAwareReplication.migration.enabled) (not .Values.ingester.zoneAwareReplication.migration.writePath) }}
+ - -distributor.zone-awareness-enabled=false
+ {{- else }}
+ - -distributor.zone-awareness-enabled=true
+ {{- end }}
+ {{- end }}
+ {{- with .Values.distributor.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.distributor.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.distributor.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ livenessProbe:
+ {{- toYaml .Values.loki.livenessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.distributor.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.distributor.resources | nindent 12 }}
+ {{- if .Values.distributor.extraContainers }}
+ {{- toYaml .Values.distributor.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.distributor.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.distributor.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.distributor.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.distributor.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end -}}
diff --git a/charts/loki/templates/distributor/hpa.yaml b/charts/loki/templates/distributor/hpa.yaml
new file mode 100644
index 0000000..838a310
--- /dev/null
+++ b/charts/loki/templates/distributor/hpa.yaml
@@ -0,0 +1,54 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.distributor.autoscaling.enabled }}
+{{- $apiVersion := include "loki.hpa.apiVersion" . -}}
+apiVersion: {{ $apiVersion }}
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "loki.distributorFullname" . }}
+ labels:
+ {{- include "loki.distributorLabels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "loki.distributorFullname" . }}
+ minReplicas: {{ .Values.distributor.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.distributor.autoscaling.maxReplicas }}
+ metrics:
+ {{- with .Values.distributor.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.distributor.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.distributor.autoscaling.customMetrics }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- if .Values.distributor.autoscaling.behavior.enabled }}
+ behavior:
+ {{- with .Values.distributor.autoscaling.behavior.scaleDown }}
+ scaleDown: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- with .Values.distributor.autoscaling.behavior.scaleUp }}
+ scaleUp: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/distributor/poddisruptionbudget-distributor.yaml b/charts/loki/templates/distributor/poddisruptionbudget-distributor.yaml
new file mode 100644
index 0000000..806a447
--- /dev/null
+++ b/charts/loki/templates/distributor/poddisruptionbudget-distributor.yaml
@@ -0,0 +1,21 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.distributor.replicas) 1) }}
+{{- if kindIs "invalid" .Values.distributor.maxUnavailable }}
+{{- fail "`.Values.distributor.maxUnavailable` must be set when `.Values.distributor.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.distributorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.distributorLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.distributorSelectorLabels" . | nindent 6 }}
+ {{- with .Values.distributor.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/distributor/service-distributor-headless.yaml b/charts/loki/templates/distributor/service-distributor-headless.yaml
new file mode 100644
index 0000000..c69bb0a
--- /dev/null
+++ b/charts/loki/templates/distributor/service-distributor-headless.yaml
@@ -0,0 +1,36 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.distributorFullname" . }}-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.distributorSelectorLabels" . | nindent 4 }}
+ {{- with .Values.distributor.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ variant: headless
+ prometheus.io/service-monitor: "false"
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.distributor.appProtocol.grpc }}
+ appProtocol: {{ .Values.distributor.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.distributorSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/distributor/service-distributor.yaml b/charts/loki/templates/distributor/service-distributor.yaml
new file mode 100644
index 0000000..8145834
--- /dev/null
+++ b/charts/loki/templates/distributor/service-distributor.yaml
@@ -0,0 +1,33 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.distributorFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.distributorLabels" . | nindent 4 }}
+ {{- with .Values.distributor.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.distributor.appProtocol.grpc }}
+ appProtocol: {{ .Values.distributor.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.distributorSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/gateway/_helpers-gateway.tpl b/charts/loki/templates/gateway/_helpers-gateway.tpl
index 272814b..39890b1 100644
--- a/charts/loki/templates/gateway/_helpers-gateway.tpl
+++ b/charts/loki/templates/gateway/_helpers-gateway.tpl
@@ -2,7 +2,7 @@
gateway fullname
*/}}
{{- define "loki.gatewayFullname" -}}
-{{ include "loki.name" . }}-gateway
+{{ include "loki.fullname" . }}-gateway
{{- end }}
{{/*
diff --git a/charts/loki/templates/gateway/configmap-gateway.yaml b/charts/loki/templates/gateway/configmap-gateway.yaml
index fe98c73..1c981a7 100644
--- a/charts/loki/templates/gateway/configmap-gateway.yaml
+++ b/charts/loki/templates/gateway/configmap-gateway.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.gateway.enabled }}
+{{- if and .Values.gateway.enabled (not (and .Values.enterprise.enabled .Values.enterprise.gelGateway)) }}
apiVersion: v1
kind: ConfigMap
metadata:
diff --git a/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml b/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml
new file mode 100644
index 0000000..4f7dcca
--- /dev/null
+++ b/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml
@@ -0,0 +1,132 @@
+{{- if and .Values.gateway.enabled .Values.enterprise.enabled .Values.enterprise.gelGateway }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "loki.gatewayFullname" . }}
+ labels:
+ {{- include "loki.gatewayLabels" . | nindent 4 }}
+ {{- with .Values.enterpriseGateway.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ annotations:
+ {{- with .Values.enterpriseGateway.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.enterpriseGateway.replicas }}
+ selector:
+ matchLabels:
+ {{- include "loki.gatewaySelectorLabels" . | nindent 6 }}
+ strategy:
+ {{- toYaml .Values.enterpriseGateway.strategy | nindent 4 }}
+ template:
+ metadata:
+ labels:
+ {{- include "loki.gatewaySelectorLabels" . | nindent 8 }}
+ {{- with .Values.enterpriseGateway.labels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ annotations:
+ {{- if .Values.useExternalConfig }}
+ checksum/config: {{ .Values.externalConfigVersion }}
+ {{- else }}
+ checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
+ {{- end}}
+ {{- with .Values.enterpriseGateway.annotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ template "loki.serviceAccountName" . }}
+ {{- if .Values.enterpriseGateway.priorityClassName }}
+ priorityClassName: {{ .Values.enterpriseGateway.priorityClassName }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.enterpriseGateway.podSecurityContext | nindent 8 }}
+ initContainers:
+ {{- toYaml .Values.enterpriseGateway.initContainers | nindent 8 }}
+ {{- if .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- range .Values.imagePullSecrets }}
+ - name: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.enterpriseGateway.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: gateway
+ image: "{{ template "loki.image" . }}"
+ imagePullPolicy: {{ .Values.enterprise.image.pullPolicy }}
+ args:
+ - -target=gateway
+ - -config.file=/etc/loki/config/config.yaml
+ {{- if .Values.minio.enabled }}
+ - -admin.client.backend-type=s3
+ - -admin.client.s3.endpoint={{ template "loki.minio" . }}
+ - -admin.client.s3.bucket-name=enterprise-logs-admin
+ - -admin.client.s3.access-key-id={{ .Values.minio.accessKey }}
+ - -admin.client.s3.secret-access-key={{ .Values.minio.secretKey }}
+ - -admin.client.s3.insecure=true
+ {{- end }}
+ {{- if .Values.enterpriseGateway.useDefaultProxyURLs }}
+ - -gateway.proxy.default.url=http://{{ template "loki.fullname" . }}-admin-api.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.admin-api.url=http://{{ template "loki.fullname" . }}-admin-api.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.distributor.url=dns:///{{ template "loki.fullname" . }}-distributor-headless.{{ .Release.Namespace }}.svc:9095
+ - -gateway.proxy.ingester.url=http://{{ template "loki.fullname" . }}-ingester.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.query-frontend.url=http://{{ template "loki.fullname" . }}-query-frontend.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.ruler.url=http://{{ template "loki.fullname" . }}-ruler.{{ .Release.Namespace }}.svc:3100
+ {{- end }}
+ {{- range $key, $value := .Values.enterpriseGateway.extraArgs }}
+ - "-{{ $key }}={{ $value }}"
+ {{- end }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: license
+ mountPath: /etc/loki/license
+ - name: storage
+ mountPath: /data
+ {{- if .Values.enterpriseGateway.extraVolumeMounts }}
+ {{ toYaml .Values.enterpriseGateway.extraVolumeMounts | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ readinessProbe:
+ {{- toYaml .Values.enterpriseGateway.readinessProbe | nindent 12 }}
+ resources:
+ {{- toYaml .Values.enterpriseGateway.resources | nindent 12 }}
+ securityContext:
+ {{- toYaml .Values.enterpriseGateway.containerSecurityContext | nindent 12 }}
+ env:
+ {{- if .Values.enterpriseGateway.env }}
+ {{ toYaml .Values.enterpriseGateway.env | nindent 12 }}
+ {{- end }}
+ {{- with .Values.enterpriseGateway.extraContainers }}
+ {{ toYaml . | nindent 8 }}
+ {{- end }}
+ nodeSelector:
+ {{- toYaml .Values.enterpriseGateway.nodeSelector | nindent 8 }}
+ affinity:
+ {{- toYaml .Values.enterpriseGateway.affinity | nindent 8 }}
+ tolerations:
+ {{- toYaml .Values.enterpriseGateway.tolerations | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.enterpriseGateway.terminationGracePeriodSeconds }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ - name: storage
+ emptyDir: {}
+ {{- if .Values.enterpriseGateway.extraVolumes }}
+ {{ toYaml .Values.enterpriseGateway.extraVolumes | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/loki/templates/gateway/deployment-gateway.yaml b/charts/loki/templates/gateway/deployment-gateway-nginx.yaml
similarity index 96%
rename from charts/loki/templates/gateway/deployment-gateway.yaml
rename to charts/loki/templates/gateway/deployment-gateway-nginx.yaml
index 4ffa0c9..f20c497 100644
--- a/charts/loki/templates/gateway/deployment-gateway.yaml
+++ b/charts/loki/templates/gateway/deployment-gateway-nginx.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.gateway.enabled }}
+{{- if and .Values.gateway.enabled (not (and .Values.enterprise.enabled .Values.enterprise.gelGateway)) }}
apiVersion: apps/v1
kind: Deployment
metadata:
@@ -61,7 +61,7 @@
image: {{ include "loki.gatewayImage" . }}
imagePullPolicy: {{ .Values.gateway.image.pullPolicy }}
ports:
- - name: http
+ - name: http-metrics
containerPort: 8080
protocol: TCP
{{- with .Values.gateway.extraEnv }}
@@ -101,7 +101,7 @@
{{- end }}
{{- with .Values.gateway.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.gateway.dnsConfig }}
dnsConfig:
diff --git a/charts/loki/templates/gateway/service-gateway.yaml b/charts/loki/templates/gateway/service-gateway.yaml
index 5cb7a55..8c71026 100644
--- a/charts/loki/templates/gateway/service-gateway.yaml
+++ b/charts/loki/templates/gateway/service-gateway.yaml
@@ -28,9 +28,9 @@
loadBalancerIP: {{ .Values.gateway.service.loadBalancerIP }}
{{- end }}
ports:
- - name: http
+ - name: http-metrics
port: {{ .Values.gateway.service.port }}
- targetPort: http
+ targetPort: http-metrics
{{- if and (eq "NodePort" .Values.gateway.service.type) .Values.gateway.service.nodePort }}
nodePort: {{ .Values.gateway.service.nodePort }}
{{- end }}
diff --git a/charts/loki/templates/index-gateway/_helpers-index-gateway.tpl b/charts/loki/templates/index-gateway/_helpers-index-gateway.tpl
new file mode 100644
index 0000000..f42dff3
--- /dev/null
+++ b/charts/loki/templates/index-gateway/_helpers-index-gateway.tpl
@@ -0,0 +1,40 @@
+{{/*
+index-gateway fullname
+*/}}
+{{- define "loki.indexGatewayFullname" -}}
+{{ include "loki.fullname" . }}-index-gateway
+{{- end }}
+
+{{/*
+index-gateway common labels
+*/}}
+{{- define "loki.indexGatewayLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: index-gateway
+{{- end }}
+
+{{/*
+index-gateway selector labels
+*/}}
+{{- define "loki.indexGatewaySelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: index-gateway
+{{- end }}
+
+{{/*
+index-gateway image
+*/}}
+{{- define "loki.indexGatewayImage" -}}
+{{- $dict := dict "loki" .Values.loki.image "service" .Values.indexGateway.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
+{{- include "loki.lokiImage" $dict -}}
+{{- end }}
+
+{{/*
+index-gateway priority class name
+*/}}
+{{- define "loki.indexGatewayPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.indexGateway.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/index-gateway/poddisruptionbudget-index-gateway.yaml b/charts/loki/templates/index-gateway/poddisruptionbudget-index-gateway.yaml
new file mode 100644
index 0000000..22ba1a0
--- /dev/null
+++ b/charts/loki/templates/index-gateway/poddisruptionbudget-index-gateway.yaml
@@ -0,0 +1,20 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.indexGateway.replicas) 1) }}
+{{- if kindIs "invalid" .Values.indexGateway.maxUnavailable }}
+{{- fail "`.Values.indexGateway.maxUnavailable` must be set when `.Values.indexGateway.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.indexGatewayFullname" . }}
+ labels:
+ {{- include "loki.indexGatewayLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 6 }}
+ {{- with .Values.indexGateway.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/index-gateway/service-index-gateway-headless.yaml b/charts/loki/templates/index-gateway/service-index-gateway-headless.yaml
new file mode 100644
index 0000000..b0c90dc
--- /dev/null
+++ b/charts/loki/templates/index-gateway/service-index-gateway-headless.yaml
@@ -0,0 +1,27 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.indexGatewayFullname" . }}-headless
+ labels:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 4 }}
+ prometheus.io/service-monitor: "false"
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- with .Values.indexGateway.appProtocol.grpc }}
+ appProtocol: {{ . }}
+ {{- end }}
+ selector:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/loki/templates/index-gateway/service-index-gateway.yaml b/charts/loki/templates/index-gateway/service-index-gateway.yaml
new file mode 100644
index 0000000..2d43bb0
--- /dev/null
+++ b/charts/loki/templates/index-gateway/service-index-gateway.yaml
@@ -0,0 +1,32 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.indexGatewayFullname" . }}
+ labels:
+ {{- include "loki.indexGatewayLabels" . | nindent 4 }}
+ {{- with .Values.indexGateway.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- with .Values.indexGateway.appProtocol.grpc }}
+ appProtocol: {{ . }}
+ {{- end }}
+ selector:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/loki/templates/index-gateway/statefulset-index-gateway.yaml b/charts/loki/templates/index-gateway/statefulset-index-gateway.yaml
new file mode 100644
index 0000000..5797185
--- /dev/null
+++ b/charts/loki/templates/index-gateway/statefulset-index-gateway.yaml
@@ -0,0 +1,186 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.indexGatewayFullname" . }}
+ labels:
+ {{- include "loki.indexGatewayLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.indexGateway.replicas }}
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.indexGatewayFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.indexGateway.persistence.enableStatefulSetAutoDeletePVC) }}
+ {{/*
+ Data on the read nodes is easy to replace, so we want to always delete PVCs to make
+ operation easier, and will rely on re-fetching data when needed.
+ */}}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.indexGateway.persistence.whenDeleted }}
+ whenScaled: {{ .Values.indexGateway.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.indexGateway.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.indexGatewaySelectorLabels" . | nindent 8 }}
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.indexGateway.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.indexGateway.joinMemberlist }}
+ app.kubernetes.io/part-of: memberlist
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.indexGateway.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.indexGatewayPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.indexGateway.terminationGracePeriodSeconds }}
+ {{- with .Values.indexGateway.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: index-gateway
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=index-gateway
+ {{- with .Values.indexGateway.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ {{- if .Values.indexGateway.joinMemberlist }}
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- end }}
+ {{- with .Values.indexGateway.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.indexGateway.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ livenessProbe:
+ {{- toYaml .Values.loki.livenessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.indexGateway.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.indexGateway.resources | nindent 12 }}
+ {{- if .Values.indexGateway.extraContainers }}
+ {{- toYaml .Values.indexGateway.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.indexGateway.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.indexGateway.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.indexGateway.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.indexGateway.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.indexGateway.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- else if .Values.indexGateway.persistence.inMemory }}
+ - name: data
+ {{- if .Values.indexGateway.persistence.inMemory }}
+ emptyDir:
+ medium: Memory
+ {{- end }}
+ {{- if .Values.indexGateway.persistence.size }}
+ sizeLimit: {{ .Values.indexGateway.persistence.size }}
+ {{- end }}
+ {{- else }}
+ volumeClaimTemplates:
+ - metadata:
+ name: data
+ {{- with .Values.indexGateway.persistence.annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .Values.indexGateway.persistence.storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.indexGateway.persistence.size | quote }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/_helpers-ingester.tpl b/charts/loki/templates/ingester/_helpers-ingester.tpl
new file mode 100644
index 0000000..418d409
--- /dev/null
+++ b/charts/loki/templates/ingester/_helpers-ingester.tpl
@@ -0,0 +1,74 @@
+{{/*
+ingester fullname
+*/}}
+{{- define "loki.ingesterFullname" -}}
+{{ include "loki.fullname" . }}-ingester
+{{- end }}
+
+{{/*
+ingester common labels
+*/}}
+{{- define "loki.ingesterLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: ingester
+{{- end }}
+
+{{/*
+ingester selector labels
+*/}}
+{{- define "loki.ingesterSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: ingester
+{{- end }}
+
+{{/*
+ingester priority class name
+*/}}
+{{- define "loki.ingesterPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.ingester.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
+
+{{- define "loki.ingester.readinessProbe" -}}
+{{- with .Values.ingester.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{- define "loki.ingester.livenessProbe" -}}
+{{- with .Values.ingester.livenessProbe }}
+livenessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.livenessProbe }}
+livenessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+expects global context
+*/}}
+{{- define "loki.ingester.replicaCount" -}}
+{{- ceil (divf .Values.ingester.replicas 3) -}}
+{{- end -}}
+
+{{/*
+expects a dict
+{
+ "replicas": replicas in a zone,
+ "ctx": global context
+}
+*/}}
+{{- define "loki.ingester.maxUnavailable" -}}
+{{- ceil (mulf .replicas (divf (int .ctx.Values.ingester.zoneAwareReplication.maxUnavailablePct) 100)) -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/loki/templates/ingester/hpa.yaml b/charts/loki/templates/ingester/hpa.yaml
new file mode 100644
index 0000000..2e6a2d1
--- /dev/null
+++ b/charts/loki/templates/ingester/hpa.yaml
@@ -0,0 +1,55 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.autoscaling.enabled }}
+{{- $apiVersion := include "loki.hpa.apiVersion" . -}}
+apiVersion: {{ $apiVersion }}
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Statefulset
+ name: {{ include "loki.ingesterFullname" . }}
+ minReplicas: {{ .Values.ingester.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.ingester.autoscaling.maxReplicas }}
+ metrics:
+ {{- with .Values.ingester.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.autoscaling.customMetrics }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- if .Values.ingester.autoscaling.behavior.enabled }}
+ behavior:
+ {{- with .Values.ingester.autoscaling.behavior.scaleDown }}
+ scaleDown: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- with .Values.ingester.autoscaling.behavior.scaleUp }}
+ scaleUp: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/poddisruptionbudget-ingester-rollout.yaml b/charts/loki/templates/ingester/poddisruptionbudget-ingester-rollout.yaml
new file mode 100644
index 0000000..000ab85
--- /dev/null
+++ b/charts/loki/templates/ingester/poddisruptionbudget-ingester-rollout.yaml
@@ -0,0 +1,21 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.ingester.replicas) 1) (.Values.ingester.zoneAwareReplication.enabled) }}
+{{- if kindIs "invalid" .Values.ingester.maxUnavailable }}
+{{- fail "`.Values.ingester.maxUnavailable` must be set when `.Values.ingester.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-rollout
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ rollout-group: ingester
+ {{- with .Values.ingester.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/poddisruptionbudget-ingester.yaml b/charts/loki/templates/ingester/poddisruptionbudget-ingester.yaml
new file mode 100644
index 0000000..1142c01
--- /dev/null
+++ b/charts/loki/templates/ingester/poddisruptionbudget-ingester.yaml
@@ -0,0 +1,27 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.ingester.replicas) 1) (or (not .Values.ingester.zoneAwareReplication.enabled) .Values.ingester.zoneAwareReplication.migration.enabled) }}
+{{- if kindIs "invalid" .Values.ingester.maxUnavailable }}
+{{- fail "`.Values.ingester.maxUnavailable` must be set when `.Values.ingester.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 6 }}
+ {{/* zone aware ingesters get their own pod disruption budget, ignore them here */}}
+ matchExpressions:
+ - key: rollout-group
+ operator: NotIn
+ values:
+ - "ingester"
+ {{- with .Values.ingester.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/service-ingester-headless.yaml b/charts/loki/templates/ingester/service-ingester-headless.yaml
new file mode 100644
index 0000000..e83dcf7
--- /dev/null
+++ b/charts/loki/templates/ingester/service-ingester-headless.yaml
@@ -0,0 +1,32 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (or (not .Values.ingester.zoneAwareReplication.enabled) .Values.ingester.zoneAwareReplication.migration.enabled) }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+ prometheus.io/service-monitor: "false"
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.ingester.appProtocol.grpc }}
+ appProtocol: {{ .Values.ingester.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/ingester/service-ingester-zone-a-headless.yaml b/charts/loki/templates/ingester/service-ingester-zone-a-headless.yaml
new file mode 100644
index 0000000..478ea8c
--- /dev/null
+++ b/charts/loki/templates/ingester/service-ingester-zone-a-headless.yaml
@@ -0,0 +1,35 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-a-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ {{- with .Values.ingester.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.ingester.appProtocol.grpc }}
+ appProtocol: {{ .Values.ingester.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+ name: ingester-zone-a
+ rollout-group: ingester
+{{- end -}}
diff --git a/charts/loki/templates/ingester/service-ingester-zone-b-headless.yaml b/charts/loki/templates/ingester/service-ingester-zone-b-headless.yaml
new file mode 100644
index 0000000..c19ed4c
--- /dev/null
+++ b/charts/loki/templates/ingester/service-ingester-zone-b-headless.yaml
@@ -0,0 +1,35 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-b-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ {{- with .Values.ingester.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.ingester.appProtocol.grpc }}
+ appProtocol: {{ .Values.ingester.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+ name: ingester-zone-b
+ rollout-group: ingester
+{{- end -}}
diff --git a/charts/loki/templates/ingester/service-ingester-zone-c-headless.yaml b/charts/loki/templates/ingester/service-ingester-zone-c-headless.yaml
new file mode 100644
index 0000000..2757fce
--- /dev/null
+++ b/charts/loki/templates/ingester/service-ingester-zone-c-headless.yaml
@@ -0,0 +1,35 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-c-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ {{- with .Values.ingester.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.ingester.appProtocol.grpc }}
+ appProtocol: {{ .Values.ingester.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+ name: ingester-zone-c
+ rollout-group: ingester
+{{- end -}}
diff --git a/charts/loki/templates/ingester/service-ingester.yaml b/charts/loki/templates/ingester/service-ingester.yaml
new file mode 100644
index 0000000..d762cbf
--- /dev/null
+++ b/charts/loki/templates/ingester/service-ingester.yaml
@@ -0,0 +1,33 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (or (not .Values.ingester.zoneAwareReplication.enabled) .Values.ingester.zoneAwareReplication.migration.enabled) }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ {{- with .Values.ingester.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.ingester.appProtocol.grpc }}
+ appProtocol: {{ .Values.ingester.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/ingester/statefulset-ingester-zone-a.yaml b/charts/loki/templates/ingester/statefulset-ingester-zone-a.yaml
new file mode 100644
index 0000000..13c7018
--- /dev/null
+++ b/charts/loki/templates/ingester/statefulset-ingester-zone-a.yaml
@@ -0,0 +1,232 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+{{- $replicas := (include "loki.ingester.replicaCount" .) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-a
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ rollout-group: ingester
+ name: ingester-zone-a
+ annotations:
+ rollout-max-unavailable: "{{ include "loki.ingester.maxUnavailable" (dict "ctx" . "replicas" $replicas)}}"
+ {{- with .Values.loki.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneA.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.ingester.autoscaling.enabled }}
+ replicas: {{ $replicas }}
+{{- end }}
+ podManagementPolicy: Parallel
+ serviceName: {{ include "loki.ingesterFullname" . }}-zone-a
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.ingester.persistence.enableStatefulSetAutoDeletePVC) }}
+ {{/*
+ Data on the read nodes is easy to replace, so we want to always delete PVCs to make
+ operation easier, and will rely on re-fetching data when needed.
+ */}}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.ingester.persistence.whenDeleted }}
+ whenScaled: {{ .Values.ingester.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 6 }}
+ name: ingester-zone-a
+ rollout-group: ingester
+ updateStrategy:
+ type: OnDelete
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneA.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ name: ingester-zone-a
+ rollout-group: ingester
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.ingester.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.ingesterPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.ingester.terminationGracePeriodSeconds }}
+ {{- with .Values.ingester.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: ingester
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.ingester.command }}
+ command:
+ - {{ coalesce .Values.ingester.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -ingester.availability-zone=zone-a
+ - -ingester.unregister-on-shutdown=false
+ - -ingester.tokens-file-path=/var/loki/ring-tokens
+ - -target=ingester
+ {{- with .Values.ingester.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.ingester.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.ingester.readinessProbe" . | nindent 10 }}
+ {{- include "loki.ingester.livenessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.ingester.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.lifecycle }}
+ lifecycle:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.ingester.extraContainers }}
+ {{- toYaml .Values.ingester.extraContainers | nindent 8}}
+ {{- end }}
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: rollout-group
+ operator: In
+ values:
+ - ingester
+ - key: name
+ operator: NotIn
+ values:
+ - ingester-zone-a
+ topologyKey: kubernetes.io/hostname
+ {{- with .Values.ingester.zoneAwareReplication.zoneA.extraAffinity }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneA.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.ingester.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- else if .Values.ingester.persistence.inMemory }}
+ - name: data
+ {{- if .Values.ingester.persistence.inMemory }}
+ emptyDir:
+ medium: Memory
+ {{- end }}
+ {{- if .Values.ingester.persistence.size }}
+ sizeLimit: {{ .Values.ingester.persistence.size }}
+ {{- end }}
+ {{- else }}
+ volumeClaimTemplates:
+ {{- range .Values.ingester.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/statefulset-ingester-zone-b.yaml b/charts/loki/templates/ingester/statefulset-ingester-zone-b.yaml
new file mode 100644
index 0000000..3af81ae
--- /dev/null
+++ b/charts/loki/templates/ingester/statefulset-ingester-zone-b.yaml
@@ -0,0 +1,232 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+{{- $replicas := (include "loki.ingester.replicaCount" .) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-b
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ rollout-group: ingester
+ name: ingester-zone-b
+ annotations:
+ rollout-max-unavailable: "{{ include "loki.ingester.maxUnavailable" (dict "ctx" . "replicas" $replicas)}}"
+ {{- with .Values.loki.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneB.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.ingester.autoscaling.enabled }}
+ replicas: {{ $replicas }}
+{{- end }}
+ podManagementPolicy: Parallel
+ serviceName: {{ include "loki.ingesterFullname" . }}-zone-b
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.ingester.persistence.enableStatefulSetAutoDeletePVC) }}
+ {{/*
+ Data on the read nodes is easy to replace, so we want to always delete PVCs to make
+ operation easier, and will rely on re-fetching data when needed.
+ */}}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.ingester.persistence.whenDeleted }}
+ whenScaled: {{ .Values.ingester.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 6 }}
+ name: ingester-zone-b
+ rollout-group: ingester
+ updateStrategy:
+ type: OnDelete
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneB.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ name: ingester-zone-b
+ rollout-group: ingester
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.ingester.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.ingesterPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.ingester.terminationGracePeriodSeconds }}
+ {{- with .Values.ingester.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: ingester
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.ingester.command }}
+ command:
+ - {{ coalesce .Values.ingester.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -ingester.availability-zone=zone-b
+ - -ingester.unregister-on-shutdown=false
+ - -ingester.tokens-file-path=/var/loki/ring-tokens
+ - -target=ingester
+ {{- with .Values.ingester.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.ingester.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.ingester.readinessProbe" . | nindent 10 }}
+ {{- include "loki.ingester.livenessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.ingester.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.lifecycle }}
+ lifecycle:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.ingester.extraContainers }}
+ {{- toYaml .Values.ingester.extraContainers | nindent 8}}
+ {{- end }}
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: rollout-group
+ operator: In
+ values:
+ - ingester
+ - key: name
+ operator: NotIn
+ values:
+ - ingester-zone-b
+ topologyKey: kubernetes.io/hostname
+ {{- with .Values.ingester.zoneAwareReplication.zoneB.extraAffinity }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneB.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.ingester.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- else if .Values.ingester.persistence.inMemory }}
+ - name: data
+ {{- if .Values.ingester.persistence.inMemory }}
+ emptyDir:
+ medium: Memory
+ {{- end }}
+ {{- if .Values.ingester.persistence.size }}
+ sizeLimit: {{ .Values.ingester.persistence.size }}
+ {{- end }}
+ {{- else }}
+ volumeClaimTemplates:
+ {{- range .Values.ingester.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/statefulset-ingester-zone-c.yaml b/charts/loki/templates/ingester/statefulset-ingester-zone-c.yaml
new file mode 100644
index 0000000..30393fa
--- /dev/null
+++ b/charts/loki/templates/ingester/statefulset-ingester-zone-c.yaml
@@ -0,0 +1,232 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ingester.zoneAwareReplication.enabled }}
+{{- $replicas := (include "loki.ingester.replicaCount" .) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}-zone-c
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ rollout-group: ingester
+ name: ingester-zone-c
+ annotations:
+ rollout-max-unavailable: "{{ include "loki.ingester.maxUnavailable" (dict "ctx" . "replicas" $replicas)}}"
+ {{- with .Values.loki.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneC.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.ingester.autoscaling.enabled }}
+ replicas: {{ $replicas }}
+{{- end }}
+ podManagementPolicy: Parallel
+ serviceName: {{ include "loki.ingesterFullname" . }}-zone-c
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.ingester.persistence.enableStatefulSetAutoDeletePVC) }}
+ {{/*
+ Data on the read nodes is easy to replace, so we want to always delete PVCs to make
+ operation easier, and will rely on re-fetching data when needed.
+ */}}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.ingester.persistence.whenDeleted }}
+ whenScaled: {{ .Values.ingester.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 6 }}
+ name: ingester-zone-c
+ rollout-group: ingester
+ updateStrategy:
+ type: OnDelete
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneC.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ name: ingester-zone-c
+ rollout-group: ingester
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.ingester.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.ingesterPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.ingester.terminationGracePeriodSeconds }}
+ {{- with .Values.ingester.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: ingester
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.ingester.command }}
+ command:
+ - {{ coalesce .Values.ingester.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -ingester.availability-zone=zone-c
+ - -ingester.unregister-on-shutdown=false
+ - -ingester.tokens-file-path=/var/loki/ring-tokens
+ - -target=ingester
+ {{- with .Values.ingester.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.ingester.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.ingester.readinessProbe" . | nindent 10 }}
+ {{- include "loki.ingester.livenessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.ingester.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.lifecycle }}
+ lifecycle:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.ingester.extraContainers }}
+ {{- toYaml .Values.ingester.extraContainers | nindent 8}}
+ {{- end }}
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: rollout-group
+ operator: In
+ values:
+ - ingester
+ - key: name
+ operator: NotIn
+ values:
+ - ingester-zone-c
+ topologyKey: kubernetes.io/hostname
+ {{- with .Values.ingester.zoneAwareReplication.zoneC.extraAffinity }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.zoneAwareReplication.zoneC.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.ingester.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- else if .Values.ingester.persistence.inMemory }}
+ - name: data
+ {{- if .Values.ingester.persistence.inMemory }}
+ emptyDir:
+ medium: Memory
+ {{- end }}
+ {{- if .Values.ingester.persistence.size }}
+ sizeLimit: {{ .Values.ingester.persistence.size }}
+ {{- end }}
+ {{- else }}
+ volumeClaimTemplates:
+ {{- range .Values.ingester.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ingester/statefulset-ingester.yaml b/charts/loki/templates/ingester/statefulset-ingester.yaml
new file mode 100644
index 0000000..d20a02e
--- /dev/null
+++ b/charts/loki/templates/ingester/statefulset-ingester.yaml
@@ -0,0 +1,204 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (or (not .Values.ingester.zoneAwareReplication.enabled) .Values.ingester.zoneAwareReplication.migration.enabled) }}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.ingesterFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.ingesterLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.ingester.autoscaling.enabled }}
+ replicas: {{ .Values.ingester.replicas }}
+{{- end }}
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.ingesterFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.ingester.persistence.enableStatefulSetAutoDeletePVC) }}
+ {{/*
+ Data on the read nodes is easy to replace, so we want to always delete PVCs to make
+ operation easier, and will rely on re-fetching data when needed.
+ */}}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.ingester.persistence.whenDeleted }}
+ whenScaled: {{ .Values.ingester.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.ingesterSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.ingester.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.ingesterPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.ingester.terminationGracePeriodSeconds }}
+ {{- with .Values.ingester.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: ingester
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.ingester.command }}
+ command:
+ - {{ coalesce .Values.ingester.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -ingester.ring.instance-availability-zone=zone-default
+ - -target=ingester
+ {{- with .Values.ingester.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.ingester.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.ingester.readinessProbe" . | nindent 10 }}
+ {{- include "loki.ingester.livenessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.ingester.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ingester.lifecycle }}
+ lifecycle:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.ingester.extraContainers }}
+ {{- toYaml .Values.ingester.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.ingester.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ingester.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.ingester.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.ingester.persistence.enabled }}
+ - name: data
+ emptyDir: { }
+ {{- else if .Values.ingester.persistence.inMemory }}
+ - name: data
+ {{- if .Values.ingester.persistence.inMemory }}
+ emptyDir:
+ medium: Memory
+ {{- end }}
+ {{- if .Values.ingester.persistence.size }}
+ sizeLimit: {{ .Values.ingester.persistence.size }}
+ {{- end }}
+ {{- else }}
+ volumeClaimTemplates:
+ {{- range .Values.ingester.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/loki-canary/_helpers.tpl b/charts/loki/templates/loki-canary/_helpers.tpl
index 2ea8dd7..01e588c 100644
--- a/charts/loki/templates/loki-canary/_helpers.tpl
+++ b/charts/loki/templates/loki-canary/_helpers.tpl
@@ -25,7 +25,7 @@
Docker image name for loki-canary
*/}}
{{- define "loki-canary.image" -}}
-{{- $dict := dict "service" .Values.monitoring.lokiCanary.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
+{{- $dict := dict "service" .Values.lokiCanary.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
{{- include "loki.baseImage" $dict -}}
{{- end -}}
@@ -33,7 +33,7 @@
canary priority class name
*/}}
{{- define "loki-canary.priorityClassName" -}}
-{{- $pcn := coalesce .Values.global.priorityClassName .Values.monitoring.lokiCanary.priorityClassName .Values.read.priorityClassName -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.lokiCanary.priorityClassName .Values.read.priorityClassName -}}
{{- if $pcn }}
priorityClassName: {{ $pcn }}
{{- end }}
diff --git a/charts/loki/templates/loki-canary/daemonset.yaml b/charts/loki/templates/loki-canary/daemonset.yaml
index 250d1a8..dc5c629 100644
--- a/charts/loki/templates/loki-canary/daemonset.yaml
+++ b/charts/loki/templates/loki-canary/daemonset.yaml
@@ -1,4 +1,4 @@
-{{- with .Values.monitoring.lokiCanary -}}
+{{- with .Values.lokiCanary -}}
{{- if .enabled -}}
---
apiVersion: apps/v1
@@ -51,12 +51,20 @@
{{- else if $.Values.loki.auth_enabled }}
- -user={{ $.Values.monitoring.selfMonitoring.tenant.name }}
- -tenant-id={{ $.Values.monitoring.selfMonitoring.tenant.name }}
+ - -pass={{ $.Values.monitoring.selfMonitoring.tenant.password }}
+ {{- end }}
+ {{- if .push }}
+ - -push=true
{{- end }}
{{- with .extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
securityContext:
{{- toYaml $.Values.loki.containerSecurityContext | nindent 12 }}
+ volumeMounts:
+ {{- with $.Values.lokiCanary.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
ports:
- name: http-metrics
containerPort: 3500
@@ -107,5 +115,9 @@
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
+ volumes:
+ {{- with $.Values.lokiCanary.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
{{- end }}
{{- end }}
diff --git a/charts/loki/templates/loki-canary/service.yaml b/charts/loki/templates/loki-canary/service.yaml
index d0fb34e..38022a3 100644
--- a/charts/loki/templates/loki-canary/service.yaml
+++ b/charts/loki/templates/loki-canary/service.yaml
@@ -1,4 +1,4 @@
-{{- with .Values.monitoring.lokiCanary -}}
+{{- with .Values.lokiCanary -}}
{{- if .enabled -}}
---
apiVersion: v1
diff --git a/charts/loki/templates/loki-canary/serviceaccount.yaml b/charts/loki/templates/loki-canary/serviceaccount.yaml
index dbcd2b3..2c1f79a 100644
--- a/charts/loki/templates/loki-canary/serviceaccount.yaml
+++ b/charts/loki/templates/loki-canary/serviceaccount.yaml
@@ -1,4 +1,4 @@
-{{- with .Values.monitoring.lokiCanary -}}
+{{- with .Values.lokiCanary -}}
{{- if .enabled -}}
---
apiVersion: v1
diff --git a/charts/loki/templates/memcached/_memcached-statefulset.tpl b/charts/loki/templates/memcached/_memcached-statefulset.tpl
new file mode 100644
index 0000000..32fd624
--- /dev/null
+++ b/charts/loki/templates/memcached/_memcached-statefulset.tpl
@@ -0,0 +1,159 @@
+{{/*
+memcached StatefulSet
+Params:
+ ctx = . context
+ valuesSection = name of the section in values.yaml
+ component = name of the component
+valuesSection and component are specified separately because helm prefers camelcase for naming convetion and k8s components are named with snake case.
+*/}}
+{{- define "loki.memcached.statefulSet" -}}
+{{ with (index $.ctx.Values $.valuesSection) }}
+{{- if .enabled -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.resourceName" (dict "ctx" $.ctx "component" $.component) }}
+ labels:
+ {{- include "loki.labels" $.ctx | nindent 4 }}
+ app.kubernetes.io/component: "memcached-{{ $.component }}"
+ name: "memcached-{{ $.component }}"
+ annotations:
+ {{- toYaml .annotations | nindent 4 }}
+ namespace: {{ $.ctx.Release.Namespace | quote }}
+spec:
+ podManagementPolicy: {{ .podManagementPolicy }}
+ replicas: {{ .replicas }}
+ selector:
+ matchLabels:
+ {{- include "loki.selectorLabels" $.ctx | nindent 6 }}
+ app.kubernetes.io/component: "memcached-{{ $.component }}"
+ name: "memcached-{{ $.component }}"
+ updateStrategy:
+ {{- toYaml .statefulStrategy | nindent 4 }}
+ serviceName: {{ template "loki.fullname" $.ctx }}-{{ $.component }}
+
+ template:
+ metadata:
+ labels:
+ {{- include "loki.selectorLabels" $.ctx | nindent 8 }}
+ app.kubernetes.io/component: "memcached-{{ $.component }}"
+ name: "memcached-{{ $.component }}"
+ {{- with $.ctx.Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ annotations:
+ {{- with $.ctx.Values.global.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+
+ spec:
+ serviceAccountName: {{ template "loki.serviceAccountName" $.ctx }}
+ {{- if .priorityClassName }}
+ priorityClassName: {{ .priorityClassName }}
+ {{- end }}
+ securityContext:
+ {{- toYaml $.ctx.Values.memcached.podSecurityContext | nindent 8 }}
+ initContainers:
+ {{- toYaml .initContainers | nindent 8 }}
+ nodeSelector:
+ {{- toYaml .nodeSelector | nindent 8 }}
+ affinity:
+ {{- toYaml .affinity | nindent 8 }}
+ topologySpreadConstraints:
+ {{- toYaml .topologySpreadConstraints | nindent 8 }}
+ tolerations:
+ {{- toYaml .tolerations | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .terminationGracePeriodSeconds }}
+ {{- if $.ctx.Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- range $.ctx.Values.image.pullSecrets }}
+ - name: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- if .extraVolumes }}
+ volumes:
+ {{- toYaml .extraVolumes | nindent 8 }}
+ {{- end }}
+ containers:
+ {{- if .extraContainers }}
+ {{ toYaml .extraContainers | nindent 8 }}
+ {{- end }}
+ - name: memcached
+ {{- with $.ctx.Values.memcached.image }}
+ image: {{ .repository }}:{{ .tag }}
+ imagePullPolicy: {{ .pullPolicy }}
+ {{- end }}
+ resources:
+ {{- if .resources }}
+ {{- toYaml .resources | nindent 12 }}
+ {{- else }}
+ {{- /* Calculate requested memory as round(allocatedMemory * 1.2). But with integer built-in operators. */}}
+ {{- $requestMemory := div (add (mul .allocatedMemory 12) 5) 10 }}
+ limits:
+ memory: {{ $requestMemory }}Mi
+ requests:
+ cpu: 500m
+ memory: {{ $requestMemory }}Mi
+ {{- end }}
+ ports:
+ - containerPort: {{ .port }}
+ name: client
+ args:
+ - -m {{ .allocatedMemory }}
+ - --extended=modern,track_sizes{{ with .extraExtendedOptions }},{{ . }}{{ end }}
+ - -I {{ .maxItemMemory }}m
+ - -c {{ .connectionLimit }}
+ - -v
+ - -u {{ .port }}
+ {{- range $key, $value := .extraArgs }}
+ - "-{{ $key }}{{ if $value }} {{ $value }}{{ end }}"
+ {{- end }}
+ env:
+ {{- with $.ctx.Values.global.extraEnv }}
+ {{ toYaml . | nindent 12 }}
+ {{- end }}
+ envFrom:
+ {{- with $.ctx.Values.global.extraEnvFrom }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml $.ctx.Values.memcached.containerSecurityContext | nindent 12 }}
+ {{- if .extraVolumeMounts }}
+ volumeMounts:
+ {{- toYaml .extraVolumeMounts | nindent 12 }}
+ {{- end }}
+
+ {{- if $.ctx.Values.memcachedExporter.enabled }}
+ - name: exporter
+ {{- with $.ctx.Values.memcachedExporter.image }}
+ image: {{ .repository}}:{{ .tag }}
+ imagePullPolicy: {{ .pullPolicy }}
+ {{- end }}
+ ports:
+ - containerPort: 9150
+ name: http-metrics
+ args:
+ - "--memcached.address=localhost:{{ .port }}"
+ - "--web.listen-address=0.0.0.0:9150"
+ {{- range $key, $value := $.ctx.Values.memcachedExporter.extraArgs }}
+ - "--{{ $key }}{{ if $value }}={{ $value }}{{ end }}"
+ {{- end }}
+ resources:
+ {{- toYaml $.ctx.Values.memcachedExporter.resources | nindent 12 }}
+ securityContext:
+ {{- toYaml $.ctx.Values.memcachedExporter.containerSecurityContext | nindent 12 }}
+ {{- if .extraVolumeMounts }}
+ volumeMounts:
+ {{- toYaml .extraVolumeMounts | nindent 12 }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
diff --git a/charts/loki/templates/memcached/_memcached-svc.tpl b/charts/loki/templates/memcached/_memcached-svc.tpl
new file mode 100644
index 0000000..8574151
--- /dev/null
+++ b/charts/loki/templates/memcached/_memcached-svc.tpl
@@ -0,0 +1,42 @@
+{{/*
+memcached Service
+Params:
+ ctx = . context
+ valuesSection = name of the section in values.yaml
+ component = name of the component
+valuesSection and component are specified separately because helm prefers camelcase for naming convetion and k8s components are named with snake case.
+*/}}
+{{- define "loki.memcached.service" -}}
+{{ with (index $.ctx.Values $.valuesSection) }}
+{{- if .enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.resourceName" (dict "ctx" $.ctx "component" $.component) }}
+ labels:
+ {{- include "loki.labels" $.ctx | nindent 4 }}
+ app.kubernetes.io/component: "memcached-{{ $.component }}"
+ {{- with .service.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ annotations:
+ {{- toYaml .service.annotations | nindent 4 }}
+ namespace: {{ $.ctx.Release.Namespace | quote }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: memcached-client
+ port: {{ .port }}
+ targetPort: {{ .port }}
+ {{ if $.ctx.Values.memcachedExporter.enabled -}}
+ - name: http-metrics
+ port: 9150
+ targetPort: 9150
+ {{ end }}
+ selector:
+ {{- include "loki.selectorLabels" $.ctx | nindent 4 }}
+ app.kubernetes.io/component: "memcached-{{ $.component }}"
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/monitoring/logs-instance.yaml b/charts/loki/templates/monitoring/logs-instance.yaml
index 58d5fb0..5ae1917 100644
--- a/charts/loki/templates/monitoring/logs-instance.yaml
+++ b/charts/loki/templates/monitoring/logs-instance.yaml
@@ -27,4 +27,4 @@
matchLabels:
{{- include "loki.selectorLabels" $ | nindent 6 }}
{{- end -}}
-{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/loki/templates/pattern-ingester/_helpers-pattern-ingester.tpl b/charts/loki/templates/pattern-ingester/_helpers-pattern-ingester.tpl
new file mode 100644
index 0000000..5477214
--- /dev/null
+++ b/charts/loki/templates/pattern-ingester/_helpers-pattern-ingester.tpl
@@ -0,0 +1,58 @@
+{{/*
+pattern ingester fullname
+*/}}
+{{- define "loki.patternIngesterFullname" -}}
+{{ include "loki.fullname" . }}-pattern-ingester
+{{- end }}
+
+{{/*
+pattern ingester common labels
+*/}}
+{{- define "loki.patternIngesterLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: pattern-ingester
+{{- end }}
+
+{{/*
+pattern ingester selector labels
+*/}}
+{{- define "loki.patternIngesterSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: pattern-ingester
+{{- end }}
+
+{{/*
+pattern ingester readinessProbe
+*/}}
+{{- define "loki.patternIngester.readinessProbe" -}}
+{{- with .Values.patternIngester.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- else }}
+{{- with .Values.loki.readinessProbe }}
+readinessProbe:
+ {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+pattern ingester priority class name
+*/}}
+{{- define "loki.patternIngesterPriorityClassName" }}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.patternIngester.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the pattern ingester service account
+*/}}
+{{- define "loki.patternIngesterServiceAccountName" -}}
+{{- if .Values.patternIngester.serviceAccount.create -}}
+ {{ default (print (include "loki.serviceAccountName" .) "-pattern-ingester") .Values.patternIngester.serviceAccount.name }}
+{{- else -}}
+ {{ default (include "loki.serviceAccountName" .) .Values.patternIngester.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/pattern-ingester/statefulset-pattern-ingester.yaml b/charts/loki/templates/pattern-ingester/statefulset-pattern-ingester.yaml
new file mode 100644
index 0000000..4666dd6
--- /dev/null
+++ b/charts/loki/templates/pattern-ingester/statefulset-pattern-ingester.yaml
@@ -0,0 +1,179 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+{{- if (gt (int .Values.patternIngester.replicas) 0) -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.patternIngesterFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.patternIngesterLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.patternIngester.replicas }}
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: {{ include "loki.patternIngesterFullname" . }}-headless
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ {{- if and (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) (.Values.patternIngester.persistence.enableStatefulSetAutoDeletePVC) }}
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: {{ .Values.patternIngester.persistence.whenDeleted }}
+ whenScaled: {{ .Values.patternIngester.persistence.whenScaled }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "loki.patternIngesterSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.patternIngester.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.patternIngesterSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.patternIngester.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.patternIngester.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.patternIngesterPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.patternIngester.terminationGracePeriodSeconds }}
+ {{- with .Values.patternIngester.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: pattern-ingester
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.patternIngester.command }}
+ command:
+ - {{ coalesce .Values.patternIngester.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=pattern-ingester
+ {{- with .Values.patternIngester.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.patternIngester.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.patternIngester.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ {{- include "loki.patternIngester.readinessProbe" . | nindent 10 }}
+ volumeMounts:
+ - name: temp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.patternIngester.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.patternIngester.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.patternIngester.extraContainers }}
+ {{- toYaml .Values.patternIngester.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.patternIngester.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.patternIngester.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: temp
+ emptyDir: {}
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- if not .Values.patternIngester.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- with .Values.patternIngester.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.patternIngester.persistence.enabled }}
+ volumeClaimTemplates:
+ {{- range .Values.patternIngester.persistence.claims }}
+ - metadata:
+ name: {{ .name }}
+ {{- with .annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .size | quote }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/loki/templates/querier/_helpers-querier.tpl b/charts/loki/templates/querier/_helpers-querier.tpl
new file mode 100644
index 0000000..aa557c5
--- /dev/null
+++ b/charts/loki/templates/querier/_helpers-querier.tpl
@@ -0,0 +1,32 @@
+{{/*
+querier fullname
+*/}}
+{{- define "loki.querierFullname" -}}
+{{ include "loki.fullname" . }}-querier
+{{- end }}
+
+{{/*
+querier common labels
+*/}}
+{{- define "loki.querierLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: querier
+{{- end }}
+
+{{/*
+querier selector labels
+*/}}
+{{- define "loki.querierSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: querier
+{{- end }}
+
+{{/*
+querier priority class name
+*/}}
+{{- define "loki.querierPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.querier.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/querier/deployment-querier.yaml b/charts/loki/templates/querier/deployment-querier.yaml
new file mode 100644
index 0000000..80699f2
--- /dev/null
+++ b/charts/loki/templates/querier/deployment-querier.yaml
@@ -0,0 +1,166 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "loki.querierFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querierLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.querier.autoscaling.enabled }}
+ replicas: {{ .Values.querier.replicas }}
+{{- end }}
+ strategy:
+ rollingUpdate:
+ maxSurge: {{ .Values.querier.maxSurge }}
+ maxUnavailable: 1
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ selector:
+ matchLabels:
+ {{- include "loki.querierSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.querierSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+ {{- with .Values.querier.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.querierPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.querier.terminationGracePeriodSeconds }}
+ {{- with .Values.querier.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: querier
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=querier
+ {{- if .Values.ingester.zoneAwareReplication.enabled }}
+ {{- if and (.Values.ingester.zoneAwareReplication.migration.enabled) (not .Values.ingester.zoneAwareReplication.migration.readPath) }}
+ - -distributor.zone-awareness-enabled=false
+ {{- else }}
+ - -distributor.zone-awareness-enabled=true
+ {{- end }}
+ {{- end }}
+ {{- with .Values.querier.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.querier.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.querier.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ livenessProbe:
+ {{- toYaml .Values.loki.livenessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.querier.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.querier.resources | nindent 12 }}
+ {{- if .Values.querier.extraContainers }}
+ {{- toYaml .Values.querier.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.querier.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.querier.dnsConfig }}
+ dnsConfig:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ - name: data
+ emptyDir: {}
+ {{- with .Values.querier.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/querier/hpa.yaml b/charts/loki/templates/querier/hpa.yaml
new file mode 100644
index 0000000..08d81cb
--- /dev/null
+++ b/charts/loki/templates/querier/hpa.yaml
@@ -0,0 +1,55 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.querier.autoscaling.enabled }}
+{{- $apiVersion := include "loki.hpa.apiVersion" . -}}
+apiVersion: {{ $apiVersion }}
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "loki.querierFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querierLabels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "loki.querierFullname" . }}
+ minReplicas: {{ .Values.querier.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.querier.autoscaling.maxReplicas }}
+ metrics:
+ {{- with .Values.querier.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.querier.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.querier.autoscaling.customMetrics }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- if .Values.querier.autoscaling.behavior.enabled }}
+ behavior:
+ {{- with .Values.querier.autoscaling.behavior.scaleDown }}
+ scaleDown: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- with .Values.querier.autoscaling.behavior.scaleUp }}
+ scaleUp: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/querier/poddisruptionbudget-querier.yaml b/charts/loki/templates/querier/poddisruptionbudget-querier.yaml
new file mode 100644
index 0000000..9dff3cd
--- /dev/null
+++ b/charts/loki/templates/querier/poddisruptionbudget-querier.yaml
@@ -0,0 +1,21 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.querier.replicas) 1) }}
+{{- if kindIs "invalid" .Values.querier.maxUnavailable }}
+{{- fail "`.Values.querier.maxUnavailable` must be set when `.Values.querier.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.querierFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querierLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.querierSelectorLabels" . | nindent 6 }}
+ {{- with .Values.querier.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/querier/service-querier.yaml b/charts/loki/templates/querier/service-querier.yaml
new file mode 100644
index 0000000..ca5a23b
--- /dev/null
+++ b/charts/loki/templates/querier/service-querier.yaml
@@ -0,0 +1,33 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.querierFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querierLabels" . | nindent 4 }}
+ {{- with .Values.querier.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.querier.appProtocol.grpc }}
+ appProtocol: {{ .Values.querier.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.querierSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/query-frontend/_helpers-query-frontend.tpl b/charts/loki/templates/query-frontend/_helpers-query-frontend.tpl
new file mode 100644
index 0000000..5aebde7
--- /dev/null
+++ b/charts/loki/templates/query-frontend/_helpers-query-frontend.tpl
@@ -0,0 +1,32 @@
+{{/*
+query-frontend fullname
+*/}}
+{{- define "loki.queryFrontendFullname" -}}
+{{ include "loki.fullname" . }}-query-frontend
+{{- end }}
+
+{{/*
+query-frontend common labels
+*/}}
+{{- define "loki.queryFrontendLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: query-frontend
+{{- end }}
+
+{{/*
+query-frontend selector labels
+*/}}
+{{- define "loki.queryFrontendSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: query-frontend
+{{- end }}
+
+{{/*
+query-frontend priority class name
+*/}}
+{{- define "loki.queryFrontendPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.queryFrontend.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-frontend/deployment-query-frontend.yaml b/charts/loki/templates/query-frontend/deployment-query-frontend.yaml
new file mode 100644
index 0000000..6eda5c5
--- /dev/null
+++ b/charts/loki/templates/query-frontend/deployment-query-frontend.yaml
@@ -0,0 +1,142 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "loki.queryFrontendFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.queryFrontendLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+{{- if not .Values.queryFrontend.autoscaling.enabled }}
+ replicas: {{ .Values.queryFrontend.replicas }}
+{{- end }}
+ strategy:
+ rollingUpdate:
+ maxSurge: 0
+ maxUnavailable: 1
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ selector:
+ matchLabels:
+ {{- include "loki.queryFrontendSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.queryFrontendSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.queryFrontendPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.queryFrontend.terminationGracePeriodSeconds }}
+ containers:
+ - name: query-frontend
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ {{- if or .Values.loki.command .Values.queryFrontend.command }}
+ command:
+ - {{ coalesce .Values.queryFrontend.command .Values.loki.command | quote }}
+ {{- end }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=query-frontend
+ {{- with .Values.queryFrontend.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.queryFrontend.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.queryFrontend.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.queryFrontend.resources | nindent 12 }}
+ {{- if .Values.queryFrontend.extraContainers }}
+ {{- toYaml .Values.queryFrontend.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.queryFrontend.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.queryFrontend.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end -}}
diff --git a/charts/loki/templates/query-frontend/hpa.yaml b/charts/loki/templates/query-frontend/hpa.yaml
new file mode 100644
index 0000000..c326287
--- /dev/null
+++ b/charts/loki/templates/query-frontend/hpa.yaml
@@ -0,0 +1,55 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.queryFrontend.autoscaling.enabled }}
+{{- $apiVersion := include "loki.hpa.apiVersion" . -}}
+apiVersion: {{ $apiVersion }}
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "loki.queryFrontendFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.queryFrontendLabels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "loki.queryFrontendFullname" . }}
+ minReplicas: {{ .Values.queryFrontend.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.queryFrontend.autoscaling.maxReplicas }}
+ metrics:
+ {{- with .Values.queryFrontend.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.queryFrontend.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ {{- if (eq $apiVersion "autoscaling/v2") }}
+ target:
+ type: Utilization
+ averageUtilization: {{ . }}
+ {{- else }}
+ targetAverageUtilization: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.queryFrontend.autoscaling.customMetrics }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- if .Values.queryFrontend.autoscaling.behavior.enabled }}
+ behavior:
+ {{- with .Values.queryFrontend.autoscaling.behavior.scaleDown }}
+ scaleDown: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- with .Values.queryFrontend.autoscaling.behavior.scaleUp }}
+ scaleUp: {{ toYaml . | nindent 6 }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-frontend/poddisruptionbudget-query-frontent.yaml b/charts/loki/templates/query-frontend/poddisruptionbudget-query-frontent.yaml
new file mode 100644
index 0000000..f100405
--- /dev/null
+++ b/charts/loki/templates/query-frontend/poddisruptionbudget-query-frontent.yaml
@@ -0,0 +1,21 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.queryFrontend.replicas) 1) }}
+{{- if kindIs "invalid" .Values.queryFrontend.maxUnavailable }}
+{{- fail "`.Values.queryFrontend.maxUnavailable` must be set when `.Values.queryFrontend.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.queryFrontendFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.queryFrontendLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.queryFrontendSelectorLabels" . | nindent 6 }}
+ {{- with .Values.queryFrontend.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml b/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml
new file mode 100644
index 0000000..258413a
--- /dev/null
+++ b/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml
@@ -0,0 +1,43 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.queryFrontendFullname" . }}-headless
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.queryFrontendLabels" . | nindent 4 }}
+ {{- with .Values.queryFrontend.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ prometheus.io/service-monitor: "false"
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ clusterIP: None
+ type: ClusterIP
+ publishNotReadyAddresses: true
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.queryFrontend.appProtocol.grpc }}
+ appProtocol: {{ .Values.queryFrontend.appProtocol.grpc }}
+ {{- end }}
+ - name: grpclb
+ port: 9096
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.queryFrontend.appProtocol.grpc }}
+ appProtocol: {{ .Values.queryFrontend.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.queryFrontendSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/query-frontend/service-query-frontend.yaml b/charts/loki/templates/query-frontend/service-query-frontend.yaml
new file mode 100644
index 0000000..b017c5d
--- /dev/null
+++ b/charts/loki/templates/query-frontend/service-query-frontend.yaml
@@ -0,0 +1,41 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed -}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.queryFrontendFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.queryFrontendLabels" . | nindent 4 }}
+ {{- with .Values.queryFrontend.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ publishNotReadyAddresses: true
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.queryFrontend.appProtocol.grpc }}
+ appProtocol: {{ .Values.queryFrontend.appProtocol.grpc }}
+ {{- end }}
+ - name: grpclb
+ port: 9096
+ targetPort: grpc
+ protocol: TCP
+ {{- if .Values.queryFrontend.appProtocol.grpc }}
+ appProtocol: {{ .Values.queryFrontend.appProtocol.grpc }}
+ {{- end }}
+ selector:
+ {{- include "loki.queryFrontendSelectorLabels" . | nindent 4 }}
+{{- end -}}
diff --git a/charts/loki/templates/query-scheduler/_helpers-query-scheduler.tpl b/charts/loki/templates/query-scheduler/_helpers-query-scheduler.tpl
new file mode 100644
index 0000000..1f64802
--- /dev/null
+++ b/charts/loki/templates/query-scheduler/_helpers-query-scheduler.tpl
@@ -0,0 +1,40 @@
+{{/*
+query-scheduler fullname
+*/}}
+{{- define "loki.querySchedulerFullname" -}}
+{{ include "loki.fullname" . }}-query-scheduler
+{{- end }}
+
+{{/*
+query-scheduler common labels
+*/}}
+{{- define "loki.querySchedulerLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: query-scheduler
+{{- end }}
+
+{{/*
+query-scheduler selector labels
+*/}}
+{{- define "loki.querySchedulerSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: query-scheduler
+{{- end }}
+
+{{/*
+query-scheduler image
+*/}}
+{{- define "loki.querySchedulerImage" -}}
+{{- $dict := dict "loki" .Values.loki.image "service" .Values.queryScheduler.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
+{{- include "loki.lokiImage" $dict -}}
+{{- end }}
+
+{{/*
+query-scheduler priority class name
+*/}}
+{{- define "loki.querySchedulerPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.queryScheduler.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-scheduler/deployment-query-scheduler.yaml b/charts/loki/templates/query-scheduler/deployment-query-scheduler.yaml
new file mode 100644
index 0000000..11b2829
--- /dev/null
+++ b/charts/loki/templates/query-scheduler/deployment-query-scheduler.yaml
@@ -0,0 +1,140 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "loki.querySchedulerFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querySchedulerLabels" . | nindent 4 }}
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.queryScheduler.replicas }}
+ strategy:
+ rollingUpdate:
+ maxSurge: 0
+ maxUnavailable: 1
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ selector:
+ matchLabels:
+ {{- include "loki.querySchedulerSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.querySchedulerSelectorLabels" . | nindent 8 }}
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ app.kubernetes.io/part-of: memberlist
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.querySchedulerPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.queryScheduler.terminationGracePeriodSeconds }}
+ containers:
+ - name: query-scheduler
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=query-scheduler
+ {{- with .Values.queryScheduler.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.queryScheduler.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ livenessProbe:
+ {{- toYaml .Values.loki.livenessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- with .Values.queryScheduler.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.queryScheduler.extraContainers }}
+ {{- toYaml .Values.queryScheduler.extraContainers | nindent 8}}
+ {{- end }}
+ {{- with .Values.queryScheduler.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.queryScheduler.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- with .Values.queryScheduler.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-scheduler/poddisruptionbudget-query-scheduler.yaml b/charts/loki/templates/query-scheduler/poddisruptionbudget-query-scheduler.yaml
new file mode 100644
index 0000000..ed8051f
--- /dev/null
+++ b/charts/loki/templates/query-scheduler/poddisruptionbudget-query-scheduler.yaml
@@ -0,0 +1,21 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.queryScheduler.replicas) 1) }}
+{{- if kindIs "invalid" .Values.queryScheduler.maxUnavailable }}
+{{- fail "`.Values.queryScheduler.maxUnavailable` must be set when `.Values.queryScheduler.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.querySchedulerFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querySchedulerLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.querySchedulerSelectorLabels" . | nindent 6 }}
+ {{- with .Values.queryScheduler.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/query-scheduler/service-query-scheduler.yaml b/charts/loki/templates/query-scheduler/service-query-scheduler.yaml
new file mode 100644
index 0000000..8988315
--- /dev/null
+++ b/charts/loki/templates/query-scheduler/service-query-scheduler.yaml
@@ -0,0 +1,35 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.querySchedulerFullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.querySchedulerLabels" . | nindent 4 }}
+ {{- with .Values.queryScheduler.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ publishNotReadyAddresses: true
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http
+ protocol: TCP
+ - name: grpclb
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- with .Values.queryScheduler.appProtocol.grpc }}
+ appProtocol: {{ . }}
+ {{- end }}
+ selector:
+ {{- include "loki.querySchedulerSelectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/loki/templates/read/deployment-read.yaml b/charts/loki/templates/read/deployment-read.yaml
index ee9a151..245119c 100644
--- a/charts/loki/templates/read/deployment-read.yaml
+++ b/charts/loki/templates/read/deployment-read.yaml
@@ -120,7 +120,7 @@
{{- end }}
{{- with .Values.read.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.read.dnsConfig }}
dnsConfig:
@@ -144,12 +144,7 @@
- name: data
emptyDir: {}
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
- {{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/templates/read/statefulset-read.yaml b/charts/loki/templates/read/statefulset-read.yaml
index 6efa0ad..29d79c7 100644
--- a/charts/loki/templates/read/statefulset-read.yaml
+++ b/charts/loki/templates/read/statefulset-read.yaml
@@ -19,8 +19,12 @@
{{- end }}
{{- end }}
spec:
-{{- if not .Values.read.autoscaling.enabled }}
- replicas: {{ .Values.read.replicas }}
+{{- if not .Values.write.autoscaling.enabled }}
+ {{- if eq .Values.deploymentMode "SingleBinary" }}
+ replicas: 0
+ {{- else }}
+ replicas: {{ .Values.write.replicas }}
+ {{- end }}
{{- end }}
podManagementPolicy: {{ .Values.read.podManagementPolicy }}
updateStrategy:
@@ -133,7 +137,7 @@
{{- end }}
{{- with .Values.read.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.read.dnsConfig }}
dnsConfig:
@@ -155,13 +159,7 @@
- name: tmp
emptyDir: {}
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
- configMap:
- name: {{ include "loki.name" . }}
- {{- end }}
+ {{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/templates/results-cache/poddisruptionbudget-results-cache.yaml b/charts/loki/templates/results-cache/poddisruptionbudget-results-cache.yaml
new file mode 100644
index 0000000..6bc393a
--- /dev/null
+++ b/charts/loki/templates/results-cache/poddisruptionbudget-results-cache.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.resultsCache.enabled }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.fullname" . }}-memcached-results-cache
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "loki.selectorLabels" . | nindent 4 }}
+ app.kubernetes.io/component: memcached-results-cache
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.selectorLabels" . | nindent 6 }}
+ app.kubernetes.io/component: memcached-results-cache
+ maxUnavailable: 1
+{{- end -}}
diff --git a/charts/loki/templates/results-cache/service-results-cache-headless.yaml b/charts/loki/templates/results-cache/service-results-cache-headless.yaml
new file mode 100644
index 0000000..ce92008
--- /dev/null
+++ b/charts/loki/templates/results-cache/service-results-cache-headless.yaml
@@ -0,0 +1 @@
+{{- include "loki.memcached.service" (dict "ctx" $ "valuesSection" "resultsCache" "component" "results-cache" ) }}
diff --git a/charts/loki/templates/results-cache/statefulset-results-cache.yaml b/charts/loki/templates/results-cache/statefulset-results-cache.yaml
new file mode 100644
index 0000000..042e74e
--- /dev/null
+++ b/charts/loki/templates/results-cache/statefulset-results-cache.yaml
@@ -0,0 +1 @@
+{{- include "loki.memcached.statefulSet" (dict "ctx" $ "valuesSection" "resultsCache" "component" "results-cache" ) }}
diff --git a/charts/loki/templates/ruler/_helpers-ruler.tpl b/charts/loki/templates/ruler/_helpers-ruler.tpl
new file mode 100644
index 0000000..2079e03
--- /dev/null
+++ b/charts/loki/templates/ruler/_helpers-ruler.tpl
@@ -0,0 +1,47 @@
+{{/*
+ruler fullname
+*/}}
+{{- define "loki.rulerFullname" -}}
+{{ include "loki.fullname" . }}-ruler
+{{- end }}
+
+{{/*
+ruler common labels
+*/}}
+{{- define "loki.rulerLabels" -}}
+{{ include "loki.labels" . }}
+app.kubernetes.io/component: ruler
+{{- end }}
+
+{{/*
+ruler selector labels
+*/}}
+{{- define "loki.rulerSelectorLabels" -}}
+{{ include "loki.selectorLabels" . }}
+app.kubernetes.io/component: ruler
+{{- end }}
+
+{{/*
+ruler image
+*/}}
+{{- define "loki.rulerImage" -}}
+{{- $dict := dict "loki" .Values.loki.image "service" .Values.ruler.image "global" .Values.global.image "defaultVersion" .Chart.AppVersion -}}
+{{- include "loki.lokiImage" $dict -}}
+{{- end }}
+
+{{/*
+format rules dir
+*/}}
+{{- define "loki.rulerRulesDirName" -}}
+rules-{{ . | replace "_" "-" | trimSuffix "-" | lower }}
+{{- end }}
+
+{{/*
+ruler priority class name
+*/}}
+{{- define "loki.rulerPriorityClassName" -}}
+{{- $pcn := coalesce .Values.global.priorityClassName .Values.ruler.priorityClassName -}}
+{{- if $pcn }}
+priorityClassName: {{ $pcn }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ruler/configmap-ruler.yaml b/charts/loki/templates/ruler/configmap-ruler.yaml
new file mode 100644
index 0000000..b74f024
--- /dev/null
+++ b/charts/loki/templates/ruler/configmap-ruler.yaml
@@ -0,0 +1,14 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if $isDistributed }}
+{{- range $dir, $files := .Values.ruler.directories }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "loki.rulerFullname" $ }}-{{ include "loki.rulerRulesDirName" $dir }}
+ labels:
+ {{- include "loki.rulerLabels" $ | nindent 4 }}
+data:
+ {{- toYaml $files | nindent 2}}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ruler/poddisruptionbudget-ruler.yaml b/charts/loki/templates/ruler/poddisruptionbudget-ruler.yaml
new file mode 100644
index 0000000..8241765
--- /dev/null
+++ b/charts/loki/templates/ruler/poddisruptionbudget-ruler.yaml
@@ -0,0 +1,20 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed (gt (int .Values.ruler.replicas) 1) }}
+{{- if kindIs "invalid" .Values.ruler.maxUnavailable }}
+{{- fail "`.Values.ruler.maxUnavailable` must be set when `.Values.ruler.replicas` is greater than 1." }}
+{{- else }}
+apiVersion: {{ include "loki.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "loki.rulerFullname" . }}
+ labels:
+ {{- include "loki.rulerLabels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "loki.rulerSelectorLabels" . | nindent 6 }}
+ {{- with .Values.ruler.maxUnavailable }}
+ maxUnavailable: {{ . }}
+ {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/ruler/service-ruler.yaml b/charts/loki/templates/ruler/service-ruler.yaml
new file mode 100644
index 0000000..8200af2
--- /dev/null
+++ b/charts/loki/templates/ruler/service-ruler.yaml
@@ -0,0 +1,33 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ruler.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "loki.rulerFullname" . }}
+ labels:
+ {{- include "loki.rulerSelectorLabels" . | nindent 4 }}
+ {{- with .Values.ruler.serviceLabels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.loki.serviceAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ {{- with .Values.ruler.appProtocol.grpc }}
+ appProtocol: {{ . }}
+ {{- end }}
+ selector:
+ {{- include "loki.rulerSelectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/loki/templates/ruler/statefulset-ruler.yaml b/charts/loki/templates/ruler/statefulset-ruler.yaml
new file mode 100644
index 0000000..8153a8b
--- /dev/null
+++ b/charts/loki/templates/ruler/statefulset-ruler.yaml
@@ -0,0 +1,177 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- if and $isDistributed .Values.ruler.enabled }}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "loki.rulerFullname" . }}
+ labels:
+ {{- include "loki.rulerLabels" . | nindent 4 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.ruler.replicas }}
+ revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
+ serviceName: {{ include "loki.rulerFullname" . }}
+ selector:
+ matchLabels:
+ {{- include "loki.rulerSelectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- include "loki.config.checksum" . | nindent 8 }}
+ {{- with .Values.loki.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "loki.rulerSelectorLabels" . | nindent 8 }}
+ app.kubernetes.io/part-of: memberlist
+ {{- with .Values.loki.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ include "loki.serviceAccountName" . }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.hostAliases }}
+ hostAliases:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- include "loki.rulerPriorityClassName" . | nindent 6 }}
+ securityContext:
+ {{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
+ terminationGracePeriodSeconds: {{ .Values.ruler.terminationGracePeriodSeconds }}
+ {{- with .Values.ruler.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: ruler
+ image: {{ include "loki.image" . }}
+ imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=ruler
+ {{- with .Values.ruler.extraArgs }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ {{- with .Values.ruler.extraEnv }}
+ env:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.ruler.extraEnvFrom }}
+ envFrom:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.loki.readinessProbe | nindent 12 }}
+ volumeMounts:
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: data
+ mountPath: /var/loki
+ - name: tmp
+ mountPath: /tmp/loki
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
+ {{- range $dir, $_ := .Values.ruler.directories }}
+ - name: {{ include "loki.rulerRulesDirName" $dir }}
+ mountPath: /etc/loki/rules/{{ $dir }}
+ {{- end }}
+ {{- with .Values.ruler.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.ruler.resources | nindent 12 }}
+ {{- with .Values.ruler.extraContainers }}
+ {{- toYaml . | nindent 8}}
+ {{- end }}
+ {{- with .Values.ruler.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.ruler.dnsConfig }}
+ dnsConfig:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: config
+ {{- include "loki.configVolume" . | nindent 10 }}
+ - name: runtime-config
+ configMap:
+ name: {{ template "loki.name" . }}-runtime
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
+ {{- end }}
+ {{- end }}
+ {{- range $dir, $_ := .Values.ruler.directories }}
+ - name: {{ include "loki.rulerRulesDirName" $dir }}
+ configMap:
+ name: {{ include "loki.rulerFullname" $ }}-{{ include "loki.rulerRulesDirName" $dir }}
+ {{- end }}
+ - name: tmp
+ emptyDir: {}
+ {{- with .Values.ruler.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if not .Values.ruler.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- else }}
+ volumeClaimTemplates:
+ - metadata:
+ name: data
+ {{- with .Values.ruler.persistence.annotations }}
+ annotations:
+ {{- . | toYaml | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ {{- with .Values.ruler.persistence.storageClass }}
+ storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.ruler.persistence.size | quote }}
+ {{- end }}
+{{- end }}
diff --git a/charts/loki/templates/single-binary/statefulset.yaml b/charts/loki/templates/single-binary/statefulset.yaml
index 8922c89..51c0062 100644
--- a/charts/loki/templates/single-binary/statefulset.yaml
+++ b/charts/loki/templates/single-binary/statefulset.yaml
@@ -135,7 +135,7 @@
{{- end }}
{{- with .Values.singleBinary.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.singleBinary.dnsConfig }}
dnsConfig:
@@ -153,12 +153,7 @@
- name: tmp
emptyDir: {}
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
- {{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/templates/table-manager/deployment-table-manager.yaml b/charts/loki/templates/table-manager/deployment-table-manager.yaml
index aeb5b1a..e3f6d0d 100644
--- a/charts/loki/templates/table-manager/deployment-table-manager.yaml
+++ b/charts/loki/templates/table-manager/deployment-table-manager.yaml
@@ -80,6 +80,10 @@
volumeMounts:
- name: config
mountPath: /etc/loki/config
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ mountPath: /etc/loki/license
+ {{- end }}
{{- with .Values.tableManager.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
@@ -90,7 +94,7 @@
{{- end }}
{{- with .Values.tableManager.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tableManager.dnsConfig }}
dnsConfig:
@@ -106,12 +110,16 @@
{{- end }}
volumes:
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
+ {{- if .Values.enterprise.enabled }}
+ - name: license
+ secret:
+ {{- if .Values.enterprise.useExternalLicense }}
+ secretName: {{ .Values.enterprise.externalLicenseName }}
+ {{- else }}
+ secretName: enterprise-logs-license
{{- end }}
+ {{- end }}
{{- with .Values.tableManager.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
diff --git a/charts/loki/templates/tests/test-canary.yaml b/charts/loki/templates/tests/test-canary.yaml
index a4f11e2..9384865 100644
--- a/charts/loki/templates/tests/test-canary.yaml
+++ b/charts/loki/templates/tests/test-canary.yaml
@@ -1,5 +1,5 @@
{{- with .Values.test }}
-{{- if and .enabled $.Values.monitoring.selfMonitoring.enabled $.Values.monitoring.lokiCanary.enabled }}
+{{- if $.Values.lokiCanary.enabled }}
---
apiVersion: v1
kind: Pod
@@ -21,6 +21,8 @@
- name: loki-helm-test
image: {{ include "loki.helmTestImage" $ }}
env:
+ - name: CANARY_SERVICE_ADDRESS
+ value: "{{ .canaryServiceAddress }}"
- name: CANARY_PROMETHEUS_ADDRESS
value: "{{ .prometheusAddress }}"
{{- with .timeout }}
diff --git a/charts/loki/templates/tokengen/job-tokengen.yaml b/charts/loki/templates/tokengen/job-tokengen.yaml
index b917395..f9ae737 100644
--- a/charts/loki/templates/tokengen/job-tokengen.yaml
+++ b/charts/loki/templates/tokengen/job-tokengen.yaml
@@ -116,13 +116,7 @@
{{- end }}
volumes:
- name: config
- {{- if .Values.enterprise.useExternalConfig }}
- secret:
- secretName: {{ .Values.enterprise.externalConfigName }}
- {{- else }}
- configMap:
- name: {{ include "loki.name" . }}
- {{- end }}
+ {{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/templates/validate.yaml b/charts/loki/templates/validate.yaml
index 3a2e8ca..93e2490 100644
--- a/charts/loki/templates/validate.yaml
+++ b/charts/loki/templates/validate.yaml
@@ -2,26 +2,40 @@
{{- fail "Top level 'config' is not allowed. Most common configuration sections are exposed under the `loki` section. If you need to override the whole config, provide the configuration as a string that can contain template expressions under `loki.config`. Alternatively, you can provide the configuration as an external secret." }}
{{- end }}
-{{- if and (not .Values.monitoring.selfMonitoring.enabled) .Values.test.enabled }}
-{{- fail "Helm test requires self monitoring to be enabled"}}
-{{- end }}
-
-{{- if and (not .Values.monitoring.lokiCanary.enabled) .Values.test.enabled }}
+{{- if and (not .Values.lokiCanary.enabled) .Values.test.enabled }}
{{- fail "Helm test requires the Loki Canary to be enabled"}}
{{- end }}
-{{- if and .Values.test.enabled (not .Values.test.prometheusAddress) }}
-{{- fail "Helm test requires a prometheusAddress for an instance scraping the Loki canary's metrics"}}
-{{- end }}
-
{{- $singleBinaryReplicas := int .Values.singleBinary.replicas }}
{{- $isUsingFilesystem := eq (include "loki.isUsingObjectStorage" .) "false" }}
{{- $atLeastOneScalableReplica := or (gt (int .Values.backend.replicas) 0) (gt (int .Values.read.replicas) 0) (gt (int .Values.write.replicas) 0) }}
+{{- $atLeastOneDistributedReplica := or (gt (int .Values.ingester.replicas) 0) (gt (int .Values.distributor.replicas) 0) (gt (int .Values.querier.replicas) 0) (gt (int .Values.queryFrontend.replicas) 0) (gt (int .Values.queryScheduler.replicas) 0) (gt (int .Values.indexGateway.replicas) 0) (gt (int .Values.compactor.replicas) 0) (gt (int .Values.ruler.replicas) 0) }}
{{- if and $isUsingFilesystem (gt $singleBinaryReplicas 1) }}
{{- fail "Cannot run more than 1 Single Binary replica without an object storage backend."}}
{{- end }}
-{{- if and $isUsingFilesystem (and (eq $singleBinaryReplicas 0) $atLeastOneScalableReplica) }}
-{{- fail "Cannot run Scalable targets (backend, read, write) without an object storage backend."}}
+{{- if and $isUsingFilesystem (and (eq $singleBinaryReplicas 0) (or $atLeastOneScalableReplica $atLeastOneDistributedReplica)) }}
+{{- fail "Cannot run scalable targets (backend, read, write) or distributed targets without an object storage backend."}}
{{- end }}
+
+{{- if and $atLeastOneScalableReplica $atLeastOneDistributedReplica (ne .Values.deploymentMode "SimpleScalable<->Distributed") }}
+{{- fail "You have more than zero replicas configured for scalable targets (backend, read, write) and distributed targets. If this was intentional change the deploymentMode to the transitional 'SimpleScalable<->Distributed' mode" }}
+{{- end }}
+
+{{- if and (gt $singleBinaryReplicas 0) $atLeastOneDistributedReplica }}
+{{- fail "You have more than zero replicas configured for both the single binary and distributed targets, there is no transition mode between these targets please change one or the other to zero or transition to the SimpleScalable mode first."}}
+{{- end }}
+
+{{- if and (gt $singleBinaryReplicas 0) $atLeastOneScalableReplica (ne .Values.deploymentMode "SingleBinary<->SimpleScalable") }}
+{{- fail "You have more than zero replicas configured for both the single binary and simple scalable targets. If this was intentional change the deploymentMode to the transitional 'SingleBinary<->SimpleScalable' mode"}}
+{{- end }}
+
+{{- if and (or (not (empty .Values.loki.schemaConfig)) (not (empty .Values.loki.structuredConfig.schema_config))) .Values.loki.useTestSchema }}
+{{- fail "loki.useTestSchema must be false if loki.schemaConfig or loki.structuredConfig.schema_config are defined."}}
+{{- end }}
+
+
+{{- if and (empty .Values.loki.schemaConfig) (empty .Values.loki.structuredConfig.schema_config) (not .Values.loki.useTestSchema) }}
+{{- fail "You must provide a schema_config for Loki, one is not provided as this will be individual for every Loki cluster. See https://grafana.com/docs/loki/latest/operations/storage/schema/ for schema information. For quick testing (with no persistence) add `--set loki.useTestSchema=true`"}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/loki/templates/write/statefulset-write.yaml b/charts/loki/templates/write/statefulset-write.yaml
index 5aa1e78..54c9369 100644
--- a/charts/loki/templates/write/statefulset-write.yaml
+++ b/charts/loki/templates/write/statefulset-write.yaml
@@ -20,7 +20,11 @@
{{- end }}
spec:
{{- if not .Values.write.autoscaling.enabled }}
+ {{- if eq .Values.deploymentMode "SingleBinary" }}
+ replicas: 0
+ {{- else }}
replicas: {{ .Values.write.replicas }}
+ {{- end }}
{{- end }}
podManagementPolicy: {{ .Values.write.podManagementPolicy }}
updateStrategy:
@@ -132,7 +136,7 @@
{{- if .Values.enterprise.enabled }}
- name: license
mountPath: /etc/loki/license
- {{- end}}
+ {{- end }}
{{- with .Values.write.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
@@ -143,7 +147,7 @@
{{- end }}
{{- with .Values.write.affinity }}
affinity:
- {{- tpl . $ | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.write.dnsConfig }}
dnsConfig:
@@ -167,12 +171,7 @@
{{- toYaml .Values.write.persistence.dataVolumeParameters | nindent 10 }}
{{- end}}
- name: config
- {{- if .Values.loki.existingSecretForConfig }}
- secret:
- secretName: {{ .Values.loki.existingSecretForConfig }}
- {{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
- {{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
diff --git a/charts/loki/test/config_test.go b/charts/loki/test/config_test.go
new file mode 100644
index 0000000..6926c7b
--- /dev/null
+++ b/charts/loki/test/config_test.go
@@ -0,0 +1,220 @@
+package test
+
+import (
+ "os"
+ "os/exec"
+ "testing"
+
+ "github.com/stretchr/testify/require"
+ "gopkg.in/yaml.v2"
+)
+
+type replicas struct {
+ Replicas int `yaml:"replicas"`
+}
+type loki struct {
+ Storage struct {
+ Type string `yaml:"type"`
+ } `yaml:"storage"`
+}
+
+type values struct {
+ DeploymentMode string `yaml:"deploymentMode"`
+ Backend replicas `yaml:"backend"`
+ Compactor replicas `yaml:"compactor"`
+ Distributor replicas `yaml:"distributor"`
+ IndexGateway replicas `yaml:"indexGateway"`
+ Ingester replicas `yaml:"ingester"`
+ Querier replicas `yaml:"querier"`
+ QueryFrontend replicas `yaml:"queryFrontend"`
+ QueryScheduler replicas `yaml:"queryScheduler"`
+ Read replicas `yaml:"read"`
+ Ruler replicas `yaml:"ruler"`
+ SingleBinary replicas `yaml:"singleBinary"`
+ Write replicas `yaml:"write"`
+
+ Loki loki `yaml:"loki"`
+}
+
+func templateConfig(t *testing.T, vals values) error {
+ y, err := yaml.Marshal(&vals)
+ require.NoError(t, err)
+ require.Greater(t, len(y), 0)
+
+ f, err := os.CreateTemp("", "values.yaml")
+ require.NoError(t, err)
+
+ _, err = f.Write(y)
+ require.NoError(t, err)
+
+ cmd := exec.Command("helm", "dependency", "build")
+ // Dependency build needs to be run from the parent directory where the chart is located.
+ cmd.Dir = "../"
+ var cmdOutput []byte
+ if cmdOutput, err = cmd.CombinedOutput(); err != nil {
+ t.Log("dependency build failed", "err", string(cmdOutput))
+ return err
+ }
+
+ cmd = exec.Command("helm", "template", "../", "--values", f.Name())
+ if cmdOutput, err := cmd.CombinedOutput(); err != nil {
+ t.Log("template failed", "err", string(cmdOutput))
+ return err
+ }
+
+ return nil
+}
+
+// E.Welch these tests fail because the templateConfig function above can't resolve the chart dependencies and I'm not sure how to fix this....
+
+//func Test_InvalidConfigs(t *testing.T) {
+// t.Run("running both single binary and scalable targets", func(t *testing.T) {
+// vals := values{
+// SingleBinary: replicas{Replicas: 1},
+// Write: replicas{Replicas: 1},
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "gcs"},
+// },
+// }
+// require.Error(t, templateConfig(t, vals))
+// })
+//
+// t.Run("running both single binary and distributed targets", func(t *testing.T) {
+// vals := values{
+// SingleBinary: replicas{Replicas: 1},
+// Distributor: replicas{Replicas: 1},
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "gcs"},
+// },
+// }
+// require.Error(t, templateConfig(t, vals))
+// })
+//
+// t.Run("running both scalable and distributed targets", func(t *testing.T) {
+// vals := values{
+// Read: replicas{Replicas: 1},
+// Distributor: replicas{Replicas: 1},
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "gcs"},
+// },
+// }
+// require.Error(t, templateConfig(t, vals))
+// })
+//
+// t.Run("running scalable with filesystem storage", func(t *testing.T) {
+// vals := values{
+// Read: replicas{Replicas: 1},
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "filesystem"},
+// },
+// }
+//
+// require.Error(t, templateConfig(t, vals))
+// })
+//
+// t.Run("running distributed with filesystem storage", func(t *testing.T) {
+// vals := values{
+// Distributor: replicas{Replicas: 1},
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "filesystem"},
+// },
+// }
+//
+// require.Error(t, templateConfig(t, vals))
+// })
+//}
+//
+//func Test_ValidConfigs(t *testing.T) {
+// t.Run("single binary", func(t *testing.T) {
+// vals := values{
+//
+// DeploymentMode: "SingleBinary",
+//
+// SingleBinary: replicas{Replicas: 1},
+//
+// Backend: replicas{Replicas: 0},
+// Compactor: replicas{Replicas: 0},
+// Distributor: replicas{Replicas: 0},
+// IndexGateway: replicas{Replicas: 0},
+// Ingester: replicas{Replicas: 0},
+// Querier: replicas{Replicas: 0},
+// QueryFrontend: replicas{Replicas: 0},
+// QueryScheduler: replicas{Replicas: 0},
+// Read: replicas{Replicas: 0},
+// Ruler: replicas{Replicas: 0},
+// Write: replicas{Replicas: 0},
+//
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "filesystem"},
+// },
+// }
+// require.NoError(t, templateConfig(t, vals))
+// })
+//
+// t.Run("scalable", func(t *testing.T) {
+// vals := values{
+//
+// DeploymentMode: "SimpleScalable",
+//
+// Backend: replicas{Replicas: 1},
+// Read: replicas{Replicas: 1},
+// Write: replicas{Replicas: 1},
+//
+// Compactor: replicas{Replicas: 0},
+// Distributor: replicas{Replicas: 0},
+// IndexGateway: replicas{Replicas: 0},
+// Ingester: replicas{Replicas: 0},
+// Querier: replicas{Replicas: 0},
+// QueryFrontend: replicas{Replicas: 0},
+// QueryScheduler: replicas{Replicas: 0},
+// Ruler: replicas{Replicas: 0},
+// SingleBinary: replicas{Replicas: 0},
+//
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "gcs"},
+// },
+// }
+// require.NoError(t, templateConfig(t, vals))
+// })
+//
+// t.Run("distributed", func(t *testing.T) {
+// vals := values{
+// DeploymentMode: "Distributed",
+//
+// Compactor: replicas{Replicas: 1},
+// Distributor: replicas{Replicas: 1},
+// IndexGateway: replicas{Replicas: 1},
+// Ingester: replicas{Replicas: 1},
+// Querier: replicas{Replicas: 1},
+// QueryFrontend: replicas{Replicas: 1},
+// QueryScheduler: replicas{Replicas: 1},
+// Ruler: replicas{Replicas: 1},
+//
+// Backend: replicas{Replicas: 0},
+// Read: replicas{Replicas: 0},
+// SingleBinary: replicas{Replicas: 0},
+// Write: replicas{Replicas: 0},
+//
+// Loki: loki{
+// Storage: struct {
+// Type string `yaml:"type"`
+// }{Type: "gcs"},
+// },
+// }
+// require.NoError(t, templateConfig(t, vals))
+// })
+//}
diff --git a/charts/loki/values.yaml b/charts/loki/values.yaml
index 70d853b..855e75c 100644
--- a/charts/loki/values.yaml
+++ b/charts/loki/values.yaml
@@ -18,17 +18,23 @@
clusterLabelOverride: null
# -- Image pull secrets for Docker images
imagePullSecrets: []
-kubectlImage:
- # -- The Docker registry
- registry: docker.io
- # -- Docker image repository
- repository: bitnami/kubectl
- # -- Overrides the image tag whose default is the chart's appVersion
- tag: null
- # -- Overrides the image tag with an image digest
- digest: null
- # -- Docker image pull policy
- pullPolicy: IfNotPresent
+# -- Deployment mode lets you specify how to deploy Loki.
+# There are 3 options:
+# - SingleBinary: Loki is deployed as a single binary, useful for small installs typically without HA, up to a few tens of GB/day.
+# - SimpleScalable: Loki is deployed as 3 targets: read, write, and backend. Useful for medium installs easier to manage than distributed, up to a about 1TB/day.
+# - Distributed: Loki is deployed as individual microservices. The most complicated but most capable, useful for large installs, typically over 1TB/day.
+# There are also 2 additional modes used for migrating between deployment modes:
+# - SingleBinary<->SimpleScalable: Migrate from SingleBinary to SimpleScalable (or vice versa)
+# - SimpleScalable<->Distributed: Migrate from SimpleScalable to Distributed (or vice versa)
+# Note: SimpleScalable and Distributed REQUIRE the use of object storage.
+deploymentMode: SimpleScalable
+######################################################################################################################
+#
+# Base Loki Configs including kubernetes configurations and configurations for Loki itself,
+# see below for more specifics on Loki's configuration.
+#
+######################################################################################################################
+# -- Configuration for running Loki
loki:
# Configures the readiness probe for all of the Loki pods
readinessProbe:
@@ -77,14 +83,41 @@
allowPrivilegeEscalation: false
# -- Should enableServiceLinks be enabled. Default to enable
enableServiceLinks: true
- # -- Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config`
- existingSecretForConfig: ""
+ ######################################################################################################################
+ #
+ # Loki Configuration
+ #
+ # There are several ways to pass configuration to Loki, listing them here in order of our preference for how
+ # you should use this chart.
+ # 1. Use the templated value of loki.config below and the corresponding override sections which follow.
+ # This allows us to set a lot of important Loki configurations and defaults and also allows us to maintain them
+ # over time as Loki changes and evolves.
+ # 2. Use the loki.structuredConfig section.
+ # This will completely override the templated value of loki.config, so you MUST provide the entire Loki config
+ # including any configuration that we set in loki.config unless you explicitly are trying to change one of those
+ # values and are not able to do so with the templated sections.
+ # If you choose this approach the burden is on you to maintain any changes we make to the templated config.
+ # 3. Use an existing secret or configmap to provide the configuration.
+ # This option is mostly provided for folks who have external processes which provide or modify the configuration.
+ # When using this option you can specify a different name for loki.generatedConfigObjectName and configObjectName
+ # if you have a process which takes the generated config and modifies it, or you can stop the chart from generating
+ # a config entirely by setting loki.generatedConfigObjectName to
+ #
+ ######################################################################################################################
+
# -- Defines what kind of object stores the configuration, a ConfigMap or a Secret.
# In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use [environment variables in the configuration](https://grafana.com/docs/loki/latest/configuration/#use-environment-variables-in-the-configuration).
# Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/#use-case-as-container-environment-variables).
configStorageType: ConfigMap
- # -- Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).
- externalConfigSecretName: '{{ include "loki.name" . }}'
+ # -- The name of the object which Loki will mount as a volume containing the config.
+ # If the configStorageType is Secret, this will be the name of the Secret, if it is ConfigMap, this will be the name of the ConfigMap.
+ # The value will be passed through tpl.
+ configObjectName: '{{ include "loki.name" . }}'
+ # -- The name of the Secret or ConfigMap that will be created by this chart.
+ # If empty, no configmap or secret will be created.
+ # The value will be passed through tpl.
+ generatedConfigObjectName: '{{ include "loki.name" . }}'
+
# -- Config file contents for Loki
# @default -- See values.yaml
config: |
@@ -99,6 +132,9 @@
{{- toYaml . | nindent 2}}
{{- end}}
+ pattern_ingester:
+ enabled: {{ .Values.loki.pattern_ingester.enabled }}
+
memberlist:
{{- if .Values.loki.memberlistConfig }}
{{- toYaml .Values.loki.memberlistConfig | nindent 2 }}
@@ -135,37 +171,34 @@
runtime_config:
file: /etc/loki/runtime-config/runtime-config.yaml
- {{- with .Values.loki.memcached.chunk_cache }}
- {{- if and .enabled (or .host .addresses) }}
+ {{- with .Values.chunksCache }}
+ {{- if .enabled }}
chunk_store_config:
chunk_cache_config:
+ default_validity: {{ .defaultValidity }}
+ background:
+ writeback_goroutines: {{ .writebackParallelism }}
+ writeback_buffer: {{ .writebackBuffer }}
+ writeback_size_limit: {{ .writebackSizeLimit }}
memcached:
- batch_size: {{ .batch_size }}
+ batch_size: {{ .batchSize }}
parallelism: {{ .parallelism }}
memcached_client:
- {{- if .host }}
- host: {{ .host }}
- {{- end }}
- {{- if .addresses }}
- addresses: {{ .addresses }}
- {{- end }}
- service: {{ .service }}
+ addresses: dnssrvnoa+_memcached-client._tcp.{{ template "loki.fullname" $ }}-chunks-cache.{{ $.Release.Namespace }}.svc
+ consistent_hash: true
+ timeout: {{ .timeout }}
+ max_idle_conns: 72
{{- end }}
{{- end }}
{{- if .Values.loki.schemaConfig }}
schema_config:
{{- toYaml .Values.loki.schemaConfig | nindent 2}}
- {{- else }}
+ {{- end }}
+
+ {{- if .Values.loki.useTestSchema }}
schema_config:
- configs:
- - from: 2022-01-11
- store: boltdb-shipper
- object_store: {{ .Values.loki.storage.type }}
- schema: v12
- index:
- prefix: loki_index_
- period: 24h
+ {{- toYaml .Values.loki.testSchemaConfig | nindent 2}}
{{- end }}
{{ include "loki.rulerConfig" . }}
@@ -176,25 +209,28 @@
retention_period: {{ .Values.tableManager.retention_period }}
{{- end }}
- {{- with .Values.loki.memcached.results_cache }}
query_range:
align_queries_with_step: true
- {{- if and .enabled (or .host .addresses) }}
- cache_results: {{ .enabled }}
+ {{- with .Values.loki.query_range }}
+ {{- tpl (. | toYaml) $ | nindent 4 }}
+ {{- end }}
+ {{- if .Values.resultsCache.enabled }}
+ {{- with .Values.resultsCache }}
+ cache_results: true
results_cache:
cache:
- default_validity: {{ .default_validity }}
+ default_validity: {{ .defaultValidity }}
+ background:
+ writeback_goroutines: {{ .writebackParallelism }}
+ writeback_buffer: {{ .writebackBuffer }}
+ writeback_size_limit: {{ .writebackSizeLimit }}
memcached_client:
- {{- if .host }}
- host: {{ .host }}
- {{- end }}
- {{- if .addresses }}
- addresses: {{ .addresses }}
- {{- end }}
- service: {{ .service }}
+ consistent_hash: true
+ addresses: dnssrvnoa+_memcached-client._tcp.{{ template "loki.fullname" $ }}-results-cache.{{ $.Release.Namespace }}.svc
timeout: {{ .timeout }}
+ update_interval: 1m
{{- end }}
- {{- end }}
+ {{- end }}
{{- with .Values.loki.storage_config }}
storage_config:
@@ -255,12 +291,16 @@
server:
http_listen_port: 3100
grpc_listen_port: 9095
+ http_server_read_timeout: 600s
+ http_server_write_timeout: 600s
# -- Limits config
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
max_cache_freshness_per_query: 10m
split_queries_by_interval: 15m
+ query_timeout: 300s
+ volume_enabled: true
# -- Provides a reloadable runtime configuration file for some specific configuration
runtimeConfig: {}
# -- Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
@@ -270,10 +310,12 @@
compactor_address: '{{ include "loki.compactorAddress" . }}'
# -- Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
storage:
- bucketNames:
- chunks: chunks
- ruler: ruler
- admin: admin
+ # Loki requires a bucket for chunks and the ruler. GEL requires a third bucket for the admin API.
+ # Please provide these values if you are using object storage.
+ # bucketNames:
+ # chunks: FIXME
+ # ruler: FIXME
+ # admin: FIXME
type: s3
s3:
s3: null
@@ -340,6 +382,18 @@
default_validity: "12h"
# -- Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
schemaConfig: {}
+ # -- a real Loki install requires a proper schemaConfig defined above this, however for testing or playing around
+ # you can enable useTestSchema
+ useTestSchema: false
+ testSchemaConfig:
+ configs:
+ - from: 2024-04-01
+ store: tsdb
+ object_store: '{{ include "loki.testSchemaObjectStore" . }}'
+ schema: v13
+ index:
+ prefix: index_
+ period: 24h
# -- Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
rulerConfig: {}
# -- Structured loki configuration, takes precedence over `loki.config`, `loki.schemaConfig`, `loki.storageConfig`
@@ -348,23 +402,35 @@
query_scheduler: {}
# -- Additional storage config
storage_config:
+ boltdb_shipper:
+ index_gateway_client:
+ server_address: '{{ include "loki.indexGatewayAddress" . }}'
+ tsdb_shipper:
+ index_gateway_client:
+ server_address: '{{ include "loki.indexGatewayAddress" . }}'
hedging:
at: "250ms"
max_per_second: 20
up_to: 3
# -- Optional compactor configuration
compactor: {}
+ # -- Optional pattern ingester configuration
+ pattern_ingester:
+ enabled: false
# -- Optional analytics configuration
analytics: {}
# -- Optional querier configuration
+ query_range: {}
+ # -- Optional querier configuration
querier: {}
# -- Optional ingester configuration
ingester: {}
# -- Optional index gateway configuration
index_gateway:
- mode: ring
+ mode: simple
frontend:
scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'
+ tail_proxy_url: '{{ include "loki.querierAddress" . }}'
frontend_worker:
scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'
# -- Optional distributor configuration
@@ -372,11 +438,18 @@
# -- Enable tracing
tracing:
enabled: false
+######################################################################################################################
+#
+# Enterprise Loki Configs
+#
+######################################################################################################################
+
+# -- Configuration for running Enterprise Loki
enterprise:
# Enable enterprise features, license must be provided
enabled: false
# Default verion of GEL to deploy
- version: v1.8.6
+ version: v3.0.0
# -- Optional name of the GEL cluster, otherwise will use .Release.Name
# The cluster name must match what is in your GEL license
cluster_name: null
@@ -394,6 +467,8 @@
externalLicenseName: null
# -- Name of the external config secret to use
externalConfigName: ""
+ # -- Use GEL gateway, if false will use the default nginx gateway
+ gelGateway: true
# -- If enabled, the correct admin_client storage will be configured. If disabled while running enterprise,
# make sure auth is set to `type: trust`, or that `auth_enabled` is set to `false`.
adminApi:
@@ -405,7 +480,7 @@
admin_client:
storage:
s3:
- bucket_name: {{ .Values.loki.storage.bucketNames.admin }}
+ bucket_name: admin
{{- end }}
{{- end }}
auth:
@@ -504,15 +579,111 @@
pullPolicy: IfNotPresent
# -- Volume mounts to add to the provisioner pods
extraVolumeMounts: []
-# -- Options that may be necessary when performing a migration from another helm chart
-migrate:
- # -- When migrating from a distributed chart like loki-distributed or enterprise-logs
- fromDistributed:
- # -- Set to true if migrating from a distributed helm chart
- enabled: false
- # -- If migrating from a distributed service, provide the distributed deployment's
- # memberlist service DNS so the new deployment can join its ring.
- memberlistService: ""
+# -- kubetclImage is used in the enterprise provisioner and tokengen jobs
+kubectlImage:
+ # -- The Docker registry
+ registry: docker.io
+ # -- Docker image repository
+ repository: bitnami/kubectl
+ # -- Overrides the image tag whose default is the chart's appVersion
+ tag: null
+ # -- Overrides the image tag with an image digest
+ digest: null
+ # -- Docker image pull policy
+ pullPolicy: IfNotPresent
+######################################################################################################################
+#
+# Chart Testing
+#
+######################################################################################################################
+
+# -- Section for configuring optional Helm test
+test:
+ enabled: true
+ # -- Used to directly query the metrics endpoint of the canary for testing, this approach avoids needing prometheus for testing.
+ # This in a newer approach to using prometheusAddress such that tests do not have a dependency on prometheus
+ canaryServiceAddress: "http://loki-canary:3500/metrics"
+ # -- Address of the prometheus server to query for the test. This overrides any value set for canaryServiceAddress.
+ # This is kept for backward compatibility and may be removed in future releases. Previous value was 'http://prometheus:9090'
+ prometheusAddress: ""
+ # -- Number of times to retry the test before failing
+ timeout: 1m
+ # -- Additional labels for the test pods
+ labels: {}
+ # -- Additional annotations for test pods
+ annotations: {}
+ # -- Image to use for loki canary
+ image:
+ # -- The Docker registry
+ registry: docker.io
+ # -- Docker image repository
+ repository: grafana/loki-helm-test
+ # -- Overrides the image tag whose default is the chart's appVersion
+ tag: "ewelch-distributed-helm-chart-17db5ee"
+ # -- Overrides the image tag with an image digest
+ digest: null
+ # -- Docker image pull policy
+ pullPolicy: IfNotPresent
+# The Loki canary pushes logs to and queries from this loki installation to test
+# that it's working correctly
+lokiCanary:
+ enabled: true
+ # -- If true, the canary will send directly to Loki via the address configured for verification --
+ # -- If false, it will write to stdout and an Agent will be needed to scrape and send the logs --
+ push: true
+ # -- The name of the label to look for at loki when doing the checks.
+ labelname: pod
+ # -- Additional annotations for the `loki-canary` Daemonset
+ annotations: {}
+ # -- Additional labels for each `loki-canary` pod
+ podLabels: {}
+ service:
+ # -- Annotations for loki-canary Service
+ annotations: {}
+ # -- Additional labels for loki-canary Service
+ labels: {}
+ # -- Additional CLI arguments for the `loki-canary' command
+ extraArgs: []
+ # -- Environment variables to add to the canary pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the canary pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the canary pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the canary pods
+ extraVolumes: []
+ # -- Resource requests and limits for the canary
+ resources: {}
+ # -- DNS config for canary pods
+ dnsConfig: {}
+ # -- Node selector for canary pods
+ nodeSelector: {}
+ # -- Tolerations for canary pods
+ tolerations: []
+ # -- The name of the PriorityClass for loki-canary pods
+ priorityClassName: null
+ # -- Image to use for loki canary
+ image:
+ # -- The Docker registry
+ registry: docker.io
+ # -- Docker image repository
+ repository: grafana/loki-canary
+ # -- Overrides the image tag whose default is the chart's appVersion
+ tag: null
+ # -- Overrides the image tag with an image digest
+ digest: null
+ # -- Docker image pull policy
+ pullPolicy: IfNotPresent
+ # -- Update strategy for the `loki-canary` Daemonset pods
+ updateStrategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: 1
+######################################################################################################################
+#
+# Service Accounts and Kubernetes RBAC
+#
+######################################################################################################################
serviceAccount:
# -- Specifies whether a ServiceAccount should be created
create: true
@@ -541,753 +712,151 @@
# apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
# -- Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.
namespaced: false
-# -- Section for configuring optional Helm test
-test:
- enabled: true
- # -- Address of the prometheus server to query for the test
- prometheusAddress: "http://prometheus:9090"
- # -- Number of times to retry the test before failing
- timeout: 1m
- # -- Additional labels for the test pods
- labels: {}
- # -- Additional annotations for test pods
- annotations: {}
- # -- Image to use for loki canary
- image:
- # -- The Docker registry
- registry: docker.io
- # -- Docker image repository
- repository: grafana/loki-helm-test
- # -- Overrides the image tag whose default is the chart's appVersion
- tag: null
- # -- Overrides the image tag with an image digest
- digest: null
- # -- Docker image pull policy
- pullPolicy: IfNotPresent
-# Monitoring section determines which monitoring features to enable
-monitoring:
- # Dashboards for monitoring Loki
- dashboards:
- # -- If enabled, create configmap with dashboards for monitoring Loki
- enabled: true
- # -- Alternative namespace to create dashboards ConfigMap in
- namespace: null
- # -- Additional annotations for the dashboards ConfigMap
- annotations: {}
- # -- Labels for the dashboards ConfigMap
- labels:
- grafana_dashboard: "1"
- # Recording rules for monitoring Loki, required for some dashboards
- rules:
- # -- If enabled, create PrometheusRule resource with Loki recording rules
- enabled: true
- # -- Include alerting rules
- alerting: true
- # -- Specify which individual alerts should be disabled
- # -- Instead of turning off each alert one by one, set the .monitoring.rules.alerting value to false instead.
- # -- If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.
- disabled: {}
- # LokiRequestErrors: true
- # LokiRequestPanics: true
- # -- Alternative namespace to create PrometheusRule resources in
- namespace: null
- # -- Additional annotations for the rules PrometheusRule resource
- annotations: {}
- # -- Additional labels for the rules PrometheusRule resource
- labels: {}
- # -- Additional labels for PrometheusRule alerts
- additionalRuleLabels: {}
- # -- Additional groups to add to the rules file
- additionalGroups: []
- # - name: additional-loki-rules
- # rules:
- # - record: job:loki_request_duration_seconds_bucket:sum_rate
- # expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job)
- # - record: job_route:loki_request_duration_seconds_bucket:sum_rate
- # expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route)
- # - record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_rate
- # expr: sum(rate(container_cpu_usage_seconds_total[1m])) by (node, namespace, pod, container)
- # ServiceMonitor configuration
- serviceMonitor:
- # -- If enabled, ServiceMonitor resources for Prometheus Operator are created
- enabled: true
- # -- Namespace selector for ServiceMonitor resources
+######################################################################################################################
+#
+# Network Policy configuration
+#
+######################################################################################################################
+networkPolicy:
+ # -- Specifies whether Network Policies should be created
+ enabled: false
+ # -- Specifies whether the policies created will be standard Network Policies (flavor: kubernetes)
+ # or Cilium Network Policies (flavor: cilium)
+ flavor: kubernetes
+ metrics:
+ # -- Specifies the Pods which are allowed to access the metrics port.
+ # As this is cross-namespace communication, you also need the namespaceSelector.
+ podSelector: {}
+ # -- Specifies the namespaces which are allowed to access the metrics port
namespaceSelector: {}
- # -- ServiceMonitor annotations
- annotations: {}
- # -- Additional ServiceMonitor labels
- labels: {}
- # -- ServiceMonitor scrape interval
- # Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at
- # least 1/4 rate interval.
- interval: 15s
- # -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
- scrapeTimeout: null
- # -- ServiceMonitor relabel configs to apply to samples before scraping
- # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
- relabelings: []
- # -- ServiceMonitor metric relabel configs to apply to samples before ingestion
- # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
- metricRelabelings: []
- # -- ServiceMonitor will use http by default, but you can pick https as well
- scheme: http
- # -- ServiceMonitor will use these tlsConfig settings to make the health check requests
- tlsConfig: null
- # -- If defined, will create a MetricsInstance for the Grafana Agent Operator.
- metricsInstance:
- # -- If enabled, MetricsInstance resources for Grafana Agent Operator are created
- enabled: true
- # -- MetricsInstance annotations
- annotations: {}
- # -- Additional MetricsInstance labels
- labels: {}
- # -- If defined a MetricsInstance will be created to remote write metrics.
- remoteWrite: null
- # Self monitoring determines whether Loki should scrape its own logs.
- # This feature currently relies on the Grafana Agent Operator being installed,
- # which is installed by default using the grafana-agent-operator sub-chart.
- # It will create custom resources for GrafanaAgent, LogsInstance, and PodLogs to configure
- # scrape configs to scrape its own logs with the labels expected by the included dashboards.
- selfMonitoring:
- enabled: true
- # -- Tenant to use for self monitoring
- tenant:
- # -- Name of the tenant
- name: "self-monitoring"
- # -- Namespace to create additional tenant token secret in. Useful if your Grafana instance
- # is in a separate namespace. Token will still be created in the canary namespace.
- secretNamespace: "{{ .Release.Namespace }}"
- # Grafana Agent configuration
- grafanaAgent:
- # -- Controls whether to install the Grafana Agent Operator and its CRDs.
- # Note that helm will not install CRDs if this flag is enabled during an upgrade.
- # In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
- installOperator: true
- # -- Grafana Agent annotations
- annotations: {}
- # -- Additional Grafana Agent labels
- labels: {}
- # -- Enable the config read api on port 8080 of the agent
- enableConfigReadAPI: false
- # -- The name of the PriorityClass for GrafanaAgent pods
- priorityClassName: null
- # -- Resource requests and limits for the grafanaAgent pods
- resources: {}
- # limits:
- # memory: 200Mi
- # requests:
- # cpu: 50m
- # memory: 100Mi
- # -- Tolerations for GrafanaAgent pods
- tolerations: []
- # PodLogs configuration
- podLogs:
- # -- PodLogs version
- apiVersion: monitoring.grafana.com/v1alpha1
- # -- PodLogs annotations
- annotations: {}
- # -- Additional PodLogs labels
- labels: {}
- # -- PodLogs relabel configs to apply to samples before scraping
- # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
- relabelings: []
- # -- Additional pipeline stages to process logs after scraping
- # https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca
- additionalPipelineStages: []
- # LogsInstance configuration
- logsInstance:
- # -- LogsInstance annotations
- annotations: {}
- # -- Additional LogsInstance labels
- labels: {}
- # -- Additional clients for remote write
- clients: null
- # The Loki canary pushes logs to and queries from this loki installation to test
- # that it's working correctly
- lokiCanary:
- enabled: true
- # -- The name of the label to look for at loki when doing the checks.
- labelname: pod
- # -- Additional annotations for the `loki-canary` Daemonset
- annotations: {}
- # -- Additional labels for each `loki-canary` pod
- podLabels: {}
- service:
- # -- Annotations for loki-canary Service
- annotations: {}
- # -- Additional labels for loki-canary Service
- labels: {}
- # -- Additional CLI arguments for the `loki-canary' command
- extraArgs: []
- # -- Environment variables to add to the canary pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the canary pods
- extraEnvFrom: []
- # -- Resource requests and limits for the canary
- resources: {}
- # -- DNS config for canary pods
- dnsConfig: {}
- # -- Node selector for canary pods
- nodeSelector: {}
- # -- Tolerations for canary pods
- tolerations: []
- # -- The name of the PriorityClass for loki-canary pods
- priorityClassName: null
- # -- Image to use for loki canary
- image:
- # -- The Docker registry
- registry: docker.io
- # -- Docker image repository
- repository: grafana/loki-canary
- # -- Overrides the image tag whose default is the chart's appVersion
- tag: null
- # -- Overrides the image tag with an image digest
- digest: null
- # -- Docker image pull policy
- pullPolicy: IfNotPresent
- # -- Update strategy for the `loki-canary` Daemonset pods
- updateStrategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 1
-# Configuration for the write pod(s)
-write:
- # -- Number of replicas for the write
- replicas: 3
- autoscaling:
- # -- Enable autoscaling for the write.
+ # -- Specifies specific network CIDRs which are allowed to access the metrics port.
+ # In case you use namespaceSelector, you also have to specify your kubelet networks here.
+ # The metrics ports are also used for probes.
+ cidrs: []
+ ingress:
+ # -- Specifies the Pods which are allowed to access the http port.
+ # As this is cross-namespace communication, you also need the namespaceSelector.
+ podSelector: {}
+ # -- Specifies the namespaces which are allowed to access the http port
+ namespaceSelector: {}
+ alertmanager:
+ # -- Specify the alertmanager port used for alerting
+ port: 9093
+ # -- Specifies the alertmanager Pods.
+ # As this is cross-namespace communication, you also need the namespaceSelector.
+ podSelector: {}
+ # -- Specifies the namespace the alertmanager is running in
+ namespaceSelector: {}
+ externalStorage:
+ # -- Specify the port used for external storage, e.g. AWS S3
+ ports: []
+ # -- Specifies specific network CIDRs you want to limit access to
+ cidrs: []
+ discovery:
+ # -- (int) Specify the port used for discovery
+ port: null
+ # -- Specifies the Pods labels used for discovery.
+ # As this is cross-namespace communication, you also need the namespaceSelector.
+ podSelector: {}
+ # -- Specifies the namespace the discovery Pods are running in
+ namespaceSelector: {}
+ egressWorld:
+ # -- Enable additional cilium egress rules to external world for write, read and backend.
enabled: false
- # -- Minimum autoscaling replicas for the write.
- minReplicas: 2
- # -- Maximum autoscaling replicas for the write.
- maxReplicas: 6
- # -- Target CPU utilisation percentage for the write.
- targetCPUUtilizationPercentage: 60
- # -- Target memory utilization percentage for the write.
- targetMemoryUtilizationPercentage:
- # -- Behavior policies while scaling.
- behavior:
- # -- see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
- scaleUp:
- policies:
- - type: Pods
- value: 1
- periodSeconds: 900
- scaleDown:
- policies:
- - type: Pods
- value: 1
- periodSeconds: 1800
- stabilizationWindowSeconds: 3600
- image:
- # -- The Docker registry for the write image. Overrides `loki.image.registry`
- registry: null
- # -- Docker image repository for the write image. Overrides `loki.image.repository`
- repository: null
- # -- Docker image tag for the write image. Overrides `loki.image.tag`
- tag: null
- # -- The name of the PriorityClass for write pods
- priorityClassName: null
- # -- Annotations for write StatefulSet
- annotations: {}
- # -- Annotations for write pods
- podAnnotations: {}
- # -- Additional labels for each `write` pod
- podLabels: {}
- # -- Additional selector labels for each `write` pod
- selectorLabels: {}
- service:
- # -- Annotations for write Service
- annotations: {}
- # -- Additional labels for write Service
- labels: {}
- # -- Comma-separated list of Loki modules to load for the write
- targetModule: "write"
- # -- Additional CLI args for the write
- extraArgs: []
- # -- Environment variables to add to the write pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the write pods
- extraEnvFrom: []
- # -- Lifecycle for the write container
- lifecycle: {}
- # -- The default /flush_shutdown preStop hook is recommended as part of the ingester
- # scaledown process so it's added to the template by default when autoscaling is enabled,
- # but it's disabled to optimize rolling restarts in instances that will never be scaled
- # down or when using chunks storage with WAL disabled.
- # https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown
- # -- Init containers to add to the write pods
- initContainers: []
- # -- Containers to add to the write pods
- extraContainers: []
- # -- Volume mounts to add to the write pods
- extraVolumeMounts: []
- # -- Volumes to add to the write pods
- extraVolumes: []
- # -- volumeClaimTemplates to add to StatefulSet
- extraVolumeClaimTemplates: []
- # -- Resource requests and limits for the write
- resources: {}
- # -- Grace period to allow the write to shutdown before it is killed. Especially for the ingester,
- # this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring
- # all data and to successfully leave the member ring on shutdown.
- terminationGracePeriodSeconds: 300
- # -- Affinity for write pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- {{- include "loki.writeSelectorLabels" . | nindent 10 }}
- topologyKey: kubernetes.io/hostname
- # -- DNS config for write pods
- dnsConfig: {}
- # -- Node selector for write pods
- nodeSelector: {}
- # -- Topology Spread Constraints for write pods
- topologySpreadConstraints: []
- # -- Tolerations for write pods
- tolerations: []
- # -- The default is to deploy all pods in parallel.
- podManagementPolicy: "Parallel"
- persistence:
- # -- Enable volume claims in pod spec
- volumeClaimsEnabled: true
- # -- Parameters used for the `data` volume when volumeClaimEnabled if false
- dataVolumeParameters:
- emptyDir: {}
- # -- Enable StatefulSetAutoDeletePVC feature
- enableStatefulSetAutoDeletePVC: false
- # -- Size of persistent disk
- size: 10Gi
- # -- Storage class to be used.
- # If defined, storageClassName: <storageClass>.
- # If set to "-", storageClassName: "", which disables dynamic provisioning.
- # If empty or set to null, no storageClassName spec is
- # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
- storageClass: null
- # -- Selector for persistent disk
- selector: null
-# Configuration for the table-manager
-tableManager:
- # -- Specifies whether the table-manager should be enabled
- enabled: false
- image:
- # -- The Docker registry for the table-manager image. Overrides `loki.image.registry`
- registry: null
- # -- Docker image repository for the table-manager image. Overrides `loki.image.repository`
- repository: null
- # -- Docker image tag for the table-manager image. Overrides `loki.image.tag`
- tag: null
- # -- Command to execute instead of defined in Docker image
- command: null
- # -- The name of the PriorityClass for table-manager pods
- priorityClassName: null
- # -- Labels for table-manager pods
- podLabels: {}
- # -- Annotations for table-manager deployment
- annotations: {}
- # -- Annotations for table-manager pods
- podAnnotations: {}
- service:
- # -- Annotations for table-manager Service
- annotations: {}
- # -- Additional labels for table-manager Service
- labels: {}
- # -- Additional CLI args for the table-manager
- extraArgs: []
- # -- Environment variables to add to the table-manager pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the table-manager pods
- extraEnvFrom: []
- # -- Volume mounts to add to the table-manager pods
- extraVolumeMounts: []
- # -- Volumes to add to the table-manager pods
- extraVolumes: []
- # -- Resource requests and limits for the table-manager
- resources: {}
- # -- Containers to add to the table-manager pods
- extraContainers: []
- # -- Grace period to allow the table-manager to shutdown before it is killed
- terminationGracePeriodSeconds: 30
- # -- Affinity for table-manager pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- {{- include "loki.tableManagerSelectorLabels" . | nindent 10 }}
- topologyKey: kubernetes.io/hostname
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- podAffinityTerm:
- labelSelector:
- matchLabels:
- {{- include "loki.tableManagerSelectorLabels" . | nindent 12 }}
- topologyKey: failure-domain.beta.kubernetes.io/zone
- # -- DNS config table-manager pods
- dnsConfig: {}
- # -- Node selector for table-manager pods
- nodeSelector: {}
- # -- Tolerations for table-manager pods
- tolerations: []
- # -- Enable deletes by retention
- retention_deletes_enabled: false
- # -- Set retention period
- retention_period: 0
-# Configuration for the read pod(s)
-read:
- # -- Number of replicas for the read
- replicas: 3
- autoscaling:
- # -- Enable autoscaling for the read, this is only used if `queryIndex.enabled: true`
+ egressKubeApiserver:
+ # -- Enable additional cilium egress rules to kube-apiserver for backend.
enabled: false
- # -- Minimum autoscaling replicas for the read
- minReplicas: 2
- # -- Maximum autoscaling replicas for the read
- maxReplicas: 6
- # -- Target CPU utilisation percentage for the read
- targetCPUUtilizationPercentage: 60
- # -- Target memory utilisation percentage for the read
- targetMemoryUtilizationPercentage:
- # -- Behavior policies while scaling.
- behavior: {}
- # scaleUp:
- # stabilizationWindowSeconds: 300
- # policies:
- # - type: Pods
- # value: 1
- # periodSeconds: 60
- # scaleDown:
- # stabilizationWindowSeconds: 300
- # policies:
- # - type: Pods
- # value: 1
- # periodSeconds: 180
- image:
- # -- The Docker registry for the read image. Overrides `loki.image.registry`
- registry: null
- # -- Docker image repository for the read image. Overrides `loki.image.repository`
- repository: null
- # -- Docker image tag for the read image. Overrides `loki.image.tag`
- tag: null
- # -- The name of the PriorityClass for read pods
- priorityClassName: null
- # -- Annotations for read deployment
- annotations: {}
- # -- Annotations for read pods
- podAnnotations: {}
- # -- Additional labels for each `read` pod
- podLabels: {}
- # -- Additional selector labels for each `read` pod
- selectorLabels: {}
- service:
- # -- Annotations for read Service
- annotations: {}
- # -- Additional labels for read Service
- labels: {}
- # -- Comma-separated list of Loki modules to load for the read
- targetModule: "read"
- # -- Whether or not to use the 2 target type simple scalable mode (read, write) or the
- # 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will
- # run two targets, false will run 3 targets.
- legacyReadTarget: false
- # -- Additional CLI args for the read
- extraArgs: []
- # -- Containers to add to the read pods
- extraContainers: []
- # -- Environment variables to add to the read pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the read pods
- extraEnvFrom: []
- # -- Lifecycle for the read container
- lifecycle: {}
- # -- Volume mounts to add to the read pods
- extraVolumeMounts: []
- # -- Volumes to add to the read pods
- extraVolumes: []
- # -- Resource requests and limits for the read
- resources: {}
- # -- Grace period to allow the read to shutdown before it is killed
- terminationGracePeriodSeconds: 30
- # -- Affinity for read pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- {{- include "loki.readSelectorLabels" . | nindent 10 }}
- topologyKey: kubernetes.io/hostname
- # -- DNS config for read pods
- dnsConfig: {}
- # -- Node selector for read pods
- nodeSelector: {}
- # -- Topology Spread Constraints for read pods
- topologySpreadConstraints: []
- # -- Tolerations for read pods
- tolerations: []
- # -- The default is to deploy all pods in parallel.
- podManagementPolicy: "Parallel"
- persistence:
- # -- Enable StatefulSetAutoDeletePVC feature
- enableStatefulSetAutoDeletePVC: true
- # -- Size of persistent disk
- size: 10Gi
- # -- Storage class to be used.
- # If defined, storageClassName: <storageClass>.
- # If set to "-", storageClassName: "", which disables dynamic provisioning.
- # If empty or set to null, no storageClassName spec is
- # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
- storageClass: null
- # -- Selector for persistent disk
- selector: null
-# Configuration for the backend pod(s)
-backend:
- # -- Number of replicas for the backend
- replicas: 3
- autoscaling:
- # -- Enable autoscaling for the backend.
- enabled: false
- # -- Minimum autoscaling replicas for the backend.
- minReplicas: 3
- # -- Maximum autoscaling replicas for the backend.
- maxReplicas: 6
- # -- Target CPU utilization percentage for the backend.
- targetCPUUtilizationPercentage: 60
- # -- Target memory utilization percentage for the backend.
- targetMemoryUtilizationPercentage:
- # -- Behavior policies while scaling.
- behavior: {}
- # scaleUp:
- # stabilizationWindowSeconds: 300
- # policies:
- # - type: Pods
- # value: 1
- # periodSeconds: 60
- # scaleDown:
- # stabilizationWindowSeconds: 300
- # policies:
- # - type: Pods
- # value: 1
- # periodSeconds: 180
- image:
- # -- The Docker registry for the backend image. Overrides `loki.image.registry`
- registry: null
- # -- Docker image repository for the backend image. Overrides `loki.image.repository`
- repository: null
- # -- Docker image tag for the backend image. Overrides `loki.image.tag`
- tag: null
- # -- The name of the PriorityClass for backend pods
- priorityClassName: null
- # -- Annotations for backend StatefulSet
- annotations: {}
- # -- Annotations for backend pods
- podAnnotations: {}
- # -- Additional labels for each `backend` pod
- podLabels: {}
- # -- Additional selector labels for each `backend` pod
- selectorLabels: {}
- service:
- # -- Annotations for backend Service
- annotations: {}
- # -- Additional labels for backend Service
- labels: {}
- # -- Comma-separated list of Loki modules to load for the read
- targetModule: "backend"
- # -- Additional CLI args for the backend
- extraArgs: []
- # -- Environment variables to add to the backend pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the backend pods
- extraEnvFrom: []
- # -- Init containers to add to the backend pods
- initContainers: []
- # -- Volume mounts to add to the backend pods
- extraVolumeMounts: []
- # -- Volumes to add to the backend pods
- extraVolumes: []
- # -- Resource requests and limits for the backend
- resources: {}
- # -- Grace period to allow the backend to shutdown before it is killed. Especially for the ingester,
- # this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring
- # all data and to successfully leave the member ring on shutdown.
- terminationGracePeriodSeconds: 300
- # -- Affinity for backend pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- {{- include "loki.backendSelectorLabels" . | nindent 10 }}
- topologyKey: kubernetes.io/hostname
- # -- DNS config for backend pods
- dnsConfig: {}
- # -- Node selector for backend pods
- nodeSelector: {}
- # -- Topology Spread Constraints for backend pods
- topologySpreadConstraints: []
- # -- Tolerations for backend pods
- tolerations: []
- # -- The default is to deploy all pods in parallel.
- podManagementPolicy: "Parallel"
- persistence:
- # -- Enable volume claims in pod spec
- volumeClaimsEnabled: true
- # -- Parameters used for the `data` volume when volumeClaimEnabled if false
- dataVolumeParameters:
- emptyDir: {}
- # -- Enable StatefulSetAutoDeletePVC feature
- enableStatefulSetAutoDeletePVC: true
- # -- Size of persistent disk
- size: 10Gi
- # -- Storage class to be used.
- # If defined, storageClassName: <storageClass>.
- # If set to "-", storageClassName: "", which disables dynamic provisioning.
- # If empty or set to null, no storageClassName spec is
- # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
- storageClass: null
- # -- Selector for persistent disk
- selector: null
-# Configuration for the single binary node(s)
-singleBinary:
- # -- Number of replicas for the single binary
- replicas: 0
- autoscaling:
- # -- Enable autoscaling
- enabled: false
- # -- Minimum autoscaling replicas for the single binary
- minReplicas: 1
- # -- Maximum autoscaling replicas for the single binary
- maxReplicas: 3
- # -- Target CPU utilisation percentage for the single binary
- targetCPUUtilizationPercentage: 60
- # -- Target memory utilisation percentage for the single binary
- targetMemoryUtilizationPercentage:
- image:
- # -- The Docker registry for the single binary image. Overrides `loki.image.registry`
- registry: null
- # -- Docker image repository for the single binary image. Overrides `loki.image.repository`
- repository: null
- # -- Docker image tag for the single binary image. Overrides `loki.image.tag`
- tag: null
- # -- The name of the PriorityClass for single binary pods
- priorityClassName: null
- # -- Annotations for single binary StatefulSet
- annotations: {}
- # -- Annotations for single binary pods
- podAnnotations: {}
- # -- Additional labels for each `single binary` pod
- podLabels: {}
- # -- Additional selector labels for each `single binary` pod
- selectorLabels: {}
- service:
- # -- Annotations for single binary Service
- annotations: {}
- # -- Additional labels for single binary Service
- labels: {}
- # -- Comma-separated list of Loki modules to load for the single binary
- targetModule: "all"
- # -- Labels for single binary service
- extraArgs: []
- # -- Environment variables to add to the single binary pods
- extraEnv: []
- # -- Environment variables from secrets or configmaps to add to the single binary pods
- extraEnvFrom: []
- # -- Extra containers to add to the single binary loki pod
- extraContainers: []
- # -- Init containers to add to the single binary pods
- initContainers: []
- # -- Volume mounts to add to the single binary pods
- extraVolumeMounts: []
- # -- Volumes to add to the single binary pods
- extraVolumes: []
- # -- Resource requests and limits for the single binary
- resources: {}
- # -- Grace period to allow the single binary to shutdown before it is killed
- terminationGracePeriodSeconds: 30
- # -- Affinity for single binary pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- {{- include "loki.singleBinarySelectorLabels" . | nindent 10 }}
- topologyKey: kubernetes.io/hostname
- # -- DNS config for single binary pods
- dnsConfig: {}
- # -- Node selector for single binary pods
- nodeSelector: {}
- # -- Tolerations for single binary pods
- tolerations: []
- persistence:
- # -- Enable StatefulSetAutoDeletePVC feature
- enableStatefulSetAutoDeletePVC: true
- # -- Enable persistent disk
- enabled: true
- # -- Size of persistent disk
- size: 10Gi
- # -- Storage class to be used.
- # If defined, storageClassName: <storageClass>.
- # If set to "-", storageClassName: "", which disables dynamic provisioning.
- # If empty or set to null, no storageClassName spec is
- # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
- storageClass: null
- # -- Selector for persistent disk
- selector: null
-# Use either this ingress or the gateway, but not both at once.
-# If you enable this, make sure to disable the gateway.
-# You'll need to supply authn configuration for your ingress controller.
-ingress:
- enabled: false
- ingressClassName: ""
- annotations: {}
- # nginx.ingress.kubernetes.io/auth-type: basic
- # nginx.ingress.kubernetes.io/auth-secret: loki-distributed-basic-auth
- # nginx.ingress.kubernetes.io/auth-secret-type: auth-map
- # nginx.ingress.kubernetes.io/configuration-snippet: |
- # proxy_set_header X-Scope-OrgID $remote_user;
- labels: {}
- # blackbox.monitoring.exclude: "true"
- paths:
- write:
- - /api/prom/push
- - /loki/api/v1/push
- read:
- - /api/prom/tail
- - /loki/api/v1/tail
- - /loki/api
- - /api/prom/rules
- - /loki/api/v1/rules
- - /prometheus/api/v1/rules
- - /prometheus/api/v1/alerts
- singleBinary:
- - /api/prom/push
- - /loki/api/v1/push
- - /api/prom/tail
- - /loki/api/v1/tail
- - /loki/api
- - /api/prom/rules
- - /loki/api/v1/rules
- - /prometheus/api/v1/rules
- - /prometheus/api/v1/alerts
- # -- Hosts configuration for the ingress, passed through the `tpl` function to allow templating
- hosts:
- - loki.example.com
- # -- TLS configuration for the ingress. Hosts passed through the `tpl` function to allow templating
- tls: []
-# - hosts:
-# - loki.example.com
-# secretName: loki-distributed-tls
+######################################################################################################################
+#
+# Global memberlist configuration
+#
+######################################################################################################################
# Configuration for the memberlist service
memberlist:
service:
publishNotReadyAddresses: false
+######################################################################################################################
+#
+# adminAPI configuration, enterprise only.
+#
+######################################################################################################################
+
+# -- Configuration for the `admin-api` target
+adminApi:
+ # -- Define the amount of instances
+ replicas: 1
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ # -- Additional CLI arguments for the `admin-api` target
+ extraArgs: {}
+ # -- Additional labels for the `admin-api` Deployment
+ labels: {}
+ # -- Additional annotations for the `admin-api` Deployment
+ annotations: {}
+ # -- Additional labels and annotations for the `admin-api` Service
+ service:
+ labels: {}
+ annotations: {}
+ # -- Run container as user `enterprise-logs(uid=10001)`
+ # `fsGroup` must not be specified, because these security options are applied
+ # on container level not on Pod level.
+ podSecurityContext:
+ runAsNonRoot: true
+ runAsGroup: 10001
+ runAsUser: 10001
+ containerSecurityContext:
+ readOnlyRootFilesystem: true
+ capabilities:
+ drop:
+ - ALL
+ allowPrivilegeEscalation: false
+ # -- Update strategy
+ strategy:
+ type: RollingUpdate
+ # -- Readiness probe
+ readinessProbe:
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 45
+ # -- Request and limit Kubernetes resources
+ # -- Values are defined in small.yaml and large.yaml
+ resources: {}
+ # -- Configure optional environment variables
+ env: []
+ # -- Configure optional initContainers
+ initContainers: []
+ # -- Conifgure optional extraContainers
+ extraContainers: []
+ # -- Additional volumes for Pods
+ extraVolumes: []
+ # -- Additional volume mounts for Pods
+ extraVolumeMounts: []
+ # -- Affinity for admin-api Pods
+ affinity: {}
+ # -- Node selector for admin-api Pods
+ nodeSelector: {}
+ # -- Tolerations for admin-api Pods
+ tolerations: []
+ # -- Grace period to allow the admin-api to shutdown before it is killed
+ terminationGracePeriodSeconds: 60
+
+
+######################################################################################################################
+#
+# Gateway and Ingress
+#
+# By default this chart will deploy a Nginx container to act as a gateway which handles routing of traffic
+# and can also do auth.
+#
+# If you would prefer you can optionally disable this and enable using k8s ingress to do the incoming routing.
+#
+######################################################################################################################
+
# Configuration for the gateway
gateway:
# -- Specifies whether the gateway should be enabled
@@ -1375,14 +944,14 @@
extraContainers: []
# -- Grace period to allow the gateway to shutdown before it is killed
terminationGracePeriodSeconds: 30
- # -- Affinity for gateway pods. Passed through `tpl` and, thus, to be configured as string
- # @default -- Hard node and soft zone anti-affinity
- affinity: |
+ # -- Affinity for gateway pods.
+ # @default -- Hard node anti-affinity
+ affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
- {{- include "loki.gatewaySelectorLabels" . | nindent 10 }}
+ app.kubernetes.io/component: gateway
topologyKey: kubernetes.io/hostname
# -- DNS config for gateway pods
dnsConfig: {}
@@ -1445,9 +1014,11 @@
htpasswd: >-
{{ if .Values.loki.tenants }}
+
{{- range $t := .Values.loki.tenants }}
{{ htpasswd (required "All tenants must have a 'name' set" $t.name) (required "All tenants must have a 'password' set" $t.password) }}
+
{{- end }}
{{ else }} {{ htpasswd (required "'gateway.basicAuth.username' is required" .Values.gateway.basicAuth.username) (required "'gateway.basicAuth.password' is required" .Values.gateway.basicAuth.password) }} {{ end }}
# -- Existing basic auth secret to use. Must contain '.htpasswd'
@@ -1456,10 +1027,12 @@
readinessProbe:
httpGet:
path: /
- port: http
+ port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
nginxConfig:
+ # -- Which schema to be used when building URLs. Can be 'http' or 'https'.
+ schema: http
# -- Enable listener for IPv6, disable on IPv4-only systems
enableIPv6: true
# -- NGINX log format
@@ -1472,6 +1045,8 @@
# -- Allows appending custom configuration to the http block, passed through the `tpl` function to allow templating
httpSnippet: >-
{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}
+ # -- Whether ssl should be appended to the listen directive of the server block or not.
+ ssl: false
# -- Override Read URL
customReadUrl: null
# -- Override Write URL
@@ -1484,58 +1059,2003 @@
# @default -- See values.yaml
file: |
{{- include "loki.nginxFile" . | indent 2 -}}
-networkPolicy:
- # -- Specifies whether Network Policies should be created
+# -- If running enterprise and using the default enterprise gateway, configs go here.
+enterpriseGateway:
+ # -- Define the amount of instances
+ replicas: 1
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ # -- Additional CLI arguments for the `gateway` target
+ extraArgs: {}
+ # -- Additional labels for the `gateway` Pod
+ labels: {}
+ # -- Additional annotations for the `gateway` Pod
+ annotations: {}
+ # -- Additional labels and annotations for the `gateway` Service
+ # -- Service overriding service type
+ service:
+ type: ClusterIP
+ labels: {}
+ annotations: {}
+ # -- Run container as user `enterprise-logs(uid=10001)`
+ podSecurityContext:
+ runAsNonRoot: true
+ runAsGroup: 10001
+ runAsUser: 10001
+ fsGroup: 10001
+ containerSecurityContext:
+ readOnlyRootFilesystem: true
+ capabilities:
+ drop:
+ - ALL
+ allowPrivilegeEscalation: false
+ # -- If you want to use your own proxy URLs, set this to false.
+ useDefaultProxyURLs: true
+ # -- update strategy
+ strategy:
+ type: RollingUpdate
+ # -- Readiness probe
+ readinessProbe:
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 45
+ # -- Request and limit Kubernetes resources
+ # -- Values are defined in small.yaml and large.yaml
+ resources: {}
+ # -- Configure optional environment variables
+ env: []
+ # -- Configure optional initContainers
+ initContainers: []
+ # -- Conifgure optional extraContainers
+ extraContainers: []
+ # -- Additional volumes for Pods
+ extraVolumes: []
+ # -- Additional volume mounts for Pods
+ extraVolumeMounts: []
+ # -- Affinity for gateway Pods
+ affinity: {}
+ # -- Node selector for gateway Pods
+ nodeSelector: {}
+ # -- Tolerations for gateway Pods
+ tolerations: []
+ # -- Grace period to allow the gateway to shutdown before it is killed
+ terminationGracePeriodSeconds: 60
+# -- Ingress configuration Use either this ingress or the gateway, but not both at once.
+# If you enable this, make sure to disable the gateway.
+# You'll need to supply authn configuration for your ingress controller.
+ingress:
enabled: false
- # -- Specifies whether the policies created will be standard Network Policies (flavor: kubernetes)
- # or Cilium Network Policies (flavor: cilium)
- flavor: kubernetes
- metrics:
- # -- Specifies the Pods which are allowed to access the metrics port.
- # As this is cross-namespace communication, you also need the namespaceSelector.
- podSelector: {}
- # -- Specifies the namespaces which are allowed to access the metrics port
- namespaceSelector: {}
- # -- Specifies specific network CIDRs which are allowed to access the metrics port.
- # In case you use namespaceSelector, you also have to specify your kubelet networks here.
- # The metrics ports are also used for probes.
- cidrs: []
- ingress:
- # -- Specifies the Pods which are allowed to access the http port.
- # As this is cross-namespace communication, you also need the namespaceSelector.
- podSelector: {}
- # -- Specifies the namespaces which are allowed to access the http port
- namespaceSelector: {}
- alertmanager:
- # -- Specify the alertmanager port used for alerting
- port: 9093
- # -- Specifies the alertmanager Pods.
- # As this is cross-namespace communication, you also need the namespaceSelector.
- podSelector: {}
- # -- Specifies the namespace the alertmanager is running in
- namespaceSelector: {}
- externalStorage:
- # -- Specify the port used for external storage, e.g. AWS S3
- ports: []
- # -- Specifies specific network CIDRs you want to limit access to
- cidrs: []
- discovery:
- # -- (int) Specify the port used for discovery
- port: null
- # -- Specifies the Pods labels used for discovery.
- # As this is cross-namespace communication, you also need the namespaceSelector.
- podSelector: {}
- # -- Specifies the namespace the discovery Pods are running in
- namespaceSelector: {}
- egressWorld:
- # -- Enable additional cilium egress rules to external world for write, read and backend.
+ ingressClassName: ""
+ annotations: {}
+ # nginx.ingress.kubernetes.io/auth-type: basic
+ # nginx.ingress.kubernetes.io/auth-secret: loki-distributed-basic-auth
+ # nginx.ingress.kubernetes.io/auth-secret-type: auth-map
+ # nginx.ingress.kubernetes.io/configuration-snippet: |
+ # proxy_set_header X-Scope-OrgID $remote_user;
+ labels: {}
+ # blackbox.monitoring.exclude: "true"
+ paths:
+ write:
+ - /api/prom/push
+ - /loki/api/v1/push
+ read:
+ - /api/prom/tail
+ - /loki/api/v1/tail
+ - /loki/api
+ - /api/prom/rules
+ - /loki/api/v1/rules
+ - /prometheus/api/v1/rules
+ - /prometheus/api/v1/alerts
+ singleBinary:
+ - /api/prom/push
+ - /loki/api/v1/push
+ - /api/prom/tail
+ - /loki/api/v1/tail
+ - /loki/api
+ - /api/prom/rules
+ - /loki/api/v1/rules
+ - /prometheus/api/v1/rules
+ - /prometheus/api/v1/alerts
+ # -- Hosts configuration for the ingress, passed through the `tpl` function to allow templating
+ hosts:
+ - loki.example.com
+ # -- TLS configuration for the ingress. Hosts passed through the `tpl` function to allow templating
+ tls: []
+# - hosts:
+# - loki.example.com
+# secretName: loki-distributed-tls
+
+######################################################################################################################
+#
+# Migration
+#
+######################################################################################################################
+
+# -- Options that may be necessary when performing a migration from another helm chart
+migrate:
+ # -- When migrating from a distributed chart like loki-distributed or enterprise-logs
+ fromDistributed:
+ # -- Set to true if migrating from a distributed helm chart
enabled: false
- egressKubeApiserver:
- # -- Enable additional cilium egress rules to kube-apiserver for backend.
+ # -- If migrating from a distributed service, provide the distributed deployment's
+ # memberlist service DNS so the new deployment can join its ring.
+ memberlistService: ""
+
+######################################################################################################################
+#
+# Single Binary Deployment
+#
+# For small Loki installations up to a few 10's of GB per day, or for testing and development.
+#
+######################################################################################################################
+
+# Configuration for the single binary node(s)
+singleBinary:
+ # -- Number of replicas for the single binary
+ replicas: 0
+ autoscaling:
+ # -- Enable autoscaling
enabled: false
-# -------------------------------------
-# Configuration for `minio` child chart
-# -------------------------------------
+ # -- Minimum autoscaling replicas for the single binary
+ minReplicas: 1
+ # -- Maximum autoscaling replicas for the single binary
+ maxReplicas: 3
+ # -- Target CPU utilisation percentage for the single binary
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the single binary
+ targetMemoryUtilizationPercentage:
+ image:
+ # -- The Docker registry for the single binary image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the single binary image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the single binary image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for single binary pods
+ priorityClassName: null
+ # -- Annotations for single binary StatefulSet
+ annotations: {}
+ # -- Annotations for single binary pods
+ podAnnotations: {}
+ # -- Additional labels for each `single binary` pod
+ podLabels: {}
+ # -- Additional selector labels for each `single binary` pod
+ selectorLabels: {}
+ service:
+ # -- Annotations for single binary Service
+ annotations: {}
+ # -- Additional labels for single binary Service
+ labels: {}
+ # -- Comma-separated list of Loki modules to load for the single binary
+ targetModule: "all"
+ # -- Labels for single binary service
+ extraArgs: []
+ # -- Environment variables to add to the single binary pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the single binary pods
+ extraEnvFrom: []
+ # -- Extra containers to add to the single binary loki pod
+ extraContainers: []
+ # -- Init containers to add to the single binary pods
+ initContainers: []
+ # -- Volume mounts to add to the single binary pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the single binary pods
+ extraVolumes: []
+ # -- Resource requests and limits for the single binary
+ resources: {}
+ # -- Grace period to allow the single binary to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for single binary pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: single-binary
+ topologyKey: kubernetes.io/hostname
+ # -- DNS config for single binary pods
+ dnsConfig: {}
+ # -- Node selector for single binary pods
+ nodeSelector: {}
+ # -- Tolerations for single binary pods
+ tolerations: []
+ persistence:
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: true
+ # -- Enable persistent disk
+ enabled: true
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Selector for persistent disk
+ selector: null
+######################################################################################################################
+#
+# Simple Scalable Deployment (SSD) Mode
+#
+# For small to medium size Loki deployments up to around 1 TB/day, this is the default mode for this helm chart
+#
+######################################################################################################################
+
+# Configuration for the write pod(s)
+write:
+ # -- Number of replicas for the write
+ replicas: 3
+ autoscaling:
+ # -- Enable autoscaling for the write.
+ enabled: false
+ # -- Minimum autoscaling replicas for the write.
+ minReplicas: 2
+ # -- Maximum autoscaling replicas for the write.
+ maxReplicas: 6
+ # -- Target CPU utilisation percentage for the write.
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilization percentage for the write.
+ targetMemoryUtilizationPercentage:
+ # -- Behavior policies while scaling.
+ behavior:
+ # -- see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
+ scaleUp:
+ policies:
+ - type: Pods
+ value: 1
+ periodSeconds: 900
+ scaleDown:
+ policies:
+ - type: Pods
+ value: 1
+ periodSeconds: 1800
+ stabilizationWindowSeconds: 3600
+ image:
+ # -- The Docker registry for the write image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the write image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the write image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for write pods
+ priorityClassName: null
+ # -- Annotations for write StatefulSet
+ annotations: {}
+ # -- Annotations for write pods
+ podAnnotations: {}
+ # -- Additional labels for each `write` pod
+ podLabels: {}
+ # -- Additional selector labels for each `write` pod
+ selectorLabels: {}
+ service:
+ # -- Annotations for write Service
+ annotations: {}
+ # -- Additional labels for write Service
+ labels: {}
+ # -- Comma-separated list of Loki modules to load for the write
+ targetModule: "write"
+ # -- Additional CLI args for the write
+ extraArgs: []
+ # -- Environment variables to add to the write pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the write pods
+ extraEnvFrom: []
+ # -- Lifecycle for the write container
+ lifecycle: {}
+ # -- The default /flush_shutdown preStop hook is recommended as part of the ingester
+ # scaledown process so it's added to the template by default when autoscaling is enabled,
+ # but it's disabled to optimize rolling restarts in instances that will never be scaled
+ # down or when using chunks storage with WAL disabled.
+ # https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown
+ # -- Init containers to add to the write pods
+ initContainers: []
+ # -- Containers to add to the write pods
+ extraContainers: []
+ # -- Volume mounts to add to the write pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the write pods
+ extraVolumes: []
+ # -- volumeClaimTemplates to add to StatefulSet
+ extraVolumeClaimTemplates: []
+ # -- Resource requests and limits for the write
+ resources: {}
+ # -- Grace period to allow the write to shutdown before it is killed. Especially for the ingester,
+ # this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring
+ # all data and to successfully leave the member ring on shutdown.
+ terminationGracePeriodSeconds: 300
+ # -- Affinity for write pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: write
+ topologyKey: kubernetes.io/hostname
+ # -- DNS config for write pods
+ dnsConfig: {}
+ # -- Node selector for write pods
+ nodeSelector: {}
+ # -- Topology Spread Constraints for write pods
+ topologySpreadConstraints: []
+ # -- Tolerations for write pods
+ tolerations: []
+ # -- The default is to deploy all pods in parallel.
+ podManagementPolicy: "Parallel"
+ persistence:
+ # -- Enable volume claims in pod spec
+ volumeClaimsEnabled: true
+ # -- Parameters used for the `data` volume when volumeClaimEnabled if false
+ dataVolumeParameters:
+ emptyDir: {}
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Selector for persistent disk
+ selector: null
+# -- Configuration for the read pod(s)
+read:
+ # -- Number of replicas for the read
+ replicas: 3
+ autoscaling:
+ # -- Enable autoscaling for the read, this is only used if `queryIndex.enabled: true`
+ enabled: false
+ # -- Minimum autoscaling replicas for the read
+ minReplicas: 2
+ # -- Maximum autoscaling replicas for the read
+ maxReplicas: 6
+ # -- Target CPU utilisation percentage for the read
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the read
+ targetMemoryUtilizationPercentage:
+ # -- Behavior policies while scaling.
+ behavior: {}
+ # scaleUp:
+ # stabilizationWindowSeconds: 300
+ # policies:
+ # - type: Pods
+ # value: 1
+ # periodSeconds: 60
+ # scaleDown:
+ # stabilizationWindowSeconds: 300
+ # policies:
+ # - type: Pods
+ # value: 1
+ # periodSeconds: 180
+ image:
+ # -- The Docker registry for the read image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the read image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the read image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for read pods
+ priorityClassName: null
+ # -- Annotations for read deployment
+ annotations: {}
+ # -- Annotations for read pods
+ podAnnotations: {}
+ # -- Additional labels for each `read` pod
+ podLabels: {}
+ # -- Additional selector labels for each `read` pod
+ selectorLabels: {}
+ service:
+ # -- Annotations for read Service
+ annotations: {}
+ # -- Additional labels for read Service
+ labels: {}
+ # -- Comma-separated list of Loki modules to load for the read
+ targetModule: "read"
+ # -- Whether or not to use the 2 target type simple scalable mode (read, write) or the
+ # 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will
+ # run two targets, false will run 3 targets.
+ legacyReadTarget: false
+ # -- Additional CLI args for the read
+ extraArgs: []
+ # -- Containers to add to the read pods
+ extraContainers: []
+ # -- Environment variables to add to the read pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the read pods
+ extraEnvFrom: []
+ # -- Lifecycle for the read container
+ lifecycle: {}
+ # -- Volume mounts to add to the read pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the read pods
+ extraVolumes: []
+ # -- Resource requests and limits for the read
+ resources: {}
+ # -- Grace period to allow the read to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for read pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: read
+ topologyKey: kubernetes.io/hostname
+ # -- DNS config for read pods
+ dnsConfig: {}
+ # -- Node selector for read pods
+ nodeSelector: {}
+ # -- Topology Spread Constraints for read pods
+ topologySpreadConstraints: []
+ # -- Tolerations for read pods
+ tolerations: []
+ # -- The default is to deploy all pods in parallel.
+ podManagementPolicy: "Parallel"
+ persistence:
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: true
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Selector for persistent disk
+ selector: null
+# -- Configuration for the backend pod(s)
+backend:
+ # -- Number of replicas for the backend
+ replicas: 3
+ autoscaling:
+ # -- Enable autoscaling for the backend.
+ enabled: false
+ # -- Minimum autoscaling replicas for the backend.
+ minReplicas: 3
+ # -- Maximum autoscaling replicas for the backend.
+ maxReplicas: 6
+ # -- Target CPU utilization percentage for the backend.
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilization percentage for the backend.
+ targetMemoryUtilizationPercentage:
+ # -- Behavior policies while scaling.
+ behavior: {}
+ # scaleUp:
+ # stabilizationWindowSeconds: 300
+ # policies:
+ # - type: Pods
+ # value: 1
+ # periodSeconds: 60
+ # scaleDown:
+ # stabilizationWindowSeconds: 300
+ # policies:
+ # - type: Pods
+ # value: 1
+ # periodSeconds: 180
+ image:
+ # -- The Docker registry for the backend image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the backend image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the backend image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for backend pods
+ priorityClassName: null
+ # -- Annotations for backend StatefulSet
+ annotations: {}
+ # -- Annotations for backend pods
+ podAnnotations: {}
+ # -- Additional labels for each `backend` pod
+ podLabels: {}
+ # -- Additional selector labels for each `backend` pod
+ selectorLabels: {}
+ service:
+ # -- Annotations for backend Service
+ annotations: {}
+ # -- Additional labels for backend Service
+ labels: {}
+ # -- Comma-separated list of Loki modules to load for the read
+ targetModule: "backend"
+ # -- Additional CLI args for the backend
+ extraArgs: []
+ # -- Environment variables to add to the backend pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the backend pods
+ extraEnvFrom: []
+ # -- Init containers to add to the backend pods
+ initContainers: []
+ # -- Volume mounts to add to the backend pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the backend pods
+ extraVolumes: []
+ # -- Resource requests and limits for the backend
+ resources: {}
+ # -- Grace period to allow the backend to shutdown before it is killed. Especially for the ingester,
+ # this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring
+ # all data and to successfully leave the member ring on shutdown.
+ terminationGracePeriodSeconds: 300
+ # -- Affinity for backend pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: backend
+ topologyKey: kubernetes.io/hostname
+ # -- DNS config for backend pods
+ dnsConfig: {}
+ # -- Node selector for backend pods
+ nodeSelector: {}
+ # -- Topology Spread Constraints for backend pods
+ topologySpreadConstraints: []
+ # -- Tolerations for backend pods
+ tolerations: []
+ # -- The default is to deploy all pods in parallel.
+ podManagementPolicy: "Parallel"
+ persistence:
+ # -- Enable volume claims in pod spec
+ volumeClaimsEnabled: true
+ # -- Parameters used for the `data` volume when volumeClaimEnabled if false
+ dataVolumeParameters:
+ emptyDir: {}
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: true
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Selector for persistent disk
+ selector: null
+######################################################################################################################
+#
+# Microservices Mode
+#
+# For large Loki deployments ingesting more than 1 TB/day
+#
+######################################################################################################################
+
+# -- Configuration for the ingester
+ingester:
+ # -- Number of replicas for the ingester, when zoneAwareReplication.enabled is true, the total
+ # number of replicas will match this value with each zone having 1/3rd of the total replicas.
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ autoscaling:
+ # -- Enable autoscaling for the ingester
+ enabled: false
+ # -- Minimum autoscaling replicas for the ingester
+ minReplicas: 1
+ # -- Maximum autoscaling replicas for the ingester
+ maxReplicas: 3
+ # -- Target CPU utilisation percentage for the ingester
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the ingester
+ targetMemoryUtilizationPercentage: null
+ # -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
+ customMetrics: []
+ # - type: Pods
+ # pods:
+ # metric:
+ # name: loki_lines_total
+ # target:
+ # type: AverageValue
+ # averageValue: 10k
+ behavior:
+ # -- Enable autoscaling behaviours
+ enabled: false
+ # -- define scale down policies, must conform to HPAScalingRules
+ scaleDown: {}
+ # -- define scale up policies, must conform to HPAScalingRules
+ scaleUp: {}
+ image:
+ # -- The Docker registry for the ingester image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the ingester image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the ingester image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ priorityClassName: null
+ # -- Labels for ingester pods
+ podLabels: {}
+ # -- Annotations for ingester pods
+ podAnnotations: {}
+ # -- The name of the PriorityClass for ingester pods
+ # -- Labels for ingestor service
+ serviceLabels: {}
+ # -- Additional CLI args for the ingester
+ extraArgs: []
+ # -- Environment variables to add to the ingester pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the ingester pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the ingester pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the ingester pods
+ extraVolumes: []
+ # -- Resource requests and limits for the ingester
+ resources: {}
+ # -- Containers to add to the ingester pods
+ extraContainers: []
+ # -- Init containers to add to the ingester pods
+ initContainers: []
+ # -- Grace period to allow the ingester to shutdown before it is killed. Especially for the ingestor,
+ # this must be increased. It must be long enough so ingesters can be gracefully shutdown flushing/transferring
+ # all data and to successfully leave the member ring on shutdown.
+ terminationGracePeriodSeconds: 300
+ # -- Lifecycle for the ingester container
+ lifecycle: {}
+ # -- topologySpread for ingester pods.
+ # @default -- Defaults to allow skew no more than 1 node
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: ingester
+ # -- Affinity for ingester pods. Ignored if zoneAwareReplication is enabled.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: ingester
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: 1
+ # -- Node selector for ingester pods
+ nodeSelector: {}
+ # -- Tolerations for ingester pods
+ tolerations: []
+ # -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
+ readinessProbe: {}
+ # -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
+ livenessProbe: {}
+ persistence:
+ # -- Enable creating PVCs which is required when using boltdb-shipper
+ enabled: false
+ # -- Use emptyDir with ramdisk for storage. **Please note that all data in ingester will be lost on pod restart**
+ inMemory: false
+ # -- List of the ingester PVCs
+ # @notationType -- list
+ claims:
+ - name: data
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # - name: wal
+ # size: 150Gi
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ # -- Adds the appProtocol field to the ingester service. This allows ingester to work with istio protocol selection.
+ appProtocol:
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ grpc: ""
+ # -- Enabling zone awareness on ingesters will create 3 statefulests where all writes will send a replica to each zone.
+ # This is primarily intended to accelerate rollout operations by allowing for multiple ingesters within a single
+ # zone to be shutdown and restart simultaneously (the remaining 2 zones will be guaranteed to have at least one copy
+ # of the data).
+ # Note: This can be used to run Loki over multiple cloud provider availability zones however this is not currently
+ # recommended as Loki is not optimized for this and cross zone network traffic costs can become extremely high
+ # extremely quickly. Even with zone awareness enabled, it is recommended to run Loki in a single availability zone.
+ zoneAwareReplication:
+ # -- Enable zone awareness.
+ enabled: true
+ # -- The percent of replicas in each zone that will be restarted at once. In a value of 0-100
+ maxUnavailablePct: 33
+ # -- zoneA configuration
+ zoneA:
+ # -- optionally define a node selector for this zone
+ nodeSelector: null
+ # -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
+ extraAffinity: {}
+ # -- Specific annotations to add to zone A statefulset
+ annotations: {}
+ # -- Specific annotations to add to zone A pods
+ podAnnotations: {}
+ zoneB:
+ # -- optionally define a node selector for this zone
+ nodeSelector: null
+ # -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
+ extraAffinity: {}
+ # -- Specific annotations to add to zone B statefulset
+ annotations: {}
+ # -- Specific annotations to add to zone B pods
+ podAnnotations: {}
+ zoneC:
+ # -- optionally define a node selector for this zone
+ nodeSelector: null
+ # -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
+ extraAffinity: {}
+ # -- Specific annotations to add to zone C statefulset
+ annotations: {}
+ # -- Specific annotations to add to zone C pods
+ podAnnotations: {}
+ # -- The migration block allows migrating non zone aware ingesters to zone aware ingesters.
+ migration:
+ enabled: false
+ excludeDefaultZone: false
+ readPath: false
+ writePath: false
+# -- Configuration for the distributor
+distributor:
+ # -- Number of replicas for the distributor
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ autoscaling:
+ # -- Enable autoscaling for the distributor
+ enabled: false
+ # -- Minimum autoscaling replicas for the distributor
+ minReplicas: 1
+ # -- Maximum autoscaling replicas for the distributor
+ maxReplicas: 3
+ # -- Target CPU utilisation percentage for the distributor
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the distributor
+ targetMemoryUtilizationPercentage: null
+ # -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
+ customMetrics: []
+ # - type: Pods
+ # pods:
+ # metric:
+ # name: loki_lines_total
+ # target:
+ # type: AverageValue
+ # averageValue: 10k
+ behavior:
+ # -- Enable autoscaling behaviours
+ enabled: false
+ # -- define scale down policies, must conform to HPAScalingRules
+ scaleDown: {}
+ # -- define scale up policies, must conform to HPAScalingRules
+ scaleUp: {}
+ image:
+ # -- The Docker registry for the distributor image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the distributor image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the distributor image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for distributor pods
+ priorityClassName: null
+ # -- Labels for distributor pods
+ podLabels: {}
+ # -- Annotations for distributor pods
+ podAnnotations: {}
+ # -- Labels for distributor service
+ serviceLabels: {}
+ # -- Additional CLI args for the distributor
+ extraArgs: []
+ # -- Environment variables to add to the distributor pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the distributor pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the distributor pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the distributor pods
+ extraVolumes: []
+ # -- Resource requests and limits for the distributor
+ resources: {}
+ # -- Containers to add to the distributor pods
+ extraContainers: []
+ # -- Grace period to allow the distributor to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for distributor pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: distributor
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: null
+ # -- Max Surge for distributor pods
+ maxSurge: 0
+ # -- Node selector for distributor pods
+ nodeSelector: {}
+ # -- Tolerations for distributor pods
+ tolerations: []
+ # -- Adds the appProtocol field to the distributor service. This allows distributor to work with istio protocol selection.
+ appProtocol:
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ grpc: ""
+# -- Configuration for the querier
+querier:
+ # -- Number of replicas for the querier
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ autoscaling:
+ # -- Enable autoscaling for the querier, this is only used if `indexGateway.enabled: true`
+ enabled: false
+ # -- Minimum autoscaling replicas for the querier
+ minReplicas: 1
+ # -- Maximum autoscaling replicas for the querier
+ maxReplicas: 3
+ # -- Target CPU utilisation percentage for the querier
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the querier
+ targetMemoryUtilizationPercentage: null
+ # -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
+ customMetrics: []
+ # - type: External
+ # external:
+ # metric:
+ # name: loki_inflight_queries
+ # target:
+ # type: AverageValue
+ # averageValue: 12
+ behavior:
+ # -- Enable autoscaling behaviours
+ enabled: false
+ # -- define scale down policies, must conform to HPAScalingRules
+ scaleDown: {}
+ # -- define scale up policies, must conform to HPAScalingRules
+ scaleUp: {}
+ image:
+ # -- The Docker registry for the querier image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the querier image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the querier image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for querier pods
+ priorityClassName: null
+ # -- Labels for querier pods
+ podLabels: {}
+ # -- Annotations for querier pods
+ podAnnotations: {}
+ # -- Labels for querier service
+ serviceLabels: {}
+ # -- Additional CLI args for the querier
+ extraArgs: []
+ # -- Environment variables to add to the querier pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the querier pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the querier pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the querier pods
+ extraVolumes: []
+ # -- Resource requests and limits for the querier
+ resources: {}
+ # -- Containers to add to the querier pods
+ extraContainers: []
+ # -- Init containers to add to the querier pods
+ initContainers: []
+ # -- Grace period to allow the querier to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- topologySpread for querier pods.
+ # @default -- Defaults to allow skew no more then 1 node
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: querier
+ # -- Affinity for querier pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: querier
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: null
+ # -- Max Surge for querier pods
+ maxSurge: 0
+ # -- Node selector for querier pods
+ nodeSelector: {}
+ # -- Tolerations for querier pods
+ tolerations: []
+ # -- DNSConfig for querier pods
+ dnsConfig: {}
+ persistence:
+ # -- Enable creating PVCs for the querier cache
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for querier PVCs
+ annotations: {}
+ # -- Adds the appProtocol field to the querier service. This allows querier to work with istio protocol selection.
+ appProtocol:
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ grpc: ""
+# -- Configuration for the query-frontend
+queryFrontend:
+ # -- Number of replicas for the query-frontend
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ autoscaling:
+ # -- Enable autoscaling for the query-frontend
+ enabled: false
+ # -- Minimum autoscaling replicas for the query-frontend
+ minReplicas: 1
+ # -- Maximum autoscaling replicas for the query-frontend
+ maxReplicas: 3
+ # -- Target CPU utilisation percentage for the query-frontend
+ targetCPUUtilizationPercentage: 60
+ # -- Target memory utilisation percentage for the query-frontend
+ targetMemoryUtilizationPercentage: null
+ # -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
+ customMetrics: []
+ # - type: Pods
+ # pods:
+ # metric:
+ # name: loki_query_rate
+ # target:
+ # type: AverageValue
+ # averageValue: 100
+ behavior:
+ # -- Enable autoscaling behaviours
+ enabled: false
+ # -- define scale down policies, must conform to HPAScalingRules
+ scaleDown: {}
+ # -- define scale up policies, must conform to HPAScalingRules
+ scaleUp: {}
+ image:
+ # -- The Docker registry for the query-frontend image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the query-frontend image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the query-frontend image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for query-frontend pods
+ priorityClassName: null
+ # -- Labels for query-frontend pods
+ podLabels: {}
+ # -- Annotations for query-frontend pods
+ podAnnotations: {}
+ # -- Labels for query-frontend service
+ serviceLabels: {}
+ # -- Additional CLI args for the query-frontend
+ extraArgs: []
+ # -- Environment variables to add to the query-frontend pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the query-frontend pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the query-frontend pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the query-frontend pods
+ extraVolumes: []
+ # -- Resource requests and limits for the query-frontend
+ resources: {}
+ # -- Containers to add to the query-frontend pods
+ extraContainers: []
+ # -- Grace period to allow the query-frontend to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for query-frontend pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: query-frontend
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: null
+ # -- Node selector for query-frontend pods
+ nodeSelector: {}
+ # -- Tolerations for query-frontend pods
+ tolerations: []
+ # -- Adds the appProtocol field to the queryFrontend service. This allows queryFrontend to work with istio protocol selection.
+ appProtocol:
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ grpc: ""
+# -- Configuration for the query-scheduler
+queryScheduler:
+ # -- Number of replicas for the query-scheduler.
+ # It should be lower than `-querier.max-concurrent` to avoid generating back-pressure in queriers;
+ # it's also recommended that this value evenly divides the latter
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the query-scheduler image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the query-scheduler image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the query-scheduler image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for query-scheduler pods
+ priorityClassName: null
+ # -- Labels for query-scheduler pods
+ podLabels: {}
+ # -- Annotations for query-scheduler pods
+ podAnnotations: {}
+ # -- Labels for query-scheduler service
+ serviceLabels: {}
+ # -- Additional CLI args for the query-scheduler
+ extraArgs: []
+ # -- Environment variables to add to the query-scheduler pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the query-scheduler pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the query-scheduler pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the query-scheduler pods
+ extraVolumes: []
+ # -- Resource requests and limits for the query-scheduler
+ resources: {}
+ # -- Containers to add to the query-scheduler pods
+ extraContainers: []
+ # -- Grace period to allow the query-scheduler to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for query-scheduler pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: query-scheduler
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: 1
+ # -- Node selector for query-scheduler pods
+ nodeSelector: {}
+ # -- Tolerations for query-scheduler pods
+ tolerations: []
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+# -- Configuration for the index-gateway
+indexGateway:
+ # -- Number of replicas for the index-gateway
+ replicas: 0
+ # -- Whether the index gateway should join the memberlist hashring
+ joinMemberlist: true
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the index-gateway image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the index-gateway image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the index-gateway image. Overrides `loki.image.tag`
+ tag: null
+ # -- The name of the PriorityClass for index-gateway pods
+ priorityClassName: null
+ # -- Labels for index-gateway pods
+ podLabels: {}
+ # -- Annotations for index-gateway pods
+ podAnnotations: {}
+ # -- Labels for index-gateway service
+ serviceLabels: {}
+ # -- Additional CLI args for the index-gateway
+ extraArgs: []
+ # -- Environment variables to add to the index-gateway pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the index-gateway pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the index-gateway pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the index-gateway pods
+ extraVolumes: []
+ # -- Resource requests and limits for the index-gateway
+ resources: {}
+ # -- Containers to add to the index-gateway pods
+ extraContainers: []
+ # -- Init containers to add to the index-gateway pods
+ initContainers: []
+ # -- Grace period to allow the index-gateway to shutdown before it is killed.
+ terminationGracePeriodSeconds: 300
+ # -- Affinity for index-gateway pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: index-gateway
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: null
+ # -- Node selector for index-gateway pods
+ nodeSelector: {}
+ # -- Tolerations for index-gateway pods
+ tolerations: []
+ persistence:
+ # -- Enable creating PVCs which is required when using boltdb-shipper
+ enabled: false
+ # -- Use emptyDir with ramdisk for storage. **Please note that all data in indexGateway will be lost on pod restart**
+ inMemory: false
+ # -- Size of persistent or memory disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for index gateway PVCs
+ annotations: {}
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+# -- Configuration for the compactor
+compactor:
+ # -- Number of replicas for the compactor
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the compactor image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the compactor image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the compactor image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for compactor pods
+ priorityClassName: null
+ # -- Labels for compactor pods
+ podLabels: {}
+ # -- Annotations for compactor pods
+ podAnnotations: {}
+ # -- Affinity for compactor pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: compactor
+ topologyKey: kubernetes.io/hostname
+ # -- Labels for compactor service
+ serviceLabels: {}
+ # -- Additional CLI args for the compactor
+ extraArgs: []
+ # -- Environment variables to add to the compactor pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the compactor pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the compactor pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the compactor pods
+ extraVolumes: []
+ # -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
+ readinessProbe: {}
+ # -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
+ livenessProbe: {}
+ # -- Resource requests and limits for the compactor
+ resources: {}
+ # -- Containers to add to the compactor pods
+ extraContainers: []
+ # -- Init containers to add to the compactor pods
+ initContainers: []
+ # -- Grace period to allow the compactor to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Node selector for compactor pods
+ nodeSelector: {}
+ # -- Tolerations for compactor pods
+ tolerations: []
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+ persistence:
+ # -- Enable creating PVCs for the compactor
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for compactor PVCs
+ annotations: {}
+ # -- List of the compactor PVCs
+ # @notationType -- list
+ claims:
+ - name: data
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # - name: wal
+ # size: 150Gi
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ serviceAccount:
+ create: false
+ # -- The name of the ServiceAccount to use for the compactor.
+ # If not set and create is true, a name is generated by appending
+ # "-compactor" to the common ServiceAccount.
+ name: null
+ # -- Image pull secrets for the compactor service account
+ imagePullSecrets: []
+ # -- Annotations for the compactor service account
+ annotations: {}
+ # -- Set this toggle to false to opt out of automounting API credentials for the service account
+ automountServiceAccountToken: true
+# -- Configuration for the bloom gateway
+bloomGateway:
+ # -- Number of replicas for the bloom gateway
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the bloom gateway image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the bloom gateway image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the bloom gateway image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for bloom gateway pods
+ priorityClassName: null
+ # -- Labels for bloom gateway pods
+ podLabels: {}
+ # -- Annotations for bloom gateway pods
+ podAnnotations: {}
+ # -- Affinity for bloom gateway pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: bloom-gateway
+ topologyKey: kubernetes.io/hostname
+ # -- Labels for bloom gateway service
+ serviceLabels: {}
+ # -- Additional CLI args for the bloom gateway
+ extraArgs: []
+ # -- Environment variables to add to the bloom gateway pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the bloom gateway pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the bloom gateway pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the bloom gateway pods
+ extraVolumes: []
+ # -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
+ readinessProbe: {}
+ # -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
+ livenessProbe: {}
+ # -- Resource requests and limits for the bloom gateway
+ resources: {}
+ # -- Containers to add to the bloom gateway pods
+ extraContainers: []
+ # -- Init containers to add to the bloom gateway pods
+ initContainers: []
+ # -- Grace period to allow the bloom gateway to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Node selector for bloom gateway pods
+ nodeSelector: {}
+ # -- Tolerations for bloom gateway pods
+ tolerations: []
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+ persistence:
+ # -- Enable creating PVCs for the bloom gateway
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for bloom gateway PVCs
+ annotations: {}
+ # -- List of the bloom gateway PVCs
+ # @notationType -- list
+ claims:
+ - name: data
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # - name: wal
+ # size: 150Gi
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ serviceAccount:
+ create: false
+ # -- The name of the ServiceAccount to use for the bloom gateway.
+ # If not set and create is true, a name is generated by appending
+ # "-bloom-gateway" to the common ServiceAccount.
+ name: null
+ # -- Image pull secrets for the bloom gateway service account
+ imagePullSecrets: []
+ # -- Annotations for the bloom gateway service account
+ annotations: {}
+ # -- Set this toggle to false to opt out of automounting API credentials for the service account
+ automountServiceAccountToken: true
+# -- Configuration for the bloom compactor
+bloomCompactor:
+ # -- Number of replicas for the bloom compactor
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the bloom compactor image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the bloom compactor image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the bloom compactor image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for bloom compactor pods
+ priorityClassName: null
+ # -- Labels for bloom compactor pods
+ podLabels: {}
+ # -- Annotations for bloom compactor pods
+ podAnnotations: {}
+ # -- Affinity for bloom compactor pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: bloom-compactor
+ topologyKey: kubernetes.io/hostname
+ # -- Labels for bloom compactor service
+ serviceLabels: {}
+ # -- Additional CLI args for the bloom compactor
+ extraArgs: []
+ # -- Environment variables to add to the bloom compactor pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the bloom compactor pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the bloom compactor pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the bloom compactor pods
+ extraVolumes: []
+ # -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
+ readinessProbe: {}
+ # -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
+ livenessProbe: {}
+ # -- Resource requests and limits for the bloom compactor
+ resources: {}
+ # -- Containers to add to the bloom compactor pods
+ extraContainers: []
+ # -- Init containers to add to the bloom compactor pods
+ initContainers: []
+ # -- Grace period to allow the bloom compactor to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Node selector for bloom compactor pods
+ nodeSelector: {}
+ # -- Tolerations for bloom compactor pods
+ tolerations: []
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+ persistence:
+ # -- Enable creating PVCs for the bloom compactor
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for bloom compactor PVCs
+ annotations: {}
+ # -- List of the bloom compactor PVCs
+ # @notationType -- list
+ claims:
+ - name: data
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # - name: wal
+ # size: 150Gi
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ serviceAccount:
+ create: false
+ # -- The name of the ServiceAccount to use for the bloom compactor.
+ # If not set and create is true, a name is generated by appending
+ # "-bloom-compactor" to the common ServiceAccount.
+ name: null
+ # -- Image pull secrets for the bloom compactor service account
+ imagePullSecrets: []
+ # -- Annotations for the bloom compactor service account
+ annotations: {}
+ # -- Set this toggle to false to opt out of automounting API credentials for the service account
+ automountServiceAccountToken: true
+# -- Configuration for the pattern ingester
+patternIngester:
+ # -- Number of replicas for the pattern ingester
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the pattern ingester image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the pattern ingester image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the pattern ingester image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for pattern ingester pods
+ priorityClassName: null
+ # -- Labels for pattern ingester pods
+ podLabels: {}
+ # -- Annotations for pattern ingester pods
+ podAnnotations: {}
+ # -- Affinity for pattern ingester pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: pattern-ingester
+ topologyKey: kubernetes.io/hostname
+ # -- Labels for pattern ingester service
+ serviceLabels: {}
+ # -- Additional CLI args for the pattern ingester
+ extraArgs: []
+ # -- Environment variables to add to the pattern ingester pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the pattern ingester pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the pattern ingester pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the pattern ingester pods
+ extraVolumes: []
+ # -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
+ readinessProbe: {}
+ # -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
+ livenessProbe: {}
+ # -- Resource requests and limits for the pattern ingester
+ resources: {}
+ # -- Containers to add to the pattern ingester pods
+ extraContainers: []
+ # -- Init containers to add to the pattern ingester pods
+ initContainers: []
+ # -- Grace period to allow the pattern ingester to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Node selector for pattern ingester pods
+ nodeSelector: {}
+ # -- Tolerations for pattern ingester pods
+ tolerations: []
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+ persistence:
+ # -- Enable creating PVCs for the pattern ingester
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for pattern ingester PVCs
+ annotations: {}
+ # -- List of the pattern ingester PVCs
+ # @notationType -- list
+ claims:
+ - name: data
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # - name: wal
+ # size: 150Gi
+ # -- Enable StatefulSetAutoDeletePVC feature
+ enableStatefulSetAutoDeletePVC: false
+ whenDeleted: Retain
+ whenScaled: Retain
+ serviceAccount:
+ create: false
+ # -- The name of the ServiceAccount to use for the pattern ingester.
+ # If not set and create is true, a name is generated by appending
+ # "-pattern-ingester" to the common ServiceAccount.
+ name: null
+ # -- Image pull secrets for the pattern ingester service account
+ imagePullSecrets: []
+ # -- Annotations for the pattern ingester service account
+ annotations: {}
+ # -- Set this toggle to false to opt out of automounting API credentials for the service account
+ automountServiceAccountToken: true
+# -- Configuration for the ruler
+ruler:
+ # -- The ruler component is optional and can be disabled if desired.
+ enabled: true
+ # -- Number of replicas for the ruler
+ replicas: 0
+ # -- hostAliases to add
+ hostAliases: []
+ # - ip: 1.2.3.4
+ # hostnames:
+ # - domain.tld
+ image:
+ # -- The Docker registry for the ruler image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the ruler image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the ruler image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for ruler pods
+ priorityClassName: null
+ # -- Labels for compactor pods
+ podLabels: {}
+ # -- Annotations for ruler pods
+ podAnnotations: {}
+ # -- Labels for ruler service
+ serviceLabels: {}
+ # -- Additional CLI args for the ruler
+ extraArgs: []
+ # -- Environment variables to add to the ruler pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the ruler pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the ruler pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the ruler pods
+ extraVolumes: []
+ # -- Resource requests and limits for the ruler
+ resources: {}
+ # -- Containers to add to the ruler pods
+ extraContainers: []
+ # -- Init containers to add to the ruler pods
+ initContainers: []
+ # -- Grace period to allow the ruler to shutdown before it is killed
+ terminationGracePeriodSeconds: 300
+ # -- Affinity for ruler pods.
+ # @default -- Hard node anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: ruler
+ topologyKey: kubernetes.io/hostname
+ # -- Pod Disruption Budget maxUnavailable
+ maxUnavailable: null
+ # -- Node selector for ruler pods
+ nodeSelector: {}
+ # -- Tolerations for ruler pods
+ tolerations: []
+ # -- DNSConfig for ruler pods
+ dnsConfig: {}
+ persistence:
+ # -- Enable creating PVCs which is required when using recording rules
+ enabled: false
+ # -- Size of persistent disk
+ size: 10Gi
+ # -- Storage class to be used.
+ # If defined, storageClassName: <storageClass>.
+ # If set to "-", storageClassName: "", which disables dynamic provisioning.
+ # If empty or set to null, no storageClassName spec is
+ # set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
+ storageClass: null
+ # -- Annotations for ruler PVCs
+ annotations: {}
+ # -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
+ appProtocol:
+ grpc: ""
+ # -- Directories containing rules files
+ directories: {}
+ # tenant_foo:
+ # rules1.txt: |
+ # groups:
+ # - name: should_fire
+ # rules:
+ # - alert: HighPercentageError
+ # expr: |
+ # sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)
+ # /
+ # sum(rate({app="foo", env="production"}[5m])) by (job)
+ # > 0.05
+ # for: 10m
+ # labels:
+ # severity: warning
+ # annotations:
+ # summary: High error rate
+ # - name: credentials_leak
+ # rules:
+ # - alert: http-credentials-leaked
+ # annotations:
+ # message: "{{ $labels.job }} is leaking http basic auth credentials."
+ # expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'
+ # for: 10m
+ # labels:
+ # severity: critical
+ # rules2.txt: |
+ # groups:
+ # - name: example
+ # rules:
+ # - alert: HighThroughputLogStreams
+ # expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000
+ # for: 2m
+ # tenant_bar:
+ # rules1.txt: |
+ # groups:
+ # - name: should_fire
+ # rules:
+ # - alert: HighPercentageError
+ # expr: |
+ # sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)
+ # /
+ # sum(rate({app="foo", env="production"}[5m])) by (job)
+ # > 0.05
+ # for: 10m
+ # labels:
+ # severity: warning
+ # annotations:
+ # summary: High error rate
+ # - name: credentials_leak
+ # rules:
+ # - alert: http-credentials-leaked
+ # annotations:
+ # message: "{{ $labels.job }} is leaking http basic auth credentials."
+ # expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'
+ # for: 10m
+ # labels:
+ # severity: critical
+ # rules2.txt: |
+ # groups:
+ # - name: example
+ # rules:
+ # - alert: HighThroughputLogStreams
+ # expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000
+ # for: 2m
+memcached:
+ image:
+ # -- Memcached Docker image repository
+ repository: memcached
+ # -- Memcached Docker image tag
+ tag: 1.6.23-alpine
+ # -- Memcached Docker image pull policy
+ pullPolicy: IfNotPresent
+ # -- The SecurityContext override for memcached pods
+ podSecurityContext: {}
+ # -- The name of the PriorityClass for memcached pods
+ priorityClassName: null
+ # -- The SecurityContext for memcached containers
+ containerSecurityContext:
+ readOnlyRootFilesystem: true
+ capabilities:
+ drop: [ALL]
+ allowPrivilegeEscalation: false
+memcachedExporter:
+ # -- Whether memcached metrics should be exported
+ enabled: true
+ image:
+ repository: prom/memcached-exporter
+ tag: v0.14.2
+ pullPolicy: IfNotPresent
+ resources:
+ requests: {}
+ limits: {}
+ # -- The SecurityContext for memcached exporter containers
+ containerSecurityContext:
+ readOnlyRootFilesystem: true
+ capabilities:
+ drop: [ALL]
+ allowPrivilegeEscalation: false
+ # -- Extra args to add to the exporter container.
+ # Example:
+ # extraArgs:
+ # memcached.tls.enable: true
+ # memcached.tls.cert-file: /certs/cert.crt
+ # memcached.tls.key-file: /certs/cert.key
+ # memcached.tls.ca-file: /certs/ca.crt
+ # memcached.tls.insecure-skip-verify: false
+ # memcached.tls.server-name: memcached
+ extraArgs: {}
+resultsCache:
+ # -- Specifies whether memcached based results-cache should be enabled
+ enabled: true
+ # -- Specify how long cached results should be stored in the results-cache before being expired
+ defaultValidity: 12h
+ # -- Memcached operation timeout
+ timeout: 500ms
+ # -- Total number of results-cache replicas
+ replicas: 1
+ # -- Port of the results-cache service
+ port: 11211
+ # -- Amount of memory allocated to results-cache for object storage (in MB).
+ allocatedMemory: 1024
+ # -- Maximum item results-cache for memcached (in MB).
+ maxItemMemory: 5
+ # -- Maximum number of connections allowed
+ connectionLimit: 16384
+ # -- Max memory to use for cache write back
+ writebackSizeLimit: 500MB
+ # -- Max number of objects to use for cache write back
+ writebackBuffer: 500000
+ # -- Number of parallel threads for cache write back
+ writebackParallelism: 1
+ # -- Extra init containers for results-cache pods
+ initContainers: []
+ # -- Annotations for the results-cache pods
+ annotations: {}
+ # -- Node selector for results-cache pods
+ nodeSelector: {}
+ # -- Affinity for results-cache pods
+ affinity: {}
+ # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.
+ # labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.
+ topologySpreadConstraints: []
+ # maxSkew: 1
+ # topologyKey: kubernetes.io/hostname
+ # whenUnsatisfiable: ScheduleAnyway
+ # -- Tolerations for results-cache pods
+ tolerations: []
+ # -- Pod Disruption Budget
+ podDisruptionBudget:
+ maxUnavailable: 1
+ # -- The name of the PriorityClass for results-cache pods
+ priorityClassName: null
+ # -- Labels for results-cache pods
+ podLabels: {}
+ # -- Annotations for results-cache pods
+ podAnnotations: {}
+ # -- Management policy for results-cache pods
+ podManagementPolicy: Parallel
+ # -- Grace period to allow the results-cache to shutdown before it is killed
+ terminationGracePeriodSeconds: 60
+ # -- Stateful results-cache strategy
+ statefulStrategy:
+ type: RollingUpdate
+ # -- Add extended options for results-cache memcached container. The format is the same as for the memcached -o/--extend flag.
+ # Example:
+ # extraExtendedOptions: 'tls,modern,track_sizes'
+ extraExtendedOptions: ""
+ # -- Additional CLI args for results-cache
+ extraArgs: {}
+ # -- Additional containers to be added to the results-cache pod.
+ extraContainers: []
+ # -- Additional volumes to be added to the results-cache pod (applies to both memcached and exporter containers).
+ # Example:
+ # extraVolumes:
+ # - name: extra-volume
+ # secret:
+ # secretName: extra-volume-secret
+ extraVolumes: []
+ # -- Additional volume mounts to be added to the results-cache pod (applies to both memcached and exporter containers).
+ # Example:
+ # extraVolumeMounts:
+ # - name: extra-volume
+ # mountPath: /etc/extra-volume
+ # readOnly: true
+ extraVolumeMounts: []
+ # -- Resource requests and limits for the results-cache
+ # By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).
+ resources: null
+ # -- Service annotations and labels
+ service:
+ annotations: {}
+ labels: {}
+chunksCache:
+ # -- Specifies whether memcached based chunks-cache should be enabled
+ enabled: true
+ # -- Batchsize for sending and receiving chunks from chunks cache
+ batchSize: 4
+ # -- Parallel threads for sending and receiving chunks from chunks cache
+ parallelism: 5
+ # -- Memcached operation timeout
+ timeout: 2000ms
+ # -- Specify how long cached chunks should be stored in the chunks-cache before being expired
+ defaultValidity: 0s
+ # -- Total number of chunks-cache replicas
+ replicas: 1
+ # -- Port of the chunks-cache service
+ port: 11211
+ # -- Amount of memory allocated to chunks-cache for object storage (in MB).
+ allocatedMemory: 8192
+ # -- Maximum item memory for chunks-cache (in MB).
+ maxItemMemory: 5
+ # -- Maximum number of connections allowed
+ connectionLimit: 16384
+ # -- Max memory to use for cache write back
+ writebackSizeLimit: 500MB
+ # -- Max number of objects to use for cache write back
+ writebackBuffer: 500000
+ # -- Number of parallel threads for cache write back
+ writebackParallelism: 1
+ # -- Extra init containers for chunks-cache pods
+ initContainers: []
+ # -- Annotations for the chunks-cache pods
+ annotations: {}
+ # -- Node selector for chunks-cache pods
+ nodeSelector: {}
+ # -- Affinity for chunks-cache pods
+ affinity: {}
+ # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.
+ # labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.
+ topologySpreadConstraints: []
+ # maxSkew: 1
+ # topologyKey: kubernetes.io/hostname
+ # whenUnsatisfiable: ScheduleAnyway
+ # -- Tolerations for chunks-cache pods
+ tolerations: []
+ # -- Pod Disruption Budget
+ podDisruptionBudget:
+ maxUnavailable: 1
+ # -- The name of the PriorityClass for chunks-cache pods
+ priorityClassName: null
+ # -- Labels for chunks-cache pods
+ podLabels: {}
+ # -- Annotations for chunks-cache pods
+ podAnnotations: {}
+ # -- Management policy for chunks-cache pods
+ podManagementPolicy: Parallel
+ # -- Grace period to allow the chunks-cache to shutdown before it is killed
+ terminationGracePeriodSeconds: 60
+ # -- Stateful chunks-cache strategy
+ statefulStrategy:
+ type: RollingUpdate
+ # -- Add extended options for chunks-cache memcached container. The format is the same as for the memcached -o/--extend flag.
+ # Example:
+ # extraExtendedOptions: 'tls,no_hashexpand'
+ extraExtendedOptions: ""
+ # -- Additional CLI args for chunks-cache
+ extraArgs: {}
+ # -- Additional containers to be added to the chunks-cache pod.
+ extraContainers: []
+ # -- Additional volumes to be added to the chunks-cache pod (applies to both memcached and exporter containers).
+ # Example:
+ # extraVolumes:
+ # - name: extra-volume
+ # secret:
+ # secretName: extra-volume-secret
+ extraVolumes: []
+ # -- Additional volume mounts to be added to the chunks-cache pod (applies to both memcached and exporter containers).
+ # Example:
+ # extraVolumeMounts:
+ # - name: extra-volume
+ # mountPath: /etc/extra-volume
+ # readOnly: true
+ extraVolumeMounts: []
+ # -- Resource requests and limits for the chunks-cache
+ # By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).
+ resources: null
+ # -- Service annotations and labels
+ service:
+ annotations: {}
+ labels: {}
+######################################################################################################################
+#
+# Subchart configurations
+#
+######################################################################################################################
+# -- Setting for the Grafana Rollout Operator https://github.com/grafana/helm-charts/tree/main/charts/rollout-operator
+rollout_operator:
+ enabled: false
+ # -- podSecurityContext is the pod security context for the rollout operator.
+ # When installing on OpenShift, override podSecurityContext settings with
+ #
+ # rollout_operator:
+ # podSecurityContext:
+ # fsGroup: null
+ # runAsGroup: null
+ # runAsUser: null
+ podSecurityContext:
+ fsGroup: 10001
+ runAsGroup: 10001
+ runAsNonRoot: true
+ runAsUser: 10001
+ seccompProfile:
+ type: RuntimeDefault
+ # Set the container security context
+ securityContext:
+ readOnlyRootFilesystem: true
+ capabilities:
+ drop: [ALL]
+ allowPrivilegeEscalation: false
+# -- Configuration for the minio subchart
minio:
enabled: false
replicas: 1
@@ -1561,6 +3081,8 @@
requests:
cpu: 100m
memory: 128Mi
+ # Allow the address used by Loki to refer to Minio to be overridden
+ address: null
# Create extra manifests via values. Would be passed through `tpl` for templating
extraObjects: []
# - apiVersion: v1
@@ -1640,3 +3162,215 @@
watchClientTimeout: 60
# -- Log level of the sidecar container.
logLevel: INFO
+############################################## WARNING ###############################################################
+#
+# DEPRECATED VALUES
+#
+# The following values are deprecated and will be removed in a future version of the helm chart!
+#
+############################################## WARNING ##############################################################
+
+# -- DEPRECATED Monitoring section determines which monitoring features to enable, this section is being replaced
+# by https://github.com/grafana/meta-monitoring-chart
+monitoring:
+ # Dashboards for monitoring Loki
+ dashboards:
+ # -- If enabled, create configmap with dashboards for monitoring Loki
+ enabled: false
+ # -- Alternative namespace to create dashboards ConfigMap in
+ namespace: null
+ # -- Additional annotations for the dashboards ConfigMap
+ annotations: {}
+ # -- Labels for the dashboards ConfigMap
+ labels:
+ grafana_dashboard: "1"
+ # Recording rules for monitoring Loki, required for some dashboards
+ rules:
+ # -- If enabled, create PrometheusRule resource with Loki recording rules
+ enabled: false
+ # -- Include alerting rules
+ alerting: true
+ # -- Specify which individual alerts should be disabled
+ # -- Instead of turning off each alert one by one, set the .monitoring.rules.alerting value to false instead.
+ # -- If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.
+ disabled: {}
+ # LokiRequestErrors: true
+ # LokiRequestPanics: true
+ # -- Alternative namespace to create PrometheusRule resources in
+ namespace: null
+ # -- Additional annotations for the rules PrometheusRule resource
+ annotations: {}
+ # -- Additional labels for the rules PrometheusRule resource
+ labels: {}
+ # -- Additional labels for PrometheusRule alerts
+ additionalRuleLabels: {}
+ # -- Additional groups to add to the rules file
+ additionalGroups: []
+ # - name: additional-loki-rules
+ # rules:
+ # - record: job:loki_request_duration_seconds_bucket:sum_rate
+ # expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job)
+ # - record: job_route:loki_request_duration_seconds_bucket:sum_rate
+ # expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route)
+ # - record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_rate
+ # expr: sum(rate(container_cpu_usage_seconds_total[1m])) by (node, namespace, pod, container)
+ # ServiceMonitor configuration
+ serviceMonitor:
+ # -- If enabled, ServiceMonitor resources for Prometheus Operator are created
+ enabled: false
+ # -- Namespace selector for ServiceMonitor resources
+ namespaceSelector: {}
+ # -- ServiceMonitor annotations
+ annotations: {}
+ # -- Additional ServiceMonitor labels
+ labels: {}
+ # -- ServiceMonitor scrape interval
+ # Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at
+ # least 1/4 rate interval.
+ interval: 15s
+ # -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
+ scrapeTimeout: null
+ # -- ServiceMonitor relabel configs to apply to samples before scraping
+ # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
+ relabelings: []
+ # -- ServiceMonitor metric relabel configs to apply to samples before ingestion
+ # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
+ metricRelabelings: []
+ # -- ServiceMonitor will use http by default, but you can pick https as well
+ scheme: http
+ # -- ServiceMonitor will use these tlsConfig settings to make the health check requests
+ tlsConfig: null
+ # -- If defined, will create a MetricsInstance for the Grafana Agent Operator.
+ metricsInstance:
+ # -- If enabled, MetricsInstance resources for Grafana Agent Operator are created
+ enabled: true
+ # -- MetricsInstance annotations
+ annotations: {}
+ # -- Additional MetricsInstance labels
+ labels: {}
+ # -- If defined a MetricsInstance will be created to remote write metrics.
+ remoteWrite: null
+ # Self monitoring determines whether Loki should scrape its own logs.
+ # This feature currently relies on the Grafana Agent Operator being installed,
+ # which is installed by default using the grafana-agent-operator sub-chart.
+ # It will create custom resources for GrafanaAgent, LogsInstance, and PodLogs to configure
+ # scrape configs to scrape its own logs with the labels expected by the included dashboards.
+ selfMonitoring:
+ enabled: false
+ # -- Tenant to use for self monitoring
+ tenant:
+ # -- Name of the tenant
+ name: "self-monitoring"
+ # -- Password of the gateway for Basic auth
+ password: null
+ # -- Namespace to create additional tenant token secret in. Useful if your Grafana instance
+ # is in a separate namespace. Token will still be created in the canary namespace.
+ secretNamespace: "{{ .Release.Namespace }}"
+ # Grafana Agent configuration
+ grafanaAgent:
+ # -- Controls whether to install the Grafana Agent Operator and its CRDs.
+ # Note that helm will not install CRDs if this flag is enabled during an upgrade.
+ # In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
+ installOperator: false
+ # -- Grafana Agent annotations
+ annotations: {}
+ # -- Additional Grafana Agent labels
+ labels: {}
+ # -- Enable the config read api on port 8080 of the agent
+ enableConfigReadAPI: false
+ # -- The name of the PriorityClass for GrafanaAgent pods
+ priorityClassName: null
+ # -- Resource requests and limits for the grafanaAgent pods
+ resources: {}
+ # limits:
+ # memory: 200Mi
+ # requests:
+ # cpu: 50m
+ # memory: 100Mi
+ # -- Tolerations for GrafanaAgent pods
+ tolerations: []
+ # PodLogs configuration
+ podLogs:
+ # -- PodLogs version
+ apiVersion: monitoring.grafana.com/v1alpha1
+ # -- PodLogs annotations
+ annotations: {}
+ # -- Additional PodLogs labels
+ labels: {}
+ # -- PodLogs relabel configs to apply to samples before scraping
+ # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
+ relabelings: []
+ # -- Additional pipeline stages to process logs after scraping
+ # https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca
+ additionalPipelineStages: []
+ # LogsInstance configuration
+ logsInstance:
+ # -- LogsInstance annotations
+ annotations: {}
+ # -- Additional LogsInstance labels
+ labels: {}
+ # -- Additional clients for remote write
+ clients: null
+# -- DEPRECATED Configuration for the table-manager. The table-manager is only necessary when using a deprecated
+# index type such as Cassandra, Bigtable, or DynamoDB, it has not been necessary since loki introduced self-
+# contained index types like 'boltdb-shipper' and 'tsdb'. This will be removed in a future helm chart.
+tableManager:
+ # -- Specifies whether the table-manager should be enabled
+ enabled: false
+ image:
+ # -- The Docker registry for the table-manager image. Overrides `loki.image.registry`
+ registry: null
+ # -- Docker image repository for the table-manager image. Overrides `loki.image.repository`
+ repository: null
+ # -- Docker image tag for the table-manager image. Overrides `loki.image.tag`
+ tag: null
+ # -- Command to execute instead of defined in Docker image
+ command: null
+ # -- The name of the PriorityClass for table-manager pods
+ priorityClassName: null
+ # -- Labels for table-manager pods
+ podLabels: {}
+ # -- Annotations for table-manager deployment
+ annotations: {}
+ # -- Annotations for table-manager pods
+ podAnnotations: {}
+ service:
+ # -- Annotations for table-manager Service
+ annotations: {}
+ # -- Additional labels for table-manager Service
+ labels: {}
+ # -- Additional CLI args for the table-manager
+ extraArgs: []
+ # -- Environment variables to add to the table-manager pods
+ extraEnv: []
+ # -- Environment variables from secrets or configmaps to add to the table-manager pods
+ extraEnvFrom: []
+ # -- Volume mounts to add to the table-manager pods
+ extraVolumeMounts: []
+ # -- Volumes to add to the table-manager pods
+ extraVolumes: []
+ # -- Resource requests and limits for the table-manager
+ resources: {}
+ # -- Containers to add to the table-manager pods
+ extraContainers: []
+ # -- Grace period to allow the table-manager to shutdown before it is killed
+ terminationGracePeriodSeconds: 30
+ # -- Affinity for table-manager pods.
+ # @default -- Hard node and anti-affinity
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: table-manager
+ topologyKey: kubernetes.io/hostname
+ # -- DNS config table-manager pods
+ dnsConfig: {}
+ # -- Node selector for table-manager pods
+ nodeSelector: {}
+ # -- Tolerations for table-manager pods
+ tolerations: []
+ # -- Enable deletes by retention
+ retention_deletes_enabled: false
+ # -- Set retention period
+ retention_period: 0