Bump all infrastructure components (#1355)
diff --git a/charts/loki/Chart.yaml b/charts/loki/Chart.yaml
index 8a57dcd..572a438 100644
--- a/charts/loki/Chart.yaml
+++ b/charts/loki/Chart.yaml
@@ -16,7 +16,8 @@
name: rollout-operator
repository: https://grafana.github.io/helm-charts
version: 0.13.0
-description: Helm chart for Grafana Loki in simple, scalable mode
+description: Helm chart for Grafana Loki and Grafana Enterprise Logs supporting both
+ simple, scalable and distributed modes.
home: https://grafana.github.io/helm-charts
icon: https://grafana.com/docs/loki/latest/logo_and_name.png
maintainers:
@@ -28,4 +29,4 @@
- https://grafana.com/oss/loki/
- https://grafana.com/docs/loki/latest/
type: application
-version: 6.3.3
+version: 6.6.3
diff --git a/charts/loki/README.md b/charts/loki/README.md
index b9ce794..a207de4 100644
--- a/charts/loki/README.md
+++ b/charts/loki/README.md
@@ -1,8 +1,8 @@
# loki
-  
+  
-Helm chart for Grafana Loki in simple, scalable mode
+Helm chart for Grafana Loki and Grafana Enterprise Logs supporting both simple, scalable and distributed modes.
## Source Code
diff --git a/charts/loki/templates/NOTES.txt b/charts/loki/templates/NOTES.txt
index 6551a42..622b1a8 100644
--- a/charts/loki/templates/NOTES.txt
+++ b/charts/loki/templates/NOTES.txt
@@ -1,21 +1,33 @@
***********************************************************************
Welcome to Grafana Loki
Chart version: {{ .Chart.Version }}
+ Chart Name: {{ .Chart.Name }}
Loki version: {{ .Chart.AppVersion }}
***********************************************************************
+** Please be patient while the chart is being deployed **
+
+Tip:
+
+ Watch the deployment status using the command: kubectl get pods -w --namespace {{ $.Release.Namespace }}
+
+If pods are taking too long to schedule make sure pod affinity can be fulfilled in the current cluster.
+
+***********************************************************************
Installed components:
+***********************************************************************
+
{{- if .Values.monitoring.selfMonitoring.enabled }}
* grafana-agent-operator
{{- end }}
{{- if eq (include "loki.deployment.isSingleBinary" .) "true" }}
-* loki
+* loki
{{- else -}}
{{- if .Values.gateway.enabled }}
* gateway
{{- end }}
{{- if .Values.minio.enabled }}
-* minio
+* minio
{{- end }}
{{- if eq (include "loki.deployment.isScalable" .) "true" }}
* read
@@ -34,3 +46,139 @@
* query frontend
{{- end }}
{{- end }}
+
+
+{{- if eq (include "loki.deployment.isSingleBinary" .) "true" }}
+
+Loki has been deployed as a single binary.
+This means a single pod is handling reads and writes. You can scale that pod vertically by adding more CPU and memory resources.
+
+{{- end }}
+
+
+***********************************************************************
+Sending logs to Loki
+***********************************************************************
+
+{{- if .Values.gateway.enabled }}
+
+Loki has been configured with a gateway (nginx) to support reads and writes from a single component.
+
+{{- end }}
+
+You can send logs from inside the cluster using the cluster DNS:
+
+{{- if .Values.gateway.enabled }}
+
+http://{{ include "loki.gatewayFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local/loki/api/v1/push
+
+{{- else }}
+{{- if eq (include "loki.deployment.isSingleBinary" .) "true" }}
+
+http://{{ include "loki.singleBinaryFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:{{ .Values.loki.server.http_listen_port }}/loki/api/v1/push
+
+{{- end}}
+{{- if eq (include "loki.deployment.isScalable" .) "true" }}
+
+http://{{ include "loki.writeFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:{{ .Values.loki.server.http_listen_port }}/loki/api/v1/push
+
+{{- end }}
+{{- if eq (include "loki.deployment.isDistributed" .) "true" }}
+
+http://{{ include "loki.distributorFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:3100/loki/api/v1/push
+
+{{- end }}
+{{- end }}
+
+You can test to send data from outside the cluster by port-forwarding the gateway to your local machine:
+{{- if .Values.gateway.enabled }}
+
+ kubectl port-forward --namespace {{ $.Release.Namespace }} svc/{{ include "loki.gatewayFullname" . }} 3100:{{ .Values.gateway.service.port }} &
+
+{{- else }}
+{{- if eq (include "loki.deployment.isSingleBinary" .) "true" }}
+
+ kubectl port-forward --namespace {{ $.Release.Namespace }} svc/{{ include "loki.singleBinaryFullname" . }} 3100:{{ .Values.loki.server.http_listen_port }} &
+
+{{- end}}
+{{- if eq (include "loki.deployment.isScalable" .) "true" }}
+
+ kubectl port-forward --namespace {{ $.Release.Namespace }} svc/{{ include "loki.writeFullname" . }} 3100:{{ .Values.loki.server.http_listen_port }} &
+
+{{- end }}
+{{- if eq (include "loki.deployment.isDistributed" .) "true" }}
+
+ kubectl port-forward --namespace {{ $.Release.Namespace }} svc/{{ include "loki.distributorFullname" . }} 3100:3100 &
+
+{{- end }}
+{{- end }}
+
+And then using http://127.0.0.1:3100/loki/api/v1/push URL as shown below:
+
+```
+curl -H "Content-Type: application/json" -XPOST -s "http://127.0.0.1:3100/loki/api/v1/push" \
+--data-raw "{\"streams\": [{\"stream\": {\"job\": \"test\"}, \"values\": [[\"$(date +%s)000000000\", \"fizzbuzz\"]]}]}"
+{{- if .Values.loki.auth_enabled }} \
+-H X-Scope-OrgId:foo
+{{- end}}
+```
+
+Then verify that Loki did received the data using the following command:
+
+```
+curl "http://127.0.0.1:3100/loki/api/v1/query_range" --data-urlencode 'query={job="test"}' {{- if .Values.loki.auth_enabled }} -H X-Scope-OrgId:foo {{- end}} | jq .data.result
+```
+
+***********************************************************************
+Connecting Grafana to Loki
+***********************************************************************
+
+If Grafana operates within the cluster, you'll set up a new Loki datasource by utilizing the following URL:
+
+{{- if .Values.gateway.enabled }}
+
+http://{{ include "loki.gatewayFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local/
+
+{{- else }}
+{{- if eq (include "loki.deployment.isSingleBinary" .) "true" }}
+
+http://{{ include "loki.singleBinaryFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:{{ .Values.loki.server.http_listen_port }}/
+
+{{- end}}
+{{- if eq (include "loki.deployment.isScalable" .) "true" }}
+
+http://{{ include "loki.readFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:{{ .Values.loki.server.http_listen_port }}/
+
+{{- end }}
+{{- if eq (include "loki.deployment.isDistributed" .) "true" }}
+
+http://{{ include "loki.queryFrontendFullname" . }}.{{ $.Release.Namespace }}.svc.cluster.local:3100/
+
+{{- end }}
+{{- end }}
+
+
+
+{{- if .Values.loki.auth_enabled }}
+
+***********************************************************************
+Multi-tenancy
+***********************************************************************
+
+Loki is configured with auth enabled (multi-tenancy) and expects tenant headers (`X-Scope-OrgID`) to be set for all API calls.
+
+You must configure Grafana's Loki datasource using the `HTTP Headers` section with the `X-Scope-OrgID` to target a specific tenant.
+For each tenant, you can create a different datasource.
+
+The agent of your choice must also be configured to propagate this header.
+For example, when using Promtail you can use the `tenant` stage. https://grafana.com/docs/loki/latest/send-data/promtail/stages/tenant/
+
+When not provided with the `X-Scope-OrgID` while auth is enabled, Loki will reject reads and writes with a 404 status code `no org id`.
+
+You can also use a reverse proxy, to automatically add the `X-Scope-OrgID` header as suggested by https://grafana.com/docs/loki/latest/operations/authentication/
+
+For more information, read our documentation about multi-tenancy: https://grafana.com/docs/loki/latest/operations/multi-tenancy/
+
+> When using curl you can pass `X-Scope-OrgId` header using `-H X-Scope-OrgId:foo` option, where foo can be replaced with the tenant of your choice.
+
+{{- end }}
diff --git a/charts/loki/templates/_helpers.tpl b/charts/loki/templates/_helpers.tpl
index 2a1014d..572ef9a 100644
--- a/charts/loki/templates/_helpers.tpl
+++ b/charts/loki/templates/_helpers.tpl
@@ -454,6 +454,82 @@
{{- end }}
{{- end }}
+{{/* Enterprise Logs Admin API storage config */}}
+{{- define "enterprise-logs.adminAPIStorageConfig" }}
+storage:
+ {{- if .Values.minio.enabled }}
+ backend: "s3"
+ s3:
+ bucket_name: admin
+ {{- else if eq .Values.loki.storage.type "s3" -}}
+ {{- with .Values.loki.storage.s3 }}
+ backend: "s3"
+ s3:
+ bucket_name: {{ $.Values.loki.storage.bucketNames.admin }}
+ {{- end -}}
+ {{- else if eq .Values.loki.storage.type "gcs" -}}
+ {{- with .Values.loki.storage.gcs }}
+ backend: "gcs"
+ gcs:
+ bucket_name: {{ $.Values.loki.storage.bucketNames.admin }}
+ {{- end -}}
+ {{- else if eq .Values.loki.storage.type "azure" -}}
+ {{- with .Values.loki.storage.azure }}
+ backend: "azure"
+ azure:
+ account_name: {{ .accountName }}
+ {{- with .accountKey }}
+ account_key: {{ . }}
+ {{- end }}
+ {{- with .connectionString }}
+ connection_string: {{ . }}
+ {{- end }}
+ container_name: {{ $.Values.loki.storage.bucketNames.admin }}
+ {{- with .endpointSuffix }}
+ endpoint_suffix: {{ . }}
+ {{- end }}
+ {{- end -}}
+ {{- else if eq .Values.loki.storage.type "swift" -}}
+ {{- with .Values.loki.storage.swift }}
+ backend: "swift"
+ swift:
+ {{- with .auth_version }}
+ auth_version: {{ . }}
+ {{- end }}
+ auth_url: {{ .auth_url }}
+ {{- with .internal }}
+ internal: {{ . }}
+ {{- end }}
+ username: {{ .username }}
+ user_domain_name: {{ .user_domain_name }}
+ {{- with .user_domain_id }}
+ user_domain_id: {{ . }}
+ {{- end }}
+ {{- with .user_id }}
+ user_id: {{ . }}
+ {{- end }}
+ password: {{ .password }}
+ {{- with .domain_id }}
+ domain_id: {{ . }}
+ {{- end }}
+ domain_name: {{ .domain_name }}
+ project_id: {{ .project_id }}
+ project_name: {{ .project_name }}
+ project_domain_id: {{ .project_domain_id }}
+ project_domain_name: {{ .project_domain_name }}
+ region_name: {{ .region_name }}
+ container_name: {{ .container_name }}
+ max_retries: {{ .max_retries | default 3 }}
+ connect_timeout: {{ .connect_timeout | default "10s" }}
+ request_timeout: {{ .request_timeout | default "5s" }}
+ {{- end -}}
+ {{- else }}
+ backend: "filesystem"
+ filesystem:
+ dir: {{ .Values.loki.storage.filesystem.admin_api_directory }}
+ {{- end -}}
+{{- end }}
+
{{/*
Calculate the config from structured and unstructured text input
*/}}
@@ -531,33 +607,68 @@
Generate list of ingress service paths based on deployment type
*/}}
{{- define "loki.ingress.servicePaths" -}}
-{{- if (eq (include "loki.deployment.isScalable" .) "true") -}}
+{{- if (eq (include "loki.deployment.isSingleBinary" .) "true") -}}
+{{- include "loki.ingress.singleBinaryServicePaths" . }}
+{{- else if (eq (include "loki.deployment.isDistributed" .) "true") -}}
+{{- include "loki.ingress.distributedServicePaths" . }}
+{{- else if and (eq (include "loki.deployment.isScalable" .) "true") (not .Values.read.legacyReadTarget ) -}}
{{- include "loki.ingress.scalableServicePaths" . }}
{{- else -}}
-{{- include "loki.ingress.singleBinaryServicePaths" . }}
+{{- include "loki.ingress.legacyScalableServicePaths" . }}
{{- end -}}
{{- end -}}
+
{{/*
-Ingress service paths for scalable deployment
+Ingress service paths for distributed deployment
+*/}}
+{{- define "loki.ingress.distributedServicePaths" -}}
+{{- $distributorServiceName := include "loki.distributorFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $distributorServiceName "paths" .Values.ingress.paths.distributor )}}
+{{- $queryFrontendServiceName := include "loki.queryFrontendFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $queryFrontendServiceName "paths" .Values.ingress.paths.queryFrontend )}}
+{{- $rulerServiceName := include "loki.rulerFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $rulerServiceName "paths" .Values.ingress.paths.ruler)}}
+{{- end -}}
+
+{{/*
+Ingress service paths for legacy simple scalable deployment when backend components were part of read component.
*/}}
{{- define "loki.ingress.scalableServicePaths" -}}
-{{- include "loki.ingress.servicePath" (dict "ctx" . "svcName" "read" "paths" .Values.ingress.paths.read )}}
-{{- include "loki.ingress.servicePath" (dict "ctx" . "svcName" "write" "paths" .Values.ingress.paths.write )}}
+{{- $readServiceName := include "loki.readFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $readServiceName "paths" .Values.ingress.paths.queryFrontend )}}
+{{- $writeServiceName := include "loki.writeFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $writeServiceName "paths" .Values.ingress.paths.distributor )}}
+{{- $backendServiceName := include "loki.backendFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $backendServiceName "paths" .Values.ingress.paths.ruler )}}
+{{- end -}}
+
+{{/*
+Ingress service paths for legacy simple scalable deployment
+*/}}
+{{- define "loki.ingress.legacyScalableServicePaths" -}}
+{{- $readServiceName := include "loki.readFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $readServiceName "paths" .Values.ingress.paths.queryFrontend )}}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $readServiceName "paths" .Values.ingress.paths.ruler )}}
+{{- $writeServiceName := include "loki.writeFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $writeServiceName "paths" .Values.ingress.paths.distributor )}}
{{- end -}}
{{/*
Ingress service paths for single binary deployment
*/}}
{{- define "loki.ingress.singleBinaryServicePaths" -}}
-{{- include "loki.ingress.servicePath" (dict "ctx" . "svcName" "singleBinary" "paths" .Values.ingress.paths.singleBinary )}}
+{{- $serviceName := include "loki.singleBinaryFullname" . }}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $serviceName "paths" .Values.ingress.paths.distributor )}}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $serviceName "paths" .Values.ingress.paths.queryFrontend )}}
+{{- include "loki.ingress.servicePath" (dict "ctx" . "serviceName" $serviceName "paths" .Values.ingress.paths.ruler )}}
{{- end -}}
{{/*
Ingress service path helper function
Params:
ctx = . context
- svcName = service name without the "loki.fullname" part (ie. read, write)
+ serviceName = fully qualified k8s service name
paths = list of url paths to allow ingress for
*/}}
{{- define "loki.ingress.servicePath" -}}
@@ -569,34 +680,19 @@
pathType: Prefix
{{- end }}
backend:
- {{- $serviceName := include "loki.ingress.serviceName" (dict "ctx" $.ctx "svcName" $.svcName) }}
{{- if $ingressApiIsStable }}
service:
- name: {{ $serviceName }}
+ name: {{ $.serviceName }}
port:
number: {{ $.ctx.Values.loki.server.http_listen_port }}
{{- else }}
- serviceName: {{ $serviceName }}
+ serviceName: {{ $.serviceName }}
servicePort: {{ $.ctx.Values.loki.server.http_listen_port }}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
-Ingress service name helper function
-Params:
- ctx = . context
- svcName = service name without the "loki.fullname" part (ie. read, write)
-*/}}
-{{- define "loki.ingress.serviceName" -}}
-{{- if (eq .svcName "singleBinary") }}
-{{- printf "%s" (include "loki.singleBinaryFullname" .ctx) }}
-{{- else }}
-{{- printf "%s-%s" (include "loki.name" .ctx) .svcName }}
-{{- end -}}
-{{- end -}}
-
-{{/*
Create the service endpoint including port for MinIO.
*/}}
{{- define "loki.minio" -}}
@@ -801,6 +897,9 @@
location = /distributor/ring {
proxy_pass {{ $distributorUrl }}$request_uri;
}
+ location = /otlp/v1/logs {
+ proxy_pass {{ $distributorUrl }}$request_uri;
+ }
# Ingester
location = /flush {
@@ -928,13 +1027,18 @@
{{/* Determine compactor address based on target configuration */}}
{{- define "loki.compactorAddress" -}}
{{- $isSimpleScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- $isSingleBinary := eq (include "loki.deployment.isSingleBinary" .) "true" -}}
{{- $compactorAddress := include "loki.backendFullname" . -}}
{{- if and $isSimpleScalable .Values.read.legacyReadTarget -}}
{{/* 2 target configuration */}}
{{- $compactorAddress = include "loki.readFullname" . -}}
-{{- else if (not $isSimpleScalable) -}}
+{{- else if $isSingleBinary -}}
{{/* single binary */}}
{{- $compactorAddress = include "loki.singleBinaryFullname" . -}}
+{{/* distributed */}}
+{{- else if $isDistributed -}}
+{{- $compactorAddress = include "loki.compactorFullname" . -}}
{{- end -}}
{{- printf "http://%s:%s" $compactorAddress (.Values.loki.server.http_listen_port | toString) }}
{{- end }}
@@ -999,3 +1103,16 @@
filesystem
{{- end -}}
{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for HorizontalPodAutoscaler.
+*/}}
+{{- define "loki.hpa.apiVersion" -}}
+ {{- if and (.Capabilities.APIVersions.Has "autoscaling/v2") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) -}}
+ {{- print "autoscaling/v2" -}}
+ {{- else if .Capabilities.APIVersions.Has "autoscaling/v2beta2" -}}
+ {{- print "autoscaling/v2beta2" -}}
+ {{- else -}}
+ {{- print "autoscaling/v2beta1" -}}
+ {{- end -}}
+{{- end -}}
diff --git a/charts/loki/templates/backend/statefulset-backend.yaml b/charts/loki/templates/backend/statefulset-backend.yaml
index 3deb4aa..534190d 100644
--- a/charts/loki/templates/backend/statefulset-backend.yaml
+++ b/charts/loki/templates/backend/statefulset-backend.yaml
@@ -19,11 +19,11 @@
{{- end }}
{{- end }}
spec:
-{{- if not .Values.write.autoscaling.enabled }}
+{{- if not .Values.backend.autoscaling.enabled }}
{{- if eq .Values.deploymentMode "SingleBinary" }}
replicas: 0
{{- else }}
- replicas: {{ .Values.write.replicas }}
+ replicas: {{ .Values.backend.replicas }}
{{- end }}
{{- end }}
podManagementPolicy: {{ .Values.backend.podManagementPolicy }}
@@ -266,6 +266,10 @@
kind: PersistentVolumeClaim
metadata:
name: data
+ {{- with .Values.backend.persistence.annotations }}
+ annotations:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
spec:
accessModes:
- ReadWriteOnce
diff --git a/charts/loki/templates/extra-manifests.yaml b/charts/loki/templates/extra-manifests.yaml
index a9bb3b6..e661b65 100644
--- a/charts/loki/templates/extra-manifests.yaml
+++ b/charts/loki/templates/extra-manifests.yaml
@@ -1,4 +1,8 @@
-{{ range .Values.extraObjects }}
+{{- range .Values.extraObjects -}}
---
+{{- if kindIs "map" . }}
{{ tpl (toYaml .) $ }}
-{{ end }}
+{{- else }}
+{{ tpl . $ }}
+{{- end }}
+{{- end }}
diff --git a/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml b/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml
index 4f7dcca..de8ba11 100644
--- a/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml
+++ b/charts/loki/templates/gateway/deployment-gateway-enterprise.yaml
@@ -1,3 +1,5 @@
+{{- $isDistributed := eq (include "loki.deployment.isDistributed" .) "true" -}}
+{{- $isSimpleScalable := eq (include "loki.deployment.isScalable" .) "true" -}}
{{- if and .Values.gateway.enabled .Values.enterprise.enabled .Values.enterprise.gelGateway }}
apiVersion: apps/v1
kind: Deployment
@@ -69,7 +71,7 @@
- -admin.client.s3.secret-access-key={{ .Values.minio.secretKey }}
- -admin.client.s3.insecure=true
{{- end }}
- {{- if .Values.enterpriseGateway.useDefaultProxyURLs }}
+ {{- if and $isDistributed .Values.enterpriseGateway.useDefaultProxyURLs }}
- -gateway.proxy.default.url=http://{{ template "loki.fullname" . }}-admin-api.{{ .Release.Namespace }}.svc:3100
- -gateway.proxy.admin-api.url=http://{{ template "loki.fullname" . }}-admin-api.{{ .Release.Namespace }}.svc:3100
- -gateway.proxy.distributor.url=dns:///{{ template "loki.fullname" . }}-distributor-headless.{{ .Release.Namespace }}.svc:9095
@@ -77,6 +79,16 @@
- -gateway.proxy.query-frontend.url=http://{{ template "loki.fullname" . }}-query-frontend.{{ .Release.Namespace }}.svc:3100
- -gateway.proxy.ruler.url=http://{{ template "loki.fullname" . }}-ruler.{{ .Release.Namespace }}.svc:3100
{{- end }}
+ {{- if and $isSimpleScalable .Values.enterpriseGateway.useDefaultProxyURLs }}
+ - -gateway.proxy.default.url=http://{{ template "enterprise-logs.adminApiFullname" . }}.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.admin-api.url=http://{{ template "enterprise-logs.adminApiFullname" . }}.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.compactor.url=http://{{ template "loki.backendFullname" . }}-headless.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.distributor.url=dns:///{{ template "loki.writeFullname" . }}-headless.{{ .Release.Namespace }}.svc:9095
+ - -gateway.proxy.ingester.url=http://{{ template "loki.writeFullname" . }}.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.query-frontend.url=http://{{ template "loki.readFullname" . }}.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.ruler.url=http://{{ template "loki.backendFullname" . }}-headless.{{ .Release.Namespace }}.svc:3100
+ - -gateway.proxy.query-scheduler.url=http://{{ template "loki.backendFullname" . }}-headless.{{ .Release.Namespace }}.svc:3100
+ {{- end }}
{{- range $key, $value := .Values.enterpriseGateway.extraArgs }}
- "-{{ $key }}={{ $value }}"
{{- end }}
diff --git a/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml b/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml
index 258413a..b168ce6 100644
--- a/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml
+++ b/charts/loki/templates/query-frontend/service-query-frontend-headless.yaml
@@ -22,7 +22,7 @@
ports:
- name: http-metrics
port: 3100
- targetPort: http
+ targetPort: http-metrics
protocol: TCP
- name: grpc
port: 9095
diff --git a/charts/loki/templates/query-scheduler/service-query-scheduler.yaml b/charts/loki/templates/query-scheduler/service-query-scheduler.yaml
index 8988315..2b3f1b2 100644
--- a/charts/loki/templates/query-scheduler/service-query-scheduler.yaml
+++ b/charts/loki/templates/query-scheduler/service-query-scheduler.yaml
@@ -21,7 +21,7 @@
ports:
- name: http-metrics
port: 3100
- targetPort: http
+ targetPort: http-metrics
protocol: TCP
- name: grpclb
port: 9095
diff --git a/charts/loki/templates/read/statefulset-read.yaml b/charts/loki/templates/read/statefulset-read.yaml
index 29d79c7..7696d90 100644
--- a/charts/loki/templates/read/statefulset-read.yaml
+++ b/charts/loki/templates/read/statefulset-read.yaml
@@ -19,11 +19,11 @@
{{- end }}
{{- end }}
spec:
-{{- if not .Values.write.autoscaling.enabled }}
+{{- if not .Values.read.autoscaling.enabled }}
{{- if eq .Values.deploymentMode "SingleBinary" }}
replicas: 0
{{- else }}
- replicas: {{ .Values.write.replicas }}
+ replicas: {{ .Values.read.replicas }}
{{- end }}
{{- end }}
podManagementPolicy: {{ .Values.read.podManagementPolicy }}
@@ -180,6 +180,10 @@
kind: PersistentVolumeClaim
metadata:
name: data
+ {{- with .Values.read.persistence.annotations }}
+ annotations:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
spec:
accessModes:
- ReadWriteOnce
diff --git a/charts/loki/templates/ruler/service-ruler.yaml b/charts/loki/templates/ruler/service-ruler.yaml
index 8200af2..1a1f0f4 100644
--- a/charts/loki/templates/ruler/service-ruler.yaml
+++ b/charts/loki/templates/ruler/service-ruler.yaml
@@ -19,7 +19,7 @@
ports:
- name: http-metrics
port: 3100
- targetPort: http
+ targetPort: http-metrics
protocol: TCP
- name: grpc
port: 9095
diff --git a/charts/loki/templates/single-binary/statefulset.yaml b/charts/loki/templates/single-binary/statefulset.yaml
index 51c0062..7bd2b98 100644
--- a/charts/loki/templates/single-binary/statefulset.yaml
+++ b/charts/loki/templates/single-binary/statefulset.yaml
@@ -175,6 +175,10 @@
kind: PersistentVolumeClaim
metadata:
name: storage
+ {{- with .Values.singleBinary.persistence.annotations }}
+ annotations:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
spec:
accessModes:
- ReadWriteOnce
diff --git a/charts/loki/templates/write/statefulset-write.yaml b/charts/loki/templates/write/statefulset-write.yaml
index 54c9369..75605c2 100644
--- a/charts/loki/templates/write/statefulset-write.yaml
+++ b/charts/loki/templates/write/statefulset-write.yaml
@@ -193,6 +193,10 @@
kind: PersistentVolumeClaim
metadata:
name: data
+ {{- with .Values.write.persistence.annotations }}
+ annotations:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
spec:
accessModes:
- ReadWriteOnce
diff --git a/charts/loki/values.yaml b/charts/loki/values.yaml
index 855e75c..6485a59 100644
--- a/charts/loki/values.yaml
+++ b/charts/loki/values.yaml
@@ -35,6 +35,7 @@
#
######################################################################################################################
# -- Configuration for running Loki
+# @default -- See values.yaml
loki:
# Configures the readiness probe for all of the Loki pods
readinessProbe:
@@ -117,7 +118,6 @@
# If empty, no configmap or secret will be created.
# The value will be passed through tpl.
generatedConfigObjectName: '{{ include "loki.name" . }}'
-
# -- Config file contents for Loki
# @default -- See values.yaml
config: |
@@ -212,7 +212,7 @@
query_range:
align_queries_with_step: true
{{- with .Values.loki.query_range }}
- {{- tpl (. | toYaml) $ | nindent 4 }}
+ {{- tpl (. | toYaml) $ | nindent 2 }}
{{- end }}
{{- if .Values.resultsCache.enabled }}
{{- with .Values.resultsCache }}
@@ -365,6 +365,7 @@
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
+ admin_api_directory: /var/loki/admin
# -- Configure memcached as an external cache for chunk and results cache. Disabled by default
# must enable and specify a host for each cache you would like to use.
memcached:
@@ -449,7 +450,7 @@
# Enable enterprise features, license must be provided
enabled: false
# Default verion of GEL to deploy
- version: v3.0.0
+ version: 3.0.1
# -- Optional name of the GEL cluster, otherwise will use .Release.Name
# The cluster name must match what is in your GEL license
cluster_name: null
@@ -476,13 +477,9 @@
# enterprise specific sections of the config.yaml file
config: |
{{- if .Values.enterprise.adminApi.enabled }}
- {{- if or .Values.minio.enabled (eq .Values.loki.storage.type "s3") (eq .Values.loki.storage.type "gcs") (eq .Values.loki.storage.type "azure") }}
admin_client:
- storage:
- s3:
- bucket_name: admin
- {{- end }}
- {{- end }}
+ {{ include "enterprise-logs.adminAPIStorageConfig" . | nindent 2 }}
+ {{ end }}
auth:
type: {{ .Values.enterprise.adminApi.enabled | ternary "enterprise" "trust" }}
auth_enabled: {{ .Values.loki.auth_enabled }}
@@ -844,8 +841,6 @@
tolerations: []
# -- Grace period to allow the admin-api to shutdown before it is killed
terminationGracePeriodSeconds: 60
-
-
######################################################################################################################
#
# Gateway and Ingress
@@ -1007,18 +1002,15 @@
username: null
# -- The basic auth password for the gateway
password: null
- # -- Uses the specified users from the `loki.tenants` list to create the htpasswd file
- # if `loki.tenants` is not set, the `gateway.basicAuth.username` and `gateway.basicAuth.password` are used
+ # -- Uses the specified users from the `loki.tenants` list to create the htpasswd file.
+ # if `loki.tenants` is not set, the `gateway.basicAuth.username` and `gateway.basicAuth.password` are used.
# The value is templated using `tpl`. Override this to use a custom htpasswd, e.g. in case the default causes
# high CPU load.
+ # @default -- Either `loki.tenants` or `gateway.basicAuth.username` and `gateway.basicAuth.password`.
htpasswd: >-
{{ if .Values.loki.tenants }}
-
-
{{- range $t := .Values.loki.tenants }}
{{ htpasswd (required "All tenants must have a 'name' set" $t.name) (required "All tenants must have a 'password' set" $t.password) }}
-
-
{{- end }}
{{ else }} {{ htpasswd (required "'gateway.basicAuth.username' is required" .Values.gateway.basicAuth.username) (required "'gateway.basicAuth.password' is required" .Values.gateway.basicAuth.password) }} {{ end }}
# -- Existing basic auth secret to use. Must contain '.htpasswd'
@@ -1139,24 +1131,47 @@
labels: {}
# blackbox.monitoring.exclude: "true"
paths:
- write:
+ # -- Paths that are exposed by Loki Distributor.
+ # If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.distributorFullname"}}`.
+ # If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.writeFullname"}}`.
+ # If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
+ distributor:
- /api/prom/push
- /loki/api/v1/push
- read:
+ - /otlp/v1/logs
+ # -- Paths that are exposed by Loki Query Frontend.
+ # If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.queryFrontendFullname"}}`.
+ # If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.readFullname"}}`.
+ # If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
+ queryFrontend:
+ - /api/prom/query
+ # this path covers labels and labelValues endpoints
+ - /api/prom/label
+ - /api/prom/series
- /api/prom/tail
+ - /loki/api/v1/query
+ - /loki/api/v1/query_range
- /loki/api/v1/tail
- - /loki/api
+ # this path covers labels and labelValues endpoints
+ - /loki/api/v1/label
+ - /loki/api/v1/labels
+ - /loki/api/v1/series
+ - /loki/api/v1/index/stats
+ - /loki/api/v1/index/volume
+ - /loki/api/v1/index/volume_range
+ - /loki/api/v1/format_query
+ - /loki/api/v1/detected_fields
+ - /loki/api/v1/detected_labels
+ - /loki/api/v1/patterns
+ # -- Paths that are exposed by Loki Ruler.
+ # If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.rulerFullname"}}`.
+ # If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.
+ # If deployment mode is SimpleScalable but `read.legacyReadTarget` is `true`, the requests are forwarded to k8s service: `{{"loki.readFullname"}}`.
+ # If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
+ ruler:
- /api/prom/rules
- - /loki/api/v1/rules
- - /prometheus/api/v1/rules
- - /prometheus/api/v1/alerts
- singleBinary:
- - /api/prom/push
- - /loki/api/v1/push
- - /api/prom/tail
- - /loki/api/v1/tail
- - /loki/api
- - /api/prom/rules
+ - /api/prom/api/v1/rules
+ - /api/prom/api/v1/alerts
- /loki/api/v1/rules
- /prometheus/api/v1/rules
- /prometheus/api/v1/alerts
@@ -1184,7 +1199,6 @@
# -- If migrating from a distributed service, provide the distributed deployment's
# memberlist service DNS so the new deployment can join its ring.
memberlistService: ""
-
######################################################################################################################
#
# Single Binary Deployment
@@ -1280,6 +1294,8 @@
storageClass: null
# -- Selector for persistent disk
selector: null
+ # -- Annotations for volume claim
+ annotations: {}
######################################################################################################################
#
# Simple Scalable Deployment (SSD) Mode
@@ -1407,6 +1423,8 @@
storageClass: null
# -- Selector for persistent disk
selector: null
+ # -- Annotations for volume claim
+ annotations: {}
# -- Configuration for the read pod(s)
read:
# -- Number of replicas for the read
@@ -1514,6 +1532,8 @@
storageClass: null
# -- Selector for persistent disk
selector: null
+ # -- Annotations for volume claim
+ annotations: {}
# -- Configuration for the backend pod(s)
backend:
# -- Number of replicas for the backend
@@ -1622,6 +1642,8 @@
storageClass: null
# -- Selector for persistent disk
selector: null
+ # -- Annotations for volume claim
+ annotations: {}
######################################################################################################################
#
# Microservices Mode
@@ -3077,6 +3099,7 @@
purge: false
persistence:
size: 5Gi
+ annotations: {}
resources:
requests:
cpu: 100m
@@ -3084,6 +3107,7 @@
# Allow the address used by Loki to refer to Minio to be overridden
address: null
# Create extra manifests via values. Would be passed through `tpl` for templating
+# objects can also be provided as multiline strings, useful for templating field names
extraObjects: []
# - apiVersion: v1
# kind: ConfigMap
@@ -3103,6 +3127,16 @@
# category: logs
# annotations:
# message: "loki has encountered errors"
+# - |
+# apiVersion: v1
+# kind: Secret
+# type: Opaque
+# metadata:
+# name: loki-distributed-basic-auth
+# data:
+# {{- range .Values.loki.tenants }}
+# {{ .name }}: {{ b64enc .password | quote }}
+# {{- end }}
sidecar:
image: