From 604094aac7e273771a2df513cb0499c9cddd5cc3 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Thu, 11 Apr 2024 09:57:38 -0500
Subject: [PATCH] Swap back to onedr0p loki config and object bucket claim vs
 local s3.

---
 .../loki/app/externalsecret.yaml              |  28 ----
 .../observability/loki/app/helmrelease.yaml   | 127 ++++++------------
 .../observability/loki/app/kustomization.yaml |  10 +-
 .../loki/app/objectbucketclaim.yaml           |   4 +-
 .../smartctl-exporter/app/kustomization.yaml  |  11 +-
 .../app/resources/lokirule.yml}               |   0
 6 files changed, 58 insertions(+), 122 deletions(-)
 delete mode 100644 kubernetes/apps/observability/loki/app/externalsecret.yaml
 rename kubernetes/apps/observability/{loki/app/rules/loki-alerting-rules.yml => smartctl-exporter/app/resources/lokirule.yml} (100%)

diff --git a/kubernetes/apps/observability/loki/app/externalsecret.yaml b/kubernetes/apps/observability/loki/app/externalsecret.yaml
deleted file mode 100644
index 864d4673..00000000
--- a/kubernetes/apps/observability/loki/app/externalsecret.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
----
-# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: loki
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: onepassword-connect
-  target:
-    name: loki-secret
-    creationPolicy: Owner
-    template:
-      engineVersion: v2
-      data:
-        S3_BUCKET_NAME: loki
-        S3_BUCKET_HOST: s3.hsn.dev
-        S3_BUCKET_REGION: us-east-1
-        S3_ACCESS_KEY: "loki"
-        S3_SECRET_KEY: "{{ .minio_loki_secret_key }}"
-  dataFrom:
-    - extract:
-        key: minio
-      rewrite:
-        - regexp:
-            source: "(.*)"
-            target: "minio_$1"
\ No newline at end of file
diff --git a/kubernetes/apps/observability/loki/app/helmrelease.yaml b/kubernetes/apps/observability/loki/app/helmrelease.yaml
index 9660d0b6..1d812b30 100644
--- a/kubernetes/apps/observability/loki/app/helmrelease.yaml
+++ b/kubernetes/apps/observability/loki/app/helmrelease.yaml
@@ -10,7 +10,7 @@ spec:
   chart:
     spec:
       chart: loki
-      version: 6.1.0
+      version: 6.2.0
       sourceRef:
         kind: HelmRepository
         name: grafana
@@ -21,9 +21,8 @@ spec:
   upgrade:
     cleanupOnFail: true
     remediation:
+      strategy: rollback
       retries: 3
-  uninstall:
-    keepHistory: false
   dependsOn:
     - name: openebs
       namespace: openebs-system
@@ -33,25 +32,40 @@ spec:
       namespace: observability
     - name: vector-aggregator
       namespace: observability
+  valuesFrom:
+    - targetPath: loki.storage.bucketNames.chunks
+      kind: ConfigMap
+      name: &cephBucket loki-bucket
+      valuesKey: BUCKET_NAME
+    - targetPath: loki.storage.s3.endpoint
+      kind: ConfigMap
+      name: *cephBucket
+      valuesKey: BUCKET_HOST
+    - targetPath: loki.storage.s3.region
+      kind: ConfigMap
+      name: *cephBucket
+      valuesKey: BUCKET_REGION
+    - targetPath: loki.storage.s3.accessKeyId
+      kind: Secret
+      name: *cephBucket
+      valuesKey: AWS_ACCESS_KEY_ID
+    - targetPath: loki.storage.s3.secretAccessKey
+      kind: Secret
+      name: *cephBucket
+      valuesKey: AWS_SECRET_ACCESS_KEY
   values:
     deploymentMode: SimpleScalable
-
     loki:
       podAnnotations:
-        secret.reloader.stakater.com/reload: loki-secret
-
+        configmap.reloader.stakater.com/reload: *cephBucket
+        secret.reloader.stakater.com/reload: *cephBucket
       ingester:
         chunk_encoding: snappy
-
       storage:
         type: s3
-        bucketNames:
-          chunks: loki-chunks
-          ruler: loki-ruler
-          admin: loki-admin
         s3:
           s3ForcePathStyle: true
-
+          insecure: true
       schemaConfig:
         configs:
           - from: "2024-04-01"
@@ -61,17 +75,14 @@ spec:
             index:
               prefix: loki_index_
               period: 24h
-
       structuredConfig:
         auth_enabled: false
-
         server:
           log_level: info
           http_listen_port: 3100
           grpc_listen_port: 9095
           grpc_server_max_recv_msg_size: 8388608
           grpc_server_max_send_msg_size: 8388608
-
         limits_config:
           ingestion_burst_size_mb: 128
           ingestion_rate_mb: 64
@@ -84,13 +95,10 @@ spec:
           shard_streams:
             enabled: true
           split_queries_by_interval: 1h
-
         query_scheduler:
           max_outstanding_requests_per_tenant: 4096
-
         frontend:
           max_outstanding_per_tenant: 4096
-
         ruler:
           enable_api: true
           enable_alertmanager_v2: true
@@ -99,31 +107,18 @@ spec:
             type: local
             local:
               directory: /rules
-          rule_path: /rules
-
+          rule_path: /rules/fake
         analytics:
           reporting_enabled: false
-
+    backend:
+      replicas: 2
+      persistence:
+        size: 20Gi
+        storageClass: openebs-hostpath
     gateway:
-      replicas: 3
-      enabled: true
+      replicas: 2
       image:
         registry: ghcr.io
-        repository: nginxinc/nginx-unprivileged
-        tag: 1.25-alpine@sha256:5b49ce26ad8555b649a5a5ea8ccdfabc742a284ab58cb7b7d7a56f178c5dd351
-      deploymentStrategy:
-        type: RollingUpdate
-        rollingUpdate:
-          maxUnavailable: 50%
-          maxSurge: 50%
-      topologySpreadConstraints:
-        - maxSkew: 2
-          topologyKey: kubernetes.io/hostname
-          whenUnsatisfiable: DoNotSchedule
-          labelSelector:
-            matchLabels:
-              app.kubernetes.io/name: loki
-              app.kubernetes.io/component: gateway
       ingress:
         enabled: true
         ingressClassName: internal-nginx
@@ -133,55 +128,21 @@ spec:
               - path: /
                 pathType: Prefix
         tls:
-          - hosts:
-              - *host
-
-    write:
-      replicas: 3
-      persistence:
-        storageClass: openebs-hostpath
+          - hosts: [*host]
     read:
-      replicas: 3
-
-    backend:
-      replicas: 3
+      replicas: 2
+    write:
+      replicas: 2
       persistence:
+        size: 20Gi
         storageClass: openebs-hostpath
-    monitoring:
-      dashboards:
-        annotations:
-          grafana_folder: Loki
+    sidecar:
+      image:
+        repository: ghcr.io/kiwigrid/k8s-sidecar
       rules:
-        enabled: false
-      serviceMonitor:
-        enabled: false
-        metricsInstance:
-          enabled: false
-      selfMonitoring:
-        enabled: false
-        grafanaAgent:
-          installOperator: false
-
+        searchNamespace: ALL
+        folder: /rules/fake
     lokiCanary:
       enabled: false
-
     test:
-      enabled: false
-
-  valuesFrom:
-    - kind: Secret
-      name: loki-secret
-      valuesKey: S3_BUCKET_HOST
-      targetPath: loki.storage.s3.endpoint
-    - kind: Secret
-      name: loki-secret
-      valuesKey: S3_BUCKET_REGION
-      targetPath: loki.storage.s3.region
-    - kind: Secret
-      name: loki-secret
-      valuesKey: S3_ACCESS_KEY
-      targetPath: loki.storage.s3.accessKeyId
-    - kind: Secret
-      name: loki-secret
-      valuesKey: S3_SECRET_KEY
-      targetPath: loki.storage.s3.secretAccessKey
\ No newline at end of file
+      enabled: false
\ No newline at end of file
diff --git a/kubernetes/apps/observability/loki/app/kustomization.yaml b/kubernetes/apps/observability/loki/app/kustomization.yaml
index c1413436..334f7169 100644
--- a/kubernetes/apps/observability/loki/app/kustomization.yaml
+++ b/kubernetes/apps/observability/loki/app/kustomization.yaml
@@ -3,11 +3,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ./externalsecret.yaml
-  - ./helmrelease.yaml
-configMapGenerator:
-  - name: loki-alerting-rules
-    files:
-      - loki-alerting-rules.yaml=./rules/loki-alerting-rules.yml
-generatorOptions:
-  disableNameSuffixHash: true
\ No newline at end of file
+  - ./objectbucketclaim.yaml
+  - ./helmrelease.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/observability/loki/app/objectbucketclaim.yaml b/kubernetes/apps/observability/loki/app/objectbucketclaim.yaml
index 78e06c42..8fea0e66 100644
--- a/kubernetes/apps/observability/loki/app/objectbucketclaim.yaml
+++ b/kubernetes/apps/observability/loki/app/objectbucketclaim.yaml
@@ -3,7 +3,7 @@
 apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
-  name: loki-bucket-v2
+  name: loki-bucket
 spec:
-  bucketName: loki-v2
+  bucketName: loki
   storageClassName: ceph-bucket
\ No newline at end of file
diff --git a/kubernetes/apps/observability/smartctl-exporter/app/kustomization.yaml b/kubernetes/apps/observability/smartctl-exporter/app/kustomization.yaml
index ef820088..81bd8e88 100644
--- a/kubernetes/apps/observability/smartctl-exporter/app/kustomization.yaml
+++ b/kubernetes/apps/observability/smartctl-exporter/app/kustomization.yaml
@@ -4,4 +4,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - ./helmrelease.yaml
-  - ./prometheusrule.yaml
\ No newline at end of file
+  - ./prometheusrule.yaml
+configMapGenerator:
+  - name: smartctl-exporter-loki-rules
+    files:
+      - smartctl-exporter.yaml=./resources/lokirule.yaml
+    options:
+      labels:
+        loki_rule: "true"
+generatorOptions:
+  disableNameSuffixHash: true
\ No newline at end of file
diff --git a/kubernetes/apps/observability/loki/app/rules/loki-alerting-rules.yml b/kubernetes/apps/observability/smartctl-exporter/app/resources/lokirule.yml
similarity index 100%
rename from kubernetes/apps/observability/loki/app/rules/loki-alerting-rules.yml
rename to kubernetes/apps/observability/smartctl-exporter/app/resources/lokirule.yml