Merge pull request 'Swap back to onedr0p loki config and object bucket claim vs local s3.' (#207) from loki-onedr0p-edition into main
Reviewed-on: jahanson/homelab#207
This commit is contained in:
commit
825f3ae683
6 changed files with 58 additions and 122 deletions
|
@ -1,28 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
|
||||||
apiVersion: external-secrets.io/v1beta1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: loki
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: onepassword-connect
|
|
||||||
target:
|
|
||||||
name: loki-secret
|
|
||||||
creationPolicy: Owner
|
|
||||||
template:
|
|
||||||
engineVersion: v2
|
|
||||||
data:
|
|
||||||
S3_BUCKET_NAME: loki
|
|
||||||
S3_BUCKET_HOST: s3.hsn.dev
|
|
||||||
S3_BUCKET_REGION: us-east-1
|
|
||||||
S3_ACCESS_KEY: "loki"
|
|
||||||
S3_SECRET_KEY: "{{ .minio_loki_secret_key }}"
|
|
||||||
dataFrom:
|
|
||||||
- extract:
|
|
||||||
key: minio
|
|
||||||
rewrite:
|
|
||||||
- regexp:
|
|
||||||
source: "(.*)"
|
|
||||||
target: "minio_$1"
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: loki
|
chart: loki
|
||||||
version: 6.1.0
|
version: 6.2.0
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: grafana
|
name: grafana
|
||||||
|
@ -21,9 +21,8 @@ spec:
|
||||||
upgrade:
|
upgrade:
|
||||||
cleanupOnFail: true
|
cleanupOnFail: true
|
||||||
remediation:
|
remediation:
|
||||||
|
strategy: rollback
|
||||||
retries: 3
|
retries: 3
|
||||||
uninstall:
|
|
||||||
keepHistory: false
|
|
||||||
dependsOn:
|
dependsOn:
|
||||||
- name: openebs
|
- name: openebs
|
||||||
namespace: openebs-system
|
namespace: openebs-system
|
||||||
|
@ -33,25 +32,40 @@ spec:
|
||||||
namespace: observability
|
namespace: observability
|
||||||
- name: vector-aggregator
|
- name: vector-aggregator
|
||||||
namespace: observability
|
namespace: observability
|
||||||
|
valuesFrom:
|
||||||
|
- targetPath: loki.storage.bucketNames.chunks
|
||||||
|
kind: ConfigMap
|
||||||
|
name: &cephBucket loki-bucket
|
||||||
|
valuesKey: BUCKET_NAME
|
||||||
|
- targetPath: loki.storage.s3.endpoint
|
||||||
|
kind: ConfigMap
|
||||||
|
name: *cephBucket
|
||||||
|
valuesKey: BUCKET_HOST
|
||||||
|
- targetPath: loki.storage.s3.region
|
||||||
|
kind: ConfigMap
|
||||||
|
name: *cephBucket
|
||||||
|
valuesKey: BUCKET_REGION
|
||||||
|
- targetPath: loki.storage.s3.accessKeyId
|
||||||
|
kind: Secret
|
||||||
|
name: *cephBucket
|
||||||
|
valuesKey: AWS_ACCESS_KEY_ID
|
||||||
|
- targetPath: loki.storage.s3.secretAccessKey
|
||||||
|
kind: Secret
|
||||||
|
name: *cephBucket
|
||||||
|
valuesKey: AWS_SECRET_ACCESS_KEY
|
||||||
values:
|
values:
|
||||||
deploymentMode: SimpleScalable
|
deploymentMode: SimpleScalable
|
||||||
|
|
||||||
loki:
|
loki:
|
||||||
podAnnotations:
|
podAnnotations:
|
||||||
secret.reloader.stakater.com/reload: loki-secret
|
configmap.reloader.stakater.com/reload: *cephBucket
|
||||||
|
secret.reloader.stakater.com/reload: *cephBucket
|
||||||
ingester:
|
ingester:
|
||||||
chunk_encoding: snappy
|
chunk_encoding: snappy
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
type: s3
|
type: s3
|
||||||
bucketNames:
|
|
||||||
chunks: loki-chunks
|
|
||||||
ruler: loki-ruler
|
|
||||||
admin: loki-admin
|
|
||||||
s3:
|
s3:
|
||||||
s3ForcePathStyle: true
|
s3ForcePathStyle: true
|
||||||
|
insecure: true
|
||||||
schemaConfig:
|
schemaConfig:
|
||||||
configs:
|
configs:
|
||||||
- from: "2024-04-01"
|
- from: "2024-04-01"
|
||||||
|
@ -61,17 +75,14 @@ spec:
|
||||||
index:
|
index:
|
||||||
prefix: loki_index_
|
prefix: loki_index_
|
||||||
period: 24h
|
period: 24h
|
||||||
|
|
||||||
structuredConfig:
|
structuredConfig:
|
||||||
auth_enabled: false
|
auth_enabled: false
|
||||||
|
|
||||||
server:
|
server:
|
||||||
log_level: info
|
log_level: info
|
||||||
http_listen_port: 3100
|
http_listen_port: 3100
|
||||||
grpc_listen_port: 9095
|
grpc_listen_port: 9095
|
||||||
grpc_server_max_recv_msg_size: 8388608
|
grpc_server_max_recv_msg_size: 8388608
|
||||||
grpc_server_max_send_msg_size: 8388608
|
grpc_server_max_send_msg_size: 8388608
|
||||||
|
|
||||||
limits_config:
|
limits_config:
|
||||||
ingestion_burst_size_mb: 128
|
ingestion_burst_size_mb: 128
|
||||||
ingestion_rate_mb: 64
|
ingestion_rate_mb: 64
|
||||||
|
@ -84,13 +95,10 @@ spec:
|
||||||
shard_streams:
|
shard_streams:
|
||||||
enabled: true
|
enabled: true
|
||||||
split_queries_by_interval: 1h
|
split_queries_by_interval: 1h
|
||||||
|
|
||||||
query_scheduler:
|
query_scheduler:
|
||||||
max_outstanding_requests_per_tenant: 4096
|
max_outstanding_requests_per_tenant: 4096
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
max_outstanding_per_tenant: 4096
|
max_outstanding_per_tenant: 4096
|
||||||
|
|
||||||
ruler:
|
ruler:
|
||||||
enable_api: true
|
enable_api: true
|
||||||
enable_alertmanager_v2: true
|
enable_alertmanager_v2: true
|
||||||
|
@ -99,31 +107,18 @@ spec:
|
||||||
type: local
|
type: local
|
||||||
local:
|
local:
|
||||||
directory: /rules
|
directory: /rules
|
||||||
rule_path: /rules
|
rule_path: /rules/fake
|
||||||
|
|
||||||
analytics:
|
analytics:
|
||||||
reporting_enabled: false
|
reporting_enabled: false
|
||||||
|
backend:
|
||||||
|
replicas: 2
|
||||||
|
persistence:
|
||||||
|
size: 20Gi
|
||||||
|
storageClass: openebs-hostpath
|
||||||
gateway:
|
gateway:
|
||||||
replicas: 3
|
replicas: 2
|
||||||
enabled: true
|
|
||||||
image:
|
image:
|
||||||
registry: ghcr.io
|
registry: ghcr.io
|
||||||
repository: nginxinc/nginx-unprivileged
|
|
||||||
tag: 1.25-alpine@sha256:5b49ce26ad8555b649a5a5ea8ccdfabc742a284ab58cb7b7d7a56f178c5dd351
|
|
||||||
deploymentStrategy:
|
|
||||||
type: RollingUpdate
|
|
||||||
rollingUpdate:
|
|
||||||
maxUnavailable: 50%
|
|
||||||
maxSurge: 50%
|
|
||||||
topologySpreadConstraints:
|
|
||||||
- maxSkew: 2
|
|
||||||
topologyKey: kubernetes.io/hostname
|
|
||||||
whenUnsatisfiable: DoNotSchedule
|
|
||||||
labelSelector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: loki
|
|
||||||
app.kubernetes.io/component: gateway
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
ingressClassName: internal-nginx
|
ingressClassName: internal-nginx
|
||||||
|
@ -133,55 +128,21 @@ spec:
|
||||||
- path: /
|
- path: /
|
||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts: [*host]
|
||||||
- *host
|
|
||||||
|
|
||||||
write:
|
|
||||||
replicas: 3
|
|
||||||
persistence:
|
|
||||||
storageClass: openebs-hostpath
|
|
||||||
read:
|
read:
|
||||||
replicas: 3
|
replicas: 2
|
||||||
|
write:
|
||||||
backend:
|
replicas: 2
|
||||||
replicas: 3
|
|
||||||
persistence:
|
persistence:
|
||||||
|
size: 20Gi
|
||||||
storageClass: openebs-hostpath
|
storageClass: openebs-hostpath
|
||||||
monitoring:
|
sidecar:
|
||||||
dashboards:
|
image:
|
||||||
annotations:
|
repository: ghcr.io/kiwigrid/k8s-sidecar
|
||||||
grafana_folder: Loki
|
|
||||||
rules:
|
rules:
|
||||||
enabled: false
|
searchNamespace: ALL
|
||||||
serviceMonitor:
|
folder: /rules/fake
|
||||||
enabled: false
|
|
||||||
metricsInstance:
|
|
||||||
enabled: false
|
|
||||||
selfMonitoring:
|
|
||||||
enabled: false
|
|
||||||
grafanaAgent:
|
|
||||||
installOperator: false
|
|
||||||
|
|
||||||
lokiCanary:
|
lokiCanary:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
test:
|
test:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
valuesFrom:
|
|
||||||
- kind: Secret
|
|
||||||
name: loki-secret
|
|
||||||
valuesKey: S3_BUCKET_HOST
|
|
||||||
targetPath: loki.storage.s3.endpoint
|
|
||||||
- kind: Secret
|
|
||||||
name: loki-secret
|
|
||||||
valuesKey: S3_BUCKET_REGION
|
|
||||||
targetPath: loki.storage.s3.region
|
|
||||||
- kind: Secret
|
|
||||||
name: loki-secret
|
|
||||||
valuesKey: S3_ACCESS_KEY
|
|
||||||
targetPath: loki.storage.s3.accessKeyId
|
|
||||||
- kind: Secret
|
|
||||||
name: loki-secret
|
|
||||||
valuesKey: S3_SECRET_KEY
|
|
||||||
targetPath: loki.storage.s3.secretAccessKey
|
|
|
@ -3,11 +3,5 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./externalsecret.yaml
|
- ./objectbucketclaim.yaml
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
configMapGenerator:
|
|
||||||
- name: loki-alerting-rules
|
|
||||||
files:
|
|
||||||
- loki-alerting-rules.yaml=./rules/loki-alerting-rules.yml
|
|
||||||
generatorOptions:
|
|
||||||
disableNameSuffixHash: true
|
|
|
@ -3,7 +3,7 @@
|
||||||
apiVersion: objectbucket.io/v1alpha1
|
apiVersion: objectbucket.io/v1alpha1
|
||||||
kind: ObjectBucketClaim
|
kind: ObjectBucketClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: loki-bucket-v2
|
name: loki-bucket
|
||||||
spec:
|
spec:
|
||||||
bucketName: loki-v2
|
bucketName: loki
|
||||||
storageClassName: ceph-bucket
|
storageClassName: ceph-bucket
|
|
@ -4,4 +4,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
- ./prometheusrule.yaml
|
- ./prometheusrule.yaml
|
||||||
|
configMapGenerator:
|
||||||
|
- name: smartctl-exporter-loki-rules
|
||||||
|
files:
|
||||||
|
- smartctl-exporter.yaml=./resources/lokirule.yaml
|
||||||
|
options:
|
||||||
|
labels:
|
||||||
|
loki_rule: "true"
|
||||||
|
generatorOptions:
|
||||||
|
disableNameSuffixHash: true
|
Loading…
Reference in a new issue