pub/loki3-vector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Vassiliy Yegorov
2026-04-06 21:36:15 +07:00
commit 35874bf520
29 changed files with 1625 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
helm/loki-stack/Chart.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v2
name: loki-stack
description: Loki 3 Simple Scalable + Vector DaemonSet + Grafana + MinIO
version: 0.1.0
appVersion: "3.4.2"
type: application

40
helm/loki-stack/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,40 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "loki-stack.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "loki-stack.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "loki-stack.labels" -}}
helm.sh/chart: {{ include "loki-stack.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/part-of: {{ include "loki-stack.name" . }}
{{- end }}
{{/*
Selector labels for a component
*/}}
{{- define "loki-stack.selectorLabels" -}}
app.kubernetes.io/name: {{ include "loki-stack.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

17
helm/loki-stack/templates/grafana-configmap.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "loki-stack.fullname" . }}-grafana-datasources
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: grafana
data:
loki.yaml: |
apiVersion: 1
datasources:
- name: Loki
type: loki
access: proxy
url: http://{{ include "loki-stack.fullname" . }}-loki-read:3100
isDefault: true
editable: true

56
helm/loki-stack/templates/grafana-deployment.yaml Normal file
View File

@@ -0,0 +1,56 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "loki-stack.fullname" . }}-grafana
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: grafana
spec:
replicas: {{ .Values.grafana.replicas }}
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: grafana
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: grafana
spec:
securityContext:
fsGroup: 472
containers:
- name: grafana
image: {{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}
env:
- name: GF_SECURITY_ADMIN_USER
value: {{ .Values.grafana.adminUser }}
- name: GF_SECURITY_ADMIN_PASSWORD
value: {{ .Values.grafana.adminPassword }}
- name: GF_AUTH_ANONYMOUS_ENABLED
value: {{ .Values.grafana.anonymousAccess | quote }}
- name: GF_AUTH_ANONYMOUS_ORG_ROLE
value: Admin
ports:
- name: http
containerPort: 3000
readinessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 10
periodSeconds: 10
volumeMounts:
- name: datasources
mountPath: /etc/grafana/provisioning/datasources
- name: data
mountPath: /var/lib/grafana
resources:
{{- toYaml .Values.grafana.resources | nindent 12 }}
volumes:
- name: datasources
configMap:
name: {{ include "loki-stack.fullname" . }}-grafana-datasources
- name: data
persistentVolumeClaim:
claimName: {{ include "loki-stack.fullname" . }}-grafana

36
helm/loki-stack/templates/grafana-ingress.yaml Normal file
View File

@@ -0,0 +1,36 @@
{{- if .Values.grafana.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "loki-stack.fullname" . }}-grafana
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: grafana
{{- with .Values.grafana.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.grafana.ingress.className }}
ingressClassName: {{ .Values.grafana.ingress.className }}
{{- end }}
{{- if .Values.grafana.ingress.tls }}
tls:
{{- toYaml .Values.grafana.ingress.tls | nindent 4 }}
{{- end }}
rules:
{{- range .Values.grafana.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "loki-stack.fullname" $ }}-grafana
port:
name: http
{{- end }}
{{- end }}
{{- end }}

16
helm/loki-stack/templates/grafana-pvc.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "loki-stack.fullname" . }}-grafana
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: grafana
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.grafana.storage.storageClassName }}
storageClassName: {{ .Values.grafana.storage.storageClassName }}
{{- end }}
resources:
requests:
storage: {{ .Values.grafana.storage.size }}

16
helm/loki-stack/templates/grafana-service.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-grafana
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: grafana
spec:
type: ClusterIP
ports:
- name: http
port: 3000
targetPort: http
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: grafana

69
helm/loki-stack/templates/loki-backend-statefulset.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-backend
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-backend
spec:
replicas: {{ .Values.loki.backend.replicas }}
serviceName: {{ include "loki-stack.fullname" . }}-loki-backend-headless
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: loki-backend
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: loki-backend
loki.grafana.com/memberlist: "true"
spec:
containers:
- name: loki
image: {{ .Values.loki.image.repository }}:{{ .Values.loki.image.tag }}
args:
- -config.file=/etc/loki/loki-config.yaml
- -config.expand-env=true
- -target=backend
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- name: http
containerPort: 3100
- name: grpc
containerPort: 9095
- name: memberlist
containerPort: 7946
readinessProbe:
httpGet:
path: /ready
port: http
initialDelaySeconds: 15
periodSeconds: 10
volumeMounts:
- name: config
mountPath: /etc/loki
- name: data
mountPath: /loki
resources:
{{- toYaml .Values.loki.backend.resources | nindent 12 }}
volumes:
- name: config
configMap:
name: {{ include "loki-stack.fullname" . }}-loki
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.loki.backend.storage.storageClassName }}
storageClassName: {{ .Values.loki.backend.storage.storageClassName }}
{{- end }}
resources:
requests:
storage: {{ .Values.loki.backend.storage.size }}

74
helm/loki-stack/templates/loki-configmap.yaml Normal file
View File

@@ -0,0 +1,74 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "loki-stack.fullname" . }}-loki
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki
data:
loki-config.yaml: |
auth_enabled: false
server:
http_listen_port: 3100
grpc_listen_port: 9095
log_level: info
common:
compactor_address: http://{{ include "loki-stack.fullname" . }}-loki-backend:3100
ring:
instance_addr: ${POD_IP}
kvstore:
store: memberlist
replication_factor: 1
path_prefix: /loki
memberlist:
join_members:
- {{ include "loki-stack.fullname" . }}-loki-memberlist:7946
schema_config:
configs:
- from: "2024-01-01"
store: tsdb
object_store: s3
schema: v13
index:
prefix: index_
period: 24h
storage_config:
aws:
endpoint: {{ include "loki-stack.fullname" . }}-minio:9000
insecure: true
bucketnames: {{ .Values.minio.bucketName }}
access_key_id: {{ .Values.minio.rootUser }}
secret_access_key: {{ .Values.minio.rootPassword }}
s3forcepathstyle: true
tsdb_shipper:
active_index_directory: /loki/index
cache_location: /loki/index_cache
ingester:
chunk_encoding: snappy
querier:
max_concurrent: 4
frontend_worker:
frontend_address: 127.0.0.1:9095
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
allow_structured_metadata: true
volume_enabled: true
compactor:
working_directory: /loki/compactor
compaction_interval: 10m
retention_enabled: true
delete_request_store: s3
pattern_ingester:
enabled: true

69
helm/loki-stack/templates/loki-read-statefulset.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-read
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-read
spec:
replicas: {{ .Values.loki.read.replicas }}
serviceName: {{ include "loki-stack.fullname" . }}-loki-read-headless
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: loki-read
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: loki-read
loki.grafana.com/memberlist: "true"
spec:
containers:
- name: loki
image: {{ .Values.loki.image.repository }}:{{ .Values.loki.image.tag }}
args:
- -config.file=/etc/loki/loki-config.yaml
- -config.expand-env=true
- -target=read
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- name: http
containerPort: 3100
- name: grpc
containerPort: 9095
- name: memberlist
containerPort: 7946
readinessProbe:
httpGet:
path: /ready
port: http
initialDelaySeconds: 15
periodSeconds: 10
volumeMounts:
- name: config
mountPath: /etc/loki
- name: data
mountPath: /loki
resources:
{{- toYaml .Values.loki.read.resources | nindent 12 }}
volumes:
- name: config
configMap:
name: {{ include "loki-stack.fullname" . }}-loki
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.loki.read.storage.storageClassName }}
storageClassName: {{ .Values.loki.read.storage.storageClassName }}
{{- end }}
resources:
requests:
storage: {{ .Values.loki.read.storage.size }}

133
helm/loki-stack/templates/loki-services.yaml Normal file
View File

@@ -0,0 +1,133 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-write
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-write
spec:
type: ClusterIP
ports:
- name: http
port: 3100
targetPort: http
- name: grpc
port: 9095
targetPort: grpc
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-write
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-write-headless
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-write
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 3100
targetPort: http
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-write
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-read
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-read
spec:
type: ClusterIP
ports:
- name: http
port: 3100
targetPort: http
- name: grpc
port: 9095
targetPort: grpc
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-read
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-read-headless
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-read
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 3100
targetPort: http
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-read
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-backend
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-backend
spec:
type: ClusterIP
ports:
- name: http
port: 3100
targetPort: http
- name: grpc
port: 9095
targetPort: grpc
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-backend
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-backend-headless
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-backend
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 3100
targetPort: http
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: loki-backend
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-memberlist
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-memberlist
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: memberlist
port: 7946
targetPort: memberlist
protocol: TCP
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
loki.grafana.com/memberlist: "true"

69
helm/loki-stack/templates/loki-write-statefulset.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "loki-stack.fullname" . }}-loki-write
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: loki-write
spec:
replicas: {{ .Values.loki.write.replicas }}
serviceName: {{ include "loki-stack.fullname" . }}-loki-write-headless
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: loki-write
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: loki-write
loki.grafana.com/memberlist: "true"
spec:
containers:
- name: loki
image: {{ .Values.loki.image.repository }}:{{ .Values.loki.image.tag }}
args:
- -config.file=/etc/loki/loki-config.yaml
- -config.expand-env=true
- -target=write
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- name: http
containerPort: 3100
- name: grpc
containerPort: 9095
- name: memberlist
containerPort: 7946
readinessProbe:
httpGet:
path: /ready
port: http
initialDelaySeconds: 15
periodSeconds: 10
volumeMounts:
- name: config
mountPath: /etc/loki
- name: data
mountPath: /loki
resources:
{{- toYaml .Values.loki.write.resources | nindent 12 }}
volumes:
- name: config
configMap:
name: {{ include "loki-stack.fullname" . }}-loki
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.loki.write.storage.storageClassName }}
storageClassName: {{ .Values.loki.write.storage.storageClassName }}
{{- end }}
resources:
requests:
storage: {{ .Values.loki.write.storage.size }}

52
helm/loki-stack/templates/minio-deployment.yaml Normal file
View File

@@ -0,0 +1,52 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "loki-stack.fullname" . }}-minio
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
spec:
replicas: 1
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: minio
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: minio
spec:
containers:
- name: minio
image: {{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}
command:
- sh
- -euc
- |
mkdir -p /data/{{ .Values.minio.bucketName }} && \
minio server /data --console-address ":9001"
env:
- name: MINIO_ROOT_USER
value: {{ .Values.minio.rootUser }}
- name: MINIO_ROOT_PASSWORD
value: {{ .Values.minio.rootPassword }}
ports:
- name: api
containerPort: 9000
- name: console
containerPort: 9001
readinessProbe:
exec:
command: ["mc", "ready", "local"]
initialDelaySeconds: 5
periodSeconds: 5
volumeMounts:
- name: data
mountPath: /data
resources:
{{- toYaml .Values.minio.resources | nindent 12 }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "loki-stack.fullname" . }}-minio

16
helm/loki-stack/templates/minio-pvc.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "loki-stack.fullname" . }}-minio
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.minio.storage.storageClassName }}
storageClassName: {{ .Values.minio.storage.storageClassName }}
{{- end }}
resources:
requests:
storage: {{ .Values.minio.storage.size }}

19
helm/loki-stack/templates/minio-service.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "loki-stack.fullname" . }}-minio
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
spec:
type: ClusterIP
ports:
- name: api
port: 9000
targetPort: api
- name: console
port: 9001
targetPort: console
selector:
{{- include "loki-stack.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: minio

10
helm/loki-stack/templates/namespace.yaml Normal file
View File

@@ -0,0 +1,10 @@
{{- if .Values.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Release.Namespace }}
labels:
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
{{- end }}

33
helm/loki-stack/templates/networkpolicy.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: {{ include "loki-stack.fullname" . }}-allow-internal
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
spec:
podSelector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
policyTypes:
- Ingress
- Egress
ingress:
# Allow all traffic within the namespace
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ .Release.Namespace }}
egress:
# Allow all traffic within the namespace
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ .Release.Namespace }}
# Allow DNS
- to:
- namespaceSelector: {}
ports:
- protocol: UDP
port: 53
- protocol: TCP
port: 53

43
helm/loki-stack/templates/vector-configmap.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "loki-stack.fullname" . }}-vector
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: vector
data:
vector.yaml: |
sources:
kubernetes_logs:
type: kubernetes_logs
self_node_name: ${VECTOR_SELF_NODE_NAME}
transforms:
parse_logs:
type: remap
inputs:
- kubernetes_logs
source: |
.namespace = .kubernetes.pod_namespace
.pod = .kubernetes.pod_name
.container = .kubernetes.container_name
.node = .kubernetes.pod_node_name
del(.kubernetes)
del(.file)
del(.source_type)
sinks:
loki:
type: loki
inputs:
- parse_logs
endpoint: http://{{ include "loki-stack.fullname" . }}-loki-write:3100
encoding:
codec: text
labels:
source: vector
namespace: "{{`{{ namespace }}`}}"
pod: "{{`{{ pod }}`}}"
container: "{{`{{ container }}`}}"
node: "{{`{{ node }}`}}"
remove_label_fields: true

60
helm/loki-stack/templates/vector-daemonset.yaml Normal file
View File

@@ -0,0 +1,60 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "loki-stack.fullname" . }}-vector
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: vector
spec:
selector:
matchLabels:
{{- include "loki-stack.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: vector
template:
metadata:
labels:
{{- include "loki-stack.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: vector
spec:
serviceAccountName: {{ include "loki-stack.fullname" . }}-vector
containers:
- name: vector
image: {{ .Values.vector.image.repository }}:{{ .Values.vector.image.tag }}
securityContext:
privileged: true
env:
- name: VECTOR_SELF_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: config
mountPath: /etc/vector/vector.yaml
subPath: vector.yaml
- name: var-log
mountPath: /var/log
readOnly: true
- name: var-lib-containers
mountPath: /var/log/pods
readOnly: true
- name: data
mountPath: /vector-data-dir
resources:
{{- toYaml .Values.vector.resources | nindent 12 }}
{{- with .Values.vector.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: config
configMap:
name: {{ include "loki-stack.fullname" . }}-vector
- name: var-log
hostPath:
path: /var/log
- name: var-lib-containers
hostPath:
path: /var/log/pods
- name: data
hostPath:
path: /var/lib/vector

35
helm/loki-stack/templates/vector-rbac.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "loki-stack.fullname" . }}-vector
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: vector
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "loki-stack.fullname" . }}-vector
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: vector
rules:
- apiGroups: [""]
resources: ["namespaces", "nodes", "pods"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "loki-stack.fullname" . }}-vector
labels:
{{- include "loki-stack.labels" . | nindent 4 }}
app.kubernetes.io/component: vector
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "loki-stack.fullname" . }}-vector
subjects:
- kind: ServiceAccount
name: {{ include "loki-stack.fullname" . }}-vector
namespace: {{ .Release.Namespace }}

112
helm/loki-stack/values.yaml Normal file
View File

@@ -0,0 +1,112 @@
nameOverride: ""
fullnameOverride: ""
# Create namespace with PSA labels (privileged) for Talos
createNamespace: false
# --- MinIO ---
minio:
image:
repository: minio/minio
tag: latest
rootUser: loki
rootPassword: supersecret
bucketName: loki-chunks
storage:
size: 10Gi
storageClassName: ""
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
# --- Loki ---
loki:
image:
repository: grafana/loki
tag: "3.4.2"
write:
replicas: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
storage:
size: 10Gi
storageClassName: ""
read:
replicas: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
storage:
size: 10Gi
storageClassName: ""
backend:
replicas: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
storage:
size: 10Gi
storageClassName: ""
# --- Vector ---
vector:
image:
repository: timberio/vector
tag: 0.44.0-alpine
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
tolerations: []
# --- Grafana ---
grafana:
image:
repository: grafana/grafana
tag: "12.4"
adminUser: admin
adminPassword: admin
anonymousAccess: true
replicas: 1
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
service:
type: ClusterIP
storage:
size: 5Gi
storageClassName: ""
ingress:
enabled: false
className: ""
annotations: {}
hosts:
- host: grafana.local
paths:
- path: /
pathType: Prefix
tls: []