grafana-loki

Helm chart

Last changed

Request a free trial

Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.

Tag:

# -- Overrides the version used to determine compatibility of resources with the target Kubernetes cluster.

# This is useful when using `helm template`, because then helm will use the client version of kubectl as the Kubernetes version,

# which may or may not match your cluster's server version. Example: 'v1.24.4'. Set to null to use the version that helm

# devises.

kubeVersionOverride: null

global:

# -- Overrides the Docker registry globally for all images (standard format)

imageRegistry: null

image:

# -- Overrides the Docker registry globally for all images (deprecated, use global.imageRegistry)

registry: null

# -- Overrides the priorityClassName for all pods

priorityClassName: null

# -- configures cluster domain ("cluster.local" by default)

clusterDomain: "cluster.local"

# -- configures DNS service name

dnsService: "kube-dns"

# -- configures DNS service namespace

dnsNamespace: "kube-system"

# -- Common additional CLI arguments for all jobs (that is, -log.level debug, -config.expand-env=true or -log-config-reverse-order)

# scope: admin-api, backend, bloom-builder, bloom-gateway, bloom-planner, compactor, distributor, index-gateway, ingester, overrides-exporter, pattern-ingester, querier, query-frontend, query-scheduler, read, ruler, write.

extraArgs: []

# -- Common environment variables to add to all pods directly managed by this chart.

extraEnv: []

# -- Common source of environment injections to add to all pods directly managed by this chart.

# For example to inject values from a Secret, use:

# extraEnvFrom:

# - secretRef:

# name: mysecret

extraEnvFrom: []

# -- Common volumes to add to all pods directly managed by this chart.

extraVolumes: []

# -- Common mount points to add to all pods directly managed by this chart.

extraVolumeMounts: []

# -- Overrides the chart's name

nameOverride: null

# -- Overrides the chart's computed fullname

fullnameOverride: null

# -- Overrides the chart's namespace

namespaceOverride: null

# -- Overrides the chart's cluster label

clusterLabelOverride: null

# -- Image pull secrets for Docker images

imagePullSecrets: []

# -- Deployment mode lets you specify how to deploy Loki.

# There are 3 options:

# - SingleBinary: Loki is deployed as a single binary, useful for small installs typically without HA, up to a few tens of GB/day.

# - SimpleScalable: Loki is deployed as 3 targets: read, write, and backend. Useful for medium installs easier to manage than distributed, up to a about 1TB/day.

# - Distributed: Loki is deployed as individual microservices. The most complicated but most capable, useful for large installs, typically over 1TB/day.

# There are also 2 additional modes used for migrating between deployment modes:

# - SingleBinary<->SimpleScalable: Migrate from SingleBinary to SimpleScalable (or vice versa)

# - SimpleScalable<->Distributed: Migrate from SimpleScalable to Distributed (or vice versa)

# Note: SimpleScalable and Distributed REQUIRE the use of object storage.

deploymentMode: SimpleScalable

# -- Labels to be added to resources

commonLabels: {}

######################################################################################################################

# Base Loki Configs including kubernetes configurations and configurations for Loki itself,

# see below for more specifics on Loki's configuration.

######################################################################################################################

# -- Configuration for running Loki

# @default -- See values.yaml

loki:

# Configures the liveness probe for all of the Loki pods

livenessProbe: {}

# Configures the readiness probe for all of the Loki pods

readinessProbe:

httpGet:

path: /ready

port: http-metrics

periodSeconds: 10

initialDelaySeconds: 15

successThreshold: 1

failureThreshold: 3

timeoutSeconds: 1

# Configures the startup probe for all of the Loki pods

startupProbe: {}

image:

# -- The Docker registry

registry: cgr.dev

# -- Docker image repository

repository: chainguard-private/loki

# -- Overrides the image tag whose default is the chart's appVersion

tag: latest

# -- Overrides the image tag with an image digest

digest: sha256:f5fe104fe6a77baf09ffd0e936ead9784f1b84925fd3743fa1b2021293d61db7

# -- Docker image pull policy

pullPolicy: IfNotPresent

# -- Common annotations for all deployments/StatefulSets

annotations: {}

# -- Common annotations for all pods

podAnnotations: {}

# -- Common labels for all pods

100

podLabels: {}

101

# -- Common annotations for all services

102

serviceAnnotations: {}

103

# -- Common labels for all services

104

serviceLabels: {}

105

# -- The number of old ReplicaSets to retain to allow rollback

106

revisionHistoryLimit: 10

107

# -- The SecurityContext for Loki pods

108

podSecurityContext:

109

fsGroup: 10001

110

fsGroupChangePolicy: OnRootMismatch

111

runAsGroup: 10001

112

runAsNonRoot: true

113

runAsUser: 10001

114

# -- The SecurityContext for Loki containers

115

containerSecurityContext:

116

readOnlyRootFilesystem: true

117

capabilities:

118

drop:

119

- ALL

120

allowPrivilegeEscalation: false

121

# -- Should enableServiceLinks be enabled. Default to enable

122

enableServiceLinks: true

123

# -- DNS config for Loki pods

124

dnsConfig: {}

125

######################################################################################################################

126

127

# Loki Configuration

128

129

# There are several ways to pass configuration to Loki, listing them here in order of our preference for how

130

# you should use this chart.

131

# 1. Use the templated value of loki.config below and the corresponding override sections which follow.

132

# This allows us to set a lot of important Loki configurations and defaults and also allows us to maintain them

133

# over time as Loki changes and evolves.

134

# 2. Use the loki.structuredConfig section.

135

# This will completely override the templated value of loki.config, so you MUST provide the entire Loki config

136

# including any configuration that we set in loki.config unless you explicitly are trying to change one of those

137

# values and are not able to do so with the templated sections.

138

# If you choose this approach the burden is on you to maintain any changes we make to the templated config.

139

# 3. Use an existing secret or configmap to provide the configuration.

140

# This option is mostly provided for folks who have external processes which provide or modify the configuration.

141

# When using this option you can specify a different name for loki.generatedConfigObjectName and configObjectName

142

# if you have a process which takes the generated config and modifies it, or you can stop the chart from generating

143

# a config entirely by setting loki.generatedConfigObjectName to

144

145

######################################################################################################################

146

147

# -- Defines what kind of object stores the configuration, a ConfigMap or a Secret.

148

# In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use [environment variables in the configuration](https://grafana.com/docs/loki/latest/configuration/#use-environment-variables-in-the-configuration).

149

# Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/#use-case-as-container-environment-variables).

150

configStorageType: ConfigMap

151

# -- The name of the object which Loki will mount as a volume containing the config.

152

# If the configStorageType is Secret, this will be the name of the Secret, if it is ConfigMap, this will be the name of the ConfigMap.

153

# The value will be passed through tpl.

154

configObjectName: '{{ include "loki.name" . }}'

155

# -- The name of the Secret or ConfigMap that will be created by this chart.

156

# If empty, no configmap or secret will be created.

157

# The value will be passed through tpl.

158

generatedConfigObjectName: '{{ include "loki.name" . }}'

159

# -- Config file contents for Loki

160

# @default -- See values.yaml

161

config: |

162

163

164

165

auth_enabled: {{ .Values.loki.auth_enabled }}

166

167

168

169

server:

170

171

172

173

174

pattern_ingester:

175

176

177

178

memberlist:

179

180

181

182

183

184

185

join_members:

186

- {{ include "loki.memberlist" . }}.{{ include "loki.namespace" $ }}.svc.{{ .Values.global.clusterDomain }}

187

188

189

- {{ .memberlistService }}

190

191

192

193

194

195

ingester:

196

197

198

199

200

ingester_client:

201

202

203

204

205

block_builder:

206

207

208

209

210

common:

211

212

storage:

213

214

215

216

217

limits_config:

218

219

220

221

runtime_config:

222

file: /etc/loki/runtime-config/runtime-config.yaml

223

224

225

226

chunk_store_config:

227

chunk_cache_config:

228

default_validity: {{ .defaultValidity }}

229

background:

230

writeback_goroutines: {{ .writebackParallelism }}

231

writeback_buffer: {{ .writebackBuffer }}

232

writeback_size_limit: {{ .writebackSizeLimit }}

233

memcached:

234

batch_size: {{ .batchSize }}

235

parallelism: {{ .parallelism }}

236

memcached_client:

237

addresses: {{ .addresses }}

238

consistent_hash: true

239

timeout: {{ .timeout }}

240

max_idle_conns: 72

241

242

243

244

l2_chunk_cache_handoff: {{ .l2ChunkCacheHandoff }}

245

chunk_cache_config_l2:

246

default_validity: {{ .defaultValidity }}

247

background:

248

writeback_goroutines: {{ .writebackParallelism }}

249

writeback_buffer: {{ .writebackBuffer }}

250

writeback_size_limit: {{ .writebackSizeLimit }}

251

memcached:

252

batch_size: {{ .batchSize }}

253

parallelism: {{ .parallelism }}

254

memcached_client:

255

addresses: {{ .addresses }}

256

consistent_hash: true

257

timeout: {{ .timeout }}

258

max_idle_conns: 72

259

260

261

262

263

264

schema_config:

265

266

267

268

269

schema_config:

270

271

272

273

274

275

276

277

{{- if and .Values.loki.storage.use_thanos_objstore .Values.ruler.enabled}}

278

ruler_storage:

279

280

281

282

{{- if or .Values.tableManager.retention_deletes_enabled .Values.tableManager.retention_period }}

283

table_manager:

284

retention_deletes_enabled: {{ .Values.tableManager.retention_deletes_enabled }}

285

retention_period: {{ .Values.tableManager.retention_period }}

286

287

288

query_range:

289

align_queries_with_step: true

290

291

292

293

294

295

cache_results: true

296

results_cache:

297

cache:

298

default_validity: {{ .defaultValidity }}

299

background:

300

writeback_goroutines: {{ .writebackParallelism }}

301

writeback_buffer: {{ .writebackBuffer }}

302

writeback_size_limit: {{ .writebackSizeLimit }}

303

memcached_client:

304

addresses: {{ .addresses }}

305

consistent_hash: true

306

timeout: {{ .timeout }}

307

update_interval: 1m

308

309

310

311

312

storage_config:

313

{{- if not (hasKey $.Values.loki.storage_config "use_thanos_objstore") }}

314

use_thanos_objstore: {{ $.Values.loki.storage.use_thanos_objstore }}

315

316

317

318

319

320

query_scheduler:

321

322

323

324

325

compactor:

326

327

328

329

330

compactor_grpc_client:

331

332

333

334

335

analytics:

336

337

338

339

340

ui:

341

enabled: true

342

343

344

querier:

345

346

347

348

349

index_gateway:

350

351

352

353

354

frontend:

355

356

357

358

359

frontend_worker:

360

361

362

363

364

distributor:

365

366

367

368

tracing:

369

enabled: {{ .Values.loki.tracing.enabled }}

370

371

372

bloom_build:

373

374

375

376

377

bloom_gateway:

378

379

380

381

382

operational_config:

383

384

385

# Should authentication be enabled

386

auth_enabled: true

387

# -- memberlist configuration (overrides embedded default)

388

memberlistConfig: {}

389

# -- Extra memberlist configuration

390

extraMemberlistConfig: {}

391

# -- Tenants list to be created on nginx htpasswd file, with name and password or passwordHash keys

392

# Example:

393

# <pre>

394

# tenants:

395

# - name: "test-user-1"

396

# password: "test-password-1"

397

# - name: "test-user-2"

398

# passwordHash: "$2y$10$7O40CaY1yz7fu9O24k2/u.ct/wELYHRBsn25v/7AyuQ8E8hrLqpva" # generated using `htpasswd -nbBC10 test-user-2 test-password-2`

399

# </pre>

400

tenants: []

401

# -- Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.

402

server:

403

http_listen_port: 3100

404

grpc_listen_port: 9095

405

http_server_read_timeout: 600s

406

http_server_write_timeout: 600s

407

service:

408

# -- trafficDistribution for services

409

# Ref: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-distribution

410

trafficDistribution: ""

411

# -- Limits config

412

limits_config:

413

reject_old_samples: true

414

reject_old_samples_max_age: 168h

415

max_cache_freshness_per_query: 10m

416

split_queries_by_interval: 15m

417

query_timeout: 300s

418

volume_enabled: true

419

# -- Provides a reloadable runtime configuration file for some specific configuration

420

runtimeConfig: {}

421

# -- Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration

422

commonConfig:

423

path_prefix: /var/loki

424

replication_factor: 3

425

# -- The gRPC address of the compactor. The use of compactor_grpc_address is prefered over compactor_address.

426

# If a customized compactor_address is set, compactor_grpc_address should be set to an empty string.

427

compactor_grpc_address: '{{ include "loki.compactorAddress" . }}'

428

# -- Storage config. Providing this will automatically populate all necessary storage configs in the templated config.

429

# -- In case of using thanos storage, enable use_thanos_objstore and the configuration should be done inside the object_store section.

430

storage:

431

# Loki requires a bucket for chunks and the ruler. GEL requires a third bucket for the admin API.

432

# Please provide these values if you are using object storage.

433

# bucketNames:

434

# chunks: FIXME

435

# ruler: FIXME

436

# admin: FIXME

437

type: s3

438

s3:

439

s3: null

440

endpoint: null

441

region: null

442

secretAccessKey: null

443

accessKeyId: null

444

signatureVersion: null

445

s3ForcePathStyle: false

446

insecure: false

447

http_config: {}

448

# -- Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config

449

backoff_config: {}

450

disable_dualstack: false

451

gcs:

452

chunkBufferSize: 0

453

requestTimeout: "0s"

454

enableHttp2: true

455

azure:

456

accountName: null

457

accountKey: null

458

connectionString: null

459

useManagedIdentity: false

460

useFederatedToken: false

461

userAssignedId: null

462

requestTimeout: null

463

endpointSuffix: null

464

chunkDelimiter: null

465

swift:

466

auth_version: null

467

auth_url: null

468

internal: null

469

username: null

470

user_domain_name: null

471

user_domain_id: null

472

user_id: null

473

password: null

474

domain_id: null

475

domain_name: null

476

project_id: null

477

project_name: null

478

project_domain_id: null

479

project_domain_name: null

480

region_name: null

481

container_name: null

482

max_retries: null

483

connect_timeout: null

484

request_timeout: null

485

filesystem:

486

chunks_directory: /var/loki/chunks

487

rules_directory: /var/loki/rules

488

# Loki now supports using thanos storage clients for connecting to object storage backend.

489

# This will become the default way to configure storage in a future releases.

490

use_thanos_objstore: false

491

object_store:

492

# Type of object store. Valid options are: s3, gcs, azure

493

type: s3

494

# Optional prefix for storage keys

495

storage_prefix: null

496

# S3 configuration (when type is "s3")

497

s3:

498

# S3 endpoint URL

499

endpoint: null

500

# Optional region

501

region: null

502

# Optional access key

503

access_key_id: null

504

# Optional secret key

505

secret_access_key: null

506

# Optional. Enable if using self-signed TLS

507

insecure: false

508

# Optional server-side encryption configuration

509

sse: {}

510

# Optional HTTP client configuration

511

http: {}

512

# GCS configuration (when type is "gcs")

513

gcs:

514

# Name of the bucket

515

bucket_name: null

516

# Optional service account JSON

517

service_account: null

518

# Azure configuration (when type is "azure")

519

azure:

520

# Storage account name

521

account_name: null

522

# Optional storage account key

523

account_key: null

524

# -- Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas

525

schemaConfig: {}

526

# -- a real Loki install requires a proper schemaConfig defined above this, however for testing or playing around

527

# you can enable useTestSchema

528

useTestSchema: false

529

testSchemaConfig:

530

configs:

531

- from: 2024-04-01

532

store: tsdb

533

object_store: '{{ include "loki.testSchemaObjectStore" . }}'

534

schema: v13

535

index:

536

prefix: index_

537

period: 24h

538

## A separate loki ruler storage configuration can be provided via rulerStorage.storage section:

539

## rulerConfig:

540

## storage:

541

## type: local

542

# -- Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler

543

rulerConfig:

544

wal:

545

dir: /var/loki/ruler-wal

546

# -- Storage for the ruler. If defining rules in `ruler.directories`, this must be configured to use local storage as shown below.

547

# storage:

548

# type: local

549

# local:

550

# directory: /etc/loki/rules

551

# -- Structured loki configuration, takes precedence over `loki.config`, `loki.schemaConfig`, `loki.storageConfig`

552

structuredConfig: {}

553

# -- Additional query scheduler config

554

query_scheduler: {}

555

# -- Additional storage config

556

storage_config:

557

boltdb_shipper:

558

index_gateway_client:

559

server_address: '{{ include "loki.indexGatewayAddress" . }}'

560

tsdb_shipper:

561

index_gateway_client:

562

server_address: '{{ include "loki.indexGatewayAddress" . }}'

563

bloom_shipper:

564

working_directory: /var/loki/data/bloomshipper

565

hedging:

566

at: "250ms"

567

max_per_second: 20

568

up_to: 3

569

# -- Optional compactor configuration

570

compactor: {}

571

# -- Optional compactor grpc client configuration

572

compactor_grpc_client: {}

573

# -- Optional pattern ingester configuration

574

pattern_ingester:

575

enabled: false

576

# -- Optional analytics configuration

577

analytics: {}

578

# -- Optional Loki UI: Provides access to a operators UI for Loki distributed. When enabled UI will be available at /ui/ of loki-gateway

579

ui:

580

# Disabled by default for backwards compatibility. Enable to use the Loki UI.

581

enabled: false

582

gateway:

583

# enable gateway proxying to UI under /ui

584

enabled: true

585

# -- Optional querier configuration

586

query_range: {}

587

# -- Optional querier configuration

588

querier: {}

589

# -- Optional ingester configuration

590

ingester: {}

591

# -- Optional ingester client configuration

592

ingester_client: {}

593

# -- Optional block builder configuration

594

block_builder: {}

595

# -- Optional index gateway configuration

596

index_gateway:

597

mode: simple

598

frontend:

599

scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'

600

tail_proxy_url: '{{ include "loki.querierAddress" . }}'

601

frontend_worker:

602

scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'

603

# -- Optional distributor configuration

604

distributor: {}

605

# -- Enable tracing

606

tracing:

607

enabled: false

608

bloom_build:

609

enabled: false

610

builder:

611

planner_address: '{{ include "loki.bloomPlannerAddress" . }}'

612

bloom_gateway:

613

enabled: false

614

client:

615

addresses: '{{ include "loki.bloomGatewayAddresses" . }}'

616

# -- Optional operational configuration

617

operational_config: {}

618

######################################################################################################################

619

620

# Enterprise Loki Configs

621

622

######################################################################################################################

623

624

# -- Configuration for running Enterprise Loki

625

enterprise:

626

# Enable enterprise features, license must be provided

627

enabled: false

628

# Default version of GEL to deploy

629

version: 3.6.5

630

# -- Optional name of the GEL cluster, otherwise will use .Release.Name

631

# The cluster name must match what is in your GEL license

632

cluster_name: null

633

# -- Grafana Enterprise Logs license

634

# In order to use Grafana Enterprise Logs features, you will need to provide

635

# the contents of your Grafana Enterprise Logs license, either by providing the

636

# contents of the license.jwt, or the name Kubernetes Secret that contains your

637

# license.jwt.

638

# To set the license contents, use the flag `--set-file 'enterprise.license.contents=./license.jwt'`

639

license:

640

contents: "NOTAVALIDLICENSE"

641

# -- Set to true when providing an external license

642

useExternalLicense: false

643

# -- Name of external license secret to use

644

externalLicenseName: null

645

# -- Name of the external config secret to use

646

externalConfigName: ""

647

# -- Use GEL gateway, if false will use the default nginx gateway

648

gelGateway: true

649

# -- If enabled, the correct admin_client storage will be configured. If disabled while running enterprise,

650

# make sure auth is set to `type: trust`, or that `auth_enabled` is set to `false`.

651

adminApi:

652

enabled: true

653

# enterprise specific sections of the config.yaml file

654

config: |

655

656

admin_client:

657

{{ include "enterprise-logs.adminAPIStorageConfig" . | nindent 2 }}

658

659

auth:

660

type: {{ .Values.enterprise.adminApi.enabled | ternary "enterprise" "trust" }}

661

auth_enabled: {{ .Values.loki.auth_enabled }}

662

cluster_name: {{ include "loki.clusterName" . }}

663

license:

664

path: /etc/loki/license/license.jwt

665

image:

666

# -- The Docker registry

667

registry: cgr.dev

668

# -- Docker image repository

669

repository: chainguard-private/loki

670

# -- Docker image tag

671

tag: latest

672

# -- Overrides the image tag with an image digest

673

digest: sha256:f5fe104fe6a77baf09ffd0e936ead9784f1b84925fd3743fa1b2021293d61db7

674

# -- Docker image pull policy

675

pullPolicy: IfNotPresent

676

adminToken:

677

# -- Name of external secret containing the admin token for enterprise provisioner

678

# This secret must exist before deploying and must contain a key named 'token'

679

secret: null

680

# -- Alternative name of the secret to store token for the canary

681

canarySecret: null

682

# -- Configuration for `provisioner` target

683

# Note: Uses enterprise.adminToken.secret value to mount the admin token used to call the admin api.

684

provisioner:

685

# -- Whether the job should be part of the deployment

686

enabled: true

687

# -- Name of the secret to store provisioned tokens in

688

provisionedSecretPrefix: null

689

# -- Hook type(s) to customize when the job runs. defaults to post-install

690

hookType: "post-install"

691

# -- url of the admin api to use for the provisioner

692

apiUrl: '{{ include "loki.address" . }}'

693

# -- Additional tenants to be created. Each tenant will get a read and write policy

694

# and associated token. Tenant must have a name and a namespace for the secret containting

695

# the token to be created in. For example

696

# additionalTenants:

697

# - name: loki

698

# secretNamespace: grafana

699

additionalTenants: []

700

# -- Additional Kubernetes environment

701

env: []

702

# -- Additional labels for the `provisioner` Job

703

labels: {}

704

# -- Additional annotations for the `provisioner` Job

705

annotations: {}

706

# -- Affinity for provisioner Pods

707

# The value will be passed through tpl.

708

affinity: {}

709

# -- Node selector for provisioner Pods

710

nodeSelector: {}

711

# -- Tolerations for provisioner Pods

712

tolerations: []

713

# -- The name of the PriorityClass for provisioner Job

714

priorityClassName: null

715

# -- Use the host's user namespace in provisioner pods

716

hostUsers: nil

717

# -- Run containers as user `enterprise-logs(uid=10001)`

718

securityContext:

719

runAsNonRoot: true

720

runAsGroup: 10001

721

runAsUser: 10001

722

fsGroup: 10001

723

# -- Provisioner image to Utilize

724

image:

725

# -- The Docker registry

726

registry: cgr.dev

727

# -- Docker image repository

728

repository: chainguard-private/loki

729

# -- Overrides the image tag whose default is the chart's appVersion

730

tag: latest

731

# -- Overrides the image tag with an image digest

732

digest: sha256:f5fe104fe6a77baf09ffd0e936ead9784f1b84925fd3743fa1b2021293d61db7

733

# -- Docker image pull policy

734

pullPolicy: IfNotPresent

735

# -- Volume mounts to add to the provisioner pods

736

extraVolumeMounts: []

737

# -- Additional volumes for Pods

738

extraVolumes: []

739

######################################################################################################################

740

741

# Chart Testing

742

743

######################################################################################################################

744

745

# -- Section for configuring optional Helm test

746

test:

747

enabled: true

748

# -- Used to directly query the metrics endpoint of the canary for testing, this approach avoids needing prometheus for testing.

749

# This in a newer approach to using prometheusAddress such that tests do not have a dependency on prometheus

750

canaryServiceAddress: 'http://{{ include "loki-canary.fullname" $ }}.{{ include "loki.namespace" $ }}.svc.{{ .Values.global.clusterDomain }}:3500/metrics'

751

# -- Address of the prometheus server to query for the test. This overrides any value set for canaryServiceAddress.

752

# This is kept for backward compatibility and may be removed in future releases. Previous value was 'http://prometheus:9090'

753

prometheusAddress: ""

754

# -- Number of times to retry the test before failing

755

timeout: 1m

756

# -- Additional labels for the test pods

757

labels: {}

758

# -- Additional annotations for test pods

759

annotations: {}

760

# -- Image to use for loki canary

761

image:

762

# -- The Docker registry

763

registry: docker.io

764

# -- Docker image repository

765

repository: grafana/loki-helm-test

766

# -- Overrides the image tag whose default is the chart's appVersion

767

tag: "latest"

768

# -- Overrides the image tag with an image digest

769

digest: null

770

# -- Docker image pull policy

771

pullPolicy: IfNotPresent

772

# -- Use the host's user namespace in test pods

773

hostUsers: nil

774

# The Loki canary pushes logs to and queries from this loki installation to test

775

# that it's working correctly

776

lokiCanary:

777

enabled: true

778

# -- The type of the loki canary k8s rollout. This can be a DaemonSet or Deployment.

779

kind: DaemonSet

780

# -- If true, the canary will send directly to Loki via the address configured for verification --

781

# -- If false, it will write to stdout and an Agent will be needed to scrape and send the logs --

782

push: true

783

# -- If set overwrites the default value set by loki.host helper function. Use this if gateway not enabled.

784

lokiurl: null

785

# -- The name of the label to look for at loki when doing the checks.

786

labelname: pod

787

# -- Additional annotations for the `loki-canary` Daemonset

788

annotations: {}

789

# -- Additional labels for each `loki-canary` pod

790

podLabels: {}

791

service:

792

# -- Annotations for loki-canary Service

793

annotations: {}

794

# -- Additional labels for loki-canary Service

795

labels: {}

796

# -- Additional CLI arguments for the `loki-canary' command

797

extraArgs: []

798

# -- Environment variables to add to the canary pods

799

extraEnv: []

800

# -- Environment variables from secrets or configmaps to add to the canary pods

801

extraEnvFrom: []

802

# -- Volume mounts to add to the canary pods

803

extraVolumeMounts: []

804

# -- Volumes to add to the canary pods

805

extraVolumes: []

806

# -- Resource requests and limits for the canary

807

resources: {}

808

# -- DNS config for canary pods

809

dnsConfig: {}

810

# -- Node selector for canary pods

811

nodeSelector: {}

812

# -- Tolerations for canary pods

813

tolerations: []

814

# -- Affinity for canary pods

815

affinity: {}

816

# -- The name of the PriorityClass for loki-canary pods

817

priorityClassName: null

818

# -- Use the host's user namespace in loki-canary pods

819

hostUsers: nil

820

# -- Image to use for loki canary

821

image:

822

# -- The Docker registry

823

registry: cgr.dev

824

# -- Docker image repository

825

repository: chainguard-private/loki-canary

826

# -- Overrides the image tag whose default is the chart's appVersion

827

tag: latest

828

# -- Overrides the image tag with an image digest

829

digest: sha256:595881c44e526d783f6cc333edcc899693b9f5f2288f2cd08dbf4849973eb03b

830

# -- Docker image pull policy

831

pullPolicy: IfNotPresent

832

# -- Liveness probe

833

livenessProbe:

834

# -- Readiness probe

835

readinessProbe:

836

httpGet:

837

path: /metrics

838

port: http-metrics

839

initialDelaySeconds: 15

840

timeoutSeconds: 1

841

# -- Startup probe

842

startupProbe:

843

# -- Update strategy for the `loki-canary` Daemonset pods

844

updateStrategy:

845

type: RollingUpdate

846

rollingUpdate:

847

maxUnavailable: 1

848

# -- Replicas for `loki-canary` when using a Deployment

849

replicas: 1

850

######################################################################################################################

851

852

# Service Accounts and Kubernetes RBAC

853

854

######################################################################################################################

855

serviceAccount:

856

# -- Specifies whether a ServiceAccount should be created

857

create: true

858

# -- The name of the ServiceAccount to use.

859

# If not set and create is true, a name is generated using the fullname template

860

861

# -- Image pull secrets for the service account

862

imagePullSecrets: []

863

# -- Annotations for the service account

864

annotations: {}

865

# -- Labels for the service account

866

labels: {}

867

# -- Set this toggle to false to opt out of automounting API credentials for the service account

868

automountServiceAccountToken: true

869

# RBAC configuration

870

rbac:

871

# -- If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.

872

pspEnabled: false

873

# -- For OpenShift set pspEnabled to 'false' and sccEnabled to 'true' to use the SecurityContextConstraints.

874

sccEnabled: false

875

# -- Toggle this to true to allow the use of hostPath volumes on OpenShift

876

sccAllowHostDirVolumePlugin: false

877

# -- Specify PSP annotations

878

# Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations

879

pspAnnotations: {}

880

# seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'

881

# seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'

882

# apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'

883

# -- Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.

884

namespaced: false

885

######################################################################################################################

886

887

# Network Policy configuration

888

889

######################################################################################################################

890

networkPolicy:

891

# -- Specifies whether Network Policies should be created

892

enabled: false

893

# -- Specifies whether the policies created will be standard Network Policies (flavor: kubernetes)

894

# or Cilium Network Policies (flavor: cilium)

895

flavor: kubernetes

896

metrics:

897

# -- Specifies the Pods which are allowed to access the metrics port.

898

# As this is cross-namespace communication, you also need the namespaceSelector.

899

podSelector: {}

900

# -- Specifies the namespaces which are allowed to access the metrics port

901

namespaceSelector: {}

902

# -- Specifies specific network CIDRs which are allowed to access the metrics port.

903

# In case you use namespaceSelector, you also have to specify your kubelet networks here.

904

# The metrics ports are also used for probes.

905

cidrs: []

906

ingress:

907

# -- Specifies the Pods which are allowed to access the http port.

908

# As this is cross-namespace communication, you also need the namespaceSelector.

909

podSelector: {}

910

# -- Specifies the namespaces which are allowed to access the http port

911

namespaceSelector: {}

912

alertmanager:

913

# -- Specify the alertmanager port used for alerting

914

port: 9093

915

# -- Specifies the alertmanager Pods.

916

# As this is cross-namespace communication, you also need the namespaceSelector.

917

podSelector: {}

918

# -- Specifies the namespace the alertmanager is running in

919

namespaceSelector: {}

920

externalStorage:

921

# -- Specify the port used for external storage, e.g. AWS S3

922

ports: []

923

# -- Specifies specific network CIDRs you want to limit access to

924

cidrs: []

925

discovery:

926

# -- (int) Specify the port used for discovery

927

port: null

928

# -- Specifies the Pods labels used for discovery.

929

# As this is cross-namespace communication, you also need the namespaceSelector.

930

podSelector: {}

931

# -- Specifies the namespace the discovery Pods are running in

932

namespaceSelector: {}

933

egressWorld:

934

# -- Enable additional cilium egress rules to external world for write, read and backend.

935

enabled: false

936

egressKubeApiserver:

937

# -- Enable additional cilium egress rules to kube-apiserver for backend.

938

enabled: false

939

######################################################################################################################

940

941

# Global memberlist configuration

942

943

######################################################################################################################

944

945

# Configuration for the memberlist service

946

memberlist:

947

service:

948

publishNotReadyAddresses: false

949

annotations: {}

950

######################################################################################################################

951

952

# adminAPI configuration, enterprise only.

953

954

######################################################################################################################

955

956

# -- Configuration for the `admin-api` target

957

adminApi:

958

# -- Define the amount of instances

959

replicas: 1

960

# -- hostAliases to add

961

hostAliases: []

962

# - ip: 1.2.3.4

963

# hostnames:

964

# - domain.tld

965

# -- Additional CLI arguments for the `admin-api` target

966

extraArgs: {}

967

# -- Environment variables to add to the admin-api pods

968

extraEnv: []

969

# -- Environment variables from secrets or configmaps to add to the admin-api pods

970

extraEnvFrom: []

971

# -- Additional labels for the `admin-api` Deployment

972

labels: {}

973

# -- Additional annotations for the `admin-api` Deployment

974

annotations: {}

975

# -- DNSConfig for `admin-api` pods

976

dnsConfig: {}

977

# -- Additional labels and annotations for the `admin-api` Service

978

service:

979

labels: {}

980

annotations: {}

981

# -- Run container as user `enterprise-logs(uid=10001)`

982

# `fsGroup` must not be specified, because these security options are applied

983

# on container level not on Pod level.

984

podSecurityContext:

985

runAsNonRoot: true

986

runAsGroup: 10001

987

runAsUser: 10001

988

containerSecurityContext:

989

readOnlyRootFilesystem: true

990

capabilities:

991

drop:

992

- ALL

993

allowPrivilegeEscalation: false

994

# -- Update strategy

995

strategy:

996

type: RollingUpdate

997

# -- Liveness probe

998

livenessProbe: {}

999

# -- Readiness probe

1000

readinessProbe:

1001

httpGet:

1002

path: /ready

1003

port: http-metrics

1004

initialDelaySeconds: 45

1005

# -- Startup probe

1006

startupProbe: {}

1007

# -- Request and limit Kubernetes resources

1008

# -- Values are defined in small.yaml and large.yaml

1009

resources: {}

1010

# -- Configure optional environment variables

1011

env: []

1012

# -- Configure optional initContainers

1013

initContainers: []

1014

# -- Configure optional extraContainers

1015

extraContainers: []

1016

# -- Additional volumes for Pods

1017

extraVolumes: []

1018

# -- Additional volume mounts for Pods

1019

extraVolumeMounts: []

1020

# -- Affinity for admin-api Pods

1021

# The value will be passed through tpl.

1022

affinity: {}

1023

# -- Node selector for admin-api Pods

1024

nodeSelector: {}

1025

# -- Topology Spread Constraints for admin-api pods

1026

# The value will be passed through tpl.

1027

topologySpreadConstraints: []

1028

# -- Tolerations for admin-api Pods

1029

tolerations: []

1030

# -- Grace period to allow the admin-api to shutdown before it is killed

1031

terminationGracePeriodSeconds: 60

1032

# -- Use the host's user namespace in admin-api pods

1033

hostUsers: nil

1034

######################################################################################################################

1035

1036

# Gateway and Ingress

1037

1038

# By default this chart will deploy a Nginx container to act as a gateway which handles routing of traffic

1039

# and can also do auth.

1040

1041

# If you would prefer you can optionally disable this and enable using k8s ingress to do the incoming routing.

1042

1043

######################################################################################################################

1044

1045

# Configuration for the gateway

1046

gateway:

1047

# -- Specifies whether the gateway should be enabled

1048

enabled: true

1049

# -- Number of replicas for the gateway

1050

replicas: 1

1051

# -- Default container port

1052

containerPort: 8080

1053

# -- Enable logging of 2xx and 3xx HTTP requests

1054

verboseLogging: true

1055

autoscaling:

1056

# -- Enable autoscaling for the gateway

1057

enabled: false

1058

# -- Minimum autoscaling replicas for the gateway

1059

minReplicas: 1

1060

# -- Maximum autoscaling replicas for the gateway

1061

maxReplicas: 3

1062

# -- Target CPU utilisation percentage for the gateway

1063

targetCPUUtilizationPercentage: 60

1064

# -- Target memory utilisation percentage for the gateway

1065

targetMemoryUtilizationPercentage:

1066

# -- See `kubectl explain deployment.spec.strategy` for more

1067

# -- ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy

1068

# -- Behavior policies while scaling.

1069

behavior: {}

1070

# scaleUp:

1071

# stabilizationWindowSeconds: 300

1072

# policies:

1073

# - type: Pods

1074

# value: 1

1075

# periodSeconds: 60

1076

# scaleDown:

1077

# stabilizationWindowSeconds: 300

1078

# policies:

1079

# - type: Pods

1080

# value: 1

1081

# periodSeconds: 180

1082

deploymentStrategy:

1083

type: RollingUpdate

1084

image:

1085

# -- The Docker registry for the gateway image

1086

registry: cgr.dev

1087

# -- The gateway image repository

1088

repository: chainguard-private/nginx

1089

# -- The gateway image tag

1090

tag: latest

1091

# -- Overrides the gateway image tag with an image digest

1092

digest: sha256:772ecad99610194613f579d98c88a5120828a5e528a97184a23c5e0e9d87d589

1093

# -- The gateway image pull policy

1094

pullPolicy: IfNotPresent

1095

# -- The name of the PriorityClass for gateway pods

1096

priorityClassName: null

1097

# -- Annotations for gateway deployment

1098

annotations: {}

1099

# -- Annotations for gateway pods

1100

podAnnotations: {}

1101

# -- Additional labels for gateway pods

1102

podLabels: {}

1103

# -- Additional CLI args for the gateway

1104

extraArgs: []

1105

# -- Environment variables to add to the gateway pods

1106

extraEnv: []

1107

# -- Environment variables from secrets or configmaps to add to the gateway pods

1108

extraEnvFrom: []

1109

# -- Lifecycle for the gateway container

1110

lifecycle: {}

1111

# -- Volumes to add to the gateway pods

1112

extraVolumes: []

1113

# -- Volume mounts to add to the gateway pods

1114

extraVolumeMounts: []

1115

# -- The SecurityContext for gateway containers

1116

podSecurityContext:

1117

fsGroup: 101

1118

runAsGroup: 101

1119

runAsNonRoot: true

1120

runAsUser: 101

1121

# -- The SecurityContext for gateway containers

1122

containerSecurityContext:

1123

readOnlyRootFilesystem: true

1124

capabilities:

1125

drop:

1126

- ALL

1127

allowPrivilegeEscalation: false

1128

# -- Use the host's user namespace in the gateway

1129

hostUsers: nil

1130

# -- Resource requests and limits for the gateway

1131

resources: {}

1132

# -- Containers to add to the gateway pods

1133

extraContainers: []

1134

# -- Grace period to allow the gateway to shutdown before it is killed

1135

terminationGracePeriodSeconds: 30

1136

# -- Affinity for gateway pods.

1137

# @default -- Hard node anti-affinity

1138

# The value will be passed through tpl.

1139

affinity:

1140

podAntiAffinity:

1141

requiredDuringSchedulingIgnoredDuringExecution:

1142

- labelSelector:

1143

matchLabels:

1144

app.kubernetes.io/component: gateway

1145

app.kubernetes.io/name: '{{ include "loki.name" . }}'

1146

app.kubernetes.io/instance: '{{ .Release.Name }}'

1147

topologyKey: kubernetes.io/hostname

1148

# -- DNS config for gateway pods

1149

dnsConfig: {}

1150

# -- Node selector for gateway pods

1151

nodeSelector: {}

1152

# -- Topology Spread Constraints for gateway pods

1153

# The value will be passed through tpl.

1154

topologySpreadConstraints: []

1155

# -- Tolerations for gateway pods

1156

tolerations: []

1157

# Gateway service configuration

1158

service:

1159

# -- Port of the gateway service

1160

port: 80

1161

# -- Type of the gateway service

1162

type: ClusterIP

1163

# -- ClusterIP of the gateway service

1164

clusterIP: null

1165

# -- (int) Node port if service type is NodePort

1166

nodePort: null

1167

# -- Load balancer IPO address if service type is LoadBalancer

1168

loadBalancerIP: null

1169

# -- Annotations for the gateway service

1170

annotations: {}

1171

# -- Labels for gateway service

1172

labels: {}

1173

# -- trafficDistribution for gateway service

1174

trafficDistribution: ""

1175

# Gateway ingress configuration

1176

ingress:

1177

# -- Specifies whether an ingress for the gateway should be created

1178

enabled: false

1179

# -- Ingress Class Name. MAY be required for Kubernetes versions >= 1.18

1180

ingressClassName: ""

1181

# -- Annotations for the gateway ingress

1182

annotations: {}

1183

# -- Labels for the gateway ingress

1184

labels: {}

1185

# -- Hosts configuration for the gateway ingress, passed through the `tpl` function to allow templating

1186

hosts:

1187

- host: gateway.loki.example.com

1188

paths:

1189

- path: /

1190

# -- pathType (e.g. ImplementationSpecific, Prefix, .. etc.) might also be required by some Ingress Controllers

1191

# pathType: Prefix

1192

# -- TLS configuration for the gateway ingress. Hosts passed through the `tpl` function to allow templating

1193

tls:

1194

- secretName: loki-gateway-tls

1195

hosts:

1196

- gateway.loki.example.com

1197

# Basic auth configuration

1198

basicAuth:

1199

# -- Enables basic authentication for the gateway

1200

enabled: false

1201

# -- The basic auth username for the gateway

1202

username: null

1203

# -- The basic auth password for the gateway

1204

password: null

1205

# -- Uses the specified users from the `loki.tenants` list to create the htpasswd file.

1206

# if `loki.tenants` is not set, the `gateway.basicAuth.username` and `gateway.basicAuth.password` are used.

1207

# The value is templated using `tpl`. Override this to use a custom htpasswd, e.g. in case the default causes

1208

# high CPU load.

1209

# @default -- Either `loki.tenants` or `gateway.basicAuth.username` and `gateway.basicAuth.password`.

1210

htpasswd: |

1211

1212

1213

{{- $username := required "All tenants must have a 'name' set" $t.name }}

1214

1215

1216

1217

1218

1219

{{- fail "All tenants must have a 'password' or 'passwordHash' set" }}

1220

1221

1222

1223

{{- printf "%s\n" (htpasswd (required "'gateway.basicAuth.username' is required" .Values.gateway.basicAuth.username) (required "'gateway.basicAuth.password' is required" .Values.gateway.basicAuth.password)) }}

1224

1225

# -- Existing basic auth secret to use. Must contain '.htpasswd'

1226

existingSecret: null

1227

# -- liveness probe for the nginx container in the gateway pods.

1228

livenessProbe: {}

1229

# Configures the readiness probe for the gateway

1230

readinessProbe:

1231

httpGet:

1232

path: /

1233

port: http-metrics

1234

initialDelaySeconds: 15

1235

timeoutSeconds: 1

1236

# -- startup probe for the nginx container in the gateway pods.

1237

startupProbe: {}

1238

nginxConfig:

1239

# -- Which schema to be used when building URLs. Can be 'http' or 'https'.

1240

schema: http

1241

# -- Enable listener for IPv6, disable on IPv4-only systems

1242

enableIPv6: true

1243

# -- NGINX log format

1244

logFormat: |-

1245

main '$remote_addr - $remote_user [$time_local] $status '

1246

'"$request" $body_bytes_sent "$http_referer" '

1247

'"$http_user_agent" "$http_x_forwarded_for"';

1248

# -- Allows appending custom configuration to the server block

1249

serverSnippet: ""

1250

# -- Allows appending custom configuration to the http block, passed through the `tpl` function to allow templating

1251

httpSnippet: ""

1252

# -- Allows appending custom configuration inside every location block, useful for authentication or setting headers that are not inherited from the server block, passed through the `tpl` function to allow templating.

1253

locationSnippet: >-

1254

{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}

1255

# -- Allows customizing the `client_max_body_size` directive

1256

clientMaxBodySize: 4M

1257

# -- Whether ssl should be appended to the listen directive of the server block or not.

1258

ssl: false

1259

# -- Override Read URL

1260

customReadUrl: null

1261

# -- Override Write URL

1262

customWriteUrl: null

1263

# -- Override Backend URL

1264

customBackendUrl: null

1265

# -- Allows overriding the DNS resolver address nginx will use.

1266

resolver: ""

1267

# -- Config file contents for Nginx. Passed through the `tpl` function to allow templating

1268

# @default -- See values.yaml

1269

file: |

1270

1271

# -- If running enterprise and using the default enterprise gateway, configs go here.

1272

enterpriseGateway:

1273

# -- Define the amount of instances

1274

replicas: 1

1275

# -- hostAliases to add

1276

hostAliases: []

1277

# - ip: 1.2.3.4

1278

# hostnames:

1279

# - domain.tld

1280

# -- Use the host's user namespace in the `gateway` pod

1281

hostUsers: nil

1282

# -- Additional CLI arguments for the `gateway` target

1283

extraArgs: {}

1284

# -- Environment variables from secrets or configmaps to add to the enterprise gateway pods

1285

extraEnvFrom: []

1286

# -- Additional labels for the `gateway` Pod

1287

labels: {}

1288

# -- Additional annotations for the `gateway` Pod

1289

annotations: {}

1290

# -- Additional labels and annotations for the `gateway` Service

1291

# -- Service overriding service type

1292

service:

1293

type: ClusterIP

1294

labels: {}

1295

annotations: {}

1296

# -- Run container as user `enterprise-logs(uid=10001)`

1297

podSecurityContext:

1298

runAsNonRoot: true

1299

runAsGroup: 10001

1300

runAsUser: 10001

1301

fsGroup: 10001

1302

containerSecurityContext:

1303

readOnlyRootFilesystem: true

1304

capabilities:

1305

drop:

1306

- ALL

1307

allowPrivilegeEscalation: false

1308

# -- If you want to use your own proxy URLs, set this to false.

1309

useDefaultProxyURLs: true

1310

# -- update strategy

1311

strategy:

1312

type: RollingUpdate

1313

# -- Liveness probe

1314

livenessProbe: {}

1315

# -- Readiness probe

1316

readinessProbe:

1317

httpGet:

1318

path: /ready

1319

port: http-metrics

1320

initialDelaySeconds: 45

1321

# -- Startup probe

1322

startupProbe: {}

1323

# -- Request and limit Kubernetes resources

1324

# -- Values are defined in small.yaml and large.yaml

1325

resources: {}

1326

# -- Configure optional environment variables

1327

env: []

1328

# -- Configure optional initContainers

1329

initContainers: []

1330

# -- Conifgure optional extraContainers

1331

extraContainers: []

1332

# -- Additional volumes for Pods

1333

extraVolumes: []

1334

# -- Additional volume mounts for Pods

1335

extraVolumeMounts: []

1336

# -- Affinity for gateway Pods

1337

# The value will be passed through tpl.

1338

affinity: {}

1339

# -- Node selector for gateway Pods

1340

nodeSelector: {}

1341

# -- Topology Spread Constraints for enterprise-gateway pods

1342

# The value will be passed through tpl.

1343

topologySpreadConstraints: []

1344

# -- Tolerations for gateway Pods

1345

tolerations: []

1346

# -- Grace period to allow the gateway to shutdown before it is killed

1347

terminationGracePeriodSeconds: 60

1348

# -- Ingress configuration Use either this ingress or the gateway, but not both at once.

1349

# If you enable this, make sure to disable the gateway.

1350

# You'll need to supply authn configuration for your ingress controller.

1351

ingress:

1352

enabled: false

1353

ingressClassName: ""

1354

annotations: {}

1355

# nginx.ingress.kubernetes.io/auth-type: basic

1356

# nginx.ingress.kubernetes.io/auth-secret: loki-distributed-basic-auth

1357

# nginx.ingress.kubernetes.io/auth-secret-type: auth-map

1358

# nginx.ingress.kubernetes.io/configuration-snippet: |

1359

# proxy_set_header X-Scope-OrgID $remote_user;

1360

labels: {}

1361

# blackbox.monitoring.exclude: "true"

1362

paths:

1363

# -- Paths that are exposed by Loki Distributor.

1364

# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.distributorFullname"}}`.

1365

# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.writeFullname"}}`.

1366

# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`

1367

distributor:

1368

- /api/prom/push

1369

- /loki/api/v1/push

1370

- /otlp/v1/logs

1371

- /ui

1372

# -- Paths that are exposed by Loki Query Frontend.

1373

# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.queryFrontendFullname"}}`.

1374

# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.readFullname"}}`.

1375

# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`

1376

queryFrontend:

1377

- /api/prom/query

1378

# this path covers labels and labelValues endpoints

1379

- /api/prom/label

1380

- /api/prom/series

1381

- /api/prom/tail

1382

- /loki/api/v1/query

1383

- /loki/api/v1/query_range

1384

- /loki/api/v1/tail

1385

# this path covers labels and labelValues endpoints

1386

- /loki/api/v1/label

1387

- /loki/api/v1/labels

1388

- /loki/api/v1/series

1389

- /loki/api/v1/index/stats

1390

- /loki/api/v1/index/volume

1391

- /loki/api/v1/index/volume_range

1392

- /loki/api/v1/format_query

1393

- /loki/api/v1/detected_field

1394

- /loki/api/v1/detected_fields

1395

- /loki/api/v1/detected_labels

1396

- /loki/api/v1/patterns

1397

# -- Paths that are exposed by Loki Ruler.

1398

# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.rulerFullname"}}`.

1399

# If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.

1400

# If deployment mode is SimpleScalable but `read.legacyReadTarget` is `true`, the requests are forwarded to k8s service: `{{"loki.readFullname"}}`.

1401

# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`

1402

ruler:

1403

- /api/prom/rules

1404

- /api/prom/api/v1/rules

1405

- /api/prom/api/v1/alerts

1406

- /loki/api/v1/rules

1407

- /prometheus/api/v1/rules

1408

- /prometheus/api/v1/alerts

1409

# -- Paths that are exposed by Loki Compactor.

1410

# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.compactorFullname"}}`.

1411

# If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.

1412

# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`

1413

compactor:

1414

- /loki/api/v1/delete

1415

# -- Hosts configuration for the ingress, passed through the `tpl` function to allow templating

1416

hosts:

1417

- loki.example.com

1418

# -- TLS configuration for the ingress. Hosts passed through the `tpl` function to allow templating

1419

tls: []

1420

# - hosts:

1421

# - loki.example.com

1422

# secretName: loki-distributed-tls

1423

1424

######################################################################################################################

1425

1426

# Migration

1427

1428

######################################################################################################################

1429

1430

# -- Options that may be necessary when performing a migration from another helm chart

1431

migrate:

1432

# -- When migrating from a distributed chart like loki-distributed or enterprise-logs

1433

fromDistributed:

1434

# -- Set to true if migrating from a distributed helm chart

1435

enabled: false

1436

# -- If migrating from a distributed service, provide the distributed deployment's

1437

# memberlist service DNS so the new deployment can join its ring.

1438

memberlistService: ""

1439

######################################################################################################################

1440

1441

# Single Binary Deployment

1442

1443

# For small Loki installations up to a few 10's of GB per day, or for testing and development.

1444

1445

######################################################################################################################

1446

1447

# Configuration for the single binary node(s)

1448

singleBinary:

1449

# -- Number of replicas for the single binary

1450

replicas: 0

1451

autoscaling:

1452

# -- Enable autoscaling

1453

enabled: false

1454

# -- Minimum autoscaling replicas for the single binary

1455

minReplicas: 1

1456

# -- Maximum autoscaling replicas for the single binary

1457

maxReplicas: 3

1458

# -- Target CPU utilisation percentage for the single binary

1459

targetCPUUtilizationPercentage: 60

1460

# -- Target memory utilisation percentage for the single binary

1461

targetMemoryUtilizationPercentage:

1462

image:

1463

# -- The Docker registry for the single binary image. Overrides `loki.image.registry`

1464

registry: null

1465

# -- Docker image repository for the single binary image. Overrides `loki.image.repository`

1466

repository: null

1467

# -- Docker image tag for the single binary image. Overrides `loki.image.tag`

1468

tag: null

1469

# -- The name of the PriorityClass for single binary pods

1470

priorityClassName: null

1471

# -- Annotations for single binary StatefulSet

1472

annotations: {}

1473

# -- Annotations for single binary pods

1474

podAnnotations: {}

1475

# -- Additional labels for each `single binary` pod

1476

podLabels: {}

1477

# -- Additional selector labels for each `single binary` pod

1478

selectorLabels: {}

1479

service:

1480

# -- Annotations for single binary Service

1481

annotations: {}

1482

# -- Additional labels for single binary Service

1483

labels: {}

1484

# -- Service Type for single binary Service

1485

type: "ClusterIP"

1486

# -- trafficDistribution single binary Service

1487

trafficDistribution: ""

1488

# -- Comma-separated list of Loki modules to load for the single binary

1489

targetModule: "all"

1490

# -- Labels for single binary service

1491

extraArgs: []

1492

# -- Environment variables to add to the single binary pods

1493

extraEnv: []

1494

# -- Environment variables from secrets or configmaps to add to the single binary pods

1495

extraEnvFrom: []

1496

# -- Extra containers to add to the single binary loki pod

1497

extraContainers: []

1498

# -- Init containers to add to the single binary pods

1499

initContainers: []

1500

# -- Volume mounts to add to the single binary pods

1501

extraVolumeMounts: []

1502

# -- Volumes to add to the single binary pods

1503

extraVolumes: []

1504

# -- Resource requests and limits for the single binary

1505

resources: {}

1506

# -- Grace period to allow the single binary to shutdown before it is killed

1507

terminationGracePeriodSeconds: 30

1508

# -- Use the host's user namespace in the single binary pods

1509

hostUsers: nil

1510

# -- Affinity for single binary pods.

1511

# @default -- Hard node anti-affinity

1512

# The value will be passed through tpl.

1513

affinity:

1514

podAntiAffinity:

1515

requiredDuringSchedulingIgnoredDuringExecution:

1516

- labelSelector:

1517

matchLabels:

1518

app.kubernetes.io/component: single-binary

1519

app.kubernetes.io/name: '{{ include "loki.name" . }}'

1520

app.kubernetes.io/instance: '{{ .Release.Name }}'

1521

topologyKey: kubernetes.io/hostname

1522

# -- Topology Spread Constraints for single binary pods

1523

# The value will be passed through tpl.

1524

topologySpreadConstraints: []

1525

# -- DNS config for single binary pods

1526

dnsConfig: {}

1527

# -- Node selector for single binary pods

1528

nodeSelector: {}

1529

# -- Tolerations for single binary pods

1530

tolerations: []

1531

persistence:

1532

# -- What to do with the volume when the StatefulSet is scaled down.

1533

whenScaled: Delete

1534

# -- What to do with the volumes when the StatefulSet is deleted.

1535

whenDeleted: Delete

1536

# -- Enable StatefulSetAutoDeletePVC feature

1537

enableStatefulSetAutoDeletePVC: true

1538

# -- Enable StatefulSetRecreation for changes to PVC size.

1539

# This means that the StatefulSet will be deleted, recreated (with the same name) and rolled when a change to the

1540

# PVC size is detected. That way the PVC can be resized without manual intervention.

1541

enableStatefulSetRecreationForSizeChange: false

1542

# -- Enable persistent disk

1543

enabled: true

1544

# -- Set access modes on the PersistentVolumeClaim

1545

accessModes:

1546

- ReadWriteOnce

1547

# -- Size of persistent disk

1548

size: 10Gi

1549

# -- Storage class to be used.

1550

# If defined, storageClassName: <storageClass>.

1551

# If set to "-", storageClassName: "", which disables dynamic provisioning.

1552

# If empty or set to null, no storageClassName spec is

1553

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

1554

storageClass: null

1555

# -- Selector for persistent disk

1556

selector: null

1557

# -- Annotations for volume claim

1558

annotations: {}

1559

# -- Labels for volume claim

1560

labels: {}

1561

######################################################################################################################

1562

1563

# Simple Scalable Deployment (SSD) Mode

1564

1565

# For small to medium size Loki deployments up to around 1 TB/day, this is the default mode for this helm chart

1566

1567

######################################################################################################################

1568

1569

# Configuration for the write pod(s)

1570

write:

1571

# -- Number of replicas for the write

1572

replicas: 3

1573

autoscaling:

1574

# -- Enable autoscaling for the write.

1575

enabled: false

1576

# -- Minimum autoscaling replicas for the write.

1577

minReplicas: 2

1578

# -- Maximum autoscaling replicas for the write.

1579

maxReplicas: 6

1580

# -- Target CPU utilisation percentage for the write.

1581

targetCPUUtilizationPercentage: 60

1582

# -- Target memory utilization percentage for the write.

1583

targetMemoryUtilizationPercentage:

1584

# -- Behavior policies while scaling.

1585

behavior:

1586

# -- see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details

1587

scaleUp:

1588

policies:

1589

- type: Pods

1590

value: 1

1591

periodSeconds: 900

1592

scaleDown:

1593

policies:

1594

- type: Pods

1595

value: 1

1596

periodSeconds: 1800

1597

stabilizationWindowSeconds: 3600

1598

image:

1599

# -- The Docker registry for the write image. Overrides `loki.image.registry`

1600

registry: null

1601

# -- Docker image repository for the write image. Overrides `loki.image.repository`

1602

repository: null

1603

# -- Docker image tag for the write image. Overrides `loki.image.tag`

1604

tag: null

1605

# -- The name of the PriorityClass for write pods

1606

priorityClassName: null

1607

# -- Annotations for write StatefulSet

1608

annotations: {}

1609

# -- Annotations for write pods

1610

podAnnotations: {}

1611

# -- Additional labels for each `write` pod

1612

podLabels: {}

1613

# -- Additional selector labels for each `write` pod

1614

selectorLabels: {}

1615

service:

1616

# -- Annotations for write Service

1617

annotations: {}

1618

# -- Additional labels for write Service

1619

labels: {}

1620

# -- Service Type for write Service

1621

type: "ClusterIP"

1622

# -- trafficDistribution for write service

1623

trafficDistribution: ""

1624

# -- Comma-separated list of Loki modules to load for the write

1625

targetModule: "write"

1626

# -- Additional CLI args for the write

1627

extraArgs: []

1628

# -- Environment variables to add to the write pods

1629

extraEnv: []

1630

# -- Environment variables from secrets or configmaps to add to the write pods

1631

extraEnvFrom: []

1632

# -- Lifecycle for the write container

1633

lifecycle: {}

1634

# -- The default /flush_shutdown preStop hook is recommended as part of the ingester

1635

# scaledown process so it's added to the template by default when autoscaling is enabled,

1636

# but it's disabled to optimize rolling restarts in instances that will never be scaled

1637

# down or when using chunks storage with WAL disabled.

1638

# https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown

1639

# -- Init containers to add to the write pods

1640

initContainers: []

1641

# -- Containers to add to the write pods

1642

extraContainers: []

1643

# -- Volume mounts to add to the write pods

1644

extraVolumeMounts: []

1645

# -- Volumes to add to the write pods

1646

extraVolumes: []

1647

# -- volumeClaimTemplates to add to StatefulSet

1648

extraVolumeClaimTemplates: []

1649

# -- Resource requests and limits for the write

1650

resources: {}

1651

# -- Grace period to allow the write to shutdown before it is killed. Especially for the ingester,

1652

# this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring

1653

# all data and to successfully leave the member ring on shutdown.

1654

terminationGracePeriodSeconds: 300

1655

# -- Use the host's user namespace in the write pods.

1656

hostUsers: nil

1657

# -- Affinity for write pods.

1658

# @default -- Hard node anti-affinity

1659

# The value will be passed through tpl.

1660

affinity:

1661

podAntiAffinity:

1662

requiredDuringSchedulingIgnoredDuringExecution:

1663

- labelSelector:

1664

matchLabels:

1665

app.kubernetes.io/component: write

1666

app.kubernetes.io/name: '{{ include "loki.name" . }}'

1667

app.kubernetes.io/instance: '{{ .Release.Name }}'

1668

topologyKey: kubernetes.io/hostname

1669

# -- DNS config for write pods

1670

dnsConfig: {}

1671

# -- Pod Disruption Budget maxUnavailable

1672

maxUnavailable: 1

1673

# -- Node selector for write pods

1674

nodeSelector: {}

1675

# -- Topology Spread Constraints for write pods

1676

# The value will be passed through tpl.

1677

topologySpreadConstraints: []

1678

# -- Tolerations for write pods

1679

tolerations: []

1680

# -- The default is to deploy all pods in parallel.

1681

podManagementPolicy: "Parallel"

1682

persistence:

1683

# -- Enable volume claims in pod spec

1684

volumeClaimsEnabled: true

1685

# -- Set access modes on the PersistentVolumeClaim

1686

accessModes:

1687

- ReadWriteOnce

1688

# -- Parameters used for the `data` volume when volumeClaimEnabled if false

1689

dataVolumeParameters:

1690

emptyDir: {}

1691

# -- Enable StatefulSetAutoDeletePVC feature

1692

enableStatefulSetAutoDeletePVC: false

1693

# -- Size of persistent disk

1694

size: 10Gi

1695

# -- Storage class to be used.

1696

# If defined, storageClassName: <storageClass>.

1697

# If set to "-", storageClassName: "", which disables dynamic provisioning.

1698

# If empty or set to null, no storageClassName spec is

1699

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

1700

storageClass: null

1701

# -- Volume attributes class name to be used.

1702

# If empty or set to null, no volumeAttributesClassName spec is set.

1703

# Requires Kubernetes 1.31

1704

volumeAttributesClassName: null

1705

# -- Selector for persistent disk

1706

selector: null

1707

# -- Annotations for volume claim

1708

annotations: {}

1709

# -- Labels for volume claim

1710

labels: {}

1711

# -- Configuration for the read pod(s)

1712

read:

1713

# -- Number of replicas for the read

1714

replicas: 3

1715

autoscaling:

1716

# -- Enable autoscaling for the read, this is only used if `queryIndex.enabled: true`

1717

enabled: false

1718

# -- Minimum autoscaling replicas for the read

1719

minReplicas: 2

1720

# -- Maximum autoscaling replicas for the read

1721

maxReplicas: 6

1722

# -- Target CPU utilisation percentage for the read

1723

targetCPUUtilizationPercentage: 60

1724

# -- Target memory utilisation percentage for the read

1725

targetMemoryUtilizationPercentage:

1726

# -- Behavior policies while scaling.

1727

behavior: {}

1728

# scaleUp:

1729

# stabilizationWindowSeconds: 300

1730

# policies:

1731

# - type: Pods

1732

# value: 1

1733

# periodSeconds: 60

1734

# scaleDown:

1735

# stabilizationWindowSeconds: 300

1736

# policies:

1737

# - type: Pods

1738

# value: 1

1739

# periodSeconds: 180

1740

image:

1741

# -- The Docker registry for the read image. Overrides `loki.image.registry`

1742

registry: null

1743

# -- Docker image repository for the read image. Overrides `loki.image.repository`

1744

repository: null

1745

# -- Docker image tag for the read image. Overrides `loki.image.tag`

1746

tag: null

1747

# -- The name of the PriorityClass for read pods

1748

priorityClassName: null

1749

# -- Annotations for read deployment

1750

annotations: {}

1751

# -- Annotations for read pods

1752

podAnnotations: {}

1753

# -- Additional labels for each `read` pod

1754

podLabels: {}

1755

# -- Additional selector labels for each `read` pod

1756

selectorLabels: {}

1757

service:

1758

# -- Annotations for read Service

1759

annotations: {}

1760

# -- Additional labels for read Service

1761

labels: {}

1762

# -- Service Type for read Service

1763

type: ClusterIP

1764

# -- trafficDistribution for read service

1765

trafficDistribution: ""

1766

# -- Comma-separated list of Loki modules to load for the read

1767

targetModule: "read"

1768

# -- Whether or not to use the 2 target type simple scalable mode (read, write) or the

1769

# 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will

1770

# run two targets, false will run 3 targets.

1771

legacyReadTarget: false

1772

# -- Additional CLI args for the read

1773

extraArgs: []

1774

# -- init containers to add to the read pods

1775

initContainers: []

1776

# -- Containers to add to the read pods

1777

extraContainers: []

1778

# -- Environment variables to add to the read pods

1779

extraEnv: []

1780

# -- Environment variables from secrets or configmaps to add to the read pods

1781

extraEnvFrom: []

1782

# -- Lifecycle for the read container

1783

lifecycle: {}

1784

# -- Volume mounts to add to the read pods

1785

extraVolumeMounts: []

1786

# -- Volumes to add to the read pods

1787

extraVolumes: []

1788

# -- Resource requests and limits for the read

1789

resources: {}

1790

# -- liveness probe settings for read pods. If empty, applies no livenessProbe

1791

livenessProbe: {}

1792

# -- statup probe for the read pods. If empty, applies no startupProbe

1793

startupProbe: {}

1794

# -- Grace period to allow the read to shutdown before it is killed

1795

terminationGracePeriodSeconds: 30

1796

# -- Use the host's user namespace in the read pods.

1797

hostUsers: nil

1798

# -- Affinity for read pods.

1799

# @default -- Hard node anti-affinity

1800

# The value will be passed through tpl.

1801

affinity:

1802

podAntiAffinity:

1803

requiredDuringSchedulingIgnoredDuringExecution:

1804

- labelSelector:

1805

matchLabels:

1806

app.kubernetes.io/component: read

1807

app.kubernetes.io/name: '{{ include "loki.name" . }}'

1808

app.kubernetes.io/instance: '{{ .Release.Name }}'

1809

topologyKey: kubernetes.io/hostname

1810

# -- DNS config for read pods

1811

dnsConfig: {}

1812

# -- Pod Disruption Budget maxUnavailable

1813

maxUnavailable: 1

1814

# -- Node selector for read pods

1815

nodeSelector: {}

1816

# -- Topology Spread Constraints for read pods

1817

# The value will be passed through tpl.

1818

topologySpreadConstraints: []

1819

# -- Tolerations for read pods

1820

tolerations: []

1821

# -- The default is to deploy all pods in parallel.

1822

podManagementPolicy: "Parallel"

1823

# -- read.persistence is used only if legacyReadTarget is set to true

1824

persistence:

1825

# -- Enable StatefulSetAutoDeletePVC feature

1826

enableStatefulSetAutoDeletePVC: true

1827

# -- Set access modes on the PersistentVolumeClaim

1828

accessModes:

1829

- ReadWriteOnce

1830

# -- Size of persistent disk

1831

size: 10Gi

1832

# -- Storage class to be used.

1833

# If defined, storageClassName: <storageClass>.

1834

# If set to "-", storageClassName: "", which disables dynamic provisioning.

1835

# If empty or set to null, no storageClassName spec is

1836

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

1837

storageClass: null

1838

# -- Volume attributes class name to be used.

1839

# If empty or set to null, no volumeAttributesClassName spec is set.

1840

# Requires Kubernetes 1.31

1841

volumeAttributesClassName: null

1842

# -- Selector for persistent disk

1843

selector: null

1844

# -- Annotations for volume claim

1845

annotations: {}

1846

# -- Labels for volume claim

1847

labels: {}

1848

# -- Configuration for the backend pod(s)

1849

backend:

1850

# -- Number of replicas for the backend

1851

replicas: 3

1852

autoscaling:

1853

# -- Enable autoscaling for the backend.

1854

enabled: false

1855

# -- Minimum autoscaling replicas for the backend.

1856

minReplicas: 3

1857

# -- Maximum autoscaling replicas for the backend.

1858

maxReplicas: 6

1859

# -- Target CPU utilization percentage for the backend.

1860

targetCPUUtilizationPercentage: 60

1861

# -- Target memory utilization percentage for the backend.

1862

targetMemoryUtilizationPercentage:

1863

# -- Behavior policies while scaling.

1864

behavior: {}

1865

# scaleUp:

1866

# stabilizationWindowSeconds: 300

1867

# policies:

1868

# - type: Pods

1869

# value: 1

1870

# periodSeconds: 60

1871

# scaleDown:

1872

# stabilizationWindowSeconds: 300

1873

# policies:

1874

# - type: Pods

1875

# value: 1

1876

# periodSeconds: 180

1877

image:

1878

# -- The Docker registry for the backend image. Overrides `loki.image.registry`

1879

registry: null

1880

# -- Docker image repository for the backend image. Overrides `loki.image.repository`

1881

repository: null

1882

# -- Docker image tag for the backend image. Overrides `loki.image.tag`

1883

tag: null

1884

# -- The name of the PriorityClass for backend pods

1885

priorityClassName: null

1886

# -- Annotations for backend StatefulSet

1887

annotations: {}

1888

# -- Annotations for backend pods

1889

podAnnotations: {}

1890

# -- Additional labels for each `backend` pod

1891

podLabels: {}

1892

# -- Additional selector labels for each `backend` pod

1893

selectorLabels: {}

1894

service:

1895

# -- Annotations for backend Service

1896

annotations: {}

1897

# -- Additional labels for backend Service

1898

labels: {}

1899

# -- Service type for backend Service

1900

type: ClusterIP

1901

# -- trafficDistribution for backend Service

1902

trafficDistribution: ""

1903

# -- Comma-separated list of Loki modules to load for the backend

1904

targetModule: "backend"

1905

# -- Additional CLI args for the backend

1906

extraArgs: []

1907

# -- Environment variables to add to the backend pods

1908

extraEnv: []

1909

# -- Environment variables from secrets or configmaps to add to the backend pods

1910

extraEnvFrom: []

1911

# -- Init containers to add to the backend pods

1912

initContainers: []

1913

# -- Containers to add to the backend pods

1914

extraContainers: []

1915

# -- Volume mounts to add to the backend pods

1916

extraVolumeMounts: []

1917

# -- Volumes to add to the backend pods

1918

extraVolumes: []

1919

# -- Resource requests and limits for the backend

1920

resources: {}

1921

# -- Grace period to allow the backend to shutdown before it is killed. Especially for the ingester,

1922

# this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring

1923

# all data and to successfully leave the member ring on shutdown.

1924

terminationGracePeriodSeconds: 300

1925

# -- Use the host's user namespace in the backend pods.

1926

hostUsers: nil

1927

# -- Affinity for backend pods.

1928

# @default -- Hard node anti-affinity

1929

# The value will be passed through tpl.

1930

affinity:

1931

podAntiAffinity:

1932

requiredDuringSchedulingIgnoredDuringExecution:

1933

- labelSelector:

1934

matchLabels:

1935

app.kubernetes.io/component: backend

1936

app.kubernetes.io/name: '{{ include "loki.name" . }}'

1937

app.kubernetes.io/instance: '{{ .Release.Name }}'

1938

topologyKey: kubernetes.io/hostname

1939

# -- DNS config for backend pods

1940

dnsConfig: {}

1941

# -- Pod Disruption Budget maxUnavailable

1942

maxUnavailable: 1

1943

# -- Node selector for backend pods

1944

nodeSelector: {}

1945

# -- Topology Spread Constraints for backend pods

1946

# The value will be passed through tpl.

1947

topologySpreadConstraints: []

1948

# -- Tolerations for backend pods

1949

tolerations: []

1950

# -- The default is to deploy all pods in parallel.

1951

podManagementPolicy: "Parallel"

1952

persistence:

1953

# -- Enable volume claims in pod spec

1954

volumeClaimsEnabled: true

1955

# -- Set access modes on the PersistentVolumeClaim

1956

accessModes:

1957

- ReadWriteOnce

1958

# -- Parameters used for the `data` volume when volumeClaimEnabled if false

1959

dataVolumeParameters:

1960

emptyDir: {}

1961

# -- Enable StatefulSetAutoDeletePVC feature

1962

enableStatefulSetAutoDeletePVC: true

1963

# -- Size of persistent disk

1964

size: 10Gi

1965

# -- Storage class to be used.

1966

# If defined, storageClassName: <storageClass>.

1967

# If set to "-", storageClassName: "", which disables dynamic provisioning.

1968

# If empty or set to null, no storageClassName spec is

1969

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

1970

storageClass: null

1971

# -- Volume attributes class name to be used.

1972

# If empty or set to null, no volumeAttributesClassName spec is set.

1973

# Requires Kubernetes 1.31

1974

volumeAttributesClassName: null

1975

# -- Selector for persistent disk

1976

selector: null

1977

# -- Annotations for volume claim

1978

annotations: {}

1979

# -- Labels for volume claim

1980

labels: {}

1981

######################################################################################################################

1982

1983

# Microservices Mode

1984

1985

# For large Loki deployments ingesting more than 1 TB/day

1986

1987

######################################################################################################################

1988

1989

# -- Configuration for the ingester

1990

ingester:

1991

# -- Number of replicas for the ingester, when zoneAwareReplication.enabled is true, the total

1992

# number of replicas will match this value with each zone having 1/3rd of the total replicas.

1993

replicas: 0

1994

# -- DNSConfig for ingester pods

1995

dnsConfig: {}

1996

# -- hostAliases to add

1997

hostAliases: []

1998

# - ip: 1.2.3.4

1999

# hostnames:

2000

# - domain.tld

2001

# -- Use the host's user namespace in the ingester

2002

hostUsers: nil

2003

autoscaling:

2004

# -- Enable autoscaling for the ingester

2005

enabled: false

2006

# -- Minimum autoscaling replicas for the ingester

2007

minReplicas: 1

2008

# -- Maximum autoscaling replicas for the ingester

2009

maxReplicas: 3

2010

# -- Target CPU utilisation percentage for the ingester

2011

targetCPUUtilizationPercentage: 60

2012

# -- Target memory utilisation percentage for the ingester

2013

targetMemoryUtilizationPercentage: null

2014

# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)

2015

customMetrics: []

2016

# - type: Pods

2017

# pods:

2018

# metric:

2019

# name: loki_lines_total

2020

# target:

2021

# type: AverageValue

2022

# averageValue: 10k

2023

behavior:

2024

# -- Enable autoscaling behaviours

2025

enabled: false

2026

# -- define scale down policies, must conform to HPAScalingRules

2027

scaleDown: {}

2028

# -- define scale up policies, must conform to HPAScalingRules

2029

scaleUp: {}

2030

image:

2031

# -- The Docker registry for the ingester image. Overrides `loki.image.registry`

2032

registry: null

2033

# -- Docker image repository for the ingester image. Overrides `loki.image.repository`

2034

repository: null

2035

# -- Docker image tag for the ingester image. Overrides `loki.image.tag`

2036

tag: null

2037

# -- Command to execute instead of defined in Docker image

2038

command: null

2039

labels: {}

2040

priorityClassName: null

2041

# -- Labels for ingester pods

2042

podLabels: {}

2043

# -- Annotations for ingester pods

2044

podAnnotations: {}

2045

# -- The name of the PriorityClass for ingester pods

2046

# -- Labels for ingester service

2047

serviceLabels: {}

2048

# -- Annotations for ingester service

2049

serviceAnnotations: {}

2050

# -- Service type for ingester service

2051

serviceType: "ClusterIP"

2052

# -- Additional CLI args for the ingester

2053

extraArgs: []

2054

# -- Environment variables to add to the ingester pods

2055

extraEnv: []

2056

# -- Environment variables from secrets or configmaps to add to the ingester pods

2057

extraEnvFrom: []

2058

# -- Volume mounts to add to the ingester pods

2059

extraVolumeMounts: []

2060

# -- Volumes to add to the ingester pods

2061

extraVolumes: []

2062

# -- Resource requests and limits for the ingester

2063

resources: {}

2064

# -- Containers to add to the ingester pods

2065

extraContainers: []

2066

# -- Init containers to add to the ingester pods

2067

initContainers: []

2068

# -- Grace period to allow the ingester to shutdown before it is killed. Especially for the ingestor,

2069

# this must be increased. It must be long enough so ingesters can be gracefully shutdown flushing/transferring

2070

# all data and to successfully leave the member ring on shutdown.

2071

terminationGracePeriodSeconds: 300

2072

# -- Lifecycle for the ingester container

2073

lifecycle: {}

2074

# -- topologySpread for ingester pods.

2075

# @default -- Defaults to allow skew no more than 1 node

2076

# The value will be passed through tpl.

2077

topologySpreadConstraints:

2078

- maxSkew: 1

2079

topologyKey: kubernetes.io/hostname

2080

whenUnsatisfiable: ScheduleAnyway

2081

labelSelector:

2082

matchLabels:

2083

app.kubernetes.io/component: ingester

2084

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2085

app.kubernetes.io/instance: '{{ .Release.Name }}'

2086

# -- Affinity for ingester pods. Ignored if zoneAwareReplication is enabled.

2087

# @default -- Hard node anti-affinity

2088

# The value will be passed through tpl.

2089

affinity:

2090

podAntiAffinity:

2091

requiredDuringSchedulingIgnoredDuringExecution:

2092

- labelSelector:

2093

matchLabels:

2094

app.kubernetes.io/component: ingester

2095

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2096

app.kubernetes.io/instance: '{{ .Release.Name }}'

2097

topologyKey: kubernetes.io/hostname

2098

# -- Pod Disruption Budget maxUnavailable

2099

maxUnavailable: 1

2100

# -- Node selector for ingester pods

2101

nodeSelector: {}

2102

# -- Tolerations for ingester pods

2103

tolerations: []

2104

# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`

2105

readinessProbe: {}

2106

# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`

2107

livenessProbe: {}

2108

# -- startup probe settings for ingester pods. If empty use `loki.startupProbe`

2109

startupProbe: {}

2110

# -- UpdateStrategy for the ingester StatefulSets.

2111

updateStrategy:

2112

# -- One of 'OnDelete' or 'RollingUpdate'

2113

type: RollingUpdate

2114

# -- Optional for updateStrategy.type=RollingUpdate. See [Partitioned rolling updates](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions) in the StatefulSet docs for details.

2115

# rollingUpdate:

2116

# partition: 0

2117

persistence:

2118

# -- Enable creating PVCs which is required when using boltdb-shipper

2119

enabled: false

2120

# -- Use emptyDir with ramdisk for storage. **Please note that all data in ingester will be lost on pod restart**

2121

inMemory: false

2122

# -- List of the ingester PVCs

2123

# @notationType -- list

2124

claims:

2125

- name: data

2126

# -- Set access modes on the PersistentVolumeClaim

2127

accessModes:

2128

- ReadWriteOnce

2129

size: 10Gi

2130

# -- Storage class to be used.

2131

# If defined, storageClassName: <storageClass>.

2132

# If set to "-", storageClassName: "", which disables dynamic provisioning.

2133

# If empty or set to null, no storageClassName spec is

2134

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

2135

storageClass: null

2136

# -- Volume attributes class name to be used.

2137

# If empty or set to null, no volumeAttributesClassName spec is set.

2138

# Requires Kubernetes 1.31

2139

volumeAttributesClassName: null

2140

# - name: wal

2141

# size: 150Gi

2142

# -- Enable StatefulSetAutoDeletePVC feature

2143

enableStatefulSetAutoDeletePVC: false

2144

whenDeleted: Retain

2145

whenScaled: Retain

2146

# -- Adds the appProtocol field to the ingester service. This allows ingester to work with istio protocol selection.

2147

appProtocol:

2148

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2149

grpc: ""

2150

# -- trafficDistribution for ingester service

2151

trafficDistribution: ""

2152

# -- Enabling zone awareness on ingesters will create 3 statefulests where all writes will send a replica to each zone.

2153

# This is primarily intended to accelerate rollout operations by allowing for multiple ingesters within a single

2154

# zone to be shutdown and restart simultaneously (the remaining 2 zones will be guaranteed to have at least one copy

2155

# of the data).

2156

# Note: This can be used to run Loki over multiple cloud provider availability zones however this is not currently

2157

# recommended as Loki is not optimized for this and cross zone network traffic costs can become extremely high

2158

# extremely quickly. Even with zone awareness enabled, it is recommended to run Loki in a single availability zone.

2159

zoneAwareReplication:

2160

# -- Enable zone awareness.

2161

enabled: true

2162

# -- The percent of replicas in each zone that will be restarted at once. In a value of 0-100

2163

maxUnavailablePct: 33

2164

# -- zoneA configuration

2165

zoneA:

2166

# -- optionally define a node selector for this zone

2167

nodeSelector: null

2168

# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host

2169

# The value will be passed through tpl.

2170

extraAffinity: {}

2171

# -- Specific annotations to add to zone A statefulset

2172

annotations: {}

2173

# -- Specific annotations to add to zone A pods

2174

podAnnotations: {}

2175

zoneB:

2176

# -- optionally define a node selector for this zone

2177

nodeSelector: null

2178

# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host

2179

# The value will be passed through tpl.

2180

extraAffinity: {}

2181

# -- Specific annotations to add to zone B statefulset

2182

annotations: {}

2183

# -- Specific annotations to add to zone B pods

2184

podAnnotations: {}

2185

zoneC:

2186

# -- optionally define a node selector for this zone

2187

nodeSelector: null

2188

# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host

2189

# The value will be passed through tpl.

2190

extraAffinity: {}

2191

# -- Specific annotations to add to zone C statefulset

2192

annotations: {}

2193

# -- Specific annotations to add to zone C pods

2194

podAnnotations: {}

2195

# -- The migration block allows migrating non zone aware ingesters to zone aware ingesters.

2196

migration:

2197

enabled: false

2198

excludeDefaultZone: false

2199

readPath: false

2200

writePath: false

2201

# optionally allow adding arbitrary prefix to the ingester rollout-group label

2202

rolloutGroupPrefix: null

2203

# optionally allow adding 'loki-' prefix to ingester name label

2204

addIngesterNamePrefix: false

2205

# -- Configuration for the distributor

2206

distributor:

2207

# -- Number of replicas for the distributor

2208

replicas: 0

2209

# -- hostAliases to add

2210

hostAliases: []

2211

# - ip: 1.2.3.4

2212

# hostnames:

2213

# - domain.tld

2214

# -- Use the host's user namespace in the distributor

2215

hostUsers: nil

2216

# -- DNSConfig for distributor pods

2217

dnsConfig: {}

2218

autoscaling:

2219

# -- Enable autoscaling for the distributor

2220

enabled: false

2221

# -- Minimum autoscaling replicas for the distributor

2222

minReplicas: 1

2223

# -- Maximum autoscaling replicas for the distributor

2224

maxReplicas: 3

2225

# -- Target CPU utilisation percentage for the distributor

2226

targetCPUUtilizationPercentage: 60

2227

# -- Target memory utilisation percentage for the distributor

2228

targetMemoryUtilizationPercentage: null

2229

# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)

2230

customMetrics: []

2231

# - type: Pods

2232

# pods:

2233

# metric:

2234

# name: loki_lines_total

2235

# target:

2236

# type: AverageValue

2237

# averageValue: 10k

2238

behavior:

2239

# -- Enable autoscaling behaviours

2240

enabled: false

2241

# -- define scale down policies, must conform to HPAScalingRules

2242

scaleDown: {}

2243

# -- define scale up policies, must conform to HPAScalingRules

2244

scaleUp: {}

2245

image:

2246

# -- The Docker registry for the distributor image. Overrides `loki.image.registry`

2247

registry: null

2248

# -- Docker image repository for the distributor image. Overrides `loki.image.repository`

2249

repository: null

2250

# -- Docker image tag for the distributor image. Overrides `loki.image.tag`

2251

tag: null

2252

# -- Command to execute instead of defined in Docker image

2253

command: null

2254

# -- The name of the PriorityClass for distributor pods

2255

priorityClassName: null

2256

# -- Labels for distributor pods

2257

podLabels: {}

2258

# -- Annotations for distributor pods

2259

podAnnotations: {}

2260

# -- Labels for distributor service

2261

serviceLabels: {}

2262

# -- Annotations for distributor service

2263

serviceAnnotations: {}

2264

# -- Service type for distributor service

2265

serviceType: ClusterIP

2266

# -- Additional CLI args for the distributor

2267

extraArgs: []

2268

# -- Environment variables to add to the distributor pods

2269

extraEnv: []

2270

# -- Environment variables from secrets or configmaps to add to the distributor pods

2271

extraEnvFrom: []

2272

# -- Volume mounts to add to the distributor pods

2273

extraVolumeMounts: []

2274

# -- Volumes to add to the distributor pods

2275

extraVolumes: []

2276

# -- Resource requests and limits for the distributor

2277

resources: {}

2278

# -- Init containers to add to the distributor pods

2279

initContainers: []

2280

# -- Containers to add to the distributor pods

2281

extraContainers: []

2282

# -- Grace period to allow the distributor to shutdown before it is killed

2283

terminationGracePeriodSeconds: 30

2284

# -- Affinity for distributor pods.

2285

# @default -- Hard node anti-affinity

2286

# The value will be passed through tpl.

2287

affinity:

2288

podAntiAffinity:

2289

requiredDuringSchedulingIgnoredDuringExecution:

2290

- labelSelector:

2291

matchLabels:

2292

app.kubernetes.io/component: distributor

2293

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2294

app.kubernetes.io/instance: '{{ .Release.Name }}'

2295

topologyKey: kubernetes.io/hostname

2296

# -- Pod Disruption Budget maxUnavailable

2297

maxUnavailable: null

2298

# -- Max Surge for distributor pods

2299

maxSurge: 0

2300

# -- Node selector for distributor pods

2301

nodeSelector: {}

2302

# -- Topology Spread Constraints for distributor pods

2303

# The value will be passed through tpl.

2304

topologySpreadConstraints: []

2305

# -- Tolerations for distributor pods

2306

tolerations: []

2307

# -- Adds the appProtocol field to the distributor service. This allows distributor to work with istio protocol selection.

2308

appProtocol:

2309

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2310

grpc: ""

2311

# -- trafficDistribution for distributor service

2312

trafficDistribution: ""

2313

# -- Configuration for the querier

2314

querier:

2315

# -- Number of replicas for the querier

2316

replicas: 0

2317

# -- hostAliases to add

2318

hostAliases: []

2319

# - ip: 1.2.3.4

2320

# hostnames:

2321

# - domain.tld

2322

# -- Use the host's user namespace in the querier

2323

hostUsers: nil

2324

autoscaling:

2325

# -- Enable autoscaling for the querier, this is only used if `indexGateway.enabled: true`

2326

enabled: false

2327

# -- Minimum autoscaling replicas for the querier

2328

minReplicas: 1

2329

# -- Maximum autoscaling replicas for the querier

2330

maxReplicas: 3

2331

# -- Target CPU utilisation percentage for the querier

2332

targetCPUUtilizationPercentage: 60

2333

# -- Target memory utilisation percentage for the querier

2334

targetMemoryUtilizationPercentage: null

2335

# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)

2336

customMetrics: []

2337

# - type: External

2338

# external:

2339

# metric:

2340

# name: loki_inflight_queries

2341

# target:

2342

# type: AverageValue

2343

# averageValue: 12

2344

behavior:

2345

# -- Enable autoscaling behaviours

2346

enabled: false

2347

# -- define scale down policies, must conform to HPAScalingRules

2348

scaleDown: {}

2349

# -- define scale up policies, must conform to HPAScalingRules

2350

scaleUp: {}

2351

image:

2352

# -- The Docker registry for the querier image. Overrides `loki.image.registry`

2353

registry: null

2354

# -- Docker image repository for the querier image. Overrides `loki.image.repository`

2355

repository: null

2356

# -- Docker image tag for the querier image. Overrides `loki.image.tag`

2357

tag: null

2358

# -- Command to execute instead of defined in Docker image

2359

command: null

2360

# -- The name of the PriorityClass for querier pods

2361

priorityClassName: null

2362

# -- Labels for querier pods

2363

podLabels: {}

2364

# -- Annotations for querier pods

2365

podAnnotations: {}

2366

# -- Labels for querier service

2367

serviceLabels: {}

2368

# -- Annotations for querier service

2369

serviceAnnotations: {}

2370

# -- Service Type for querier service

2371

serviceType: "ClusterIP"

2372

# -- Additional CLI args for the querier

2373

extraArgs: []

2374

# -- Environment variables to add to the querier pods

2375

extraEnv: []

2376

# -- Environment variables from secrets or configmaps to add to the querier pods

2377

extraEnvFrom: []

2378

# -- Volume mounts to add to the querier pods

2379

extraVolumeMounts: []

2380

# -- Volumes to add to the querier pods

2381

extraVolumes: []

2382

# -- Resource requests and limits for the querier

2383

resources: {}

2384

# -- Containers to add to the querier pods

2385

extraContainers: []

2386

# -- Init containers to add to the querier pods

2387

initContainers: []

2388

# -- Grace period to allow the querier to shutdown before it is killed

2389

terminationGracePeriodSeconds: 30

2390

# -- topologySpread for querier pods.

2391

# @default -- Defaults to allow skew no more then 1 node

2392

# The value will be passed through tpl.

2393

topologySpreadConstraints:

2394

- maxSkew: 1

2395

topologyKey: kubernetes.io/hostname

2396

whenUnsatisfiable: ScheduleAnyway

2397

labelSelector:

2398

matchLabels:

2399

app.kubernetes.io/component: querier

2400

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2401

app.kubernetes.io/instance: '{{ .Release.Name }}'

2402

# -- Affinity for querier pods.

2403

# @default -- Hard node anti-affinity

2404

# The value will be passed through tpl.

2405

affinity:

2406

podAntiAffinity:

2407

requiredDuringSchedulingIgnoredDuringExecution:

2408

- labelSelector:

2409

matchLabels:

2410

app.kubernetes.io/component: querier

2411

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2412

app.kubernetes.io/instance: '{{ .Release.Name }}'

2413

topologyKey: kubernetes.io/hostname

2414

# -- Pod Disruption Budget maxUnavailable

2415

maxUnavailable: null

2416

# -- Max Surge for querier pods

2417

maxSurge: 0

2418

# -- Node selector for querier pods

2419

nodeSelector: {}

2420

# -- Tolerations for querier pods

2421

tolerations: []

2422

# -- DNSConfig for querier pods

2423

dnsConfig: {}

2424

# -- Adds the appProtocol field to the querier service. This allows querier to work with istio protocol selection.

2425

appProtocol:

2426

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2427

grpc: ""

2428

# -- trafficDistribution for querier service

2429

trafficDistribution: ""

2430

# -- Configuration for the query-frontend

2431

queryFrontend:

2432

# -- Number of replicas for the query-frontend

2433

replicas: 0

2434

# -- hostAliases to add

2435

hostAliases: []

2436

# - ip: 1.2.3.4

2437

# hostnames:

2438

# - domain.tld

2439

# -- Use the host's user namespace in the query-frontend

2440

hostUsers: nil

2441

autoscaling:

2442

# -- Enable autoscaling for the query-frontend

2443

enabled: false

2444

# -- Minimum autoscaling replicas for the query-frontend

2445

minReplicas: 1

2446

# -- Maximum autoscaling replicas for the query-frontend

2447

maxReplicas: 3

2448

# -- Target CPU utilisation percentage for the query-frontend

2449

targetCPUUtilizationPercentage: 60

2450

# -- Target memory utilisation percentage for the query-frontend

2451

targetMemoryUtilizationPercentage: null

2452

# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)

2453

customMetrics: []

2454

# - type: Pods

2455

# pods:

2456

# metric:

2457

# name: loki_query_rate

2458

# target:

2459

# type: AverageValue

2460

# averageValue: 100

2461

behavior:

2462

# -- Enable autoscaling behaviours

2463

enabled: false

2464

# -- define scale down policies, must conform to HPAScalingRules

2465

scaleDown: {}

2466

# -- define scale up policies, must conform to HPAScalingRules

2467

scaleUp: {}

2468

image:

2469

# -- The Docker registry for the query-frontend image. Overrides `loki.image.registry`

2470

registry: null

2471

# -- Docker image repository for the query-frontend image. Overrides `loki.image.repository`

2472

repository: null

2473

# -- Docker image tag for the query-frontend image. Overrides `loki.image.tag`

2474

tag: null

2475

# -- Command to execute instead of defined in Docker image

2476

command: null

2477

# -- The name of the PriorityClass for query-frontend pods

2478

priorityClassName: null

2479

# -- Labels for query-frontend pods

2480

podLabels: {}

2481

# -- Annotations for query-frontend pods

2482

podAnnotations: {}

2483

# -- Labels for query-frontend service

2484

serviceLabels: {}

2485

# -- Annotations for query-frontend service

2486

serviceAnnotations: {}

2487

# -- Service Type for query-frontend service

2488

serviceType: ClusterIP

2489

# -- Additional CLI args for the query-frontend

2490

extraArgs: []

2491

# -- Environment variables to add to the query-frontend pods

2492

extraEnv: []

2493

# -- Environment variables from secrets or configmaps to add to the query-frontend pods

2494

extraEnvFrom: []

2495

# -- Volume mounts to add to the query-frontend pods

2496

extraVolumeMounts: []

2497

# -- Volumes to add to the query-frontend pods

2498

extraVolumes: []

2499

# -- Resource requests and limits for the query-frontend

2500

resources: {}

2501

# -- init containers to add to the query-frontend pods

2502

initContainers: []

2503

# -- Containers to add to the query-frontend pods

2504

extraContainers: []

2505

# -- Grace period to allow the query-frontend to shutdown before it is killed

2506

terminationGracePeriodSeconds: 30

2507

# -- Affinity for query-frontend pods.

2508

# @default -- Hard node anti-affinity

2509

# The value will be passed through tpl.

2510

affinity:

2511

podAntiAffinity:

2512

requiredDuringSchedulingIgnoredDuringExecution:

2513

- labelSelector:

2514

matchLabels:

2515

app.kubernetes.io/component: query-frontend

2516

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2517

app.kubernetes.io/instance: '{{ .Release.Name }}'

2518

topologyKey: kubernetes.io/hostname

2519

# -- Pod Disruption Budget maxUnavailable

2520

maxUnavailable: null

2521

# -- Node selector for query-frontend pods

2522

nodeSelector: {}

2523

# -- Topology Spread Constraints for query-frontend pods

2524

# The value will be passed through tpl.

2525

topologySpreadConstraints: []

2526

# -- Tolerations for query-frontend pods

2527

tolerations: []

2528

# -- Adds the appProtocol field to the queryFrontend service. This allows queryFrontend to work with istio protocol selection.

2529

appProtocol:

2530

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2531

grpc: ""

2532

# -- Enable load balancer port for query-frontend

2533

loadBalancer:

2534

enabled: true

2535

# -- trafficDistribution for query-frontend service

2536

trafficDistribution: ""

2537

# -- Configuration for the query-scheduler

2538

queryScheduler:

2539

# -- Number of replicas for the query-scheduler.

2540

# It should be lower than `-querier.max-concurrent` to avoid generating back-pressure in queriers;

2541

# it's also recommended that this value evenly divides the latter

2542

replicas: 0

2543

# -- DNSConfig for query-scheduler

2544

dnsConfig: {}

2545

# -- hostAliases to add

2546

hostAliases: []

2547

# - ip: 1.2.3.4

2548

# hostnames:

2549

# - domain.tld

2550

# -- Use the host's user namespace in the query-scheduler

2551

hostUsers: nil

2552

image:

2553

# -- The Docker registry for the query-scheduler image. Overrides `loki.image.registry`

2554

registry: null

2555

# -- Docker image repository for the query-scheduler image. Overrides `loki.image.repository`

2556

repository: null

2557

# -- Docker image tag for the query-scheduler image. Overrides `loki.image.tag`

2558

tag: null

2559

# -- The name of the PriorityClass for query-scheduler pods

2560

priorityClassName: null

2561

# -- Labels for query-scheduler pods

2562

podLabels: {}

2563

# -- Annotations for query-scheduler pods

2564

podAnnotations: {}

2565

# -- Labels for query-scheduler service

2566

serviceLabels: {}

2567

# -- Annotations for query-scheduler service

2568

serviceAnnotations: {}

2569

# -- Additional CLI args for the query-scheduler

2570

extraArgs: []

2571

# -- Environment variables to add to the query-scheduler pods

2572

extraEnv: []

2573

# -- Environment variables from secrets or configmaps to add to the query-scheduler pods

2574

extraEnvFrom: []

2575

# -- Volume mounts to add to the query-scheduler pods

2576

extraVolumeMounts: []

2577

# -- Volumes to add to the query-scheduler pods

2578

extraVolumes: []

2579

# -- Resource requests and limits for the query-scheduler

2580

resources: {}

2581

# -- init containers to add to the query-scheduler pods

2582

initContainers: []

2583

# -- Containers to add to the query-scheduler pods

2584

extraContainers: []

2585

# -- Grace period to allow the query-scheduler to shutdown before it is killed

2586

terminationGracePeriodSeconds: 30

2587

# -- Affinity for query-scheduler pods.

2588

# @default -- Hard node anti-affinity

2589

# The value will be passed through tpl.

2590

affinity:

2591

podAntiAffinity:

2592

requiredDuringSchedulingIgnoredDuringExecution:

2593

- labelSelector:

2594

matchLabels:

2595

app.kubernetes.io/component: query-scheduler

2596

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2597

app.kubernetes.io/instance: '{{ .Release.Name }}'

2598

topologyKey: kubernetes.io/hostname

2599

# -- Pod Disruption Budget maxUnavailable

2600

maxUnavailable: 1

2601

# -- Node selector for query-scheduler pods

2602

nodeSelector: {}

2603

# -- Topology Spread Constraints for query-scheduler pods

2604

# The value will be passed through tpl.

2605

topologySpreadConstraints: []

2606

# -- Tolerations for query-scheduler pods

2607

tolerations: []

2608

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2609

appProtocol:

2610

grpc: ""

2611

# -- trafficDistribution for query-scheduler service

2612

trafficDistribution: ""

2613

# -- Configuration for the index-gateway

2614

indexGateway:

2615

# -- Number of replicas for the index-gateway

2616

replicas: 0

2617

# -- Whether the index gateway should join the memberlist hashring

2618

joinMemberlist: true

2619

# -- DNSConfig for index-gateway pods

2620

dnsConfig: {}

2621

# -- hostAliases to add

2622

hostAliases: []

2623

# - ip: 1.2.3.4

2624

# hostnames:

2625

# - domain.tld

2626

# -- Use the host's user namespace in the index-gateway

2627

hostUsers: nil

2628

image:

2629

# -- The Docker registry for the index-gateway image. Overrides `loki.image.registry`

2630

registry: null

2631

# -- Docker image repository for the index-gateway image. Overrides `loki.image.repository`

2632

repository: null

2633

# -- Docker image tag for the index-gateway image. Overrides `loki.image.tag`

2634

tag: null

2635

# -- The name of the PriorityClass for index-gateway pods

2636

priorityClassName: null

2637

# -- Labels for index-gateway pods

2638

podLabels: {}

2639

# -- Annotations for index-gateway pods

2640

podAnnotations: {}

2641

# -- Labels for index-gateway service

2642

serviceLabels: {}

2643

# -- Annotations for index-gateway service

2644

serviceAnnotations: {}

2645

# -- Service type for index-gateway service

2646

serviceType: "ClusterIP"

2647

# -- Additional CLI args for the index-gateway

2648

extraArgs: []

2649

# -- Environment variables to add to the index-gateway pods

2650

extraEnv: []

2651

# -- Environment variables from secrets or configmaps to add to the index-gateway pods

2652

extraEnvFrom: []

2653

# -- Volume mounts to add to the index-gateway pods

2654

extraVolumeMounts: []

2655

# -- Volumes to add to the index-gateway pods

2656

extraVolumes: []

2657

# -- Resource requests and limits for the index-gateway

2658

resources: {}

2659

# -- Containers to add to the index-gateway pods

2660

extraContainers: []

2661

# -- Init containers to add to the index-gateway pods

2662

initContainers: []

2663

# -- Grace period to allow the index-gateway to shutdown before it is killed.

2664

terminationGracePeriodSeconds: 300

2665

# -- Lifecycle for the index-gateway container

2666

lifecycle: {}

2667

# -- Affinity for index-gateway pods.

2668

# @default -- Hard node anti-affinity

2669

# The value will be passed through tpl.

2670

affinity:

2671

podAntiAffinity:

2672

requiredDuringSchedulingIgnoredDuringExecution:

2673

- labelSelector:

2674

matchLabels:

2675

app.kubernetes.io/component: index-gateway

2676

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2677

app.kubernetes.io/instance: '{{ .Release.Name }}'

2678

topologyKey: kubernetes.io/hostname

2679

# -- Pod Disruption Budget maxUnavailable

2680

maxUnavailable: null

2681

# -- Node selector for index-gateway pods

2682

nodeSelector: {}

2683

# -- Topology Spread Constraints for index-gateway pods

2684

# The value will be passed through tpl.

2685

topologySpreadConstraints: []

2686

# -- Tolerations for index-gateway pods

2687

tolerations: []

2688

persistence:

2689

# -- Enable creating PVCs which is required when using boltdb-shipper

2690

enabled: false

2691

# -- Set access modes on the PersistentVolumeClaim

2692

accessModes:

2693

- ReadWriteOnce

2694

# -- Use emptyDir with ramdisk for storage. **Please note that all data in indexGateway will be lost on pod restart**

2695

inMemory: false

2696

# -- Size of persistent or memory disk

2697

size: 10Gi

2698

# -- Storage class to be used.

2699

# If defined, storageClassName: <storageClass>.

2700

# If set to "-", storageClassName: "", which disables dynamic provisioning.

2701

# If empty or set to null, no storageClassName spec is

2702

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

2703

storageClass: null

2704

# -- Volume attributes class name to be used.

2705

# If empty or set to null, no volumeAttributesClassName spec is set.

2706

# Requires Kubernetes 1.31

2707

volumeAttributesClassName: null

2708

# -- Annotations for index gateway PVCs

2709

annotations: {}

2710

# -- Labels for index gateway PVCs

2711

labels: {}

2712

# -- Enable StatefulSetAutoDeletePVC feature

2713

enableStatefulSetAutoDeletePVC: false

2714

whenDeleted: Retain

2715

whenScaled: Retain

2716

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2717

appProtocol:

2718

grpc: ""

2719

# -- trafficDistribution for index-gateway service

2720

trafficDistribution: ""

2721

# -- UpdateStrategy for the indexGateway StatefulSet.

2722

updateStrategy:

2723

# -- One of 'OnDelete' or 'RollingUpdate'

2724

type: RollingUpdate

2725

2726

# rollingUpdate:

2727

# partition: 0

2728

# -- Configuration for the compactor

2729

compactor:

2730

# -- Number of replicas for the compactor

2731

replicas: 0

2732

# -- hostAliases to add

2733

hostAliases: []

2734

# - ip: 1.2.3.4

2735

# hostnames:

2736

# - domain.tld

2737

# -- Use the host's user namespace in the compactor

2738

hostUsers: nil

2739

# -- DNSConfig for compactor pods

2740

dnsConfig: {}

2741

image:

2742

# -- The Docker registry for the compactor image. Overrides `loki.image.registry`

2743

registry: null

2744

# -- Docker image repository for the compactor image. Overrides `loki.image.repository`

2745

repository: null

2746

# -- Docker image tag for the compactor image. Overrides `loki.image.tag`

2747

tag: null

2748

# -- Command to execute instead of defined in Docker image

2749

command: null

2750

# -- The name of the PriorityClass for compactor pods

2751

priorityClassName: null

2752

# -- Labels for compactor pods

2753

podLabels: {}

2754

# -- Annotations for compactor pods

2755

podAnnotations: {}

2756

# -- Affinity for compactor pods.

2757

# @default -- Hard node anti-affinity

2758

# The value will be passed through tpl.

2759

affinity:

2760

podAntiAffinity:

2761

requiredDuringSchedulingIgnoredDuringExecution:

2762

- labelSelector:

2763

matchLabels:

2764

app.kubernetes.io/component: compactor

2765

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2766

app.kubernetes.io/instance: '{{ .Release.Name }}'

2767

topologyKey: kubernetes.io/hostname

2768

# -- Labels for compactor service

2769

serviceLabels: {}

2770

# -- Annotations for compactor service

2771

serviceAnnotations: {}

2772

# -- Service type for compactor service

2773

serviceType: "ClusterIP"

2774

# -- Additional CLI args for the compactor

2775

extraArgs: []

2776

# -- Environment variables to add to the compactor pods

2777

extraEnv: []

2778

# -- Environment variables from secrets or configmaps to add to the compactor pods

2779

extraEnvFrom: []

2780

# -- Volume mounts to add to the compactor pods

2781

extraVolumeMounts: []

2782

# -- Volumes to add to the compactor pods

2783

extraVolumes: []

2784

# -- readiness probe settings for compactor pods. If empty, use `loki.readinessProbe`

2785

readinessProbe: {}

2786

# -- liveness probe settings for compactor pods. If empty use `loki.livenessProbe`

2787

livenessProbe: {}

2788

# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`

2789

startupProbe: {}

2790

# -- Resource requests and limits for the compactor

2791

resources: {}

2792

# -- Containers to add to the compactor pods

2793

extraContainers: []

2794

# -- Init containers to add to the compactor pods

2795

initContainers: []

2796

# -- Grace period to allow the compactor to shutdown before it is killed

2797

terminationGracePeriodSeconds: 30

2798

# -- Node selector for compactor pods

2799

nodeSelector: {}

2800

# -- Tolerations for compactor pods

2801

tolerations: []

2802

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2803

appProtocol:

2804

grpc: ""

2805

persistence:

2806

# -- Enable creating PVCs for the compactor

2807

enabled: false

2808

# -- List of the compactor PVCs

2809

# @notationType -- list

2810

claims:

2811

- name: data

2812

# -- Set access modes on the PersistentVolumeClaim

2813

accessModes:

2814

- ReadWriteOnce

2815

size: 10Gi

2816

# -- Storage class to be used.

2817

# If defined, storageClassName: <storageClass>.

2818

# If set to "-", storageClassName: "", which disables dynamic provisioning.

2819

# If empty or set to null, no storageClassName spec is

2820

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

2821

storageClass: null

2822

# -- Volume attributes class name to be used.

2823

# If empty or set to null, no volumeAttributesClassName spec is set.

2824

# Requires Kubernetes 1.31

2825

volumeAttributesClassName: null

2826

# -- Annotations for compactor PVCs

2827

annotations: {}

2828

# -- Labels for compactor PVCs

2829

labels: {}

2830

# - name: wal

2831

# size: 150Gi

2832

# -- Enable StatefulSetAutoDeletePVC feature

2833

enableStatefulSetAutoDeletePVC: false

2834

whenDeleted: Retain

2835

whenScaled: Retain

2836

serviceAccount:

2837

create: false

2838

# -- The name of the ServiceAccount to use for the compactor.

2839

# If not set and create is true, a name is generated by appending

2840

# "-compactor" to the common ServiceAccount.

2841

2842

# -- Image pull secrets for the compactor service account

2843

imagePullSecrets: []

2844

# -- Annotations for the compactor service account

2845

annotations: {}

2846

# -- Set this toggle to false to opt out of automounting API credentials for the service account

2847

automountServiceAccountToken: true

2848

# -- Configuration for the bloom-gateway

2849

bloomGateway:

2850

# -- Number of replicas for the bloom-gateway

2851

replicas: 0

2852

# -- hostAliases to add

2853

hostAliases: []

2854

# - ip: 1.2.3.4

2855

# hostnames:

2856

# - domain.tld

2857

# -- Use the host's user namespace in the bloom-gateway

2858

hostUsers: nil

2859

# -- DNSConfig for bloom-gateway pods

2860

dnsConfig: {}

2861

image:

2862

# -- The Docker registry for the bloom-gateway image. Overrides `loki.image.registry`

2863

registry: null

2864

# -- Docker image repository for the bloom-gateway image. Overrides `loki.image.repository`

2865

repository: null

2866

# -- Docker image tag for the bloom-gateway image. Overrides `loki.image.tag`

2867

tag: null

2868

# -- Command to execute instead of defined in Docker image

2869

command: null

2870

# -- The name of the PriorityClass for bloom-gateway pods

2871

priorityClassName: null

2872

# -- Labels for bloom-gateway pods

2873

podLabels: {}

2874

# -- Annotations for bloom-gateway pods

2875

podAnnotations: {}

2876

# -- Affinity for bloom-gateway pods.

2877

# @default -- Hard node anti-affinity

2878

# The value will be passed through tpl.

2879

affinity:

2880

podAntiAffinity:

2881

requiredDuringSchedulingIgnoredDuringExecution:

2882

- labelSelector:

2883

matchLabels:

2884

app.kubernetes.io/component: bloom-gateway

2885

app.kubernetes.io/name: '{{ include "loki.name" . }}'

2886

app.kubernetes.io/instance: '{{ .Release.Name }}'

2887

topologyKey: kubernetes.io/hostname

2888

# -- Labels for bloom-gateway service

2889

serviceLabels: {}

2890

# -- Annotations for bloom-gateway service

2891

serviceAnnotations: {}

2892

# -- Additional CLI args for the bloom-gateway

2893

extraArgs: []

2894

# -- Environment variables to add to the bloom-gateway pods

2895

extraEnv: []

2896

# -- Environment variables from secrets or configmaps to add to the bloom-gateway pods

2897

extraEnvFrom: []

2898

# -- Volume mounts to add to the bloom-gateway pods

2899

extraVolumeMounts: []

2900

# -- Volumes to add to the bloom-gateway pods

2901

extraVolumes: []

2902

# -- readiness probe settings for bloom-gateway pods. If empty, use `loki.readinessProbe`

2903

readinessProbe: {}

2904

# -- liveness probe settings for bloom-gateway pods. If empty use `loki.livenessProbe`

2905

livenessProbe: {}

2906

# -- startup probe settings for bloom-gateway pods. If empty, use `loki.startupProbe`

2907

startupProbe: {}

2908

# -- Resource requests and limits for the bloom-gateway

2909

resources: {}

2910

# -- Containers to add to the bloom-gateway pods

2911

extraContainers: []

2912

# -- Init containers to add to the bloom-gateway pods

2913

initContainers: []

2914

# -- Grace period to allow the bloom-gateway to shutdown before it is killed

2915

terminationGracePeriodSeconds: 30

2916

# -- Node selector for bloom-gateway pods

2917

nodeSelector: {}

2918

# -- Tolerations for bloom-gateway pods

2919

tolerations: []

2920

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

2921

appProtocol:

2922

grpc: ""

2923

persistence:

2924

# -- Enable creating PVCs for the bloom-gateway

2925

enabled: false

2926

# -- Annotations for bloom-gateway PVCs

2927

annotations: {}

2928

# -- Labels for bloom gateway PVCs

2929

labels: {}

2930

# -- List of the bloom-gateway PVCs

2931

# @notationType -- list

2932

claims:

2933

- name: data

2934

# -- Set access modes on the PersistentVolumeClaim

2935

accessModes:

2936

- ReadWriteOnce

2937

# -- Size of persistent disk

2938

size: 10Gi

2939

# -- Storage class to be used.

2940

# If defined, storageClassName: <storageClass>.

2941

# If set to "-", storageClassName: "", which disables dynamic provisioning.

2942

# If empty or set to null, no storageClassName spec is

2943

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

2944

storageClass: null

2945

# -- Volume attributes class name to be used.

2946

# If empty or set to null, no volumeAttributesClassName spec is set.

2947

# Requires Kubernetes 1.31

2948

volumeAttributesClassName: null

2949

# -- Enable StatefulSetAutoDeletePVC feature

2950

enableStatefulSetAutoDeletePVC: false

2951

whenDeleted: Retain

2952

whenScaled: Retain

2953

serviceAccount:

2954

create: false

2955

# -- The name of the ServiceAccount to use for the bloom-gateway.

2956

# If not set and create is true, a name is generated by appending

2957

# "-bloom-gateway" to the common ServiceAccount.

2958

2959

# -- Image pull secrets for the bloom-gateway service account

2960

imagePullSecrets: []

2961

# -- Annotations for the bloom-gateway service account

2962

annotations: {}

2963

# -- Set this toggle to false to opt out of automounting API credentials for the service account

2964

automountServiceAccountToken: true

2965

# -- Configuration for the bloom-planner

2966

bloomPlanner:

2967

# -- Number of replicas for the bloom-planner

2968

replicas: 0

2969

# -- hostAliases to add

2970

hostAliases: []

2971

# - ip: 1.2.3.4

2972

# hostnames:

2973

# - domain.tld

2974

# -- Use the host's user namespace in the bloom-planner

2975

hostUsers: nil

2976

# -- DNSConfig for bloom-planner pods

2977

dnsConfig: {}

2978

image:

2979

# -- The Docker registry for the bloom-planner image. Overrides `loki.image.registry`

2980

registry: null

2981

# -- Docker image repository for the bloom-planner image. Overrides `loki.image.repository`

2982

repository: null

2983

# -- Docker image tag for the bloom-planner image. Overrides `loki.image.tag`

2984

tag: null

2985

# -- Command to execute instead of defined in Docker image

2986

command: null

2987

# -- The name of the PriorityClass for bloom-planner pods

2988

priorityClassName: null

2989

# -- Labels for bloom-planner pods

2990

podLabels: {}

2991

# -- Annotations for bloom-planner pods

2992

podAnnotations: {}

2993

# -- Affinity for bloom-planner pods.

2994

# @default -- Hard node anti-affinity

2995

# The value will be passed through tpl.

2996

affinity:

2997

podAntiAffinity:

2998

requiredDuringSchedulingIgnoredDuringExecution:

2999

- labelSelector:

3000

matchLabels:

3001

app.kubernetes.io/component: bloom-planner

3002

app.kubernetes.io/name: '{{ include "loki.name" . }}'

3003

app.kubernetes.io/instance: '{{ .Release.Name }}'

3004

topologyKey: kubernetes.io/hostname

3005

# -- Labels for bloom-planner service

3006

serviceLabels: {}

3007

# -- Annotations for bloom-planner service

3008

serviceAnnotations: {}

3009

# -- Additional CLI args for the bloom-planner

3010

extraArgs: []

3011

# -- Environment variables to add to the bloom-planner pods

3012

extraEnv: []

3013

# -- Environment variables from secrets or configmaps to add to the bloom-planner pods

3014

extraEnvFrom: []

3015

# -- Volume mounts to add to the bloom-planner pods

3016

extraVolumeMounts: []

3017

# -- Volumes to add to the bloom-planner pods

3018

extraVolumes: []

3019

# -- readiness probe settings for bloom-planner pods. If empty, use `loki.readinessProbe`

3020

readinessProbe: {}

3021

# -- liveness probe settings for bloom-planner pods. If empty use `loki.livenessProbe`

3022

livenessProbe: {}

3023

# -- startup probe settings for bloom-planner pods. If empty use `loki.startupProbe`

3024

startupProbe: {}

3025

# -- Resource requests and limits for the bloom-planner

3026

resources: {}

3027

# -- Containers to add to the bloom-planner pods

3028

extraContainers: []

3029

# -- Init containers to add to the bloom-planner pods

3030

initContainers: []

3031

# -- Grace period to allow the bloom-planner to shutdown before it is killed

3032

terminationGracePeriodSeconds: 30

3033

# -- Node selector for bloom-planner pods

3034

nodeSelector: {}

3035

# -- Tolerations for bloom-planner pods

3036

tolerations: []

3037

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

3038

appProtocol:

3039

grpc: ""

3040

persistence:

3041

# -- Enable creating PVCs for the bloom-planner

3042

enabled: false

3043

# -- List of the bloom-planner PVCs

3044

# @notationType -- list

3045

claims:

3046

- name: data

3047

# -- Set access modes on the PersistentVolumeClaim

3048

accessModes:

3049

- ReadWriteOnce

3050

# -- Size of persistent disk

3051

size: 10Gi

3052

# -- Storage class to be used.

3053

# If defined, storageClassName: <storageClass>.

3054

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3055

# If empty or set to null, no storageClassName spec is

3056

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3057

storageClass: null

3058

# -- Volume attributes class name to be used.

3059

# If empty or set to null, no volumeAttributesClassName spec is set.

3060

# Requires Kubernetes 1.31

3061

volumeAttributesClassName: null

3062

# -- Annotations for bloom-planner PVCs

3063

annotations: {}

3064

# -- Labels for bloom planner PVCs

3065

labels: {}

3066

# -- Enable StatefulSetAutoDeletePVC feature

3067

enableStatefulSetAutoDeletePVC: false

3068

whenDeleted: Retain

3069

whenScaled: Retain

3070

serviceAccount:

3071

create: false

3072

# -- The name of the ServiceAccount to use for the bloom-planner.

3073

# If not set and create is true, a name is generated by appending

3074

# "-bloom-planner" to the common ServiceAccount.

3075

3076

# -- Image pull secrets for the bloom-planner service account

3077

imagePullSecrets: []

3078

# -- Annotations for the bloom-planner service account

3079

annotations: {}

3080

# -- Set this toggle to false to opt out of automounting API credentials for the service account

3081

automountServiceAccountToken: true

3082

# -- Configuration for the bloom-builder

3083

bloomBuilder:

3084

# -- Number of replicas for the bloom-builder

3085

replicas: 0

3086

# -- hostAliases to add

3087

hostAliases: []

3088

# - ip: 1.2.3.4

3089

# hostnames:

3090

# - domain.tld

3091

# -- Use the host's user namespace in the boom-builder

3092

hostUsers: nil

3093

# -- DNSConfig for bloom-builder pods

3094

dnsConfig: {}

3095

autoscaling:

3096

# -- Enable autoscaling for the bloom-builder

3097

enabled: false

3098

# -- Minimum autoscaling replicas for the bloom-builder

3099

minReplicas: 1

3100

# -- Maximum autoscaling replicas for the bloom-builder

3101

maxReplicas: 3

3102

# -- Target CPU utilisation percentage for the bloom-builder

3103

targetCPUUtilizationPercentage: 60

3104

# -- Target memory utilisation percentage for the bloom-builder

3105

targetMemoryUtilizationPercentage: null

3106

# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)

3107

customMetrics: []

3108

# - type: Pods

3109

# pods:

3110

# metric:

3111

# name: loki_query_rate

3112

# target:

3113

# type: AverageValue

3114

# averageValue: 100

3115

behavior:

3116

# -- Enable autoscaling behaviours

3117

enabled: false

3118

# -- define scale down policies, must conform to HPAScalingRules

3119

scaleDown: {}

3120

# -- define scale up policies, must conform to HPAScalingRules

3121

scaleUp: {}

3122

image:

3123

# -- The Docker registry for the bloom-builder image. Overrides `loki.image.registry`

3124

registry: null

3125

# -- Docker image repository for the bloom-builder image. Overrides `loki.image.repository`

3126

repository: null

3127

# -- Docker image tag for the bloom-builder image. Overrides `loki.image.tag`

3128

tag: null

3129

# -- Command to execute instead of defined in Docker image

3130

command: null

3131

# -- The name of the PriorityClass for bloom-builder pods

3132

priorityClassName: null

3133

# -- Labels for bloom-builder pods

3134

podLabels: {}

3135

# -- Annotations for bloom-builder pods

3136

podAnnotations: {}

3137

# -- Labels for bloom-builder service

3138

serviceLabels: {}

3139

# -- Annotations for bloom-builder service

3140

serviceAnnotations: {}

3141

# -- Additional CLI args for the bloom-builder

3142

extraArgs: []

3143

# -- Environment variables to add to the bloom-builder pods

3144

extraEnv: []

3145

# -- Environment variables from secrets or configmaps to add to the bloom-builder pods

3146

extraEnvFrom: []

3147

# -- Volume mounts to add to the bloom-builder pods

3148

extraVolumeMounts: []

3149

# -- Volumes to add to the bloom-builder pods

3150

extraVolumes: []

3151

# -- Resource requests and limits for the bloom-builder

3152

resources: {}

3153

# -- Init containers to add to the bloom-builder pods

3154

initContainers: []

3155

# -- Containers to add to the bloom-builder pods

3156

extraContainers: []

3157

# -- Grace period to allow the bloom-builder to shutdown before it is killed

3158

terminationGracePeriodSeconds: 30

3159

# -- Affinity for bloom-builder pods.

3160

# @default -- Hard node anti-affinity

3161

# The value will be passed through tpl.

3162

affinity:

3163

podAntiAffinity:

3164

requiredDuringSchedulingIgnoredDuringExecution:

3165

- labelSelector:

3166

matchLabels:

3167

app.kubernetes.io/component: bloom-builder

3168

app.kubernetes.io/name: '{{ include "loki.name" . }}'

3169

app.kubernetes.io/instance: '{{ .Release.Name }}'

3170

topologyKey: kubernetes.io/hostname

3171

# -- Pod Disruption Budget maxUnavailable

3172

maxUnavailable: null

3173

# -- Node selector for bloom-builder pods

3174

nodeSelector: {}

3175

# -- Tolerations for bloom-builder pods

3176

tolerations: []

3177

# -- Adds the appProtocol field to the queryFrontend service. This allows bloomBuilder to work with istio protocol selection.

3178

appProtocol:

3179

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

3180

grpc: ""

3181

# -- Configuration for the pattern ingester

3182

patternIngester:

3183

# -- Number of replicas for the pattern ingester

3184

replicas: 0

3185

# -- DNSConfig for pattern ingester pods

3186

dnsConfig: {}

3187

# -- hostAliases to add

3188

hostAliases: []

3189

# - ip: 1.2.3.4

3190

# hostnames:

3191

# - domain.tld

3192

# -- Use the host's user namespace in the pattern ingester

3193

hostUsers: nil

3194

image:

3195

# -- The Docker registry for the pattern ingester image. Overrides `loki.image.registry`

3196

registry: null

3197

# -- Docker image repository for the pattern ingester image. Overrides `loki.image.repository`

3198

repository: null

3199

# -- Docker image tag for the pattern ingester image. Overrides `loki.image.tag`

3200

tag: null

3201

# -- Command to execute instead of defined in Docker image

3202

command: null

3203

# -- The name of the PriorityClass for pattern ingester pods

3204

priorityClassName: null

3205

# -- Labels for pattern ingester pods

3206

podLabels: {}

3207

# -- Annotations for pattern ingester pods

3208

podAnnotations: {}

3209

# -- Affinity for pattern ingester pods.

3210

# @default -- Hard node anti-affinity

3211

# The value will be passed through tpl.

3212

affinity:

3213

podAntiAffinity:

3214

requiredDuringSchedulingIgnoredDuringExecution:

3215

- labelSelector:

3216

matchLabels:

3217

app.kubernetes.io/component: pattern-ingester

3218

app.kubernetes.io/name: '{{ include "loki.name" . }}'

3219

app.kubernetes.io/instance: '{{ .Release.Name }}'

3220

topologyKey: kubernetes.io/hostname

3221

# -- Pod Disruption Budget maxUnavailable

3222

maxUnavailable: null

3223

# -- Labels for pattern ingester service

3224

serviceLabels: {}

3225

# -- Annotations for pattern ingester service

3226

serviceAnnotations: {}

3227

# -- Additional CLI args for the pattern ingester

3228

extraArgs: []

3229

# -- Environment variables to add to the pattern ingester pods

3230

extraEnv: []

3231

# -- Environment variables from secrets or configmaps to add to the pattern ingester pods

3232

extraEnvFrom: []

3233

# -- Volume mounts to add to the pattern ingester pods

3234

extraVolumeMounts: []

3235

# -- Volumes to add to the pattern ingester pods

3236

extraVolumes: []

3237

# -- readiness probe settings for pattern ingester pods. If empty, use `loki.readinessProbe`

3238

readinessProbe: {}

3239

# -- liveness probe settings for pattern ingester pods. If empty use `loki.livenessProbe`

3240

livenessProbe: {}

3241

# -- startup probe settings for pattern ingester pods. If empty use `loki.startupProbe`

3242

startupProbe: {}

3243

# -- Resource requests and limits for the pattern ingester

3244

resources: {}

3245

# -- Containers to add to the pattern ingester pods

3246

extraContainers: []

3247

# -- Init containers to add to the pattern ingester pods

3248

initContainers: []

3249

# -- Grace period to allow the pattern ingester to shutdown before it is killed

3250

terminationGracePeriodSeconds: 30

3251

# -- Node selector for pattern ingester pods

3252

nodeSelector: {}

3253

# -- Topology Spread Constraints for pattern ingester pods

3254

# The value will be passed through tpl.

3255

topologySpreadConstraints: []

3256

# -- Tolerations for pattern ingester pods

3257

tolerations: []

3258

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

3259

appProtocol:

3260

grpc: ""

3261

persistence:

3262

# -- Enable creating PVCs for the pattern ingester

3263

enabled: false

3264

# -- Size of persistent disk

3265

size: 10Gi

3266

# -- Storage class to be used.

3267

# If defined, storageClassName: <storageClass>.

3268

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3269

# If empty or set to null, no storageClassName spec is

3270

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3271

storageClass: null

3272

# -- List of the pattern ingester PVCs

3273

# @notationType -- list

3274

claims:

3275

- name: data

3276

# -- Set access modes on the PersistentVolumeClaim

3277

accessModes:

3278

- ReadWriteOnce

3279

size: 10Gi

3280

# -- Storage class to be used.

3281

# If defined, storageClassName: <storageClass>.

3282

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3283

# If empty or set to null, no storageClassName spec is

3284

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3285

storageClass: null

3286

# -- Volume attributes class name to be used.

3287

# If empty or set to null, no volumeAttributesClassName spec is set.

3288

# Requires Kubernetes 1.31

3289

volumeAttributesClassName: null

3290

# -- Annotations for pattern ingester PVCs

3291

annotations: {}

3292

# -- Labels for pattern ingester PVCs

3293

labels: {}

3294

# - name: wal

3295

# size: 150Gi

3296

# -- Enable StatefulSetAutoDeletePVC feature

3297

enableStatefulSetAutoDeletePVC: false

3298

whenDeleted: Retain

3299

whenScaled: Retain

3300

serviceAccount:

3301

create: false

3302

# -- The name of the ServiceAccount to use for the pattern ingester.

3303

# If not set and create is true, a name is generated by appending

3304

# "-pattern-ingester" to the common ServiceAccount.

3305

3306

# -- Image pull secrets for the pattern ingester service account

3307

imagePullSecrets: []

3308

# -- Annotations for the pattern ingester service account

3309

annotations: {}

3310

# -- Set this toggle to false to opt out of automounting API credentials for the service account

3311

automountServiceAccountToken: true

3312

# -- Configuration for the ruler

3313

ruler:

3314

# -- The ruler component is optional and can be disabled if desired.

3315

enabled: true

3316

# -- Whether to enable the rules sidecar

3317

sidecar: false

3318

# -- Number of replicas for the ruler

3319

replicas: 0

3320

# -- hostAliases to add

3321

hostAliases: []

3322

# - ip: 1.2.3.4

3323

# hostnames:

3324

# - domain.tld

3325

# -- Use the host's user namespace in the ruler

3326

hostUsers: nil

3327

image:

3328

# -- The Docker registry for the ruler image. Overrides `loki.image.registry`

3329

registry: null

3330

# -- Docker image repository for the ruler image. Overrides `loki.image.repository`

3331

repository: null

3332

# -- Docker image tag for the ruler image. Overrides `loki.image.tag`

3333

tag: null

3334

# -- Command to execute instead of defined in Docker image

3335

command: null

3336

# -- The name of the PriorityClass for ruler pods

3337

priorityClassName: null

3338

# -- Labels for compactor pods

3339

podLabels: {}

3340

# -- Annotations for ruler pods

3341

podAnnotations: {}

3342

# -- Labels for ruler service

3343

serviceLabels: {}

3344

# -- Annotations for ruler service

3345

serviceAnnotations: {}

3346

# -- Additional CLI args for the ruler

3347

extraArgs: []

3348

# -- Environment variables to add to the ruler pods

3349

extraEnv: []

3350

# -- Environment variables from secrets or configmaps to add to the ruler pods

3351

extraEnvFrom: []

3352

# -- Volume mounts to add to the ruler pods

3353

extraVolumeMounts: []

3354

# -- Volumes to add to the ruler pods

3355

extraVolumes: []

3356

# -- Resource requests and limits for the ruler

3357

resources: {}

3358

# -- Containers to add to the ruler pods

3359

extraContainers: []

3360

# -- Init containers to add to the ruler pods

3361

initContainers: []

3362

# -- Grace period to allow the ruler to shutdown before it is killed

3363

terminationGracePeriodSeconds: 300

3364

# -- Affinity for ruler pods.

3365

# @default -- Hard node anti-affinity

3366

# The value will be passed through tpl.

3367

affinity:

3368

podAntiAffinity:

3369

requiredDuringSchedulingIgnoredDuringExecution:

3370

- labelSelector:

3371

matchLabels:

3372

app.kubernetes.io/component: ruler

3373

app.kubernetes.io/name: '{{ include "loki.name" . }}'

3374

app.kubernetes.io/instance: '{{ .Release.Name }}'

3375

topologyKey: kubernetes.io/hostname

3376

# -- Pod Disruption Budget maxUnavailable

3377

maxUnavailable: null

3378

# -- Node selector for ruler pods

3379

nodeSelector: {}

3380

# -- Topology Spread Constraints for ruler pods

3381

# The value will be passed through tpl.

3382

topologySpreadConstraints: []

3383

# -- Tolerations for ruler pods

3384

tolerations: []

3385

# -- DNSConfig for ruler pods

3386

dnsConfig: {}

3387

persistence:

3388

# -- Enable creating PVCs which is required when using recording rules

3389

enabled: false

3390

# -- Set access modes on the PersistentVolumeClaim

3391

accessModes:

3392

- ReadWriteOnce

3393

# -- Size of persistent disk

3394

size: 10Gi

3395

# -- Storage class to be used.

3396

# If defined, storageClassName: <storageClass>.

3397

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3398

# If empty or set to null, no storageClassName spec is

3399

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3400

storageClass: null

3401

# -- Volume attributes class name to be used.

3402

# If empty or set to null, no volumeAttributesClassName spec is set.

3403

# Requires Kubernetes 1.31

3404

volumeAttributesClassName: null

3405

# -- Annotations for ruler PVCs

3406

annotations: {}

3407

# -- Labels for ruler PVCs

3408

labels: {}

3409

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

3410

appProtocol:

3411

grpc: ""

3412

# -- Directories containing rules files. If used, you must also configure `loki.rulerConfig.storage` to use local storage.

3413

directories: {}

3414

# tenant_foo:

3415

# rules1.txt: |

3416

# groups:

3417

# - name: should_fire

3418

# rules:

3419

# - alert: HighPercentageError

3420

# expr: |

3421

# sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)

3422

# /

3423

# sum(rate({app="foo", env="production"}[5m])) by (job)

3424

# > 0.05

3425

# for: 10m

3426

# labels:

3427

# severity: warning

3428

# annotations:

3429

# summary: High error rate

3430

# - name: credentials_leak

3431

# rules:

3432

# - alert: http-credentials-leaked

3433

# annotations:

3434

# message: "{{ $labels.job }} is leaking http basic auth credentials."

3435

# expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'

3436

# for: 10m

3437

# labels:

3438

# severity: critical

3439

# rules2.txt: |

3440

# groups:

3441

# - name: example

3442

# rules:

3443

# - alert: HighThroughputLogStreams

3444

# expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000

3445

# for: 2m

3446

# tenant_bar:

3447

# rules1.txt: |

3448

# groups:

3449

# - name: should_fire

3450

# rules:

3451

# - alert: HighPercentageError

3452

# expr: |

3453

# sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)

3454

# /

3455

# sum(rate({app="foo", env="production"}[5m])) by (job)

3456

# > 0.05

3457

# for: 10m

3458

# labels:

3459

# severity: warning

3460

# annotations:

3461

# summary: High error rate

3462

# - name: credentials_leak

3463

# rules:

3464

# - alert: http-credentials-leaked

3465

# annotations:

3466

# message: "{{ $labels.job }} is leaking http basic auth credentials."

3467

# expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'

3468

# for: 10m

3469

# labels:

3470

# severity: critical

3471

# rules2.txt: |

3472

# groups:

3473

# - name: example

3474

# rules:

3475

# - alert: HighThroughputLogStreams

3476

# expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000

3477

# for: 2m

3478

# -- Configuration for the overrides-exporter

3479

overridesExporter:

3480

# -- The overrides-exporter component is optional and can be disabled if desired.

3481

enabled: false

3482

# -- Number of replicas for the overrides-exporter

3483

replicas: 0

3484

# -- DNSConfig for overrides-exporter

3485

dnsConfig: {}

3486

# -- hostAliases to add

3487

hostAliases: []

3488

# - ip: 1.2.3.4

3489

# hostnames:

3490

# - domain.tld

3491

# -- Use the host's user namespace in the overrides-exporter

3492

hostUsers: nil

3493

image:

3494

# -- The Docker registry for the overrides-exporter image. Overrides `loki.image.registry`

3495

registry: null

3496

# -- Docker image repository for the overrides-exporter image. Overrides `loki.image.repository`

3497

repository: null

3498

# -- Docker image tag for the overrides-exporter image. Overrides `loki.image.tag`

3499

tag: null

3500

# -- Command to execute instead of defined in Docker image

3501

command: null

3502

# -- The name of the PriorityClass for overrides-exporter pods

3503

priorityClassName: null

3504

# -- Labels for overrides-exporter pods

3505

podLabels: {}

3506

# -- Annotations for overrides-exporter pods

3507

podAnnotations: {}

3508

# -- Labels for overrides-exporter service

3509

serviceLabels: {}

3510

# -- Annotations for overrides-exporter service

3511

serviceAnnotations: {}

3512

# -- Additional CLI args for the overrides-exporter

3513

extraArgs: []

3514

# -- Environment variables to add to the overrides-exporter pods

3515

extraEnv: []

3516

# -- Environment variables from secrets or configmaps to add to the overrides-exporter pods

3517

extraEnvFrom: []

3518

# -- Volume mounts to add to the overrides-exporter pods

3519

extraVolumeMounts: []

3520

# -- Volumes to add to the overrides-exporter pods

3521

extraVolumes: []

3522

# -- Resource requests and limits for the overrides-exporter

3523

resources: {}

3524

# -- Containers to add to the overrides-exporter pods

3525

extraContainers: []

3526

# -- Init containers to add to the overrides-exporter pods

3527

initContainers: []

3528

# -- Grace period to allow the overrides-exporter to shutdown before it is killed

3529

terminationGracePeriodSeconds: 300

3530

# -- Affinity for overrides-exporter pods.

3531

# @default -- Hard node anti-affinity

3532

# The value will be passed through tpl.

3533

affinity:

3534

podAntiAffinity:

3535

requiredDuringSchedulingIgnoredDuringExecution:

3536

- labelSelector:

3537

matchLabels:

3538

app.kubernetes.io/component: overrides-exporter

3539

app.kubernetes.io/name: '{{ include "loki.name" . }}'

3540

app.kubernetes.io/instance: '{{ .Release.Name }}'

3541

topologyKey: kubernetes.io/hostname

3542

# -- Pod Disruption Budget maxUnavailable

3543

maxUnavailable: null

3544

# -- Node selector for overrides-exporter pods

3545

nodeSelector: {}

3546

# -- Topology Spread Constraints for overrides-exporter pods

3547

# The value will be passed through tpl.

3548

topologySpreadConstraints: []

3549

# -- Tolerations for overrides-exporter pods

3550

tolerations: []

3551

# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"

3552

appProtocol:

3553

grpc: ""

3554

# You can use a self hosted memcached by setting enabled to false and providing addresses.

3555

memcached:

3556

# -- Enable the built in memcached server provided by the chart

3557

enabled: true

3558

image:

3559

# -- Memcached Docker image repository

3560

repository: cgr.dev/chainguard-private/memcached

3561

# -- Memcached Docker image tag

3562

tag: latest@sha256:9448aa794e1afc31d8d7a7cd567f69a5ac51afbca34ecaeaf15fa88deb7cb630

3563

# -- Memcached Docker image pull policy

3564

pullPolicy: IfNotPresent

3565

# -- The SecurityContext override for memcached pods

3566

podSecurityContext:

3567

runAsNonRoot: true

3568

runAsUser: 11211

3569

runAsGroup: 11211

3570

fsGroup: 11211

3571

# -- The name of the PriorityClass for memcached pods

3572

priorityClassName: null

3573

# -- The SecurityContext for memcached containers

3574

containerSecurityContext:

3575

readOnlyRootFilesystem: true

3576

capabilities:

3577

drop: [ALL]

3578

allowPrivilegeEscalation: false

3579

# -- Readiness probe for memcached pods (probe port defaults to container port)

3580

readinessProbe:

3581

tcpSocket:

3582

port: client

3583

initialDelaySeconds: 5

3584

periodSeconds: 5

3585

timeoutSeconds: 3

3586

failureThreshold: 6

3587

# -- Liveness probe for memcached pods

3588

livenessProbe:

3589

tcpSocket:

3590

port: client

3591

initialDelaySeconds: 30

3592

periodSeconds: 10

3593

timeoutSeconds: 5

3594

failureThreshold: 3

3595

# -- Startup probe for memcached pods

3596

startupProbe: {}

3597

memcachedExporter:

3598

# -- Whether memcached metrics should be exported

3599

enabled: true

3600

image:

3601

repository: cgr.dev/chainguard-private/memcached-exporter

3602

tag: latest@sha256:e4b8bfc0cc6c2ad4f9ef67c3bdf832d30a1e70bf13fdd2f0437c3aac963ab0d9

3603

pullPolicy: IfNotPresent

3604

resources:

3605

requests: {}

3606

limits: {}

3607

# -- The SecurityContext for memcached exporter containers

3608

containerSecurityContext:

3609

readOnlyRootFilesystem: true

3610

capabilities:

3611

drop: [ALL]

3612

allowPrivilegeEscalation: false

3613

# -- Extra args to add to the exporter container.

3614

# Example:

3615

# extraArgs:

3616

# memcached.tls.enable: true

3617

# memcached.tls.cert-file: /certs/cert.crt

3618

# memcached.tls.key-file: /certs/cert.key

3619

# memcached.tls.ca-file: /certs/ca.crt

3620

# memcached.tls.insecure-skip-verify: false

3621

# memcached.tls.server-name: memcached

3622

extraArgs: {}

3623

# -- Liveness probe for memcached exporter

3624

livenessProbe:

3625

httpGet:

3626

path: /metrics

3627

port: http-metrics

3628

initialDelaySeconds: 30

3629

periodSeconds: 10

3630

timeoutSeconds: 5

3631

failureThreshold: 3

3632

# -- Readiness probe for memcached exporter

3633

readinessProbe:

3634

httpGet:

3635

path: /metrics

3636

port: http-metrics

3637

initialDelaySeconds: 5

3638

periodSeconds: 5

3639

timeoutSeconds: 3

3640

failureThreshold: 3

3641

# -- Startup probe for memcached exporter

3642

startupProbe: {}

3643

resultsCache:

3644

# -- Specifies whether memcached based results-cache should be enabled

3645

enabled: true

3646

# -- Comma separated addresses list in DNS Service Discovery format

3647

addresses: dnssrvnoa+_memcached-client._tcp.{{ include "loki.resourceName" (dict "ctx" $ "component" "results-cache") }}.{{ include "loki.namespace" $ }}.svc.{{ .Values.global.clusterDomain }}

3648

# -- Specify how long cached results should be stored in the results-cache before being expired

3649

defaultValidity: 12h

3650

# -- Memcached operation timeout

3651

timeout: 500ms

3652

# -- Total number of results-cache replicas

3653

replicas: 1

3654

# -- Port of the results-cache service

3655

port: 11211

3656

# -- Amount of memory allocated to results-cache for object storage (in MB).

3657

allocatedMemory: 1024

3658

# -- Amount of cpu allocated to results-cache for object storage (in integer or millicores).

3659

allocatedCPU: 500m

3660

# -- Maximum item results-cache for memcached (in MB).

3661

maxItemMemory: 5

3662

# -- Maximum number of connections allowed

3663

connectionLimit: 16384

3664

# -- Max memory to use for cache write back

3665

writebackSizeLimit: 500MB

3666

# -- Max number of objects to use for cache write back

3667

writebackBuffer: 500000

3668

# -- Number of parallel threads for cache write back

3669

writebackParallelism: 1

3670

# -- Extra init containers for results-cache pods

3671

initContainers: []

3672

# -- Annotations for the results-cache pods

3673

annotations: {}

3674

# -- Node selector for results-cache pods

3675

nodeSelector: {}

3676

# -- Affinity for results-cache pods

3677

affinity: {}

3678

# -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.

3679

# labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.

3680

topologySpreadConstraints: []

3681

# maxSkew: 1

3682

# topologyKey: kubernetes.io/hostname

3683

# whenUnsatisfiable: ScheduleAnyway

3684

# -- Tolerations for results-cache pods

3685

tolerations: []

3686

# -- Pod Disruption Budget maxUnavailable

3687

maxUnavailable: 1

3688

# -- DNSConfig for results-cache

3689

dnsConfig: {}

3690

# -- The name of the PriorityClass for results-cache pods

3691

priorityClassName: null

3692

# -- Use the host's user namespace in results-cache pods

3693

hostUsers: nil

3694

# -- Labels for results-cache pods

3695

podLabels: {}

3696

# -- Annotations for results-cache pods

3697

podAnnotations: {}

3698

# -- Management policy for results-cache pods

3699

podManagementPolicy: Parallel

3700

# -- Grace period to allow the results-cache to shutdown before it is killed

3701

terminationGracePeriodSeconds: 60

3702

# -- Stateful results-cache strategy

3703

statefulStrategy:

3704

type: RollingUpdate

3705

# -- Add extended options for results-cache memcached container. The format is the same as for the memcached -o/--extend flag.

3706

# Example:

3707

# extraExtendedOptions: 'tls,modern,track_sizes'

3708

extraExtendedOptions: ""

3709

# -- Additional CLI args for results-cache

3710

extraArgs: {}

3711

# -- Additional containers to be added to the results-cache pod.

3712

extraContainers: []

3713

# -- Additional volumes to be added to the results-cache pod (applies to both memcached and exporter containers).

3714

# Example:

3715

# extraVolumes:

3716

# - name: extra-volume

3717

# secret:

3718

# secretName: extra-volume-secret

3719

extraVolumes: []

3720

# -- Additional volume mounts to be added to the results-cache pod (applies to both memcached and exporter containers).

3721

# Example:

3722

# extraVolumeMounts:

3723

# - name: extra-volume

3724

# mountPath: /etc/extra-volume

3725

# readOnly: true

3726

extraVolumeMounts: []

3727

# -- Resource requests and limits for the results-cache

3728

# By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).

3729

resources: null

3730

# -- Service annotations and labels

3731

service:

3732

annotations: {}

3733

labels: {}

3734

# -- Persistence settings for the results-cache

3735

persistence:

3736

# -- Enable creating PVCs for the results-cache

3737

enabled: false

3738

# -- Size of persistent disk, must be in G or Gi

3739

storageSize: 10G

3740

# -- Storage class to be used.

3741

# If defined, storageClassName: <storageClass>.

3742

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3743

# If empty or set to null, no storageClassName spec is

3744

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3745

storageClass: null

3746

# -- Volume attributes class name to be used.

3747

# If empty or set to null, no volumeAttributesClassName spec is set.

3748

# Requires Kubernetes 1.31

3749

volumeAttributesClassName: null

3750

# -- Volume mount path

3751

mountPath: /data

3752

# -- PVC additional labels

3753

labels: {}

3754

chunksCache:

3755

# -- Append to the name of the resources to make names different for l1 and l2

3756

suffix: ""

3757

# -- Specifies whether memcached based chunks-cache should be enabled

3758

enabled: true

3759

# -- Comma separated addresses list in DNS Service Discovery format

3760

addresses: 'dnssrvnoa+_memcached-client._tcp.{{ include "loki.resourceName" (dict "ctx" $ "component" "chunks-cache" "suffix" $.Values.chunksCache.suffix ) }}.{{ include "loki.namespace" $ }}.svc.{{ .Values.global.clusterDomain }}'

3761

# -- Batchsize for sending and receiving chunks from chunks cache

3762

batchSize: 4

3763

# -- Parallel threads for sending and receiving chunks from chunks cache

3764

parallelism: 5

3765

# -- Memcached operation timeout

3766

timeout: 2000ms

3767

# -- Specify how long cached chunks should be stored in the chunks-cache before being expired

3768

defaultValidity: 0s

3769

# -- Specify how long cached chunks should be stored in the chunks-cache before being expired

3770

replicas: 1

3771

# -- Port of the chunks-cache service

3772

port: 11211

3773

# -- Amount of memory allocated to chunks-cache for object storage (in MB).

3774

allocatedMemory: 8192

3775

# -- Amount of cpu allocated to chunks-cache for object storage (in integer or millicores).

3776

allocatedCPU: 500m

3777

# -- Maximum item memory for chunks-cache (in MB).

3778

maxItemMemory: 5

3779

# -- Maximum number of connections allowed

3780

connectionLimit: 16384

3781

# -- Max memory to use for cache write back

3782

writebackSizeLimit: 500MB

3783

# -- Max number of objects to use for cache write back

3784

writebackBuffer: 500000

3785

# -- Number of parallel threads for cache write back

3786

writebackParallelism: 1

3787

# -- Extra init containers for chunks-cache pods

3788

initContainers: []

3789

# -- Annotations for the chunks-cache pods

3790

annotations: {}

3791

# -- Node selector for chunks-cache pods

3792

nodeSelector: {}

3793

# -- Affinity for chunks-cache pods

3794

affinity: {}

3795

# -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.

3796

# labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.

3797

topologySpreadConstraints: []

3798

# maxSkew: 1

3799

# topologyKey: kubernetes.io/hostname

3800

# whenUnsatisfiable: ScheduleAnyway

3801

# -- Tolerations for chunks-cache pods

3802

tolerations: []

3803

# -- Pod Disruption Budget maxUnavailable

3804

maxUnavailable: 1

3805

# -- DNSConfig for chunks-cache

3806

dnsConfig: {}

3807

# -- The name of the PriorityClass for chunks-cache pods

3808

priorityClassName: null

3809

# -- Use the host's user namespace in chunks-cache pods

3810

hostUsers: nil

3811

# -- Labels for chunks-cache pods

3812

podLabels: {}

3813

# -- Annotations for chunks-cache pods

3814

podAnnotations: {}

3815

# -- Management policy for chunks-cache pods

3816

podManagementPolicy: Parallel

3817

# -- Grace period to allow the chunks-cache to shutdown before it is killed

3818

terminationGracePeriodSeconds: 60

3819

# -- Stateful chunks-cache strategy

3820

statefulStrategy:

3821

type: RollingUpdate

3822

# -- Add extended options for chunks-cache memcached container. The format is the same as for the memcached -o/--extend flag.

3823

# Example:

3824

# extraExtendedOptions: 'tls,no_hashexpand'

3825

extraExtendedOptions: ""

3826

# -- Additional CLI args for chunks-cache

3827

extraArgs: {}

3828

# -- Additional containers to be added to the chunks-cache pod.

3829

extraContainers: []

3830

# -- Additional volumes to be added to the chunks-cache pod (applies to both memcached and exporter containers).

3831

# Example:

3832

# extraVolumes:

3833

# - name: extra-volume

3834

# secret:

3835

# secretName: extra-volume-secret

3836

extraVolumes: []

3837

# -- Additional volume mounts to be added to the chunks-cache pod (applies to both memcached and exporter containers).

3838

# Example:

3839

# extraVolumeMounts:

3840

# - name: extra-volume

3841

# mountPath: /etc/extra-volume

3842

# readOnly: true

3843

extraVolumeMounts: []

3844

# -- Resource requests and limits for the chunks-cache

3845

# By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).

3846

resources: null

3847

# -- Service annotations and labels

3848

service:

3849

annotations: {}

3850

labels: {}

3851

# -- Persistence settings for the chunks-cache

3852

persistence:

3853

# -- Enable creating PVCs for the chunks-cache

3854

enabled: false

3855

# -- Size of persistent disk, must be in G or Gi

3856

storageSize: 10G

3857

# -- Storage class to be used.

3858

# If defined, storageClassName: <storageClass>.

3859

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3860

# If empty or set to null, no storageClassName spec is

3861

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3862

storageClass: null

3863

# -- Volume attributes class name to be used.

3864

# If empty or set to null, no volumeAttributesClassName spec is set.

3865

# Requires Kubernetes 1.31

3866

volumeAttributesClassName: null

3867

# -- Volume mount path

3868

mountPath: /data

3869

labels: {}

3870

# -- l2 memcache configuration

3871

l2:

3872

# -- Append to the name of the resources to make names different for l1 and l2

3873

suffix: "l2"

3874

# -- The age of chunks should be transfered from l1 cache to l2

3875

# 4 days

3876

l2ChunkCacheHandoff: 345600s

3877

# -- Specifies whether memcached based chunks-cache-l2 should be enabled

3878

enabled: false

3879

# -- Comma separated addresses list in DNS Service Discovery format

3880

addresses: 'dnssrvnoa+_memcached-client._tcp.{{ include "loki.resourceName" (dict "ctx" $ "component" "chunks-cache" "suffix" $.Values.chunksCache.l2.suffix ) }}.{{ include "loki.namespace" $ }}.svc.{{ .Values.global.clusterDomain }}'

3881

# -- Batchsize for sending and receiving chunks from chunks cache

3882

batchSize: 4

3883

# -- Parallel threads for sending and receiving chunks from chunks cache

3884

parallelism: 5

3885

# -- Memcached operation timeout

3886

timeout: 2000ms

3887

# -- Specify how long cached chunks should be stored in the chunks-cache-l2 before being expired

3888

defaultValidity: 0s

3889

# -- Specify how long cached chunks should be stored in the chunks-cache-l2 before being expired

3890

replicas: 1

3891

# -- Port of the chunks-cache-l2 service

3892

port: 11211

3893

# -- Amount of memory allocated to chunks-cache-l2 for object storage (in MB).

3894

allocatedMemory: 8192

3895

# -- Amount of cpu allocated to chunks-cache-l2 for object storage (in integer or millicores).

3896

allocatedCPU: 500m

3897

# -- Maximum item memory for chunks-cache-l2 (in MB).

3898

maxItemMemory: 5

3899

# -- Maximum number of connections allowed

3900

connectionLimit: 16384

3901

# -- Max memory to use for cache write back

3902

writebackSizeLimit: 500MB

3903

# -- Max number of objects to use for cache write back

3904

writebackBuffer: 500000

3905

# -- Number of parallel threads for cache write back

3906

writebackParallelism: 1

3907

# -- Extra init containers for chunks-cache-l2 pods

3908

initContainers: []

3909

# -- Annotations for the chunks-cache-l2 pods

3910

annotations: {}

3911

# -- Node selector for chunks-cach-l2 pods

3912

nodeSelector: {}

3913

# -- Affinity for chunks-cache-l2 pods

3914

affinity: {}

3915

# -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.

3916

# labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.

3917

topologySpreadConstraints: []

3918

# maxSkew: 1

3919

# topologyKey: kubernetes.io/hostname

3920

# whenUnsatisfiable: ScheduleAnyway

3921

# -- Tolerations for chunks-cache-l2 pods

3922

tolerations: []

3923

# -- Pod Disruption Budget maxUnavailable

3924

maxUnavailable: 1

3925

# -- DNSConfig for chunks-cache-l2

3926

dnsConfig: {}

3927

# -- The name of the PriorityClass for chunks-cache-l2 pods

3928

priorityClassName: null

3929

# -- Use the host's user namespace in chunks-cache-l2 pods

3930

hostUsers: nil

3931

# -- Labels for chunks-cache-l2 pods

3932

podLabels: {}

3933

# -- Annotations for chunks-cache-l2 pods

3934

podAnnotations: {}

3935

# -- Management policy for chunks-cache-l2 pods

3936

podManagementPolicy: Parallel

3937

# -- Grace period to allow the chunks-cache-l2 to shutdown before it is killed

3938

terminationGracePeriodSeconds: 60

3939

# -- Stateful chunks-cache strategy

3940

statefulStrategy:

3941

type: RollingUpdate

3942

# -- Add extended options for chunks-cache-l2 memcached container. The format is the same as for the memcached -o/--extend flag.

3943

# Example:

3944

# extraExtendedOptions: 'tls,no_hashexpand'

3945

extraExtendedOptions: ""

3946

# -- Additional CLI args for chunks-cache-l2

3947

extraArgs: {}

3948

# -- Additional containers to be added to the chunks-cache-l2 pod.

3949

extraContainers: []

3950

# -- Additional volumes to be added to the chunks-cache-l2 pod (applies to both memcached and exporter containers).

3951

# Example:

3952

# extraVolumes:

3953

# - name: extra-volume

3954

# secret:

3955

# secretName: extra-volume-secret

3956

extraVolumes: []

3957

# -- Additional volume mounts to be added to the chunks-cache-l2 pod (applies to both memcached and exporter containers).

3958

# Example:

3959

# extraVolumeMounts:

3960

# - name: extra-volume

3961

# mountPath: /etc/extra-volume

3962

# readOnly: true

3963

extraVolumeMounts: []

3964

# -- Resource requests and limits for the chunks-cache-l2

3965

# By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).

3966

resources: null

3967

# -- Service annotations and labels

3968

service:

3969

annotations: {}

3970

labels: {}

3971

# -- Persistence settings for the chunks-cache-l2

3972

persistence:

3973

# -- Enable creating PVCs for the chunks-cache-l2

3974

enabled: false

3975

# -- Size of persistent disk, must be in G or Gi

3976

storageSize: 10G

3977

# -- Storage class to be used.

3978

# If defined, storageClassName: <storageClass>.

3979

# If set to "-", storageClassName: "", which disables dynamic provisioning.

3980

# If empty or set to null, no storageClassName spec is

3981

# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

3982

storageClass: null

3983

# -- Volume attributes class name to be used.

3984

# If empty or set to null, no volumeAttributesClassName spec is set.

3985

# Requires Kubernetes 1.31

3986

volumeAttributesClassName: null

3987

# -- Volume mount path

3988

mountPath: /data

3989

labels: {}

3990

######################################################################################################################

3991

3992

# Subchart configurations

3993

3994

######################################################################################################################

3995

# -- Setting for the Grafana Rollout Operator https://github.com/grafana/helm-charts/tree/main/charts/rollout-operator

3996

rollout_operator:

3997

enabled: false

3998

# -- podSecurityContext is the pod security context for the rollout operator.

3999

# When installing on OpenShift, override podSecurityContext settings with

4000

4001

# rollout_operator:

4002

# podSecurityContext:

4003

# fsGroup: null

4004

# runAsGroup: null

4005

# runAsUser: null

4006

podSecurityContext:

4007

fsGroup: 10001

4008

runAsGroup: 10001

4009

runAsNonRoot: true

4010

runAsUser: 10001

4011

seccompProfile:

4012

type: RuntimeDefault

4013

# Set the container security context

4014

securityContext:

4015

readOnlyRootFilesystem: true

4016

capabilities:

4017

drop: [ALL]

4018

allowPrivilegeEscalation: false

4019

# -- Configuration for the minio subchart

4020

minio:

4021

enabled: false

4022

replicas: 1

4023

# Minio requires 2 to 16 drives for erasure code (drivesPerNode * replicas)

4024

# https://docs.min.io/docs/minio-erasure-code-quickstart-guide

4025

# Since we only have 1 replica, that means 2 drives must be used.

4026

drivesPerNode: 2

4027

# root user; not used for GEL authentication

4028

rootUser: root-user

4029

rootPassword: supersecretpassword

4030

# The first user in the list below is used for Loki/GEL authentication.

4031

# You can add additional users if desired; they will not impact Loki/GEL.

4032

# `accessKey` = username, `secretKey` = password

4033

users:

4034

- accessKey: logs-user

4035

secretKey: supersecretpassword

4036

policy: readwrite

4037

buckets:

4038

- name: chunks

4039

policy: none

4040

purge: false

4041

- name: ruler

4042

policy: none

4043

purge: false

4044

- name: admin

4045

policy: none

4046

purge: false

4047

persistence:

4048

size: 5Gi

4049

annotations: {}

4050

resources:

4051

requests:

4052

cpu: 100m

4053

memory: 128Mi

4054

# Allow the address used by Loki to refer to Minio to be overridden

4055

address: null

4056

# Create extra manifests via values

4057

# Can be a list or dictionary, both are passed through `tpl`. If dict, keys are ignored and only values are used.

4058

# Objects can also be defined as multiline strings, useful for templating field names

4059

extraObjects: null

4060

# - apiVersion: v1

4061

# kind: ConfigMap

4062

# metadata:

4063

# name: loki-alerting-rules

4064

# data:

4065

# loki-alerting-rules.yaml: |-

4066

# groups:

4067

# - name: example

4068

# rules:

4069

# - alert: example

4070

# expr: |

4071

# sum(count_over_time({app="loki"} |~ "error")) > 0

4072

# for: 3m

4073

# labels:

4074

# severity: warning

4075

# category: logs

4076

# annotations:

4077

# message: "loki has encountered errors"

4078

# - |

4079

# apiVersion: v1

4080

# kind: Secret

4081

# type: Opaque

4082

# metadata:

4083

# name: loki-distributed-basic-auth

4084

# data:

4085

# {{- range .Values.loki.tenants }}

4086

# {{ .name }}: {{ b64enc .password | quote }}

4087

# {{- end }}

4088

4089

sidecar:

4090

image:

4091

registry: docker.io

4092

# -- The Docker registry and image for the k8s sidecar

4093

repository: cgr.dev/chainguard-private/k8s-sidecar

4094

# -- Docker image tag

4095

tag: latest

4096

# -- Docker image sha. If empty, no sha will be used

4097

sha: sha256:3702f57d85004fc1d17405e9c8be734df706120ad47fb40aeec68d7429e0b159

4098

# -- Docker image pull policy

4099

pullPolicy: IfNotPresent

4100

# -- Resource requests and limits for the sidecar

4101

resources: {}

4102

# limits:

4103

# cpu: 100m

4104

# memory: 100Mi

4105

# requests:

4106

# cpu: 50m

4107

# memory: 50Mi

4108

# -- The SecurityContext for the sidecar.

4109

securityContext:

4110

readOnlyRootFilesystem: true

4111

capabilities:

4112

drop:

4113

- ALL

4114

allowPrivilegeEscalation: false

4115

# -- Set to true to skip tls verification for kube api calls.

4116

skipTlsVerify: false

4117

# -- Set to true to disable strict x509 verification for kube api calls.

4118

disableX509StrictVerification: false

4119

# -- Ensure that rule files aren't conflicting and being overwritten by prefixing their name with the namespace they are defined in.

4120

enableUniqueFilenames: false

4121

# -- Readiness probe definition. Probe is disabled on the sidecar by default.

4122

readinessProbe: {}

4123

# -- Liveness probe definition. Probe is disabled on the sidecar by default.

4124

livenessProbe: {}

4125

# -- Startup probe definition. Probe is disabled on the sidecar by default.

4126

startupProbe: {}

4127

rules:

4128

# -- Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.

4129

enabled: true

4130

# -- Label that the configmaps/secrets with rules will be marked with.

4131

label: loki_rule

4132

# -- Label value that the configmaps/secrets with rules will be set to.

4133

labelValue: ""

4134

# -- Folder into which the rules will be placed.

4135

folder: /rules

4136

# -- The annotation overwriting the folder value.

4137

# The annotation value can be either an absolute or a relative path. Relative paths will be relative to FOLDER.

4138

# Useful for multi-tenancy setups.

4139

folderAnnotation: null

4140

# -- Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces.

4141

# Otherwise the namespace in which the sidecar is running will be used.

4142

# It's also possible to specify 'ALL' to search in all namespaces.

4143

searchNamespace: null

4144

# -- Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.

4145

watchMethod: WATCH

4146

# -- Search in configmap, secret, or both.

4147

resource: both

4148

# -- Absolute path to the shell script to execute after a configmap or secret has been reloaded.

4149

script: null

4150

# -- WatchServerTimeout: request to the server, asking it to cleanly close the connection after that.

4151

# defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.

4152

watchServerTimeout: 60

4153

4154

# -- WatchClientTimeout: is a client-side timeout, configuring your local socket.

4155

# If you have a network outage dropping all packets with no RST/FIN,

4156

# this is how long your client waits before realizing & dropping the connection.

4157

# Defaults to 66sec.

4158

watchClientTimeout: 60

4159

# -- Log level of the sidecar container.

4160

logLevel: INFO

4161

# -- Monitoring section determines which monitoring features to enable

4162

monitoring:

4163

# Dashboards for monitoring Loki

4164

dashboards:

4165

# -- If enabled, create configmap with dashboards for monitoring Loki

4166

enabled: false

4167

# -- Alternative namespace to create dashboards ConfigMap in

4168

namespace: null

4169

# -- Additional annotations for the dashboards ConfigMap

4170

annotations: {}

4171

# -- Labels for the dashboards ConfigMap

4172

labels:

4173

grafana_dashboard: "1"

4174

# -- Recording rules for monitoring Loki, required for some dashboards

4175

rules:

4176

# -- If enabled, create PrometheusRule resource with Loki recording rules

4177

enabled: false

4178

# -- Include alerting rules

4179

alerting: true

4180

# -- Specify which individual alerts should be disabled

4181

# -- Instead of turning off each alert one by one, set the .monitoring.rules.alerting value to false instead.

4182

# -- If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.

4183

4184

# -- DEPRECATED: use monitoring.rules.configs.*.enabled instead

4185

disabled: {}

4186

# LokiRequestErrors: true

4187

# LokiRequestPanics: true

4188

4189

configs:

4190

LokiRequestErrors:

4191

enabled: true

4192

for: 15m

4193

lookbackPeriod: 2m

4194

severity: critical

4195

threshold: 10

4196

LokiRequestPanics:

4197

enabled: true

4198

lookbackPeriod: 10m

4199

severity: critical

4200

threshold: 0

4201

LokiRequestLatency:

4202

enabled: true

4203

for: 15m

4204

severity: critical

4205

threshold: 1

4206

LokiTooManyCompactorsRunning:

4207

enabled: true

4208

for: 5m

4209

severity: warning

4210

LokiCanaryLatency:

4211

enabled: true

4212

for: 15m

4213

lookbackPeriod: 5m

4214

severity: warning

4215

threshold: 5

4216

# -- Alternative namespace to create PrometheusRule resources in

4217

namespace: null

4218

# -- Additional annotations for the rules PrometheusRule resource

4219

annotations: {}

4220

# -- Additional labels for the rules PrometheusRule resource

4221

labels: {}

4222

# -- Additional annotations for PrometheusRule alerts

4223

additionalRuleAnnotations: {}

4224

# e.g.:

4225

# additionalRuleAnnotations:

4226

# runbook_url: "https://runbooks.example.com/oncall/loki"

4227

# summary: "What this alert means and how to respond"

4228

# -- Additional labels for PrometheusRule alerts

4229

additionalRuleLabels: {}

4230

# -- Additional groups to add to the rules file

4231

additionalGroups: []

4232

# - name: additional-loki-rules

4233

# rules:

4234

# - record: job:loki_request_duration_seconds_bucket:sum_rate

4235

# expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job)

4236

# - record: job_route:loki_request_duration_seconds_bucket:sum_rate

4237

# expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route)

4238

# - record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_rate

4239

# expr: sum(rate(container_cpu_usage_seconds_total[1m])) by (node, namespace, pod, container)

4240

# -- ServiceMonitor configuration

4241

serviceMonitor:

4242

# -- If enabled, ServiceMonitor resources for Prometheus Operator are created

4243

enabled: false

4244

# -- Namespace selector for ServiceMonitor resources

4245

namespaceSelector: {}

4246

# -- ServiceMonitor annotations

4247

annotations: {}

4248

# -- Additional ServiceMonitor labels

4249

labels: {}

4250

# -- ServiceMonitor scrape interval

4251

# Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at

4252

# least 1/4 rate interval.

4253

interval: 15s

4254

# -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s)

4255

scrapeTimeout: null

4256

# -- ServiceMonitor relabel configs to apply to samples before scraping

4257

# https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

4258

relabelings: []

4259

# -- ServiceMonitor metric relabel configs to apply to samples before ingestion

4260

# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint

4261

metricRelabelings: []

4262

# -- ServiceMonitor will use http by default, but you can pick https as well

4263

scheme: http

4264

# -- ServiceMonitor will use these tlsConfig settings to make the health check requests

4265

tlsConfig: null

4266

# -- DEPRECATED If defined, will create a MetricsInstance for the Grafana Agent Operator.

4267

metricsInstance:

4268

# -- If enabled, MetricsInstance resources for Grafana Agent Operator are created

4269

enabled: true

4270

# -- MetricsInstance annotations

4271

annotations: {}

4272

# -- Additional MetricsInstance labels

4273

labels: {}

4274

# -- If defined a MetricsInstance will be created to remote write metrics.

4275

remoteWrite: null

4276

# -- DEPRECATED Self monitoring determines whether Loki should scrape its own logs.

4277

# This feature relies on Grafana Agent Operator, which is deprecated.

4278

# It will create custom resources for GrafanaAgent, LogsInstance, and PodLogs to configure

4279

# scrape configs to scrape its own logs with the labels expected by the included dashboards.

4280

selfMonitoring:

4281

enabled: false

4282

# -- Tenant to use for self monitoring

4283

tenant:

4284

# -- Name of the tenant

4285

4286

# -- Password of the gateway for Basic auth

4287

password: null

4288

# -- Namespace to create additional tenant token secret in. Useful if your Grafana instance

4289

# is in a separate namespace. Token will still be created in the canary namespace.

4290

# @default -- The same namespace as the loki chart is installed in.

4291

secretNamespace: '{{ include "loki.namespace" . }}'

4292

# -- DEPRECATED Grafana Agent configuration

4293

grafanaAgent:

4294

# -- DEPRECATED Controls whether to install the Grafana Agent Operator and its CRDs.

4295

# Note that helm will not install CRDs if this flag is enabled during an upgrade.

4296

# In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds

4297

installOperator: false

4298

# -- Grafana Agent annotations

4299

annotations: {}

4300

# -- Additional Grafana Agent labels

4301

labels: {}

4302

# -- Enable the config read api on port 8080 of the agent

4303

enableConfigReadAPI: false

4304

# -- The name of the PriorityClass for GrafanaAgent pods

4305

priorityClassName: null

4306

# -- Resource requests and limits for the grafanaAgent pods

4307

resources: {}

4308

# limits:

4309

# memory: 200Mi

4310

# requests:

4311

# cpu: 50m

4312

# memory: 100Mi

4313

# -- Tolerations for GrafanaAgent pods

4314

tolerations: []

4315

# PodLogs configuration

4316

podLogs:

4317

# -- PodLogs version

4318

apiVersion: monitoring.grafana.com/v1alpha1

4319

# -- PodLogs annotations

4320

annotations: {}

4321

# -- Additional PodLogs labels

4322

labels: {}

4323

# -- PodLogs relabel configs to apply to samples before scraping

4324

# https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

4325

relabelings: []

4326

# -- Additional pipeline stages to process logs after scraping

4327

# https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca

4328

additionalPipelineStages: []

4329

# LogsInstance configuration

4330

logsInstance:

4331

# -- LogsInstance annotations

4332

annotations: {}

4333

# -- Additional LogsInstance labels

4334

labels: {}

4335

# -- Additional clients for remote write

4336

clients: null

4337

# -- DEPRECATED Configuration for the table-manager. The table-manager is only necessary when using a deprecated

4338

# index type such as Cassandra, Bigtable, or DynamoDB, it has not been necessary since loki introduced self-

4339

# contained index types like 'boltdb-shipper' and 'tsdb'. This will be removed in a future helm chart.

4340

tableManager:

4341

# -- Specifies whether the table-manager should be enabled

4342

enabled: false

4343

image:

4344

# -- The Docker registry for the table-manager image. Overrides `loki.image.registry`

4345

registry: null

4346

# -- Docker image repository for the table-manager image. Overrides `loki.image.repository`

4347

repository: null

4348

# -- Docker image tag for the table-manager image. Overrides `loki.image.tag`

4349

tag: null

4350

# -- Command to execute instead of defined in Docker image

4351

command: null

4352

# -- The name of the PriorityClass for table-manager pods

4353

priorityClassName: null

4354

# -- Labels for table-manager pods

4355

podLabels: {}

4356

# -- Annotations for table-manager deployment

4357

annotations: {}

4358

# -- Annotations for table-manager pods

4359

podAnnotations: {}

4360

service:

4361

# -- Annotations for table-manager Service

4362

annotations: {}

4363

# -- Additional labels for table-manager Service

4364

labels: {}

4365

# -- Additional CLI args for the table-manager

4366

extraArgs: []

4367

# -- Environment variables to add to the table-manager pods

4368

extraEnv: []

4369

# -- Environment variables from secrets or configmaps to add to the table-manager pods

4370

extraEnvFrom: []

4371

# -- Volume mounts to add to the table-manager pods

4372

extraVolumeMounts: []

4373

# -- Volumes to add to the table-manager pods

4374

extraVolumes: []

4375

# -- Resource requests and limits for the table-manager

4376

resources: {}

4377

# -- Containers to add to the table-manager pods

4378

extraContainers: []

4379

# -- Grace period to allow the table-manager to shutdown before it is killed

4380

terminationGracePeriodSeconds: 30

4381

# -- Use the host's user namespace in table-manager pods

4382

hostUsers: nil

4383

# -- Affinity for table-manager pods.

4384

# @default -- Hard node and anti-affinity

4385

# The value will be passed through tpl.

4386

affinity:

4387

podAntiAffinity:

4388

requiredDuringSchedulingIgnoredDuringExecution:

4389

- labelSelector:

4390

matchLabels:

4391

app.kubernetes.io/component: table-manager

4392

app.kubernetes.io/name: '{{ include "loki.name" . }}'

4393

app.kubernetes.io/instance: '{{ .Release.Name }}'

4394

topologyKey: kubernetes.io/hostname

4395

# -- DNS config table-manager pods

4396

dnsConfig: {}

4397

# -- Node selector for table-manager pods

4398

nodeSelector: {}

4399

# -- Tolerations for table-manager pods

4400

tolerations: []

4401

# -- Enable deletes by retention

4402

retention_deletes_enabled: false

4403

# -- Set retention period

4404

retention_period: 0

4405

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

grafana-loki

The trusted source for open source

Product

Solutions

Customers

Resources

Company