diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 636ed36..24537ee 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -36,7 +36,6 @@ jobs: - legacy - extra-config - openshift - - prometheus defaults: run: working-directory: ${{ env.COMPONENT_NAME }} @@ -55,7 +54,6 @@ jobs: - legacy - extra-config - openshift - - prometheus defaults: run: working-directory: ${{ env.COMPONENT_NAME }} diff --git a/Makefile.vars.mk b/Makefile.vars.mk index 482c7e6..f750a11 100644 --- a/Makefile.vars.mk +++ b/Makefile.vars.mk @@ -50,4 +50,4 @@ KUBENT_IMAGE ?= ghcr.io/doitintl/kube-no-trouble:latest KUBENT_DOCKER ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) --entrypoint=/app/kubent $(KUBENT_IMAGE) instance ?= defaults -test_instances = tests/defaults.yml tests/legacy.yml tests/extra-config.yml tests/openshift.yml tests/prometheus.yml +test_instances = tests/defaults.yml tests/legacy.yml tests/extra-config.yml tests/openshift.yml diff --git a/class/defaults.yml b/class/defaults.yml index 3174fa3..168a39f 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -97,12 +97,26 @@ parameters: #increase if auth credentials change secretVersion: 0 - secrets: {} + ingress: + enabled: false + tls: + enabled: true + clusterIssuer: 'letsencrypt-production' + key: null + cert: null + url: '' + + basicAuth: + enabled: false + htpasswd: '?{vaultkv:${cluster:tenant}/${cluster:name}/${_instance}/htpasswd}' + monitoring: true alerts: additionalRules: {} patchRules: ignoreNames: [] patches: {} + secrets: {} + helm_values: {} diff --git a/class/loki.yml b/class/loki.yml index fb60461..789662b 100644 --- a/class/loki.yml +++ b/class/loki.yml @@ -30,6 +30,7 @@ parameters: output_path: ${_instance}/10_helm_loki helm_values_files: - ${_base_directory}/helmcharts/loki/${loki:charts:loki:version}/${loki:preset}.yaml + - ${_base_directory}/helmcharts/loki/${loki:charts:loki:version}/${_instance}-components.yaml - ${_base_directory}/helmcharts/loki/${loki:charts:loki:version}/${_instance}-configs.yaml - ${_base_directory}/helmcharts/loki/${loki:charts:loki:version}/${_instance}-overrides.yaml helm_params: diff --git a/component/helm_values.jsonnet b/component/helm_values.jsonnet index 1489271..c931252 100644 --- a/component/helm_values.jsonnet +++ b/component/helm_values.jsonnet @@ -10,7 +10,12 @@ local hasRolloutOperator = std.member(inv.applications, 'rollout-operator'); // Global Params and Zone Aware Replication local globalConfig = params.global + com.makeMergeable({ nodeSelector: std.get(params, 'globalNodeSelector', params.global.nodeSelector), - zoneAwareReplication: if hasRolloutOperator then params.global.zoneAwareReplication else std.trace('rollout-operator must be installed', {}), + zoneAwareReplication: params.global.zoneAwareReplication { + enabled: if params.global.zoneAwareReplication.enabled then + // Assert that zone aware replication is only enabled if rollout-operator is installed + if hasRolloutOperator then true else error 'rollout-operator must be installed for zone-aware replication' + else false, + }, }); local components = com.makeMergeable({ @@ -42,7 +47,6 @@ local components = com.makeMergeable({ // Ingress Configuration gateway: { [if params.components.gateway.enabled then 'enabledNonEnterprise']: params.components.gateway.enabled, - extraEnvFrom: [ { secretRef: { name: '%s-bucket-secret' % inv.parameters._instance } } ], extraArgs: [ '-config.expand-env=true' ], nodeSelector: std.get(params.components.gateway, 'nodeSelector', globalConfig.nodeSelector), } + com.makeMergeable(params.components.gateway), @@ -133,6 +137,14 @@ local global = com.makeMergeable({ bucketSecretVersion: '%s' % params.s3.auth.secretVersion, }, }, + [if params.monitoring then 'monitoring']: { + serviceMonitor: { + enabled: params.monitoring, + }, + rules: { + enabled: params.monitoring, + }, + }, lokiCanary: { enabled: false, }, @@ -190,6 +202,35 @@ local loki = com.makeMergeable({ // Loki Config local ingress = com.makeMergeable({ + [if params.components.gateway.enabled then 'gateway']: { + ingress: { + enabled: params.ingress.enabled, + [if params.ingress.tls.enabled && params.ingress.tls.clusterIssuer != null then 'annotations']: { + 'cert-manager.io/cluster-issuer': params.ingress.tls.clusterIssuer, + } + if std.objectHas(params.ingress, 'annotations') then com.makeMergeable(params.ingress.annotations) else {}, + [if std.objectHas(params.ingress, 'labels') then 'labels']: params.ingress.labels, + hosts: [ { + host: params.ingress.url, + paths: [ + { + path: '/', + pathType: 'Prefix', + }, + ], + } ], + [if params.ingress.tls.enabled then 'tls']: [ { + hosts: [ params.ingress.url ], + secretName: '%s-tls' % std.strReplace(params.ingress.url, '.', '-'), + } ], + }, + nginx: { + basicAuth: { + enabled: params.basicAuth.enabled, + [if params.basicAuth.htpasswd != null && !std.objectHas(params.basicAuth, 'existingSecret') then 'existingSecret']: '%s-nginx-htpasswd' % inv.parameters._instance, + [if std.objectHas(params.basicAuth, 'existingSecret') then 'existingSecret']: params.basicAuth.existingSecret, + }, + }, + }, }); // hardcoded removal of rollout-operator @@ -201,9 +242,15 @@ local hardRestrictions = com.makeMergeable({ enabled: false, }, [if !std.member([ 'none', 'legacy' ], params.preset) then 'deploymentMode']: 'Distributed', + ingester: { + zoneAwareReplication: { + enabled: if hasRolloutOperator && params.global.zoneAwareReplication.enabled then true else false, + }, + }, }); { + ['%s-components' % inv.parameters._instance]: components + caches + experimental, ['%s-configs' % inv.parameters._instance]: openshift + images + global + loki + ingress, ['%s-overrides' % inv.parameters._instance]: params.helm_values + hardRestrictions, } diff --git a/component/main.jsonnet b/component/main.jsonnet index ef20002..32785dd 100644 --- a/component/main.jsonnet +++ b/component/main.jsonnet @@ -50,6 +50,19 @@ local params = inv.parameters.loki; local secrets = com.generateResources( { + [if params.ingress.tls.enabled && params.ingress.tls.key != null && params.ingress.tls.cert != null then '%s-tls' % std.strReplace(params.ingress.url, '.', '-')]: + { + stringData: { + 'tls.key': params.ingress.tls.key, + 'tls.cert': params.ingress.tls.cert, + }, + }, + [if params.basicAuth.enabled && params.basicAuth.htpasswd != null then '%s-nginx-htpasswd' % inv.parameters._instance]: + { + stringData: { + '.htpasswd': params.basicAuth.htpasswd, + }, + }, ['%s-bucket-secret' % inv.parameters._instance]: { stringData: { S3_ACCESS_KEY_ID: params.s3.auth.accessKeyId, diff --git a/docs/modules/ROOT/pages/references/parameters.adoc b/docs/modules/ROOT/pages/references/parameters.adoc index 1e2f958..d53f66e 100644 --- a/docs/modules/ROOT/pages/references/parameters.adoc +++ b/docs/modules/ROOT/pages/references/parameters.adoc @@ -555,25 +555,181 @@ s3: Configure access- and secret key for the S3 storage. -== `secrets` +== `ingress` + +Ingress configuration + +=== `ingress.enabled` + +[horizontal] +type:: boolean +default:: ++ +[source,yaml] +---- +ingress: + enabled: false +---- + +Enables ingress. + +=== `ingress.tls.enabled` [horizontal] type:: dict -default:: `{}` +default:: ++ +[source,yaml] +---- +ingress: + tls: + enabled: true +---- + +Enables using TLS for ingress. + +=== `ingress.tls.clusterIssuer` + +[horizontal] +type:: dict +default:: ++ +[source,yaml] +---- +ingress: + tls: + clusterIssuer: letsencrypt-production +---- + +Configures the annotation for the cert-manager `ClusterIssuer`, this component assumes cert-manager is installed. + +=== `ingress.tls.key` and `ingress.tls.cert` + +[horizontal] +type:: dict +default:: ++ +[source,yaml] +---- +ingress: + tls: + key: null + cert: null +---- +default:: ++ +[source,yaml] +---- +ingress: + tls: + clusterIssuer: null + key: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + cert: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- +---- + +Configures private key and certificate for TLS. +The secret will automatically be created. + +[TIP] +==== +This requires `ingress.tls.clusterIssuer` to be null. +If both are enabled, `ingress.tls.clusterIssuer` takes precedence. +==== + +=== `ingress.url` + +[horizontal] +type:: dict +default:: ++ +[source,yaml] +---- +ingress: + url: '' +---- + +The URL for witch the ingress is configured. + +=== `ingress.annotations` and `ingress.labels` + +[horizontal] +type:: dict +default:: ++ +[source,yaml] +---- +ingress: + annotations: {} + labels: {} +---- example:: + [source,yaml] ---- -secrets: - loki-bucket-secret: - stringData: - S3_ACCESS_KEY_ID: null - S3_SECRET_ACCESS_KEY: null - S3_ENDPOINT: null +ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging ---- -A dict of secrets to create in the namespace. The key is the name of the secret, the value is the content of the secret. -The value must be a dict with a key `stringData` which is a dict of key/value pairs to add to the secret. +Add custom annotations and labels. + + +== `basicAuth` + +Configures basic authentication for nginx. + +=== `basicAuth.enabled` + +[horizontal] +type:: boolean +default:: ++ +[source,yaml] +---- +basicAuth: + enabled: false +---- + +Enables basic authentication for nginx. + +=== `basicAuth.htpasswd` + +[horizontal] +type:: boolean +default:: ++ +[source,yaml] +---- +basicAuth: + htpasswd: '?{vaultkv:${cluster:tenant}/${cluster:name}/${_instance}/htpasswd}' +---- + +The content of the `.htpasswd` file. + +[TIP] +==== +If you set the `basicAuth.htpasswd: null`, you can use the `basicAuth.existingSecret` to inlcude an existing secret. +==== + + +== `monitoring` + +[horizontal] +type:: dict +default:: ++ +[source,yaml] +---- +monitoring: true +---- + +Enable the service monitors, rules, and alerts from the Helm chart. == `alerts` @@ -644,6 +800,27 @@ The component expects valid partial Prometheus alert rule objects as values. IMPORTANT: The provided values aren't validated, they're applied to the corresponding upstream alert as-is. +== `secrets` + +[horizontal] +type:: dict +default:: `{}` +example:: ++ +[source,yaml] +---- +secrets: + loki-bucket-secret: + stringData: + S3_ACCESS_KEY_ID: null + S3_SECRET_ACCESS_KEY: null + S3_ENDPOINT: null +---- + +A dict of secrets to create in the namespace. The key is the name of the secret, the value is the content of the secret. +The value must be a dict with a key `stringData` which is a dict of key/value pairs to add to the secret. + + == `helm_values` [horizontal] diff --git a/tests/extra-config.yml b/tests/extra-config.yml index eb88e3d..d86185a 100644 --- a/tests/extra-config.yml +++ b/tests/extra-config.yml @@ -1,4 +1,5 @@ applications: + - rollout-operator - openshift4-monitoring parameters: @@ -28,10 +29,39 @@ parameters: accessLogExporter: tag: latest + preset: extra-small + components: ruler: enabled: true + global: + nodeSelector: + appuio.io/node-class: plus + zoneAwareReplication: + enabled: true + s3: endpoint: 's3.example.com' region: 'us-east-1' + + ingress: + enabled: true + tls: + clusterIssuer: null + key: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + cert: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + url: metrics-receive.example.com + labels: + custom-label: my-label + + basicAuth: + enabled: true + + monitoring: false diff --git a/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml b/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml new file mode 100644 index 0000000..2efecb4 --- /dev/null +++ b/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml @@ -0,0 +1,99 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + labels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-loki-rules + namespace: syn-loki +spec: + groups: + - name: loki_rules + rules: + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job)) + labels: + cluster: loki + record: job:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job)) + labels: + cluster: loki + record: job:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job) / sum(rate(loki_request_duration_seconds_count[1m])) + by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_count:sum_rate + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job, route)) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job, route)) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job, route) / + sum(rate(loki_request_duration_seconds_count[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_count:sum_rate + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, namespace, job, route)) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, namespace, job, route)) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (namespace, job, + route) / sum(rate(loki_request_duration_seconds_count[1m])) by (namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (namespace, job, + route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_count:sum_rate diff --git a/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml b/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml new file mode 100644 index 0000000..edf226f --- /dev/null +++ b/tests/golden/defaults/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml @@ -0,0 +1,34 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki + namespace: syn-loki +spec: + endpoints: + - interval: 15s + path: /metrics + port: http-metrics + relabelings: + - action: replace + replacement: syn-loki/$1 + sourceLabels: + - job + targetLabel: job + - action: replace + replacement: loki + targetLabel: cluster + scheme: http + selector: + matchExpressions: + - key: prometheus.io/service-monitor + operator: NotIn + values: + - 'false' + matchLabels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki diff --git a/tests/golden/extra-config/loki/loki/01_secrets.yaml b/tests/golden/extra-config/loki/loki/01_secrets.yaml index 62edfc1..9d7342a 100644 --- a/tests/golden/extra-config/loki/loki/01_secrets.yaml +++ b/tests/golden/extra-config/loki/loki/01_secrets.yaml @@ -13,3 +13,40 @@ stringData: S3_ACCESS_KEY_ID: t-silent-test-1234/c-green-test-1234/loki/s3_access_key S3_SECRET_ACCESS_KEY: t-silent-test-1234/c-green-test-1234/loki/s3_secret_key type: Opaque +--- +apiVersion: v1 +data: {} +kind: Secret +metadata: + annotations: {} + labels: + app.kubernetes.io/managed-by: commodore + app.kubernetes.io/name: loki-nginx-htpasswd + name: loki-nginx-htpasswd + name: loki-nginx-htpasswd + namespace: syn-loki +stringData: + .htpasswd: t-silent-test-1234/c-green-test-1234/loki/htpasswd +type: Opaque +--- +apiVersion: v1 +data: {} +kind: Secret +metadata: + annotations: {} + labels: + app.kubernetes.io/managed-by: commodore + app.kubernetes.io/name: metrics-receive-example-com-tls + name: metrics-receive-example-com-tls + name: metrics-receive-example-com-tls + namespace: syn-loki +stringData: + tls.cert: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + tls.key: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- +type: Opaque diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml deleted file mode 100644 index bc4a1a5..0000000 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: null - labels: - app.kubernetes.io/component: backend - app.kubernetes.io/instance: loki - app.kubernetes.io/name: loki - prometheus.io/service-monitor: 'false' - name: loki-query-scheduler-discovery - namespace: syn-loki -spec: - clusterIP: None - ports: - - name: http-metrics - port: 3100 - protocol: TCP - targetPort: http-metrics - - name: grpc - port: 9095 - protocol: TCP - targetPort: grpc - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: backend - app.kubernetes.io/instance: loki - app.kubernetes.io/name: loki - type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/pdb.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/pdb.yaml similarity index 63% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/pdb.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/pdb.yaml index f68a86e..d150c18 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/pdb.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/pdb.yaml @@ -2,17 +2,15 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: - app.kubernetes.io/component: write + app.kubernetes.io/component: memcached-chunks-cache app.kubernetes.io/instance: loki app.kubernetes.io/name: loki - app.kubernetes.io/version: 3.7.2 - helm.sh/chart: loki-17.4.11 - name: loki-write + name: loki-chunks-cache namespace: syn-loki spec: maxUnavailable: 1 selector: matchLabels: - app.kubernetes.io/component: write + app.kubernetes.io/component: memcached-chunks-cache app.kubernetes.io/instance: loki app.kubernetes.io/name: loki diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml index ad2e0aa..8f0a009 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml @@ -13,7 +13,7 @@ metadata: namespace: syn-loki spec: podManagementPolicy: Parallel - replicas: 1 + replicas: 2 selector: matchLabels: app.kubernetes.io/component: memcached-chunks-cache @@ -66,10 +66,10 @@ spec: timeoutSeconds: 3 resources: limits: - memory: 9830Mi + memory: 4Gi requests: cpu: 500m - memory: 9830Mi + memory: 4Gi securityContext: allowPrivilegeEscalation: false capabilities: @@ -117,7 +117,8 @@ spec: seccompProfile: type: RuntimeDefault initContainers: [] - nodeSelector: {} + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 11211 runAsGroup: 11211 diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/service.yaml similarity index 85% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/service.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/service.yaml index 5f7b690..33dfcac 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/service.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/service.yaml @@ -3,12 +3,12 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-backend + name: loki-compactor namespace: syn-loki spec: ports: @@ -26,7 +26,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: backend + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP @@ -36,14 +36,14 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 prometheus.io/service-monitor: 'false' variant: headless - name: loki-backend-headless + name: loki-compactor-headless namespace: syn-loki spec: clusterIP: None @@ -62,7 +62,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: backend + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/workload.yaml similarity index 80% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/workload.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/workload.yaml index e4be04e..9a1aec6 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/workload.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/compactor/workload.yaml @@ -2,30 +2,30 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: write + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-write + name: loki-compactor namespace: syn-loki spec: podManagementPolicy: Parallel - replicas: 3 + replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: - app.kubernetes.io/component: write + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki - serviceName: loki-write-headless + serviceName: loki-compactor-headless template: metadata: annotations: - checksum/config: 024a6bdf8e5f9fcb1b738320856091cf13e30a5fd575d46b637df747723e7f78 - kubectl.kubernetes.io/default-container: write + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: compactor labels: - app.kubernetes.io/component: write + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/part-of: memberlist @@ -37,7 +37,7 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: - app.kubernetes.io/component: write + app.kubernetes.io/component: compactor app.kubernetes.io/instance: loki app.kubernetes.io/name: loki topologyKey: kubernetes.io/hostname @@ -47,10 +47,10 @@ spec: - -config.file=/etc/loki/config/config.yaml - -config.expand-env=true - -memberlist.advertise-addr=$(POD_IP) - - -target=write + - -target=compactor env: - name: GOMEMLIMIT - value: 6963MiB + value: 435MiB - name: GOGC value: '80' - name: POD_IP @@ -70,7 +70,7 @@ spec: periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 - name: write + name: compactor ports: - containerPort: 3100 name: http-metrics @@ -92,11 +92,10 @@ spec: timeoutSeconds: 1 resources: limits: - cpu: 3 - memory: 8Gi + memory: 512Mi requests: - cpu: 1 - memory: 4Gi + cpu: 250m + memory: 384Mi securityContext: allowPrivilegeEscalation: false capabilities: @@ -115,13 +114,18 @@ spec: - mountPath: /tmp name: temp enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus securityContext: + fsGroup: 10001 fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 runAsNonRoot: true + runAsUser: 10001 seccompProfile: type: RuntimeDefault serviceAccountName: loki - terminationGracePeriodSeconds: 300 + terminationGracePeriodSeconds: 30 volumes: - emptyDir: {} name: temp @@ -134,17 +138,8 @@ spec: - configMap: name: loki-runtime name: runtime-config + - emptyDir: {} + name: data updateStrategy: rollingUpdate: partition: 0 - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/config.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/config.yaml index 3bb6a72..3189c4d 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/config.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/config.yaml @@ -5,11 +5,11 @@ data: auth_enabled: true bloom_build: builder: - planner_address: loki-backend-headless.syn-loki.svc.cluster.local:9095 + planner_address: loki-bloom-planner-headless.syn-loki.svc.cluster.local:9095 enabled: false bloom_gateway: client: - addresses: dnssrvnoa+_grpc._tcp.loki-backend-headless.syn-loki.svc.cluster.local + addresses: dnssrvnoa+_grpc._tcp.loki-bloom-gateway-headless.syn-loki.svc.cluster.local enabled: false chunk_store_config: chunk_cache_config: @@ -27,7 +27,7 @@ data: max_idle_conns: 72 timeout: 2000ms common: - compactor_grpc_address: 'loki-backend.syn-loki.svc.cluster.local:9095' + compactor_grpc_address: 'loki-compactor.syn-loki.svc.cluster.local:9095' path_prefix: /var/loki replication_factor: 3 storage: @@ -40,10 +40,10 @@ data: s3forcepathstyle: true secret_access_key: ${S3_SECRET_ACCESS_KEY} frontend: - scheduler_address: "" - tail_proxy_url: "" + scheduler_address: loki-query-scheduler-headless.syn-loki.svc.cluster.local:9095 + tail_proxy_url: http://loki-querier.syn-loki.svc.cluster.local:3100 frontend_worker: - scheduler_address: "" + scheduler_address: loki-query-scheduler-headless.syn-loki.svc.cluster.local:9095 index_gateway: mode: simple ingester: @@ -129,14 +129,14 @@ data: working_directory: /var/loki/data/bloomshipper boltdb_shipper: index_gateway_client: - server_address: dns+loki-backend-headless.syn-loki.svc.cluster.local:9095 + server_address: dns+loki-index-gateway-headless.syn-loki.svc.cluster.local:9095 hedging: at: 250ms max_per_second: 20 up_to: 3 tsdb_shipper: index_gateway_client: - server_address: dns+loki-backend-headless.syn-loki.svc.cluster.local:9095 + server_address: dns+loki-index-gateway-headless.syn-loki.svc.cluster.local:9095 use_thanos_objstore: false tracing: enabled: true diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/service.yaml new file mode 100644 index 0000000..16803fe --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-distributor + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-distributor-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/workload.yaml new file mode 100644 index 0000000..6da84d9 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/distributor/workload.yaml @@ -0,0 +1,145 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-distributor + namespace: syn-loki +spec: + replicas: 3 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: distributor + labels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: distributor + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=distributor + - -distributor.zone-awareness-enabled=true + env: + - name: GOMEMLIMIT + value: 3481MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: distributor + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 4Gi + requests: + cpu: 500m + memory: 2Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/configmap.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/configmap.yaml index e1b451f..d5f393e 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/configmap.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/configmap.yaml @@ -215,65 +215,65 @@ data: \ 127.0.0.1;\n deny all;\n server_tokens on; # expose nginx version\n\ \ }\n\n ########################################################\n #\ \ Configure backend targets\n location ^~ /ui {\n \n set $backend\ - \ \"http://loki-read.syn-loki.svc.cluster.local:3100\";\n proxy_pass\ + \ \"http://loki-querier.syn-loki.svc.cluster.local:3100\";\n proxy_pass\ \ $backend$request_uri;\n }\n\n # Distributor\n location = /api/prom/push\ - \ {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-distributor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /loki/api/v1/push\ - \ {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-distributor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /distributor/ring\ - \ {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-distributor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /otlp/v1/logs\ - \ {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-distributor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # Ingester\n \ - \ location = /flush {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ location = /flush {\n \n set $backend \"http://loki-ingester.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location ^~ /ingester/\ - \ {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ingester.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /ingester\ \ {\n \n internal; # to suppress 301\n }\n\n # Ring\n \ - \ location = /ring {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ location = /ring {\n \n set $backend \"http://loki-ingester.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # MemberListKV\n\ - \ location = /memberlist {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ location = /memberlist {\n \n set $backend \"http://loki-ingester.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # Ruler\n location\ - \ = /ruler/ring {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ = /ruler/ring {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /api/prom/rules\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location ^~ /api/prom/rules/\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /loki/api/v1/rules\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location ^~ /loki/api/v1/rules/\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /prometheus/api/v1/alerts\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /prometheus/api/v1/rules\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-ruler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # Compactor\n \ - \ location = /compactor/ring {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ location = /compactor/ring {\n \n set $backend \"http://loki-compactor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /loki/api/v1/delete\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-compactor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /loki/api/v1/cache/generation_numbers\ - \ {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-compactor.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # IndexGateway\n\ - \ location = /indexgateway/ring {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ location = /indexgateway/ring {\n \n set $backend \"http://loki-index-gateway.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # QueryScheduler\n\ - \ location = /scheduler/ring {\n \n set $backend \"http://loki-backend.syn-loki.svc.cluster.local:3100\"\ + \ location = /scheduler/ring {\n \n set $backend \"http://loki-query-scheduler.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # Config\n location\ - \ = /config {\n \n set $backend \"http://loki-write.syn-loki.svc.cluster.local:3100\"\ + \ = /config {\n \n set $backend \"http://loki-ingester.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n\n # QueryFrontend,\ \ Querier\n location = /api/prom/tail {\n proxy_set_header Upgrade $http_upgrade;\n\ \ proxy_set_header Connection \"upgrade\";\n \n set $backend \ - \ \"http://loki-read.syn-loki.svc.cluster.local:3100\";\n proxy_pass \ - \ $backend$request_uri;\n }\n location = /loki/api/v1/tail {\n \ - \ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"\ - upgrade\";\n \n set $backend \"http://loki-read.syn-loki.svc.cluster.local:3100\"\ + \ \"http://loki-query-frontend.syn-loki.svc.cluster.local:3100\";\n proxy_pass\ + \ $backend$request_uri;\n }\n location = /loki/api/v1/tail {\n \ + \ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection\ + \ \"upgrade\";\n \n set $backend \"http://loki-query-frontend.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location ^~ /api/prom/\ - \ {\n \n set $backend \"http://loki-read.syn-loki.svc.cluster.local:3100\"\ + \ {\n \n set $backend \"http://loki-query-frontend.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /api/prom\ \ {\n \n internal; # to suppress 301\n }\n location ^~\ \ /loki/api/v1/ {\n # pass custom headers set by Grafana as X-Query-Tags\ \ which are logged as key/value pairs in metrics.go log messages\n proxy_set_header\ \ X-Query-Tags \"${query_tags},user=${http_x_grafana_user},dashboard_id=${http_x_dashboard_uid},dashboard_title=${http_x_dashboard_title},panel_id=${http_x_panel_id},panel_title=${http_x_panel_title},source_rule_uid=${http_x_rule_uid},rule_name=${http_x_rule_name},rule_folder=${http_x_rule_folder},rule_version=${http_x_rule_version},rule_source=${http_x_rule_source},rule_type=${http_x_rule_type}\"\ - ;\n \n set $backend \"http://loki-read.syn-loki.svc.cluster.local:3100\"\ + ;\n \n set $backend \"http://loki-query-frontend.syn-loki.svc.cluster.local:3100\"\ ;\n proxy_pass $backend$request_uri;\n }\n location = /loki/api/v1\ \ {\n \n internal; # to suppress 301\n }\n }\n}\n" kind: ConfigMap diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml index 427e587..e22ed8f 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml @@ -22,7 +22,7 @@ spec: template: metadata: annotations: - checksum/config: 2ac29b210397fb257fb28bb7defc2a7245d4fff101baf745bc1ca1281b373f26 + checksum/config: d983d4b135c64732f88dea989ad8aa77d312f04b272722a7fea4a9f3368128c2 labels: app.kubernetes.io/component: gateway app.kubernetes.io/instance: loki @@ -116,6 +116,8 @@ spec: name: config subPath: access-log-exporter.yaml enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 101 runAsGroup: 101 diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/ingress.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/ingress.yaml new file mode 100644 index 0000000..3702f9b --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/gateway/ingress.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + labels: + app.kubernetes.io/component: gateway + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + custom-label: my-label + helm.sh/chart: loki-17.4.11 + name: loki-gateway + namespace: syn-loki +spec: + rules: + - host: metrics-receive.example.com + http: + paths: + - backend: + service: + name: loki-gateway + port: + number: 80 + path: / + pathType: Prefix + tls: + - hosts: + - metrics-receive.example.com + secretName: metrics-receive-example-com-tls diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/service.yaml new file mode 100644 index 0000000..ca98c4f --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: index-gateway + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-index-gateway + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: index-gateway + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: index-gateway + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-index-gateway-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: index-gateway + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/workload.yaml similarity index 56% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/workload.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/workload.yaml index d1aad35..2504121 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/workload.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/index-gateway/workload.yaml @@ -2,33 +2,29 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: index-gateway app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-backend + name: loki-index-gateway namespace: syn-loki spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Delete - whenScaled: Delete - podManagementPolicy: Parallel - replicas: 3 + replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: index-gateway app.kubernetes.io/instance: loki app.kubernetes.io/name: loki - serviceName: loki-backend-headless + serviceName: loki-index-gateway-headless template: metadata: annotations: - checksum/config: 024a6bdf8e5f9fcb1b738320856091cf13e30a5fd575d46b637df747723e7f78 - kubectl.kubernetes.io/default-container: backend + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: index-gateway labels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: index-gateway app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/part-of: memberlist @@ -40,7 +36,7 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: index-gateway app.kubernetes.io/instance: loki app.kubernetes.io/name: loki topologyKey: kubernetes.io/hostname @@ -50,11 +46,10 @@ spec: - -config.file=/etc/loki/config/config.yaml - -config.expand-env=true - -memberlist.advertise-addr=$(POD_IP) - - -target=backend - - -legacy-read-mode=false + - -target=index-gateway env: - name: GOMEMLIMIT - value: 1740MiB + value: 1827MiB - name: GOGC value: '80' - name: POD_IP @@ -74,7 +69,7 @@ spec: periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 - name: backend + name: index-gateway ports: - containerPort: 3100 name: http-metrics @@ -96,11 +91,10 @@ spec: timeoutSeconds: 1 resources: limits: - cpu: 2 - memory: 2Gi + memory: 2.1Gi requests: - cpu: 0.5 - memory: 1Gi + cpu: 500m + memory: 768Mi securityContext: allowPrivilegeEscalation: false capabilities: @@ -118,67 +112,15 @@ spec: name: data - mountPath: /tmp name: temp - - mountPath: /rules - name: sc-rules-volume - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: loki_rule - - name: FOLDER - value: /rules - - name: RESOURCE - value: both - - name: WATCH_SERVER_TIMEOUT - value: '60' - - name: WATCH_CLIENT_TIMEOUT - value: '60' - - name: LOG_LEVEL - value: INFO - - name: HEALTH_PORT - value: '8080' - image: docker.io/kiwigrid/k8s-sidecar:2.7.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: http-sidecar - initialDelaySeconds: 30 - periodSeconds: 30 - successThreshold: 1 - timeoutSeconds: 1 - name: loki-sc-rules - ports: - - containerPort: 8080 - name: http-sidecar - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: http-sidecar - initialDelaySeconds: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: sc-rules-temp - - mountPath: /rules - name: sc-rules-volume enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus securityContext: + fsGroup: 10001 fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 runAsNonRoot: true + runAsUser: 10001 seccompProfile: type: RuntimeDefault serviceAccountName: loki @@ -196,20 +138,6 @@ spec: name: loki-runtime name: runtime-config - emptyDir: {} - name: sc-rules-volume - - emptyDir: {} - name: sc-rules-temp + name: data updateStrategy: - rollingUpdate: - partition: 0 - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi + type: RollingUpdate diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/pdb.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/pdb-zone.yaml similarity index 71% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/pdb.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/pdb-zone.yaml index c617988..59ad557 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/pdb.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/pdb-zone.yaml @@ -2,17 +2,18 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: - app.kubernetes.io/component: read + app.kubernetes.io/component: ingester app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-read + name: loki-ingester-rollout namespace: syn-loki spec: maxUnavailable: 1 selector: matchLabels: - app.kubernetes.io/component: read + app.kubernetes.io/component: ingester app.kubernetes.io/instance: loki app.kubernetes.io/name: loki + rollout-group: ingester diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/service.yaml new file mode 100644 index 0000000..548048d --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/service.yaml @@ -0,0 +1,182 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-ingester + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-ingester-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- null +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-ingester-zone-a-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + selector: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-a + rollout-group: ingester + type: ClusterIP +--- null +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-ingester-zone-b-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + selector: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-b + rollout-group: ingester + type: ClusterIP +--- null +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-ingester-zone-c-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + selector: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-c + rollout-group: ingester + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/statefulset-zone.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/statefulset-zone.yaml new file mode 100644 index 0000000..01f3747 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ingester/statefulset-zone.yaml @@ -0,0 +1,506 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + rollout-max-unavailable: '1' + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-a + rollout-group: ingester + name: loki-ingester-zone-a + namespace: syn-loki +spec: + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-a + rollout-group: ingester + serviceName: loki-ingester-zone-a-headless + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: ingester + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-a + rollout-group: ingester + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: rollout-group + operator: In + values: + - ingester + - key: name + operator: NotIn + values: + - ingester-zone-a + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=ingester + - -ingester.availability-zone=zone-a + - -ingester.unregister-on-shutdown=false + - -ingester.tokens-file-path=/var/loki/ring-tokens + env: + - name: GOMEMLIMIT + value: 13926MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: ingester + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 16Gi + requests: + cpu: 1 + memory: 8Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 300 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data + updateStrategy: + type: RollingUpdate +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + rollout-max-unavailable: '1' + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-b + rollout-group: ingester + name: loki-ingester-zone-b + namespace: syn-loki +spec: + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-b + rollout-group: ingester + serviceName: loki-ingester-zone-b-headless + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: ingester + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-b + rollout-group: ingester + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: rollout-group + operator: In + values: + - ingester + - key: name + operator: NotIn + values: + - ingester-zone-b + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=ingester + - -ingester.availability-zone=zone-b + - -ingester.unregister-on-shutdown=false + - -ingester.tokens-file-path=/var/loki/ring-tokens + env: + - name: GOMEMLIMIT + value: 13926MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: ingester + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 16Gi + requests: + cpu: 1 + memory: 8Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 300 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data + updateStrategy: + type: RollingUpdate +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + rollout-max-unavailable: '1' + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-c + rollout-group: ingester + name: loki-ingester-zone-c + namespace: syn-loki +spec: + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: ingester-zone-c + rollout-group: ingester + serviceName: loki-ingester-zone-c-headless + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: ingester + labels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: ingester-zone-c + rollout-group: ingester + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: rollout-group + operator: In + values: + - ingester + - key: name + operator: NotIn + values: + - ingester-zone-c + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=ingester + - -ingester.availability-zone=zone-c + - -ingester.unregister-on-shutdown=false + - -ingester.tokens-file-path=/var/loki/ring-tokens + env: + - name: GOMEMLIMIT + value: 13926MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: ingester + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 16Gi + requests: + cpu: 1 + memory: 8Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 300 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ingester + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data + updateStrategy: + type: RollingUpdate diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/service.yaml new file mode 100644 index 0000000..6373201 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-overrides-exporter + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-overrides-exporter-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/workload.yaml new file mode 100644 index 0000000..5d708db --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/overrides-exporter/workload.yaml @@ -0,0 +1,140 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-overrides-exporter + namespace: syn-loki +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: overrides-exporter + labels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: overrides-exporter + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=overrides-exporter + env: + - name: GOMEMLIMIT + value: 108MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: overrides-exporter + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 300 + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/service.yaml similarity index 86% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/service.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/service.yaml index f3b375a..c3ff71d 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/write/service.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/service.yaml @@ -3,12 +3,12 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: write + app.kubernetes.io/component: querier app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-write + name: loki-querier namespace: syn-loki spec: ports: @@ -26,7 +26,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: write + app.kubernetes.io/component: querier app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP @@ -36,14 +36,14 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: write + app.kubernetes.io/component: querier app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 prometheus.io/service-monitor: 'false' variant: headless - name: loki-write-headless + name: loki-querier-headless namespace: syn-loki spec: clusterIP: None @@ -62,7 +62,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: write + app.kubernetes.io/component: querier app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/workload.yaml new file mode 100644 index 0000000..ecde835 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/querier/workload.yaml @@ -0,0 +1,155 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: querier + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-querier + namespace: syn-loki +spec: + replicas: 3 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: querier + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: querier + labels: + app.kubernetes.io/component: querier + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: querier + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=querier + - -distributor.zone-awareness-enabled=true + env: + - name: GOMEMLIMIT + value: 3481MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: querier + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 4Gi + requests: + cpu: 1 + memory: 2Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: querier + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/service.yaml new file mode 100644 index 0000000..e4fb538 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-query-frontend + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-query-frontend-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/workload.yaml new file mode 100644 index 0000000..e474293 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-frontend/workload.yaml @@ -0,0 +1,145 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-query-frontend + namespace: syn-loki +spec: + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: query-frontend + labels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: query-frontend + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=query-frontend + env: + - name: GOMEMLIMIT + value: 1740MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: query-frontend + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/pdb.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/pdb.yaml similarity index 73% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/pdb.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/pdb.yaml index 5252d36..1331b7c 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/backend/pdb.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/pdb.yaml @@ -2,17 +2,17 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-backend + name: loki-query-scheduler namespace: syn-loki spec: maxUnavailable: 1 selector: matchLabels: - app.kubernetes.io/component: backend + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/service.yaml new file mode 100644 index 0000000..244ac9b --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: query-scheduler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-query-scheduler + namespace: syn-loki +spec: + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: query-scheduler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: query-scheduler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + prometheus.io/service-monitor: 'false' + variant: headless + name: loki-query-scheduler-headless + namespace: syn-loki +spec: + clusterIP: None + ports: + - name: http-metrics + port: 3100 + protocol: TCP + targetPort: http-metrics + - name: grpc + port: 9095 + protocol: TCP + targetPort: grpc + - name: grpclb + port: 9096 + protocol: TCP + targetPort: grpc + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: query-scheduler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/workload.yaml similarity index 85% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/workload.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/workload.yaml index 2060a84..7915631 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/workload.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/query-scheduler/workload.yaml @@ -2,32 +2,33 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - app.kubernetes.io/component: read + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-read + name: loki-query-scheduler namespace: syn-loki spec: replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: - app.kubernetes.io/component: read + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki strategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 + type: RollingUpdate template: metadata: annotations: - checksum/config: 024a6bdf8e5f9fcb1b738320856091cf13e30a5fd575d46b637df747723e7f78 - kubectl.kubernetes.io/default-container: read + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: query-scheduler labels: - app.kubernetes.io/component: read + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/part-of: memberlist @@ -39,7 +40,7 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: - app.kubernetes.io/component: read + app.kubernetes.io/component: query-scheduler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki topologyKey: kubernetes.io/hostname @@ -49,10 +50,8 @@ spec: - -config.file=/etc/loki/config/config.yaml - -config.expand-env=true - -memberlist.advertise-addr=$(POD_IP) - - -target=read + - -target=query-scheduler env: - - name: GOMEMLIMIT - value: 3481MiB - name: GOGC value: '80' - name: POD_IP @@ -72,7 +71,7 @@ spec: periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 - name: read + name: query-scheduler ports: - containerPort: 3100 name: http-metrics @@ -92,12 +91,6 @@ spec: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - resources: - limits: - memory: 4Gi - requests: - cpu: 1 - memory: 3Gi securityContext: allowPrivilegeEscalation: false capabilities: @@ -116,9 +109,14 @@ spec: - mountPath: /tmp name: temp enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus securityContext: + fsGroup: 10001 fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 runAsNonRoot: true + runAsUser: 10001 seccompProfile: type: RuntimeDefault serviceAccountName: loki diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/pdb.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/pdb.yaml new file mode 100644 index 0000000..e0dd622 --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/pdb.yaml @@ -0,0 +1,16 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + labels: + app.kubernetes.io/component: memcached-results-cache + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + name: loki-results-cache + namespace: syn-loki +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: memcached-results-cache + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml index 186d545..e9ffe00 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml @@ -13,7 +13,7 @@ metadata: namespace: syn-loki spec: podManagementPolicy: Parallel - replicas: 1 + replicas: 2 selector: matchLabels: app.kubernetes.io/component: memcached-results-cache @@ -66,10 +66,10 @@ spec: timeoutSeconds: 3 resources: limits: - memory: 1229Mi + memory: 614Mi requests: cpu: 500m - memory: 1229Mi + memory: 614Mi securityContext: allowPrivilegeEscalation: false capabilities: @@ -117,7 +117,8 @@ spec: seccompProfile: type: RuntimeDefault initContainers: [] - nodeSelector: {} + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 11211 runAsGroup: 11211 diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/service.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/service.yaml similarity index 86% rename from tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/service.yaml rename to tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/service.yaml index 049a2bf..3cb0cf9 100644 --- a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/read/service.yaml +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/service.yaml @@ -3,12 +3,12 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: read + app.kubernetes.io/component: ruler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 - name: loki-read + name: loki-ruler namespace: syn-loki spec: ports: @@ -26,7 +26,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: read + app.kubernetes.io/component: ruler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP @@ -36,14 +36,14 @@ kind: Service metadata: annotations: null labels: - app.kubernetes.io/component: read + app.kubernetes.io/component: ruler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki app.kubernetes.io/version: 3.7.2 helm.sh/chart: loki-17.4.11 prometheus.io/service-monitor: 'false' variant: headless - name: loki-read-headless + name: loki-ruler-headless namespace: syn-loki spec: clusterIP: None @@ -62,7 +62,7 @@ spec: targetPort: grpc publishNotReadyAddresses: true selector: - app.kubernetes.io/component: read + app.kubernetes.io/component: ruler app.kubernetes.io/instance: loki app.kubernetes.io/name: loki type: ClusterIP diff --git a/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/workload.yaml b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/workload.yaml new file mode 100644 index 0000000..bf8120a --- /dev/null +++ b/tests/golden/extra-config/loki/loki/10_helm_loki/loki/templates/ruler/workload.yaml @@ -0,0 +1,141 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app.kubernetes.io/component: ruler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-ruler + namespace: syn-loki +spec: + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ruler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + serviceName: loki-ruler-headless + template: + metadata: + annotations: + checksum/config: ef7e4e1428196d5f360adf616f57243174b2d1a6cf5180603f91bc7ba17deaeb + kubectl.kubernetes.io/default-container: ruler + labels: + app.kubernetes.io/component: ruler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/part-of: memberlist + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ruler + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + topologyKey: kubernetes.io/hostname + automountServiceAccountToken: true + containers: + - args: + - -config.file=/etc/loki/config/config.yaml + - -config.expand-env=true + - -memberlist.advertise-addr=$(POD_IP) + - -target=ruler + env: + - name: GOMEMLIMIT + value: 652MiB + - name: GOGC + value: '80' + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + envFrom: + - secretRef: + name: loki-bucket-secret + image: docker.io/dockerhub.vshn.net/grafana/loki:3.7.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /loki/api/v1/status/buildinfo + port: http-metrics + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + name: ruler + ports: + - containerPort: 3100 + name: http-metrics + protocol: TCP + - containerPort: 9095 + name: grpc + protocol: TCP + - containerPort: 7946 + name: http-memberlist + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http-metrics + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 768Mi + requests: + cpu: 250m + memory: 512Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/loki/config + name: config + - mountPath: /etc/loki/runtime-config + name: runtime-config + - mountPath: /var/loki + name: data + - mountPath: /tmp + name: temp + enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus + securityContext: + fsGroup: 10001 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + serviceAccountName: loki + terminationGracePeriodSeconds: 300 + volumes: + - emptyDir: {} + name: temp + - configMap: + items: + - key: config.yaml + path: config.yaml + name: loki + name: config + - configMap: + name: loki-runtime + name: runtime-config + - emptyDir: {} + name: data diff --git a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml index 9635774..a92e985 100644 --- a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml +++ b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/chunks-cache/statefulset.yaml @@ -117,7 +117,8 @@ spec: seccompProfile: type: RuntimeDefault initContainers: [] - nodeSelector: {} + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 11211 runAsGroup: 11211 diff --git a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml index b045ee4..5a6dae5 100644 --- a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml +++ b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/gateway/deployment.yaml @@ -116,6 +116,8 @@ spec: name: config subPath: access-log-exporter.yaml enableServiceLinks: true + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 101 runAsGroup: 101 diff --git a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml new file mode 100644 index 0000000..2efecb4 --- /dev/null +++ b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/loki-rules.yaml @@ -0,0 +1,99 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + labels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki-loki-rules + namespace: syn-loki +spec: + groups: + - name: loki_rules + rules: + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job)) + labels: + cluster: loki + record: job:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job)) + labels: + cluster: loki + record: job:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job) / sum(rate(loki_request_duration_seconds_count[1m])) + by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (job) + labels: + cluster: loki + record: job:loki_request_duration_seconds_count:sum_rate + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job, route)) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, job, route)) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job, route) / + sum(rate(loki_request_duration_seconds_count[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (job, route) + labels: + cluster: loki + record: job_route:loki_request_duration_seconds_count:sum_rate + - expr: histogram_quantile(0.99, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, namespace, job, route)) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:99quantile + - expr: histogram_quantile(0.50, sum(rate(loki_request_duration_seconds_bucket[1m])) + by (le, namespace, job, route)) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:50quantile + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (namespace, job, + route) / sum(rate(loki_request_duration_seconds_count[1m])) by (namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds:avg + - expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_bucket:sum_rate + - expr: sum(rate(loki_request_duration_seconds_sum[1m])) by (namespace, job, + route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_sum:sum_rate + - expr: sum(rate(loki_request_duration_seconds_count[1m])) by (namespace, + job, route) + labels: + cluster: loki + record: namespace_job_route:loki_request_duration_seconds_count:sum_rate diff --git a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml new file mode 100644 index 0000000..edf226f --- /dev/null +++ b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/monitoring/servicemonitor.yaml @@ -0,0 +1,34 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki + app.kubernetes.io/version: 3.7.2 + helm.sh/chart: loki-17.4.11 + name: loki + namespace: syn-loki +spec: + endpoints: + - interval: 15s + path: /metrics + port: http-metrics + relabelings: + - action: replace + replacement: syn-loki/$1 + sourceLabels: + - job + targetLabel: job + - action: replace + replacement: loki + targetLabel: cluster + scheme: http + selector: + matchExpressions: + - key: prometheus.io/service-monitor + operator: NotIn + values: + - 'false' + matchLabels: + app.kubernetes.io/instance: loki + app.kubernetes.io/name: loki diff --git a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml index f335aba..9d1d896 100644 --- a/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml +++ b/tests/golden/legacy/loki/loki/10_helm_loki/loki/templates/results-cache/statefulset.yaml @@ -117,7 +117,8 @@ spec: seccompProfile: type: RuntimeDefault initContainers: [] - nodeSelector: {} + nodeSelector: + appuio.io/node-class: plus securityContext: fsGroup: 11211 runAsGroup: 11211 diff --git a/tests/golden/prometheus/loki/apps/loki.yaml b/tests/golden/prometheus/loki/apps/loki.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/prometheus/loki/loki/00_namespace.yaml b/tests/golden/prometheus/loki/loki/00_namespace.yaml deleted file mode 100644 index 8d33e92..0000000 --- a/tests/golden/prometheus/loki/loki/00_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: syn-loki - name: syn-loki diff --git a/tests/golden/prometheus/loki/loki/01_secrets.yaml b/tests/golden/prometheus/loki/loki/01_secrets.yaml deleted file mode 100644 index 62edfc1..0000000 --- a/tests/golden/prometheus/loki/loki/01_secrets.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -data: {} -kind: Secret -metadata: - annotations: {} - labels: - app.kubernetes.io/managed-by: commodore - app.kubernetes.io/name: loki-bucket-secret - name: loki-bucket-secret - name: loki-bucket-secret - namespace: syn-loki -stringData: - S3_ACCESS_KEY_ID: t-silent-test-1234/c-green-test-1234/loki/s3_access_key - S3_SECRET_ACCESS_KEY: t-silent-test-1234/c-green-test-1234/loki/s3_secret_key -type: Opaque diff --git a/tests/golden/prometheus/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml b/tests/golden/prometheus/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml deleted file mode 100644 index bc4a1a5..0000000 --- a/tests/golden/prometheus/loki/loki/10_helm_loki/loki/templates/backend/query-scheduler-discovery.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: null - labels: - app.kubernetes.io/component: backend - app.kubernetes.io/instance: loki - app.kubernetes.io/name: loki - prometheus.io/service-monitor: 'false' - name: loki-query-scheduler-discovery - namespace: syn-loki -spec: - clusterIP: None - ports: - - name: http-metrics - port: 3100 - protocol: TCP - targetPort: http-metrics - - name: grpc - port: 9095 - protocol: TCP - targetPort: grpc - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: backend - app.kubernetes.io/instance: loki - app.kubernetes.io/name: loki - type: ClusterIP diff --git a/tests/golden/prometheus/loki/loki/10_helm_loki/loki/templates/monitoring/.keep.yaml b/tests/golden/prometheus/loki/loki/10_helm_loki/loki/templates/monitoring/.keep.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/prometheus/loki/loki/20_prometheus_rule.yaml b/tests/golden/prometheus/loki/loki/20_prometheus_rule.yaml deleted file mode 100644 index b2da639..0000000 --- a/tests/golden/prometheus/loki/loki/20_prometheus_rule.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - monitoring.syn.tools/enabled: 'true' - name: loki-custom - name: loki-custom - namespace: syn-loki -spec: - groups: - - name: loki-custom.rules - rules: - - alert: LokiTestAlert - annotations: - summary: Test alert - expr: vector(1) == 0 - for: 5m - labels: - severity: warning diff --git a/tests/legacy.yml b/tests/legacy.yml index c3a6c6f..f644098 100644 --- a/tests/legacy.yml +++ b/tests/legacy.yml @@ -14,3 +14,5 @@ parameters: loki: globalNodeSelector: appuio.io/node-class: plus + + preset: legacy diff --git a/tests/prometheus.yml b/tests/prometheus.yml deleted file mode 100644 index 151b960..0000000 --- a/tests/prometheus.yml +++ /dev/null @@ -1,24 +0,0 @@ -applications: - - prometheus - -parameters: - kapitan: - dependencies: - - type: https - source: https://raw.githubusercontent.com/projectsyn/component-prometheus/v2.15.0/lib/prometheus.libsonnet - output_path: vendor/lib/prometheus.libsonnet - - loki: - alerts: - additionalRules: - 'alert:LokiTestAlert': - expr: vector(1) == 0 - for: 5m - labels: - severity: warning - annotations: - summary: Test alert - helm_values: - monitoring: - rules: - enabled: true