--- # Source: loki-stack/charts/loki/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm annotations: {} name: loki namespace: default automountServiceAccountToken: true --- # Source: loki-stack/charts/promtail/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: loki-promtail namespace: default labels: helm.sh/chart: promtail-6.7.4 app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki app.kubernetes.io/version: "2.7.0" app.kubernetes.io/managed-by: Helm --- # Source: loki-stack/charts/loki/templates/secret.yaml apiVersion: v1 kind: Secret metadata: name: loki namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm data: loki.yaml: YXV0aF9lbmFibGVkOiBmYWxzZQpjaHVua19zdG9yZV9jb25maWc6CiAgbWF4X2xvb2tfYmFja19wZXJpb2Q6IDBzCmNvbXBhY3RvcjoKICBzaGFyZWRfc3RvcmU6IGZpbGVzeXN0ZW0KICB3b3JraW5nX2RpcmVjdG9yeTogL2RhdGEvbG9raS9ib2x0ZGItc2hpcHBlci1jb21wYWN0b3IKaW5nZXN0ZXI6CiAgY2h1bmtfYmxvY2tfc2l6ZTogMjYyMTQ0CiAgY2h1bmtfaWRsZV9wZXJpb2Q6IDNtCiAgY2h1bmtfcmV0YWluX3BlcmlvZDogMW0KICBsaWZlY3ljbGVyOgogICAgcmluZzoKICAgICAgcmVwbGljYXRpb25fZmFjdG9yOiAxCiAgbWF4X3RyYW5zZmVyX3JldHJpZXM6IDAKICB3YWw6CiAgICBkaXI6IC9kYXRhL2xva2kvd2FsCmxpbWl0c19jb25maWc6CiAgZW5mb3JjZV9tZXRyaWNfbmFtZTogZmFsc2UKICBtYXhfZW50cmllc19saW1pdF9wZXJfcXVlcnk6IDUwMDAKICByZWplY3Rfb2xkX3NhbXBsZXM6IHRydWUKICByZWplY3Rfb2xkX3NhbXBsZXNfbWF4X2FnZTogMTY4aAptZW1iZXJsaXN0OgogIGpvaW5fbWVtYmVyczoKICAtICdsb2tpLW1lbWJlcmxpc3QnCnNjaGVtYV9jb25maWc6CiAgY29uZmlnczoKICAtIGZyb206ICIyMDIwLTEwLTI0IgogICAgaW5kZXg6CiAgICAgIHBlcmlvZDogMjRoCiAgICAgIHByZWZpeDogaW5kZXhfCiAgICBvYmplY3Rfc3RvcmU6IGZpbGVzeXN0ZW0KICAgIHNjaGVtYTogdjExCiAgICBzdG9yZTogYm9sdGRiLXNoaXBwZXIKc2VydmVyOgogIGdycGNfbGlzdGVuX3BvcnQ6IDkwOTUKICBodHRwX2xpc3Rlbl9wb3J0OiAzMTAwCnN0b3JhZ2VfY29uZmlnOgogIGJvbHRkYl9zaGlwcGVyOgogICAgYWN0aXZlX2luZGV4X2RpcmVjdG9yeTogL2RhdGEvbG9raS9ib2x0ZGItc2hpcHBlci1hY3RpdmUKICAgIGNhY2hlX2xvY2F0aW9uOiAvZGF0YS9sb2tpL2JvbHRkYi1zaGlwcGVyLWNhY2hlCiAgICBjYWNoZV90dGw6IDI0aAogICAgc2hhcmVkX3N0b3JlOiBmaWxlc3lzdGVtCiAgZmlsZXN5c3RlbToKICAgIGRpcmVjdG9yeTogL2RhdGEvbG9raS9jaHVua3MKdGFibGVfbWFuYWdlcjoKICByZXRlbnRpb25fZGVsZXRlc19lbmFibGVkOiBmYWxzZQogIHJldGVudGlvbl9wZXJpb2Q6IDBz --- # Source: loki-stack/charts/promtail/templates/secret.yaml apiVersion: v1 kind: Secret metadata: name: loki-promtail namespace: default labels: helm.sh/chart: promtail-6.7.4 app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki app.kubernetes.io/version: "2.7.0" app.kubernetes.io/managed-by: Helm stringData: promtail.yaml: | server: log_level: info http_listen_port: 3101 clients: - url: http://loki:3100/loki/api/v1/push positions: filename: /run/promtail/positions.yaml scrape_configs: # See also https://github.com/grafana/loki/blob/master/production/ksonnet/promtail/scrape_config.libsonnet for reference - job_name: kubernetes-pods pipeline_stages: - cri: {} kubernetes_sd_configs: - role: pod relabel_configs: - source_labels: - __meta_kubernetes_pod_controller_name regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})? action: replace target_label: __tmp_controller_name - source_labels: - __meta_kubernetes_pod_label_app_kubernetes_io_name - __meta_kubernetes_pod_label_app - __tmp_controller_name - __meta_kubernetes_pod_name regex: ^;*([^;]+)(;.*)?$ action: replace target_label: app - source_labels: - __meta_kubernetes_pod_label_app_kubernetes_io_instance - __meta_kubernetes_pod_label_release regex: ^;*([^;]+)(;.*)?$ action: replace target_label: instance - source_labels: - __meta_kubernetes_pod_label_app_kubernetes_io_component - __meta_kubernetes_pod_label_component regex: ^;*([^;]+)(;.*)?$ action: replace target_label: component - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node_name - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace replacement: $1 separator: / source_labels: - namespace - app target_label: job - action: replace source_labels: - __meta_kubernetes_pod_name target_label: pod - action: replace source_labels: - __meta_kubernetes_pod_container_name target_label: container - action: replace replacement: /var/log/pods/*$1/*.log separator: / source_labels: - __meta_kubernetes_pod_uid - __meta_kubernetes_pod_container_name target_label: __path__ - action: replace regex: true/(.*) replacement: /var/log/pods/*$1/*.log separator: / source_labels: - __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash - __meta_kubernetes_pod_annotation_kubernetes_io_config_hash - __meta_kubernetes_pod_container_name target_label: __path__ limits_config: --- # Source: loki-stack/templates/datasources.yaml apiVersion: v1 kind: ConfigMap metadata: name: loki-loki-stack namespace: default labels: app: loki-stack chart: loki-stack-2.8.9 release: loki heritage: Helm grafana_datasource: "1" data: loki-stack-datasource.yaml: |- apiVersion: 1 datasources: - name: Loki type: loki access: proxy url: "http://loki:3100" version: 1 isDefault: true jsonData: {} --- # Source: loki-stack/templates/tests/loki-test-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: loki-loki-stack-test labels: app: loki-stack chart: loki-stack-2.8.9 release: loki heritage: Helm data: test.sh: | #!/usr/bin/env bash LOKI_URI="http://${LOKI_SERVICE}:${LOKI_PORT}" function setup() { apk add -u curl jq until (curl -s ${LOKI_URI}/loki/api/v1/label/app/values | jq -e '.data[] | select(. == "loki")'); do sleep 1 done } @test "Has labels" { curl -s ${LOKI_URI}/loki/api/v1/labels | \ jq -e '.data[] | select(. == "app")' } @test "Query log entry" { curl -sG ${LOKI_URI}/api/prom/query?limit=10 --data-urlencode 'query={app="loki"}' | \ jq -e '.streams[].entries | length >=1' } @test "Push log entry" { local timestamp=$(date +%s000000000) local data=$(jq -n --arg timestamp "${timestamp}" '{"streams": [{"stream": {"app": "loki-test"}, "values": [[$timestamp, "foobar"]]}]}') curl -s -X POST -H "Content-Type: application/json" ${LOKI_URI}/loki/api/v1/push --data-raw "${data}" curl -sG ${LOKI_URI}/loki/api/v1/query_range?limit=1 --data-urlencode 'query={app="loki-test"}' | \ jq -e '.data.result[].values[][1] == "foobar"' } --- # Source: loki-stack/charts/promtail/templates/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: loki-promtail labels: helm.sh/chart: promtail-6.7.4 app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki app.kubernetes.io/version: "2.7.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: - "" resources: - nodes - nodes/proxy - services - endpoints - pods verbs: - get - watch - list --- # Source: loki-stack/charts/promtail/templates/clusterrolebinding.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: loki-promtail labels: helm.sh/chart: promtail-6.7.4 app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki app.kubernetes.io/version: "2.7.0" app.kubernetes.io/managed-by: Helm subjects: - kind: ServiceAccount name: loki-promtail namespace: default roleRef: kind: ClusterRole name: loki-promtail apiGroup: rbac.authorization.k8s.io --- # Source: loki-stack/charts/loki/templates/role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: loki namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm rules: - apiGroups: ['extensions'] resources: ['podsecuritypolicies'] verbs: ['use'] resourceNames: [loki] --- # Source: loki-stack/charts/loki/templates/rolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: loki namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: loki subjects: - kind: ServiceAccount name: loki --- # Source: loki-stack/charts/loki/templates/service-headless.yaml apiVersion: v1 kind: Service metadata: name: loki-headless namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm variant: headless spec: clusterIP: None ports: - port: 3100 protocol: TCP name: http-metrics targetPort: http-metrics selector: app: loki release: loki --- # Source: loki-stack/charts/loki/templates/service-memberlist.yaml apiVersion: v1 kind: Service metadata: name: loki-memberlist namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm spec: type: ClusterIP clusterIP: None publishNotReadyAddresses: true ports: - name: http port: 7946 targetPort: memberlist-port protocol: TCP selector: app: loki release: loki --- # Source: loki-stack/charts/loki/templates/service.yaml apiVersion: v1 kind: Service metadata: name: loki namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm annotations: {} spec: type: ClusterIP ports: - port: 3100 protocol: TCP name: http-metrics targetPort: http-metrics selector: app: loki release: loki --- # Source: loki-stack/charts/promtail/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: name: loki-promtail namespace: default labels: helm.sh/chart: promtail-6.7.4 app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki app.kubernetes.io/version: "2.7.0" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki updateStrategy: {} template: metadata: labels: app.kubernetes.io/name: promtail app.kubernetes.io/instance: loki annotations: checksum/config: d566bf766424f0ee767a237d2b599c0f88b3129f45721acdb2f519024885cd31 spec: serviceAccountName: loki-promtail enableServiceLinks: true securityContext: runAsGroup: 0 runAsUser: 0 containers: - name: promtail image: "docker.io/grafana/promtail:2.7.0" imagePullPolicy: IfNotPresent args: - "-config.file=/etc/promtail/promtail.yaml" volumeMounts: - name: config mountPath: /etc/promtail - mountPath: /run/promtail name: run - mountPath: /var/lib/docker/containers name: containers readOnly: true - mountPath: /var/log/pods name: pods readOnly: true env: - name: HOSTNAME valueFrom: fieldRef: fieldPath: spec.nodeName ports: - name: http-metrics containerPort: 3101 protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true readinessProbe: failureThreshold: 5 httpGet: path: '/ready' port: http-metrics initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane operator: Exists volumes: - name: config secret: secretName: loki-promtail - hostPath: path: /run/promtail name: run - hostPath: path: /var/lib/docker/containers name: containers - hostPath: path: /var/log/pods name: pods --- # Source: loki-stack/charts/loki/templates/statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: loki namespace: default labels: app: loki chart: loki-2.16.0 release: loki heritage: Helm annotations: {} spec: podManagementPolicy: OrderedReady replicas: 1 selector: matchLabels: app: loki release: loki serviceName: loki-headless updateStrategy: type: RollingUpdate template: metadata: labels: app: loki name: loki release: loki annotations: checksum/config: 70f817aa5a2dd5f771aca66233ce0b140c925212f36795fdeb95102ca96db046 prometheus.io/port: http-metrics prometheus.io/scrape: "true" spec: serviceAccountName: loki securityContext: fsGroup: 10001 runAsGroup: 10001 runAsNonRoot: true runAsUser: 10001 initContainers: [] containers: - name: loki image: "grafana/loki:2.6.1" imagePullPolicy: IfNotPresent args: - "-config.file=/etc/loki/loki.yaml" volumeMounts: - name: tmp mountPath: /tmp - name: config mountPath: /etc/loki - name: storage mountPath: "/data" subPath: ports: - name: http-metrics containerPort: 3100 protocol: TCP - name: grpc containerPort: 9095 protocol: TCP - name: memberlist-port containerPort: 7946 protocol: TCP livenessProbe: httpGet: path: /ready port: http-metrics initialDelaySeconds: 45 readinessProbe: httpGet: path: /ready port: http-metrics initialDelaySeconds: 45 resources: {} securityContext: readOnlyRootFilesystem: true env: nodeSelector: {} affinity: {} tolerations: [] terminationGracePeriodSeconds: 4800 volumes: - name: tmp emptyDir: {} - name: config secret: secretName: loki - name: storage emptyDir: {} --- # Source: loki-stack/templates/tests/loki-test-pod.yaml apiVersion: v1 kind: Pod metadata: annotations: "helm.sh/hook": test-success labels: app: loki-stack chart: loki-stack-2.8.9 release: loki heritage: Helm name: loki-loki-stack-test spec: containers: - name: test image: "bats/bats:v1.1.0" imagePullPolicy: "" args: - /var/lib/loki/test.sh env: - name: LOKI_SERVICE value: loki - name: LOKI_PORT value: "3100" volumeMounts: - name: tests mountPath: /var/lib/loki restartPolicy: Never volumes: - name: tests configMap: name: loki-loki-stack-test