github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/applications/loki-stack-fluentbit/fluentbit-loki-stack-system.yaml (about) 1 --- 2 # Source: loki-stack/charts/fluent-bit/templates/podsecuritypolicy.yaml 3 apiVersion: policy/v1beta1 4 kind: PodSecurityPolicy 5 metadata: 6 name: fluentbit-loki-stack-fluent-bit-loki 7 labels: 8 app: fluent-bit-loki 9 chart: fluent-bit-2.3.0 10 heritage: Helm 11 release: fluentbit-loki-stack 12 spec: 13 privileged: false 14 allowPrivilegeEscalation: false 15 volumes: 16 - 'secret' 17 - 'configMap' 18 - 'hostPath' 19 - 'projected' 20 - 'downwardAPI' 21 hostNetwork: false 22 hostIPC: false 23 hostPID: false 24 runAsUser: 25 rule: 'RunAsAny' 26 seLinux: 27 rule: 'RunAsAny' 28 supplementalGroups: 29 rule: 'RunAsAny' 30 fsGroup: 31 rule: 'RunAsAny' 32 readOnlyRootFilesystem: true 33 requiredDropCapabilities: 34 - ALL 35 --- 36 # Source: loki-stack/charts/grafana/templates/podsecuritypolicy.yaml 37 apiVersion: policy/v1beta1 38 kind: PodSecurityPolicy 39 metadata: 40 name: fluentbit-loki-stack-grafana 41 labels: 42 helm.sh/chart: grafana-6.16.12 43 app.kubernetes.io/name: grafana 44 app.kubernetes.io/instance: fluentbit-loki-stack 45 app.kubernetes.io/version: "8.1.6" 46 app.kubernetes.io/managed-by: Helm 47 annotations: 48 seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' 49 seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 50 apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' 51 apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' 52 spec: 53 privileged: false 54 allowPrivilegeEscalation: false 55 requiredDropCapabilities: 56 # Default set from Docker, with DAC_OVERRIDE and CHOWN 57 - ALL 58 volumes: 59 - 'configMap' 60 - 'emptyDir' 61 - 'projected' 62 - 'csi' 63 - 'secret' 64 - 'downwardAPI' 65 - 'persistentVolumeClaim' 66 hostNetwork: false 67 hostIPC: false 68 hostPID: false 69 runAsUser: 70 rule: 'RunAsAny' 71 seLinux: 72 rule: 'RunAsAny' 73 supplementalGroups: 74 rule: 'MustRunAs' 75 ranges: 76 # Forbid adding the root group. 77 - min: 1 78 max: 65535 79 fsGroup: 80 rule: 'MustRunAs' 81 ranges: 82 # Forbid adding the root group. 83 - min: 1 84 max: 65535 85 readOnlyRootFilesystem: false 86 --- 87 # Source: loki-stack/charts/grafana/templates/tests/test-podsecuritypolicy.yaml 88 apiVersion: policy/v1beta1 89 kind: PodSecurityPolicy 90 metadata: 91 name: fluentbit-loki-stack-grafana-test 92 labels: 93 helm.sh/chart: grafana-6.16.12 94 app.kubernetes.io/name: grafana 95 app.kubernetes.io/instance: fluentbit-loki-stack 96 app.kubernetes.io/version: "8.1.6" 97 app.kubernetes.io/managed-by: Helm 98 spec: 99 allowPrivilegeEscalation: true 100 privileged: false 101 hostNetwork: false 102 hostIPC: false 103 hostPID: false 104 fsGroup: 105 rule: RunAsAny 106 seLinux: 107 rule: RunAsAny 108 supplementalGroups: 109 rule: RunAsAny 110 runAsUser: 111 rule: RunAsAny 112 volumes: 113 - configMap 114 - downwardAPI 115 - emptyDir 116 - projected 117 - csi 118 - secret 119 --- 120 # Source: loki-stack/charts/loki/templates/podsecuritypolicy.yaml 121 apiVersion: policy/v1beta1 122 kind: PodSecurityPolicy 123 metadata: 124 name: fluentbit-loki-stack 125 labels: 126 app: loki 127 chart: loki-2.6.0 128 heritage: Helm 129 release: fluentbit-loki-stack 130 spec: 131 privileged: false 132 allowPrivilegeEscalation: false 133 volumes: 134 - 'configMap' 135 - 'emptyDir' 136 - 'persistentVolumeClaim' 137 - 'secret' 138 - 'projected' 139 - 'downwardAPI' 140 hostNetwork: false 141 hostIPC: false 142 hostPID: false 143 runAsUser: 144 rule: 'MustRunAsNonRoot' 145 seLinux: 146 rule: 'RunAsAny' 147 supplementalGroups: 148 rule: 'MustRunAs' 149 ranges: 150 - min: 1 151 max: 65535 152 fsGroup: 153 rule: 'MustRunAs' 154 ranges: 155 - min: 1 156 max: 65535 157 readOnlyRootFilesystem: true 158 requiredDropCapabilities: 159 - ALL 160 --- 161 # Source: loki-stack/charts/fluent-bit/templates/serviceaccount.yaml 162 apiVersion: v1 163 kind: ServiceAccount 164 metadata: 165 labels: 166 app: fluent-bit-loki 167 chart: fluent-bit-2.3.0 168 heritage: Helm 169 release: fluentbit-loki-stack 170 name: fluentbit-loki-stack-fluent-bit-loki 171 namespace: fluentbit-loki-stack-system 172 --- 173 # Source: loki-stack/charts/grafana/templates/serviceaccount.yaml 174 apiVersion: v1 175 kind: ServiceAccount 176 metadata: 177 labels: 178 helm.sh/chart: grafana-6.16.12 179 app.kubernetes.io/name: grafana 180 app.kubernetes.io/instance: fluentbit-loki-stack 181 app.kubernetes.io/version: "8.1.6" 182 app.kubernetes.io/managed-by: Helm 183 name: fluentbit-loki-stack-grafana 184 namespace: fluentbit-loki-stack-system 185 --- 186 # Source: loki-stack/charts/grafana/templates/tests/test-serviceaccount.yaml 187 apiVersion: v1 188 kind: ServiceAccount 189 metadata: 190 labels: 191 helm.sh/chart: grafana-6.16.12 192 app.kubernetes.io/name: grafana 193 app.kubernetes.io/instance: fluentbit-loki-stack 194 app.kubernetes.io/version: "8.1.6" 195 app.kubernetes.io/managed-by: Helm 196 name: fluentbit-loki-stack-grafana-test 197 namespace: fluentbit-loki-stack-system 198 --- 199 # Source: loki-stack/charts/loki/templates/serviceaccount.yaml 200 apiVersion: v1 201 kind: ServiceAccount 202 metadata: 203 labels: 204 app: loki 205 chart: loki-2.6.0 206 heritage: Helm 207 release: fluentbit-loki-stack 208 annotations: 209 {} 210 name: fluentbit-loki-stack 211 namespace: fluentbit-loki-stack-system 212 automountServiceAccountToken: true 213 --- 214 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml 215 apiVersion: v1 216 kind: ServiceAccount 217 metadata: 218 labels: 219 app.kubernetes.io/name: kube-state-metrics 220 helm.sh/chart: kube-state-metrics-2.8.14 221 app.kubernetes.io/managed-by: Helm 222 app.kubernetes.io/instance: fluentbit-loki-stack 223 name: fluentbit-loki-stack-kube-state-metrics 224 namespace: fluentbit-loki-stack-system 225 imagePullSecrets: 226 [] 227 --- 228 # Source: loki-stack/charts/prometheus/templates/alertmanager/serviceaccount.yaml 229 apiVersion: v1 230 kind: ServiceAccount 231 metadata: 232 labels: 233 component: "alertmanager" 234 app: prometheus 235 release: fluentbit-loki-stack 236 chart: prometheus-11.16.9 237 heritage: Helm 238 name: fluentbit-loki-stack-prometheus-alertmanager 239 namespace: fluentbit-loki-stack-system 240 annotations: 241 {} 242 --- 243 # Source: loki-stack/charts/prometheus/templates/node-exporter/serviceaccount.yaml 244 apiVersion: v1 245 kind: ServiceAccount 246 metadata: 247 labels: 248 component: "node-exporter" 249 app: prometheus 250 release: fluentbit-loki-stack 251 chart: prometheus-11.16.9 252 heritage: Helm 253 name: fluentbit-loki-stack-prometheus-node-exporter 254 namespace: fluentbit-loki-stack-system 255 annotations: 256 {} 257 --- 258 # Source: loki-stack/charts/prometheus/templates/pushgateway/serviceaccount.yaml 259 apiVersion: v1 260 kind: ServiceAccount 261 metadata: 262 labels: 263 component: "pushgateway" 264 app: prometheus 265 release: fluentbit-loki-stack 266 chart: prometheus-11.16.9 267 heritage: Helm 268 name: fluentbit-loki-stack-prometheus-pushgateway 269 namespace: fluentbit-loki-stack-system 270 annotations: 271 {} 272 --- 273 # Source: loki-stack/charts/prometheus/templates/server/serviceaccount.yaml 274 apiVersion: v1 275 kind: ServiceAccount 276 metadata: 277 labels: 278 component: "server" 279 app: prometheus 280 release: fluentbit-loki-stack 281 chart: prometheus-11.16.9 282 heritage: Helm 283 name: fluentbit-loki-stack-prometheus-server 284 namespace: fluentbit-loki-stack-system 285 annotations: 286 {} 287 --- 288 # Source: loki-stack/charts/grafana/templates/secret.yaml 289 apiVersion: v1 290 kind: Secret 291 metadata: 292 name: fluentbit-loki-stack-grafana 293 namespace: fluentbit-loki-stack-system 294 labels: 295 helm.sh/chart: grafana-6.16.12 296 app.kubernetes.io/name: grafana 297 app.kubernetes.io/instance: fluentbit-loki-stack 298 app.kubernetes.io/version: "8.1.6" 299 app.kubernetes.io/managed-by: Helm 300 type: Opaque 301 data: 302 admin-user: "YWRtaW4=" 303 admin-password: "dDVsNkFoZklwTXlnWmFaeFBZSWZEMVl5R0haNkY3bHlTOWhwWllZcQ==" 304 ldap-toml: "" 305 --- 306 # Source: loki-stack/charts/loki/templates/secret.yaml 307 apiVersion: v1 308 kind: Secret 309 metadata: 310 name: fluentbit-loki-stack 311 namespace: fluentbit-loki-stack-system 312 labels: 313 app: loki 314 chart: loki-2.6.0 315 release: fluentbit-loki-stack 316 heritage: Helm 317 data: 318 loki.yaml: YXV0aF9lbmFibGVkOiBmYWxzZQpjaHVua19zdG9yZV9jb25maWc6CiAgbWF4X2xvb2tfYmFja19wZXJpb2Q6IDBzCmNvbXBhY3RvcjoKICBzaGFyZWRfc3RvcmU6IGZpbGVzeXN0ZW0KICB3b3JraW5nX2RpcmVjdG9yeTogL2RhdGEvbG9raS9ib2x0ZGItc2hpcHBlci1jb21wYWN0b3IKaW5nZXN0ZXI6CiAgY2h1bmtfYmxvY2tfc2l6ZTogMjYyMTQ0CiAgY2h1bmtfaWRsZV9wZXJpb2Q6IDNtCiAgY2h1bmtfcmV0YWluX3BlcmlvZDogMW0KICBsaWZlY3ljbGVyOgogICAgcmluZzoKICAgICAga3ZzdG9yZToKICAgICAgICBzdG9yZTogaW5tZW1vcnkKICAgICAgcmVwbGljYXRpb25fZmFjdG9yOiAxCiAgbWF4X3RyYW5zZmVyX3JldHJpZXM6IDAKbGltaXRzX2NvbmZpZzoKICBlbmZvcmNlX21ldHJpY19uYW1lOiBmYWxzZQogIHJlamVjdF9vbGRfc2FtcGxlczogdHJ1ZQogIHJlamVjdF9vbGRfc2FtcGxlc19tYXhfYWdlOiAxNjhoCnNjaGVtYV9jb25maWc6CiAgY29uZmlnczoKICAtIGZyb206ICIyMDIwLTEwLTI0IgogICAgaW5kZXg6CiAgICAgIHBlcmlvZDogMjRoCiAgICAgIHByZWZpeDogaW5kZXhfCiAgICBvYmplY3Rfc3RvcmU6IGZpbGVzeXN0ZW0KICAgIHNjaGVtYTogdjExCiAgICBzdG9yZTogYm9sdGRiLXNoaXBwZXIKc2VydmVyOgogIGh0dHBfbGlzdGVuX3BvcnQ6IDMxMDAKc3RvcmFnZV9jb25maWc6CiAgYm9sdGRiX3NoaXBwZXI6CiAgICBhY3RpdmVfaW5kZXhfZGlyZWN0b3J5OiAvZGF0YS9sb2tpL2JvbHRkYi1zaGlwcGVyLWFjdGl2ZQogICAgY2FjaGVfbG9jYXRpb246IC9kYXRhL2xva2kvYm9sdGRiLXNoaXBwZXItY2FjaGUKICAgIGNhY2hlX3R0bDogMjRoCiAgICBzaGFyZWRfc3RvcmU6IGZpbGVzeXN0ZW0KICBmaWxlc3lzdGVtOgogICAgZGlyZWN0b3J5OiAvZGF0YS9sb2tpL2NodW5rcwp0YWJsZV9tYW5hZ2VyOgogIHJldGVudGlvbl9kZWxldGVzX2VuYWJsZWQ6IGZhbHNlCiAgcmV0ZW50aW9uX3BlcmlvZDogMHM= 319 --- 320 # Source: loki-stack/charts/fluent-bit/templates/configmap.yaml 321 apiVersion: v1 322 kind: ConfigMap 323 metadata: 324 name: fluentbit-loki-stack-fluent-bit-loki 325 namespace: fluentbit-loki-stack-system 326 labels: 327 app: fluent-bit-loki 328 chart: fluent-bit-2.3.0 329 release: fluentbit-loki-stack 330 heritage: Helm 331 data: 332 fluent-bit.conf: |- 333 [SERVICE] 334 HTTP_Server On 335 HTTP_Listen 0.0.0.0 336 HTTP_PORT 2020 337 Flush 1 338 Daemon Off 339 Log_Level warn 340 Parsers_File parsers.conf 341 [INPUT] 342 Name tail 343 Tag kube.* 344 Path /var/log/containers/*.log 345 Parser docker 346 DB /run/fluent-bit/flb_kube.db 347 Mem_Buf_Limit 5MB 348 [FILTER] 349 Name kubernetes 350 Match kube.* 351 Kube_URL https://kubernetes.default.svc:443 352 Merge_Log On 353 K8S-Logging.Exclude Off 354 K8S-Logging.Parser Off 355 [Output] 356 Name grafana-loki 357 Match * 358 Url http://fluentbit-loki-stack:3100/api/prom/push 359 TenantID "" 360 BatchWait 1 361 BatchSize 1048576 362 Labels {job="fluent-bit"} 363 RemoveKeys kubernetes,stream 364 AutoKubernetesLabels false 365 LabelMapPath /fluent-bit/etc/labelmap.json 366 LineFormat json 367 LogLevel warn 368 parsers.conf: |- 369 [PARSER] 370 Name docker 371 Format json 372 Time_Key time 373 Time_Format %Y-%m-%dT%H:%M:%S.%L 374 375 labelmap.json: |- 376 { 377 "kubernetes": { 378 "container_name": "container", 379 "host": "node", 380 "labels": { 381 "app": "app", 382 "release": "release" 383 }, 384 "namespace_name": "namespace", 385 "pod_name": "instance" 386 }, 387 "stream": "stream" 388 } 389 --- 390 # Source: loki-stack/charts/grafana/templates/configmap.yaml 391 apiVersion: v1 392 kind: ConfigMap 393 metadata: 394 name: fluentbit-loki-stack-grafana 395 namespace: fluentbit-loki-stack-system 396 labels: 397 helm.sh/chart: grafana-6.16.12 398 app.kubernetes.io/name: grafana 399 app.kubernetes.io/instance: fluentbit-loki-stack 400 app.kubernetes.io/version: "8.1.6" 401 app.kubernetes.io/managed-by: Helm 402 data: 403 grafana.ini: | 404 [analytics] 405 check_for_updates = true 406 [grafana_net] 407 url = https://grafana.net 408 [log] 409 mode = console 410 [paths] 411 data = /var/lib/grafana/ 412 logs = /var/log/grafana 413 plugins = /var/lib/grafana/plugins 414 provisioning = /etc/grafana/provisioning 415 --- 416 # Source: loki-stack/charts/grafana/templates/tests/test-configmap.yaml 417 apiVersion: v1 418 kind: ConfigMap 419 metadata: 420 name: fluentbit-loki-stack-grafana-test 421 namespace: fluentbit-loki-stack-system 422 labels: 423 helm.sh/chart: grafana-6.16.12 424 app.kubernetes.io/name: grafana 425 app.kubernetes.io/instance: fluentbit-loki-stack 426 app.kubernetes.io/version: "8.1.6" 427 app.kubernetes.io/managed-by: Helm 428 data: 429 run.sh: |- 430 @test "Test Health" { 431 url="http://fluentbit-loki-stack-grafana/api/health" 432 433 code=$(wget --server-response --spider --timeout 10 --tries 1 ${url} 2>&1 | awk '/^ HTTP/{print $2}') 434 [ "$code" == "200" ] 435 } 436 --- 437 # Source: loki-stack/charts/prometheus/templates/alertmanager/cm.yaml 438 apiVersion: v1 439 kind: ConfigMap 440 metadata: 441 labels: 442 component: "alertmanager" 443 app: prometheus 444 release: fluentbit-loki-stack 445 chart: prometheus-11.16.9 446 heritage: Helm 447 name: fluentbit-loki-stack-prometheus-alertmanager 448 namespace: fluentbit-loki-stack-system 449 data: 450 alertmanager.yml: | 451 global: {} 452 receivers: 453 - name: default-receiver 454 route: 455 group_interval: 5m 456 group_wait: 10s 457 receiver: default-receiver 458 repeat_interval: 3h 459 --- 460 # Source: loki-stack/charts/prometheus/templates/server/cm.yaml 461 apiVersion: v1 462 kind: ConfigMap 463 metadata: 464 labels: 465 component: "server" 466 app: prometheus 467 release: fluentbit-loki-stack 468 chart: prometheus-11.16.9 469 heritage: Helm 470 name: fluentbit-loki-stack-prometheus-server 471 namespace: fluentbit-loki-stack-system 472 data: 473 alerting_rules.yml: | 474 {} 475 alerts: | 476 {} 477 prometheus.yml: | 478 global: 479 evaluation_interval: 1m 480 scrape_interval: 1m 481 scrape_timeout: 10s 482 rule_files: 483 - /etc/config/recording_rules.yml 484 - /etc/config/alerting_rules.yml 485 - /etc/config/rules 486 - /etc/config/alerts 487 scrape_configs: 488 - job_name: prometheus 489 static_configs: 490 - targets: 491 - localhost:9090 492 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 493 job_name: kubernetes-apiservers 494 kubernetes_sd_configs: 495 - role: endpoints 496 relabel_configs: 497 - action: keep 498 regex: default;kubernetes;https 499 source_labels: 500 - __meta_kubernetes_namespace 501 - __meta_kubernetes_service_name 502 - __meta_kubernetes_endpoint_port_name 503 scheme: https 504 tls_config: 505 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 506 insecure_skip_verify: true 507 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 508 job_name: kubernetes-nodes 509 kubernetes_sd_configs: 510 - role: node 511 relabel_configs: 512 - action: labelmap 513 regex: __meta_kubernetes_node_label_(.+) 514 - replacement: kubernetes.default.svc:443 515 target_label: __address__ 516 - regex: (.+) 517 replacement: /api/v1/nodes/$1/proxy/metrics 518 source_labels: 519 - __meta_kubernetes_node_name 520 target_label: __metrics_path__ 521 scheme: https 522 tls_config: 523 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 524 insecure_skip_verify: true 525 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 526 job_name: kubernetes-nodes-cadvisor 527 kubernetes_sd_configs: 528 - role: node 529 relabel_configs: 530 - action: labelmap 531 regex: __meta_kubernetes_node_label_(.+) 532 - replacement: kubernetes.default.svc:443 533 target_label: __address__ 534 - regex: (.+) 535 replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor 536 source_labels: 537 - __meta_kubernetes_node_name 538 target_label: __metrics_path__ 539 scheme: https 540 tls_config: 541 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 542 insecure_skip_verify: true 543 - job_name: kubernetes-service-endpoints 544 kubernetes_sd_configs: 545 - role: endpoints 546 relabel_configs: 547 - action: keep 548 regex: true 549 source_labels: 550 - __meta_kubernetes_service_annotation_prometheus_io_scrape 551 - action: replace 552 regex: (https?) 553 source_labels: 554 - __meta_kubernetes_service_annotation_prometheus_io_scheme 555 target_label: __scheme__ 556 - action: replace 557 regex: (.+) 558 source_labels: 559 - __meta_kubernetes_service_annotation_prometheus_io_path 560 target_label: __metrics_path__ 561 - action: replace 562 regex: ([^:]+)(?::\d+)?;(\d+) 563 replacement: $1:$2 564 source_labels: 565 - __address__ 566 - __meta_kubernetes_service_annotation_prometheus_io_port 567 target_label: __address__ 568 - action: labelmap 569 regex: __meta_kubernetes_service_label_(.+) 570 - action: replace 571 source_labels: 572 - __meta_kubernetes_namespace 573 target_label: kubernetes_namespace 574 - action: replace 575 source_labels: 576 - __meta_kubernetes_service_name 577 target_label: kubernetes_name 578 - action: replace 579 source_labels: 580 - __meta_kubernetes_pod_node_name 581 target_label: kubernetes_node 582 - job_name: kubernetes-service-endpoints-slow 583 kubernetes_sd_configs: 584 - role: endpoints 585 relabel_configs: 586 - action: keep 587 regex: true 588 source_labels: 589 - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow 590 - action: replace 591 regex: (https?) 592 source_labels: 593 - __meta_kubernetes_service_annotation_prometheus_io_scheme 594 target_label: __scheme__ 595 - action: replace 596 regex: (.+) 597 source_labels: 598 - __meta_kubernetes_service_annotation_prometheus_io_path 599 target_label: __metrics_path__ 600 - action: replace 601 regex: ([^:]+)(?::\d+)?;(\d+) 602 replacement: $1:$2 603 source_labels: 604 - __address__ 605 - __meta_kubernetes_service_annotation_prometheus_io_port 606 target_label: __address__ 607 - action: labelmap 608 regex: __meta_kubernetes_service_label_(.+) 609 - action: replace 610 source_labels: 611 - __meta_kubernetes_namespace 612 target_label: kubernetes_namespace 613 - action: replace 614 source_labels: 615 - __meta_kubernetes_service_name 616 target_label: kubernetes_name 617 - action: replace 618 source_labels: 619 - __meta_kubernetes_pod_node_name 620 target_label: kubernetes_node 621 scrape_interval: 5m 622 scrape_timeout: 30s 623 - honor_labels: true 624 job_name: prometheus-pushgateway 625 kubernetes_sd_configs: 626 - role: service 627 relabel_configs: 628 - action: keep 629 regex: pushgateway 630 source_labels: 631 - __meta_kubernetes_service_annotation_prometheus_io_probe 632 - job_name: kubernetes-services 633 kubernetes_sd_configs: 634 - role: service 635 metrics_path: /probe 636 params: 637 module: 638 - http_2xx 639 relabel_configs: 640 - action: keep 641 regex: true 642 source_labels: 643 - __meta_kubernetes_service_annotation_prometheus_io_probe 644 - source_labels: 645 - __address__ 646 target_label: __param_target 647 - replacement: blackbox 648 target_label: __address__ 649 - source_labels: 650 - __param_target 651 target_label: instance 652 - action: labelmap 653 regex: __meta_kubernetes_service_label_(.+) 654 - source_labels: 655 - __meta_kubernetes_namespace 656 target_label: kubernetes_namespace 657 - source_labels: 658 - __meta_kubernetes_service_name 659 target_label: kubernetes_name 660 - job_name: kubernetes-pods 661 kubernetes_sd_configs: 662 - role: pod 663 relabel_configs: 664 - action: keep 665 regex: true 666 source_labels: 667 - __meta_kubernetes_pod_annotation_prometheus_io_scrape 668 - action: replace 669 regex: (.+) 670 source_labels: 671 - __meta_kubernetes_pod_annotation_prometheus_io_path 672 target_label: __metrics_path__ 673 - action: replace 674 regex: ([^:]+)(?::\d+)?;(\d+) 675 replacement: $1:$2 676 source_labels: 677 - __address__ 678 - __meta_kubernetes_pod_annotation_prometheus_io_port 679 target_label: __address__ 680 - action: labelmap 681 regex: __meta_kubernetes_pod_label_(.+) 682 - action: replace 683 source_labels: 684 - __meta_kubernetes_namespace 685 target_label: kubernetes_namespace 686 - action: replace 687 source_labels: 688 - __meta_kubernetes_pod_name 689 target_label: kubernetes_pod_name 690 - action: drop 691 regex: Pending|Succeeded|Failed 692 source_labels: 693 - __meta_kubernetes_pod_phase 694 - job_name: kubernetes-pods-slow 695 kubernetes_sd_configs: 696 - role: pod 697 relabel_configs: 698 - action: keep 699 regex: true 700 source_labels: 701 - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow 702 - action: replace 703 regex: (.+) 704 source_labels: 705 - __meta_kubernetes_pod_annotation_prometheus_io_path 706 target_label: __metrics_path__ 707 - action: replace 708 regex: ([^:]+)(?::\d+)?;(\d+) 709 replacement: $1:$2 710 source_labels: 711 - __address__ 712 - __meta_kubernetes_pod_annotation_prometheus_io_port 713 target_label: __address__ 714 - action: labelmap 715 regex: __meta_kubernetes_pod_label_(.+) 716 - action: replace 717 source_labels: 718 - __meta_kubernetes_namespace 719 target_label: kubernetes_namespace 720 - action: replace 721 source_labels: 722 - __meta_kubernetes_pod_name 723 target_label: kubernetes_pod_name 724 - action: drop 725 regex: Pending|Succeeded|Failed 726 source_labels: 727 - __meta_kubernetes_pod_phase 728 scrape_interval: 5m 729 scrape_timeout: 30s 730 alerting: 731 alertmanagers: 732 - kubernetes_sd_configs: 733 - role: pod 734 tls_config: 735 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 736 bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 737 relabel_configs: 738 - source_labels: [__meta_kubernetes_namespace] 739 regex: fluentbit-loki-stack-system 740 action: keep 741 - source_labels: [__meta_kubernetes_pod_label_app] 742 regex: prometheus 743 action: keep 744 - source_labels: [__meta_kubernetes_pod_label_component] 745 regex: alertmanager 746 action: keep 747 - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_probe] 748 regex: .* 749 action: keep 750 - source_labels: [__meta_kubernetes_pod_container_port_number] 751 regex: "9093" 752 action: keep 753 recording_rules.yml: | 754 {} 755 rules: | 756 {} 757 --- 758 # Source: loki-stack/templates/datasources.yaml 759 apiVersion: v1 760 kind: ConfigMap 761 metadata: 762 name: fluentbit-loki-stack 763 namespace: fluentbit-loki-stack-system 764 labels: 765 app: loki-stack 766 chart: loki-stack-2.5.0 767 release: fluentbit-loki-stack 768 heritage: Helm 769 grafana_datasource: "1" 770 data: 771 loki-stack-datasource.yaml: |- 772 apiVersion: 1 773 datasources: 774 - name: Loki 775 type: loki 776 access: proxy 777 url: http://fluentbit-loki-stack:3100 778 version: 1 779 - name: Prometheus 780 type: prometheus 781 access: proxy 782 url: http://fluentbit-loki-stack-prometheus-server:80 783 version: 1 784 --- 785 # Source: loki-stack/templates/tests/loki-test-configmap.yaml 786 apiVersion: v1 787 kind: ConfigMap 788 metadata: 789 name: fluentbit-loki-stack-test 790 labels: 791 app: loki-stack 792 chart: loki-stack-2.5.0 793 release: fluentbit-loki-stack 794 heritage: Helm 795 data: 796 test.sh: | 797 #!/usr/bin/env bash 798 799 LOKI_URI="http://${LOKI_SERVICE}:${LOKI_PORT}" 800 801 function setup() { 802 apk add -u curl jq 803 until (curl -s ${LOKI_URI}/api/prom/label/app/values | jq -e '.values[] | select(. == "loki")'); do 804 sleep 1 805 done 806 } 807 808 @test "Has labels" { 809 curl -s ${LOKI_URI}/api/prom/label | \ 810 jq -e '.values[] | select(. == "app")' 811 } 812 813 @test "Query log entry" { 814 curl -sG ${LOKI_URI}/api/prom/query?limit=10 --data-urlencode 'query={app="loki"}' | \ 815 jq -e '.streams[].entries | length >= 1' 816 } 817 818 @test "Push log entry legacy" { 819 local timestamp=$(date -Iseconds -u | sed 's/UTC/.000000000+00:00/') 820 local data=$(jq -n --arg timestamp "${timestamp}" '{"streams": [{"labels": "{app=\"loki-test\"}", "entries": [{"ts": $timestamp, "line": "foobar"}]}]}') 821 822 curl -s -X POST -H "Content-Type: application/json" ${LOKI_URI}/api/prom/push -d "${data}" 823 824 curl -sG ${LOKI_URI}/api/prom/query?limit=1 --data-urlencode 'query={app="loki-test"}' | \ 825 jq -e '.streams[].entries[].line == "foobar"' 826 } 827 828 @test "Push log entry" { 829 local timestamp=$(date +%s000000000) 830 local data=$(jq -n --arg timestamp "${timestamp}" '{"streams": [{"stream": {"app": "loki-test"}, "values": [[$timestamp, "foobar"]]}]}') 831 832 curl -s -X POST -H "Content-Type: application/json" ${LOKI_URI}/loki/api/v1/push -d "${data}" 833 834 curl -sG ${LOKI_URI}/api/prom/query?limit=1 --data-urlencode 'query={app="loki-test"}' | \ 835 jq -e '.streams[].entries[].line == "foobar"' 836 } 837 --- 838 # Source: loki-stack/charts/fluent-bit/templates/clusterrole.yaml 839 kind: ClusterRole 840 apiVersion: rbac.authorization.k8s.io/v1 841 metadata: 842 labels: 843 app: fluent-bit-loki 844 chart: fluent-bit-2.3.0 845 release: fluentbit-loki-stack 846 heritage: Helm 847 name: fluentbit-loki-stack-fluent-bit-loki-clusterrole 848 rules: 849 - apiGroups: [""] # "" indicates the core API group 850 resources: 851 - namespaces 852 - pods 853 verbs: ["get", "watch", "list"] 854 --- 855 # Source: loki-stack/charts/grafana/templates/clusterrole.yaml 856 kind: ClusterRole 857 apiVersion: rbac.authorization.k8s.io/v1 858 metadata: 859 labels: 860 helm.sh/chart: grafana-6.16.12 861 app.kubernetes.io/name: grafana 862 app.kubernetes.io/instance: fluentbit-loki-stack 863 app.kubernetes.io/version: "8.1.6" 864 app.kubernetes.io/managed-by: Helm 865 name: fluentbit-loki-stack-grafana-clusterrole 866 rules: 867 - apiGroups: [""] # "" indicates the core API group 868 resources: ["configmaps", "secrets"] 869 verbs: ["get", "watch", "list"] 870 --- 871 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/clusterrole.yaml 872 apiVersion: rbac.authorization.k8s.io/v1beta1 873 kind: ClusterRole 874 metadata: 875 labels: 876 app.kubernetes.io/name: kube-state-metrics 877 helm.sh/chart: kube-state-metrics-2.8.14 878 app.kubernetes.io/managed-by: Helm 879 app.kubernetes.io/instance: fluentbit-loki-stack 880 name: fluentbit-loki-stack-kube-state-metrics 881 rules: 882 883 - apiGroups: ["certificates.k8s.io"] 884 resources: 885 - certificatesigningrequests 886 verbs: ["list", "watch"] 887 888 - apiGroups: [""] 889 resources: 890 - configmaps 891 verbs: ["list", "watch"] 892 893 - apiGroups: ["batch"] 894 resources: 895 - cronjobs 896 verbs: ["list", "watch"] 897 898 - apiGroups: ["extensions", "apps"] 899 resources: 900 - daemonsets 901 verbs: ["list", "watch"] 902 903 - apiGroups: ["extensions", "apps"] 904 resources: 905 - deployments 906 verbs: ["list", "watch"] 907 908 - apiGroups: [""] 909 resources: 910 - endpoints 911 verbs: ["list", "watch"] 912 913 - apiGroups: ["autoscaling"] 914 resources: 915 - horizontalpodautoscalers 916 verbs: ["list", "watch"] 917 918 - apiGroups: ["extensions", "networking.k8s.io"] 919 resources: 920 - ingresses 921 verbs: ["list", "watch"] 922 923 - apiGroups: ["batch"] 924 resources: 925 - jobs 926 verbs: ["list", "watch"] 927 928 - apiGroups: [""] 929 resources: 930 - limitranges 931 verbs: ["list", "watch"] 932 933 - apiGroups: ["admissionregistration.k8s.io"] 934 resources: 935 - mutatingwebhookconfigurations 936 verbs: ["list", "watch"] 937 938 - apiGroups: [""] 939 resources: 940 - namespaces 941 verbs: ["list", "watch"] 942 943 - apiGroups: ["networking.k8s.io"] 944 resources: 945 - networkpolicies 946 verbs: ["list", "watch"] 947 948 - apiGroups: [""] 949 resources: 950 - nodes 951 verbs: ["list", "watch"] 952 953 - apiGroups: [""] 954 resources: 955 - persistentvolumeclaims 956 verbs: ["list", "watch"] 957 958 - apiGroups: [""] 959 resources: 960 - persistentvolumes 961 verbs: ["list", "watch"] 962 963 - apiGroups: ["policy"] 964 resources: 965 - poddisruptionbudgets 966 verbs: ["list", "watch"] 967 968 - apiGroups: [""] 969 resources: 970 - pods 971 verbs: ["list", "watch"] 972 973 - apiGroups: ["extensions", "apps"] 974 resources: 975 - replicasets 976 verbs: ["list", "watch"] 977 978 - apiGroups: [""] 979 resources: 980 - replicationcontrollers 981 verbs: ["list", "watch"] 982 983 - apiGroups: [""] 984 resources: 985 - resourcequotas 986 verbs: ["list", "watch"] 987 988 - apiGroups: [""] 989 resources: 990 - secrets 991 verbs: ["list", "watch"] 992 993 - apiGroups: [""] 994 resources: 995 - services 996 verbs: ["list", "watch"] 997 998 - apiGroups: ["apps"] 999 resources: 1000 - statefulsets 1001 verbs: ["list", "watch"] 1002 1003 - apiGroups: ["storage.k8s.io"] 1004 resources: 1005 - storageclasses 1006 verbs: ["list", "watch"] 1007 1008 - apiGroups: ["admissionregistration.k8s.io"] 1009 resources: 1010 - validatingwebhookconfigurations 1011 verbs: ["list", "watch"] 1012 1013 - apiGroups: ["storage.k8s.io"] 1014 resources: 1015 - volumeattachments 1016 verbs: ["list", "watch"] 1017 --- 1018 # Source: loki-stack/charts/prometheus/templates/alertmanager/clusterrole.yaml 1019 apiVersion: rbac.authorization.k8s.io/v1 1020 kind: ClusterRole 1021 metadata: 1022 labels: 1023 component: "alertmanager" 1024 app: prometheus 1025 release: fluentbit-loki-stack 1026 chart: prometheus-11.16.9 1027 heritage: Helm 1028 name: fluentbit-loki-stack-prometheus-alertmanager 1029 rules: 1030 [] 1031 --- 1032 # Source: loki-stack/charts/prometheus/templates/pushgateway/clusterrole.yaml 1033 apiVersion: rbac.authorization.k8s.io/v1 1034 kind: ClusterRole 1035 metadata: 1036 labels: 1037 component: "pushgateway" 1038 app: prometheus 1039 release: fluentbit-loki-stack 1040 chart: prometheus-11.16.9 1041 heritage: Helm 1042 name: fluentbit-loki-stack-prometheus-pushgateway 1043 rules: 1044 [] 1045 --- 1046 # Source: loki-stack/charts/prometheus/templates/server/clusterrole.yaml 1047 apiVersion: rbac.authorization.k8s.io/v1 1048 kind: ClusterRole 1049 metadata: 1050 labels: 1051 component: "server" 1052 app: prometheus 1053 release: fluentbit-loki-stack 1054 chart: prometheus-11.16.9 1055 heritage: Helm 1056 name: fluentbit-loki-stack-prometheus-server 1057 rules: 1058 - apiGroups: 1059 - "" 1060 resources: 1061 - nodes 1062 - nodes/proxy 1063 - nodes/metrics 1064 - services 1065 - endpoints 1066 - pods 1067 - ingresses 1068 - configmaps 1069 verbs: 1070 - get 1071 - list 1072 - watch 1073 - apiGroups: 1074 - "extensions" 1075 - "networking.k8s.io" 1076 resources: 1077 - ingresses/status 1078 - ingresses 1079 verbs: 1080 - get 1081 - list 1082 - watch 1083 - nonResourceURLs: 1084 - "/metrics" 1085 verbs: 1086 - get 1087 --- 1088 # Source: loki-stack/charts/fluent-bit/templates/clusterrolebinding.yaml 1089 kind: ClusterRoleBinding 1090 apiVersion: rbac.authorization.k8s.io/v1 1091 metadata: 1092 name: fluentbit-loki-stack-fluent-bit-loki-clusterrolebinding 1093 labels: 1094 app: fluent-bit-loki 1095 chart: fluent-bit-2.3.0 1096 release: fluentbit-loki-stack 1097 heritage: Helm 1098 subjects: 1099 - kind: ServiceAccount 1100 name: fluentbit-loki-stack-fluent-bit-loki 1101 namespace: fluentbit-loki-stack-system 1102 roleRef: 1103 kind: ClusterRole 1104 name: fluentbit-loki-stack-fluent-bit-loki-clusterrole 1105 apiGroup: rbac.authorization.k8s.io 1106 --- 1107 # Source: loki-stack/charts/grafana/templates/clusterrolebinding.yaml 1108 kind: ClusterRoleBinding 1109 apiVersion: rbac.authorization.k8s.io/v1 1110 metadata: 1111 name: fluentbit-loki-stack-grafana-clusterrolebinding 1112 labels: 1113 helm.sh/chart: grafana-6.16.12 1114 app.kubernetes.io/name: grafana 1115 app.kubernetes.io/instance: fluentbit-loki-stack 1116 app.kubernetes.io/version: "8.1.6" 1117 app.kubernetes.io/managed-by: Helm 1118 subjects: 1119 - kind: ServiceAccount 1120 name: fluentbit-loki-stack-grafana 1121 namespace: fluentbit-loki-stack-system 1122 roleRef: 1123 kind: ClusterRole 1124 name: fluentbit-loki-stack-grafana-clusterrole 1125 apiGroup: rbac.authorization.k8s.io 1126 --- 1127 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml 1128 apiVersion: rbac.authorization.k8s.io/v1beta1 1129 kind: ClusterRoleBinding 1130 metadata: 1131 labels: 1132 app.kubernetes.io/name: kube-state-metrics 1133 helm.sh/chart: kube-state-metrics-2.8.14 1134 app.kubernetes.io/managed-by: Helm 1135 app.kubernetes.io/instance: fluentbit-loki-stack 1136 name: fluentbit-loki-stack-kube-state-metrics 1137 roleRef: 1138 apiGroup: rbac.authorization.k8s.io 1139 kind: ClusterRole 1140 name: fluentbit-loki-stack-kube-state-metrics 1141 subjects: 1142 - kind: ServiceAccount 1143 name: fluentbit-loki-stack-kube-state-metrics 1144 namespace: fluentbit-loki-stack-system 1145 --- 1146 # Source: loki-stack/charts/prometheus/templates/alertmanager/clusterrolebinding.yaml 1147 apiVersion: rbac.authorization.k8s.io/v1 1148 kind: ClusterRoleBinding 1149 metadata: 1150 labels: 1151 component: "alertmanager" 1152 app: prometheus 1153 release: fluentbit-loki-stack 1154 chart: prometheus-11.16.9 1155 heritage: Helm 1156 name: fluentbit-loki-stack-prometheus-alertmanager 1157 subjects: 1158 - kind: ServiceAccount 1159 name: fluentbit-loki-stack-prometheus-alertmanager 1160 namespace: fluentbit-loki-stack-system 1161 roleRef: 1162 apiGroup: rbac.authorization.k8s.io 1163 kind: ClusterRole 1164 name: fluentbit-loki-stack-prometheus-alertmanager 1165 --- 1166 # Source: loki-stack/charts/prometheus/templates/pushgateway/clusterrolebinding.yaml 1167 apiVersion: rbac.authorization.k8s.io/v1 1168 kind: ClusterRoleBinding 1169 metadata: 1170 labels: 1171 component: "pushgateway" 1172 app: prometheus 1173 release: fluentbit-loki-stack 1174 chart: prometheus-11.16.9 1175 heritage: Helm 1176 name: fluentbit-loki-stack-prometheus-pushgateway 1177 subjects: 1178 - kind: ServiceAccount 1179 name: fluentbit-loki-stack-prometheus-pushgateway 1180 namespace: fluentbit-loki-stack-system 1181 roleRef: 1182 apiGroup: rbac.authorization.k8s.io 1183 kind: ClusterRole 1184 name: fluentbit-loki-stack-prometheus-pushgateway 1185 --- 1186 # Source: loki-stack/charts/prometheus/templates/server/clusterrolebinding.yaml 1187 apiVersion: rbac.authorization.k8s.io/v1 1188 kind: ClusterRoleBinding 1189 metadata: 1190 labels: 1191 component: "server" 1192 app: prometheus 1193 release: fluentbit-loki-stack 1194 chart: prometheus-11.16.9 1195 heritage: Helm 1196 name: fluentbit-loki-stack-prometheus-server 1197 subjects: 1198 - kind: ServiceAccount 1199 name: fluentbit-loki-stack-prometheus-server 1200 namespace: fluentbit-loki-stack-system 1201 roleRef: 1202 apiGroup: rbac.authorization.k8s.io 1203 kind: ClusterRole 1204 name: fluentbit-loki-stack-prometheus-server 1205 --- 1206 # Source: loki-stack/charts/fluent-bit/templates/role.yaml 1207 apiVersion: rbac.authorization.k8s.io/v1 1208 kind: Role 1209 metadata: 1210 name: fluentbit-loki-stack-fluent-bit-loki 1211 namespace: fluentbit-loki-stack-system 1212 labels: 1213 app: fluent-bit-loki 1214 chart: fluent-bit-2.3.0 1215 heritage: Helm 1216 release: fluentbit-loki-stack 1217 rules: 1218 - apiGroups: ['extensions'] 1219 resources: ['podsecuritypolicies'] 1220 verbs: ['use'] 1221 resourceNames: [fluentbit-loki-stack-fluent-bit-loki] 1222 --- 1223 # Source: loki-stack/charts/grafana/templates/role.yaml 1224 apiVersion: rbac.authorization.k8s.io/v1 1225 kind: Role 1226 metadata: 1227 name: fluentbit-loki-stack-grafana 1228 namespace: fluentbit-loki-stack-system 1229 labels: 1230 helm.sh/chart: grafana-6.16.12 1231 app.kubernetes.io/name: grafana 1232 app.kubernetes.io/instance: fluentbit-loki-stack 1233 app.kubernetes.io/version: "8.1.6" 1234 app.kubernetes.io/managed-by: Helm 1235 rules: 1236 - apiGroups: ['extensions'] 1237 resources: ['podsecuritypolicies'] 1238 verbs: ['use'] 1239 resourceNames: [fluentbit-loki-stack-grafana] 1240 --- 1241 # Source: loki-stack/charts/grafana/templates/tests/test-role.yaml 1242 apiVersion: rbac.authorization.k8s.io/v1 1243 kind: Role 1244 metadata: 1245 name: fluentbit-loki-stack-grafana-test 1246 namespace: fluentbit-loki-stack-system 1247 labels: 1248 helm.sh/chart: grafana-6.16.12 1249 app.kubernetes.io/name: grafana 1250 app.kubernetes.io/instance: fluentbit-loki-stack 1251 app.kubernetes.io/version: "8.1.6" 1252 app.kubernetes.io/managed-by: Helm 1253 rules: 1254 - apiGroups: ['policy'] 1255 resources: ['podsecuritypolicies'] 1256 verbs: ['use'] 1257 resourceNames: [fluentbit-loki-stack-grafana-test] 1258 --- 1259 # Source: loki-stack/charts/loki/templates/role.yaml 1260 apiVersion: rbac.authorization.k8s.io/v1 1261 kind: Role 1262 metadata: 1263 name: fluentbit-loki-stack 1264 namespace: fluentbit-loki-stack-system 1265 labels: 1266 app: loki 1267 chart: loki-2.6.0 1268 heritage: Helm 1269 release: fluentbit-loki-stack 1270 rules: 1271 - apiGroups: ['extensions'] 1272 resources: ['podsecuritypolicies'] 1273 verbs: ['use'] 1274 resourceNames: [fluentbit-loki-stack] 1275 --- 1276 # Source: loki-stack/charts/fluent-bit/templates/rolebinding.yaml 1277 apiVersion: rbac.authorization.k8s.io/v1 1278 kind: RoleBinding 1279 metadata: 1280 name: fluentbit-loki-stack-fluent-bit-loki 1281 namespace: fluentbit-loki-stack-system 1282 labels: 1283 app: fluent-bit-loki 1284 chart: fluent-bit-2.3.0 1285 heritage: Helm 1286 release: fluentbit-loki-stack 1287 roleRef: 1288 apiGroup: rbac.authorization.k8s.io 1289 kind: Role 1290 name: fluentbit-loki-stack-fluent-bit-loki 1291 subjects: 1292 - kind: ServiceAccount 1293 name: fluentbit-loki-stack-fluent-bit-loki 1294 --- 1295 # Source: loki-stack/charts/grafana/templates/rolebinding.yaml 1296 apiVersion: rbac.authorization.k8s.io/v1 1297 kind: RoleBinding 1298 metadata: 1299 name: fluentbit-loki-stack-grafana 1300 namespace: fluentbit-loki-stack-system 1301 labels: 1302 helm.sh/chart: grafana-6.16.12 1303 app.kubernetes.io/name: grafana 1304 app.kubernetes.io/instance: fluentbit-loki-stack 1305 app.kubernetes.io/version: "8.1.6" 1306 app.kubernetes.io/managed-by: Helm 1307 roleRef: 1308 apiGroup: rbac.authorization.k8s.io 1309 kind: Role 1310 name: fluentbit-loki-stack-grafana 1311 subjects: 1312 - kind: ServiceAccount 1313 name: fluentbit-loki-stack-grafana 1314 namespace: fluentbit-loki-stack-system 1315 --- 1316 # Source: loki-stack/charts/grafana/templates/tests/test-rolebinding.yaml 1317 apiVersion: rbac.authorization.k8s.io/v1 1318 kind: RoleBinding 1319 metadata: 1320 name: fluentbit-loki-stack-grafana-test 1321 namespace: fluentbit-loki-stack-system 1322 labels: 1323 helm.sh/chart: grafana-6.16.12 1324 app.kubernetes.io/name: grafana 1325 app.kubernetes.io/instance: fluentbit-loki-stack 1326 app.kubernetes.io/version: "8.1.6" 1327 app.kubernetes.io/managed-by: Helm 1328 roleRef: 1329 apiGroup: rbac.authorization.k8s.io 1330 kind: Role 1331 name: fluentbit-loki-stack-grafana-test 1332 subjects: 1333 - kind: ServiceAccount 1334 name: fluentbit-loki-stack-grafana-test 1335 namespace: fluentbit-loki-stack-system 1336 --- 1337 # Source: loki-stack/charts/loki/templates/rolebinding.yaml 1338 apiVersion: rbac.authorization.k8s.io/v1 1339 kind: RoleBinding 1340 metadata: 1341 name: fluentbit-loki-stack 1342 namespace: fluentbit-loki-stack-system 1343 labels: 1344 app: loki 1345 chart: loki-2.6.0 1346 heritage: Helm 1347 release: fluentbit-loki-stack 1348 roleRef: 1349 apiGroup: rbac.authorization.k8s.io 1350 kind: Role 1351 name: fluentbit-loki-stack 1352 subjects: 1353 - kind: ServiceAccount 1354 name: fluentbit-loki-stack 1355 --- 1356 # Source: loki-stack/charts/grafana/templates/service.yaml 1357 apiVersion: v1 1358 kind: Service 1359 metadata: 1360 name: fluentbit-loki-stack-grafana 1361 namespace: fluentbit-loki-stack-system 1362 labels: 1363 helm.sh/chart: grafana-6.16.12 1364 app.kubernetes.io/name: grafana 1365 app.kubernetes.io/instance: fluentbit-loki-stack 1366 app.kubernetes.io/version: "8.1.6" 1367 app.kubernetes.io/managed-by: Helm 1368 spec: 1369 type: ClusterIP 1370 ports: 1371 - name: service 1372 port: 80 1373 protocol: TCP 1374 targetPort: 3000 1375 1376 selector: 1377 app.kubernetes.io/name: grafana 1378 app.kubernetes.io/instance: fluentbit-loki-stack 1379 --- 1380 # Source: loki-stack/charts/loki/templates/service-headless.yaml 1381 apiVersion: v1 1382 kind: Service 1383 metadata: 1384 name: fluentbit-loki-stack-headless 1385 namespace: fluentbit-loki-stack-system 1386 labels: 1387 app: loki 1388 chart: loki-2.6.0 1389 release: fluentbit-loki-stack 1390 heritage: Helm 1391 variant: headless 1392 spec: 1393 clusterIP: None 1394 ports: 1395 - port: 3100 1396 protocol: TCP 1397 name: http-metrics 1398 targetPort: http-metrics 1399 selector: 1400 app: loki 1401 release: fluentbit-loki-stack 1402 --- 1403 # Source: loki-stack/charts/loki/templates/service.yaml 1404 apiVersion: v1 1405 kind: Service 1406 metadata: 1407 name: fluentbit-loki-stack 1408 namespace: fluentbit-loki-stack-system 1409 labels: 1410 app: loki 1411 chart: loki-2.6.0 1412 release: fluentbit-loki-stack 1413 heritage: Helm 1414 annotations: 1415 {} 1416 spec: 1417 type: ClusterIP 1418 ports: 1419 - port: 3100 1420 protocol: TCP 1421 name: http-metrics 1422 targetPort: http-metrics 1423 selector: 1424 app: loki 1425 release: fluentbit-loki-stack 1426 --- 1427 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/service.yaml 1428 apiVersion: v1 1429 kind: Service 1430 metadata: 1431 name: fluentbit-loki-stack-kube-state-metrics 1432 namespace: fluentbit-loki-stack-system 1433 labels: 1434 app.kubernetes.io/name: kube-state-metrics 1435 helm.sh/chart: "kube-state-metrics-2.8.14" 1436 app.kubernetes.io/instance: "fluentbit-loki-stack" 1437 app.kubernetes.io/managed-by: "Helm" 1438 annotations: 1439 prometheus.io/scrape: 'true' 1440 spec: 1441 type: "ClusterIP" 1442 ports: 1443 - name: "http" 1444 protocol: TCP 1445 port: 8080 1446 targetPort: 8080 1447 selector: 1448 app.kubernetes.io/name: kube-state-metrics 1449 app.kubernetes.io/instance: fluentbit-loki-stack 1450 --- 1451 # Source: loki-stack/charts/prometheus/templates/alertmanager/service.yaml 1452 apiVersion: v1 1453 kind: Service 1454 metadata: 1455 labels: 1456 component: "alertmanager" 1457 app: prometheus 1458 release: fluentbit-loki-stack 1459 chart: prometheus-11.16.9 1460 heritage: Helm 1461 name: fluentbit-loki-stack-prometheus-alertmanager 1462 namespace: fluentbit-loki-stack-system 1463 spec: 1464 ports: 1465 - name: http 1466 port: 80 1467 protocol: TCP 1468 targetPort: 9093 1469 selector: 1470 component: "alertmanager" 1471 app: prometheus 1472 release: fluentbit-loki-stack 1473 sessionAffinity: None 1474 type: "ClusterIP" 1475 --- 1476 # Source: loki-stack/charts/prometheus/templates/node-exporter/svc.yaml 1477 apiVersion: v1 1478 kind: Service 1479 metadata: 1480 annotations: 1481 prometheus.io/scrape: "true" 1482 labels: 1483 component: "node-exporter" 1484 app: prometheus 1485 release: fluentbit-loki-stack 1486 chart: prometheus-11.16.9 1487 heritage: Helm 1488 name: fluentbit-loki-stack-prometheus-node-exporter 1489 namespace: fluentbit-loki-stack-system 1490 spec: 1491 clusterIP: None 1492 ports: 1493 - name: metrics 1494 port: 9100 1495 protocol: TCP 1496 targetPort: 9100 1497 selector: 1498 component: "node-exporter" 1499 app: prometheus 1500 release: fluentbit-loki-stack 1501 type: "ClusterIP" 1502 --- 1503 # Source: loki-stack/charts/prometheus/templates/pushgateway/service.yaml 1504 apiVersion: v1 1505 kind: Service 1506 metadata: 1507 annotations: 1508 prometheus.io/probe: pushgateway 1509 labels: 1510 component: "pushgateway" 1511 app: prometheus 1512 release: fluentbit-loki-stack 1513 chart: prometheus-11.16.9 1514 heritage: Helm 1515 name: fluentbit-loki-stack-prometheus-pushgateway 1516 namespace: fluentbit-loki-stack-system 1517 spec: 1518 ports: 1519 - name: http 1520 port: 9091 1521 protocol: TCP 1522 targetPort: 9091 1523 selector: 1524 component: "pushgateway" 1525 app: prometheus 1526 release: fluentbit-loki-stack 1527 type: "ClusterIP" 1528 --- 1529 # Source: loki-stack/charts/prometheus/templates/server/service.yaml 1530 apiVersion: v1 1531 kind: Service 1532 metadata: 1533 labels: 1534 component: "server" 1535 app: prometheus 1536 release: fluentbit-loki-stack 1537 chart: prometheus-11.16.9 1538 heritage: Helm 1539 name: fluentbit-loki-stack-prometheus-server 1540 namespace: fluentbit-loki-stack-system 1541 spec: 1542 ports: 1543 - name: http 1544 port: 80 1545 protocol: TCP 1546 targetPort: 9090 1547 selector: 1548 component: "server" 1549 app: prometheus 1550 release: fluentbit-loki-stack 1551 sessionAffinity: None 1552 type: "ClusterIP" 1553 --- 1554 # Source: loki-stack/charts/fluent-bit/templates/daemonset.yaml 1555 apiVersion: apps/v1 1556 kind: DaemonSet 1557 metadata: 1558 name: fluentbit-loki-stack-fluent-bit-loki 1559 namespace: fluentbit-loki-stack-system 1560 labels: 1561 app: fluent-bit-loki 1562 chart: fluent-bit-2.3.0 1563 release: fluentbit-loki-stack 1564 heritage: Helm 1565 annotations: 1566 {} 1567 spec: 1568 selector: 1569 matchLabels: 1570 app: fluent-bit-loki 1571 release: fluentbit-loki-stack 1572 updateStrategy: 1573 type: RollingUpdate 1574 template: 1575 metadata: 1576 labels: 1577 app: fluent-bit-loki 1578 release: fluentbit-loki-stack 1579 annotations: 1580 checksum/config: 5937498ff5f50005d7af3f586cb481912ca8dad9e454cac5f543248af15b5152 1581 prometheus.io/path: /api/v1/metrics/prometheus 1582 prometheus.io/port: "2020" 1583 prometheus.io/scrape: "true" 1584 spec: 1585 serviceAccountName: fluentbit-loki-stack-fluent-bit-loki 1586 containers: 1587 - name: fluent-bit-loki 1588 image: "grafana/fluent-bit-plugin-loki:2.1.0-amd64" 1589 imagePullPolicy: IfNotPresent 1590 volumeMounts: 1591 - name: config 1592 mountPath: /fluent-bit/etc 1593 - name: run 1594 mountPath: /run/fluent-bit 1595 - mountPath: /var/log 1596 name: varlog 1597 - mountPath: /var/lib/docker/containers 1598 name: varlibdockercontainers 1599 readOnly: true 1600 ports: 1601 - containerPort: 2020 1602 name: http-metrics 1603 resources: 1604 limits: 1605 memory: 100Mi 1606 requests: 1607 cpu: 100m 1608 memory: 100Mi 1609 nodeSelector: 1610 {} 1611 affinity: 1612 {} 1613 tolerations: 1614 - effect: NoSchedule 1615 key: node-role.kubernetes.io/master 1616 terminationGracePeriodSeconds: 10 1617 volumes: 1618 - name: config 1619 configMap: 1620 name: fluentbit-loki-stack-fluent-bit-loki 1621 - name: run 1622 hostPath: 1623 path: /run/fluent-bit 1624 - hostPath: 1625 path: /var/log 1626 name: varlog 1627 - hostPath: 1628 path: /var/lib/docker/containers 1629 name: varlibdockercontainers 1630 --- 1631 # Source: loki-stack/charts/prometheus/templates/node-exporter/daemonset.yaml 1632 apiVersion: apps/v1 1633 kind: DaemonSet 1634 metadata: 1635 labels: 1636 component: "node-exporter" 1637 app: prometheus 1638 release: fluentbit-loki-stack 1639 chart: prometheus-11.16.9 1640 heritage: Helm 1641 name: fluentbit-loki-stack-prometheus-node-exporter 1642 namespace: fluentbit-loki-stack-system 1643 spec: 1644 selector: 1645 matchLabels: 1646 component: "node-exporter" 1647 app: prometheus 1648 release: fluentbit-loki-stack 1649 updateStrategy: 1650 type: RollingUpdate 1651 template: 1652 metadata: 1653 labels: 1654 component: "node-exporter" 1655 app: prometheus 1656 release: fluentbit-loki-stack 1657 chart: prometheus-11.16.9 1658 heritage: Helm 1659 spec: 1660 serviceAccountName: fluentbit-loki-stack-prometheus-node-exporter 1661 containers: 1662 - name: prometheus-node-exporter 1663 image: "prom/node-exporter:v1.0.1" 1664 imagePullPolicy: "IfNotPresent" 1665 args: 1666 - --path.procfs=/host/proc 1667 - --path.sysfs=/host/sys 1668 - --web.listen-address=:9100 1669 ports: 1670 - name: metrics 1671 containerPort: 9100 1672 hostPort: 9100 1673 resources: 1674 {} 1675 volumeMounts: 1676 - name: proc 1677 mountPath: /host/proc 1678 readOnly: true 1679 - name: sys 1680 mountPath: /host/sys 1681 readOnly: true 1682 hostNetwork: true 1683 hostPID: true 1684 volumes: 1685 - name: proc 1686 hostPath: 1687 path: /proc 1688 - name: sys 1689 hostPath: 1690 path: /sys 1691 --- 1692 # Source: loki-stack/charts/grafana/templates/deployment.yaml 1693 apiVersion: apps/v1 1694 kind: Deployment 1695 metadata: 1696 name: fluentbit-loki-stack-grafana 1697 namespace: fluentbit-loki-stack-system 1698 labels: 1699 helm.sh/chart: grafana-6.16.12 1700 app.kubernetes.io/name: grafana 1701 app.kubernetes.io/instance: fluentbit-loki-stack 1702 app.kubernetes.io/version: "8.1.6" 1703 app.kubernetes.io/managed-by: Helm 1704 spec: 1705 replicas: 1 1706 revisionHistoryLimit: 10 1707 selector: 1708 matchLabels: 1709 app.kubernetes.io/name: grafana 1710 app.kubernetes.io/instance: fluentbit-loki-stack 1711 strategy: 1712 type: RollingUpdate 1713 template: 1714 metadata: 1715 labels: 1716 app.kubernetes.io/name: grafana 1717 app.kubernetes.io/instance: fluentbit-loki-stack 1718 annotations: 1719 checksum/config: 7fb14fb2c9ac8047aadcbed21e69722daef9f3d05912c1523090bf4f6ec9f937 1720 checksum/dashboards-json-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 1721 checksum/sc-dashboard-provider-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 1722 checksum/secret: ea7e531391140a5d348dd8fc130c9827f59d963c414d23d9e4e4c26eb221cd41 1723 spec: 1724 1725 serviceAccountName: fluentbit-loki-stack-grafana 1726 automountServiceAccountToken: true 1727 securityContext: 1728 fsGroup: 472 1729 runAsGroup: 472 1730 runAsUser: 472 1731 initContainers: 1732 - name: grafana-sc-datasources 1733 image: "quay.io/kiwigrid/k8s-sidecar:1.12.3" 1734 imagePullPolicy: IfNotPresent 1735 env: 1736 - name: METHOD 1737 value: LIST 1738 - name: LABEL 1739 value: "grafana_datasource" 1740 - name: FOLDER 1741 value: "/etc/grafana/provisioning/datasources" 1742 - name: RESOURCE 1743 value: "both" 1744 resources: 1745 {} 1746 volumeMounts: 1747 - name: sc-datasources-volume 1748 mountPath: "/etc/grafana/provisioning/datasources" 1749 enableServiceLinks: true 1750 containers: 1751 - name: grafana 1752 image: "grafana/grafana:8.1.6" 1753 imagePullPolicy: IfNotPresent 1754 volumeMounts: 1755 - name: config 1756 mountPath: "/etc/grafana/grafana.ini" 1757 subPath: grafana.ini 1758 - name: storage 1759 mountPath: "/var/lib/grafana" 1760 - name: sc-datasources-volume 1761 mountPath: "/etc/grafana/provisioning/datasources" 1762 ports: 1763 - name: service 1764 containerPort: 80 1765 protocol: TCP 1766 - name: grafana 1767 containerPort: 3000 1768 protocol: TCP 1769 env: 1770 - name: GF_SECURITY_ADMIN_USER 1771 valueFrom: 1772 secretKeyRef: 1773 name: fluentbit-loki-stack-grafana 1774 key: admin-user 1775 - name: GF_SECURITY_ADMIN_PASSWORD 1776 valueFrom: 1777 secretKeyRef: 1778 name: fluentbit-loki-stack-grafana 1779 key: admin-password 1780 1781 - name: GF_PATHS_DATA 1782 value: /var/lib/grafana/ 1783 - name: GF_PATHS_LOGS 1784 value: /var/log/grafana 1785 - name: GF_PATHS_PLUGINS 1786 value: /var/lib/grafana/plugins 1787 - name: GF_PATHS_PROVISIONING 1788 value: /etc/grafana/provisioning 1789 livenessProbe: 1790 failureThreshold: 10 1791 httpGet: 1792 path: /api/health 1793 port: 3000 1794 initialDelaySeconds: 60 1795 timeoutSeconds: 30 1796 readinessProbe: 1797 httpGet: 1798 path: /api/health 1799 port: 3000 1800 resources: 1801 {} 1802 volumes: 1803 - name: config 1804 configMap: 1805 name: fluentbit-loki-stack-grafana 1806 - name: storage 1807 emptyDir: {} 1808 - name: sc-datasources-volume 1809 emptyDir: {} 1810 --- 1811 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/deployment.yaml 1812 apiVersion: apps/v1 1813 kind: Deployment 1814 metadata: 1815 name: fluentbit-loki-stack-kube-state-metrics 1816 namespace: fluentbit-loki-stack-system 1817 labels: 1818 app.kubernetes.io/name: kube-state-metrics 1819 helm.sh/chart: "kube-state-metrics-2.8.14" 1820 app.kubernetes.io/instance: "fluentbit-loki-stack" 1821 app.kubernetes.io/managed-by: "Helm" 1822 spec: 1823 selector: 1824 matchLabels: 1825 app.kubernetes.io/name: kube-state-metrics 1826 replicas: 1 1827 template: 1828 metadata: 1829 labels: 1830 app.kubernetes.io/name: kube-state-metrics 1831 app.kubernetes.io/instance: "fluentbit-loki-stack" 1832 spec: 1833 hostNetwork: false 1834 serviceAccountName: fluentbit-loki-stack-kube-state-metrics 1835 securityContext: 1836 fsGroup: 65534 1837 runAsGroup: 65534 1838 runAsUser: 65534 1839 containers: 1840 - name: kube-state-metrics 1841 args: 1842 1843 - --collectors=certificatesigningrequests 1844 1845 1846 - --collectors=configmaps 1847 1848 1849 - --collectors=cronjobs 1850 1851 1852 - --collectors=daemonsets 1853 1854 1855 - --collectors=deployments 1856 1857 1858 - --collectors=endpoints 1859 1860 1861 - --collectors=horizontalpodautoscalers 1862 1863 1864 - --collectors=ingresses 1865 1866 1867 - --collectors=jobs 1868 1869 1870 - --collectors=limitranges 1871 1872 1873 - --collectors=mutatingwebhookconfigurations 1874 1875 1876 - --collectors=namespaces 1877 1878 1879 - --collectors=networkpolicies 1880 1881 1882 - --collectors=nodes 1883 1884 1885 - --collectors=persistentvolumeclaims 1886 1887 1888 - --collectors=persistentvolumes 1889 1890 1891 - --collectors=poddisruptionbudgets 1892 1893 1894 - --collectors=pods 1895 1896 1897 - --collectors=replicasets 1898 1899 1900 - --collectors=replicationcontrollers 1901 1902 1903 - --collectors=resourcequotas 1904 1905 1906 - --collectors=secrets 1907 1908 1909 - --collectors=services 1910 1911 1912 - --collectors=statefulsets 1913 1914 1915 - --collectors=storageclasses 1916 1917 1918 - --collectors=validatingwebhookconfigurations 1919 1920 1921 1922 - --collectors=volumeattachments 1923 1924 1925 1926 imagePullPolicy: IfNotPresent 1927 image: "quay.io/coreos/kube-state-metrics:v1.9.7" 1928 ports: 1929 - containerPort: 8080 1930 livenessProbe: 1931 httpGet: 1932 path: /healthz 1933 port: 8080 1934 initialDelaySeconds: 5 1935 timeoutSeconds: 5 1936 readinessProbe: 1937 httpGet: 1938 path: / 1939 port: 8080 1940 initialDelaySeconds: 5 1941 timeoutSeconds: 5 1942 --- 1943 # Source: loki-stack/charts/prometheus/templates/alertmanager/deploy.yaml 1944 apiVersion: apps/v1 1945 kind: Deployment 1946 metadata: 1947 labels: 1948 component: "alertmanager" 1949 app: prometheus 1950 release: fluentbit-loki-stack 1951 chart: prometheus-11.16.9 1952 heritage: Helm 1953 name: fluentbit-loki-stack-prometheus-alertmanager 1954 namespace: fluentbit-loki-stack-system 1955 spec: 1956 selector: 1957 matchLabels: 1958 component: "alertmanager" 1959 app: prometheus 1960 release: fluentbit-loki-stack 1961 replicas: 1 1962 template: 1963 metadata: 1964 labels: 1965 component: "alertmanager" 1966 app: prometheus 1967 release: fluentbit-loki-stack 1968 chart: prometheus-11.16.9 1969 heritage: Helm 1970 spec: 1971 serviceAccountName: fluentbit-loki-stack-prometheus-alertmanager 1972 containers: 1973 - name: prometheus-alertmanager 1974 image: "prom/alertmanager:v0.21.0" 1975 imagePullPolicy: "IfNotPresent" 1976 env: 1977 - name: POD_IP 1978 valueFrom: 1979 fieldRef: 1980 apiVersion: v1 1981 fieldPath: status.podIP 1982 args: 1983 - --config.file=/etc/config/alertmanager.yml 1984 - --storage.path=/data 1985 - --cluster.advertise-address=$(POD_IP):6783 1986 - --web.external-url=http://localhost:9093 1987 1988 ports: 1989 - containerPort: 9093 1990 readinessProbe: 1991 httpGet: 1992 path: /-/ready 1993 port: 9093 1994 initialDelaySeconds: 30 1995 timeoutSeconds: 30 1996 resources: 1997 {} 1998 volumeMounts: 1999 - name: config-volume 2000 mountPath: /etc/config 2001 - name: storage-volume 2002 mountPath: "/data" 2003 subPath: "" 2004 - name: prometheus-alertmanager-configmap-reload 2005 image: "jimmidyson/configmap-reload:v0.4.0" 2006 imagePullPolicy: "IfNotPresent" 2007 args: 2008 - --volume-dir=/etc/config 2009 - --webhook-url=http://127.0.0.1:9093/-/reload 2010 resources: 2011 {} 2012 volumeMounts: 2013 - name: config-volume 2014 mountPath: /etc/config 2015 readOnly: true 2016 securityContext: 2017 fsGroup: 65534 2018 runAsGroup: 65534 2019 runAsNonRoot: true 2020 runAsUser: 65534 2021 volumes: 2022 - name: config-volume 2023 configMap: 2024 name: fluentbit-loki-stack-prometheus-alertmanager 2025 - name: storage-volume 2026 emptyDir: 2027 {} 2028 --- 2029 # Source: loki-stack/charts/prometheus/templates/pushgateway/deploy.yaml 2030 apiVersion: apps/v1 2031 kind: Deployment 2032 metadata: 2033 labels: 2034 component: "pushgateway" 2035 app: prometheus 2036 release: fluentbit-loki-stack 2037 chart: prometheus-11.16.9 2038 heritage: Helm 2039 name: fluentbit-loki-stack-prometheus-pushgateway 2040 namespace: fluentbit-loki-stack-system 2041 spec: 2042 selector: 2043 matchLabels: 2044 component: "pushgateway" 2045 app: prometheus 2046 release: fluentbit-loki-stack 2047 replicas: 1 2048 template: 2049 metadata: 2050 labels: 2051 component: "pushgateway" 2052 app: prometheus 2053 release: fluentbit-loki-stack 2054 chart: prometheus-11.16.9 2055 heritage: Helm 2056 spec: 2057 serviceAccountName: fluentbit-loki-stack-prometheus-pushgateway 2058 containers: 2059 - name: prometheus-pushgateway 2060 image: "prom/pushgateway:v1.2.0" 2061 imagePullPolicy: "IfNotPresent" 2062 args: 2063 ports: 2064 - containerPort: 9091 2065 livenessProbe: 2066 httpGet: 2067 path: /-/healthy 2068 port: 9091 2069 initialDelaySeconds: 10 2070 timeoutSeconds: 10 2071 readinessProbe: 2072 httpGet: 2073 path: /-/ready 2074 port: 9091 2075 initialDelaySeconds: 10 2076 timeoutSeconds: 10 2077 resources: 2078 {} 2079 securityContext: 2080 runAsNonRoot: true 2081 runAsUser: 65534 2082 --- 2083 # Source: loki-stack/charts/prometheus/templates/server/deploy.yaml 2084 apiVersion: apps/v1 2085 kind: Deployment 2086 metadata: 2087 labels: 2088 component: "server" 2089 app: prometheus 2090 release: fluentbit-loki-stack 2091 chart: prometheus-11.16.9 2092 heritage: Helm 2093 name: fluentbit-loki-stack-prometheus-server 2094 namespace: fluentbit-loki-stack-system 2095 spec: 2096 selector: 2097 matchLabels: 2098 component: "server" 2099 app: prometheus 2100 release: fluentbit-loki-stack 2101 replicas: 1 2102 template: 2103 metadata: 2104 labels: 2105 component: "server" 2106 app: prometheus 2107 release: fluentbit-loki-stack 2108 chart: prometheus-11.16.9 2109 heritage: Helm 2110 spec: 2111 serviceAccountName: fluentbit-loki-stack-prometheus-server 2112 containers: 2113 - name: prometheus-server-configmap-reload 2114 image: "jimmidyson/configmap-reload:v0.4.0" 2115 imagePullPolicy: "IfNotPresent" 2116 args: 2117 - --volume-dir=/etc/config 2118 - --webhook-url=http://127.0.0.1:9090/-/reload 2119 resources: 2120 {} 2121 volumeMounts: 2122 - name: config-volume 2123 mountPath: /etc/config 2124 readOnly: true 2125 2126 - name: prometheus-server 2127 image: "prom/prometheus:v2.21.0" 2128 imagePullPolicy: "IfNotPresent" 2129 args: 2130 - --storage.tsdb.retention.time=15d 2131 - --config.file=/etc/config/prometheus.yml 2132 - --storage.tsdb.path=/data 2133 - --web.console.libraries=/etc/prometheus/console_libraries 2134 - --web.console.templates=/etc/prometheus/consoles 2135 - --web.enable-lifecycle 2136 ports: 2137 - containerPort: 9090 2138 readinessProbe: 2139 httpGet: 2140 path: /-/ready 2141 port: 9090 2142 initialDelaySeconds: 30 2143 periodSeconds: 5 2144 timeoutSeconds: 30 2145 failureThreshold: 3 2146 successThreshold: 1 2147 livenessProbe: 2148 httpGet: 2149 path: /-/healthy 2150 port: 9090 2151 initialDelaySeconds: 30 2152 periodSeconds: 15 2153 timeoutSeconds: 30 2154 failureThreshold: 3 2155 successThreshold: 1 2156 resources: 2157 {} 2158 volumeMounts: 2159 - name: config-volume 2160 mountPath: /etc/config 2161 - name: storage-volume 2162 mountPath: /data 2163 subPath: "" 2164 securityContext: 2165 fsGroup: 65534 2166 runAsGroup: 65534 2167 runAsNonRoot: true 2168 runAsUser: 65534 2169 terminationGracePeriodSeconds: 300 2170 volumes: 2171 - name: config-volume 2172 configMap: 2173 name: fluentbit-loki-stack-prometheus-server 2174 - name: storage-volume 2175 emptyDir: 2176 {} 2177 --- 2178 # Source: loki-stack/charts/loki/templates/statefulset.yaml 2179 apiVersion: apps/v1 2180 kind: StatefulSet 2181 metadata: 2182 name: fluentbit-loki-stack 2183 namespace: fluentbit-loki-stack-system 2184 labels: 2185 app: loki 2186 chart: loki-2.6.0 2187 release: fluentbit-loki-stack 2188 heritage: Helm 2189 annotations: 2190 {} 2191 spec: 2192 podManagementPolicy: OrderedReady 2193 replicas: 1 2194 selector: 2195 matchLabels: 2196 app: loki 2197 release: fluentbit-loki-stack 2198 serviceName: fluentbit-loki-stack-headless 2199 updateStrategy: 2200 type: RollingUpdate 2201 template: 2202 metadata: 2203 labels: 2204 app: loki 2205 name: loki 2206 release: fluentbit-loki-stack 2207 annotations: 2208 checksum/config: 8088eaa499cd1ae3d26086422018e2ed62c48beb0e3db9837ab6bd046a5db16d 2209 prometheus.io/port: http-metrics 2210 prometheus.io/scrape: "true" 2211 spec: 2212 serviceAccountName: fluentbit-loki-stack 2213 securityContext: 2214 fsGroup: 10001 2215 runAsGroup: 10001 2216 runAsNonRoot: true 2217 runAsUser: 10001 2218 initContainers: 2219 [] 2220 containers: 2221 - name: loki 2222 image: "grafana/loki:2.3.0" 2223 imagePullPolicy: IfNotPresent 2224 args: 2225 - "-config.file=/etc/loki/loki.yaml" 2226 volumeMounts: 2227 - name: config 2228 mountPath: /etc/loki 2229 - name: storage 2230 mountPath: "/data" 2231 subPath: 2232 ports: 2233 - name: http-metrics 2234 containerPort: 3100 2235 protocol: TCP 2236 livenessProbe: 2237 httpGet: 2238 path: /ready 2239 port: http-metrics 2240 initialDelaySeconds: 45 2241 readinessProbe: 2242 httpGet: 2243 path: /ready 2244 port: http-metrics 2245 initialDelaySeconds: 45 2246 resources: 2247 {} 2248 securityContext: 2249 readOnlyRootFilesystem: true 2250 env: 2251 nodeSelector: 2252 {} 2253 affinity: 2254 {} 2255 tolerations: 2256 [] 2257 terminationGracePeriodSeconds: 4800 2258 volumes: 2259 - name: config 2260 secret: 2261 secretName: fluentbit-loki-stack 2262 volumeClaimTemplates: 2263 - metadata: 2264 name: storage 2265 annotations: 2266 {} 2267 spec: 2268 accessModes: 2269 - ReadWriteOnce 2270 resources: 2271 requests: 2272 storage: "50Gi" 2273 storageClassName: longhorn 2274