github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/applications/loki-stack-promtail/promtail-loki-stack.yaml (about) 1 --- 2 # Source: loki-stack/charts/grafana/templates/podsecuritypolicy.yaml 3 apiVersion: policy/v1beta1 4 kind: PodSecurityPolicy 5 metadata: 6 name: promtail-grafana 7 labels: 8 helm.sh/chart: grafana-6.16.12 9 app.kubernetes.io/name: grafana 10 app.kubernetes.io/instance: promtail 11 app.kubernetes.io/version: "8.1.6" 12 app.kubernetes.io/managed-by: Helm 13 annotations: 14 seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' 15 seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 16 apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' 17 apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' 18 spec: 19 privileged: false 20 allowPrivilegeEscalation: false 21 requiredDropCapabilities: 22 # Default set from Docker, with DAC_OVERRIDE and CHOWN 23 - ALL 24 volumes: 25 - 'configMap' 26 - 'emptyDir' 27 - 'projected' 28 - 'csi' 29 - 'secret' 30 - 'downwardAPI' 31 - 'persistentVolumeClaim' 32 hostNetwork: false 33 hostIPC: false 34 hostPID: false 35 runAsUser: 36 rule: 'RunAsAny' 37 seLinux: 38 rule: 'RunAsAny' 39 supplementalGroups: 40 rule: 'MustRunAs' 41 ranges: 42 # Forbid adding the root group. 43 - min: 1 44 max: 65535 45 fsGroup: 46 rule: 'MustRunAs' 47 ranges: 48 # Forbid adding the root group. 49 - min: 1 50 max: 65535 51 readOnlyRootFilesystem: false 52 --- 53 # Source: loki-stack/charts/grafana/templates/tests/test-podsecuritypolicy.yaml 54 apiVersion: policy/v1beta1 55 kind: PodSecurityPolicy 56 metadata: 57 name: promtail-grafana-test 58 labels: 59 helm.sh/chart: grafana-6.16.12 60 app.kubernetes.io/name: grafana 61 app.kubernetes.io/instance: promtail 62 app.kubernetes.io/version: "8.1.6" 63 app.kubernetes.io/managed-by: Helm 64 spec: 65 allowPrivilegeEscalation: true 66 privileged: false 67 hostNetwork: false 68 hostIPC: false 69 hostPID: false 70 fsGroup: 71 rule: RunAsAny 72 seLinux: 73 rule: RunAsAny 74 supplementalGroups: 75 rule: RunAsAny 76 runAsUser: 77 rule: RunAsAny 78 volumes: 79 - configMap 80 - downwardAPI 81 - emptyDir 82 - projected 83 - csi 84 - secret 85 --- 86 # Source: loki-stack/charts/loki/templates/podsecuritypolicy.yaml 87 apiVersion: policy/v1beta1 88 kind: PodSecurityPolicy 89 metadata: 90 name: promtail-loki 91 labels: 92 app: loki 93 chart: loki-2.6.0 94 heritage: Helm 95 release: promtail 96 spec: 97 privileged: false 98 allowPrivilegeEscalation: false 99 volumes: 100 - 'configMap' 101 - 'emptyDir' 102 - 'persistentVolumeClaim' 103 - 'secret' 104 - 'projected' 105 - 'downwardAPI' 106 hostNetwork: false 107 hostIPC: false 108 hostPID: false 109 runAsUser: 110 rule: 'MustRunAsNonRoot' 111 seLinux: 112 rule: 'RunAsAny' 113 supplementalGroups: 114 rule: 'MustRunAs' 115 ranges: 116 - min: 1 117 max: 65535 118 fsGroup: 119 rule: 'MustRunAs' 120 ranges: 121 - min: 1 122 max: 65535 123 readOnlyRootFilesystem: true 124 requiredDropCapabilities: 125 - ALL 126 --- 127 # Source: loki-stack/charts/promtail/templates/podsecuritypolicy.yaml 128 apiVersion: policy/v1beta1 129 kind: PodSecurityPolicy 130 metadata: 131 name: promtail 132 labels: 133 app: promtail 134 chart: promtail-2.2.0 135 heritage: Helm 136 release: promtail 137 spec: 138 allowPrivilegeEscalation: false 139 fsGroup: 140 rule: RunAsAny 141 hostIPC: false 142 hostNetwork: false 143 hostPID: false 144 privileged: false 145 readOnlyRootFilesystem: true 146 requiredDropCapabilities: 147 - ALL 148 runAsUser: 149 rule: RunAsAny 150 seLinux: 151 rule: RunAsAny 152 supplementalGroups: 153 rule: RunAsAny 154 volumes: 155 - secret 156 - configMap 157 - hostPath 158 - projected 159 - downwardAPI 160 - emptyDir 161 --- 162 # Source: loki-stack/charts/grafana/templates/serviceaccount.yaml 163 apiVersion: v1 164 kind: ServiceAccount 165 metadata: 166 labels: 167 helm.sh/chart: grafana-6.16.12 168 app.kubernetes.io/name: grafana 169 app.kubernetes.io/instance: promtail 170 app.kubernetes.io/version: "8.1.6" 171 app.kubernetes.io/managed-by: Helm 172 name: promtail-grafana 173 namespace: promtail-loki-stack-system 174 --- 175 # Source: loki-stack/charts/grafana/templates/tests/test-serviceaccount.yaml 176 apiVersion: v1 177 kind: ServiceAccount 178 metadata: 179 labels: 180 helm.sh/chart: grafana-6.16.12 181 app.kubernetes.io/name: grafana 182 app.kubernetes.io/instance: promtail 183 app.kubernetes.io/version: "8.1.6" 184 app.kubernetes.io/managed-by: Helm 185 name: promtail-grafana-test 186 namespace: promtail-loki-stack-system 187 --- 188 # Source: loki-stack/charts/loki/templates/serviceaccount.yaml 189 apiVersion: v1 190 kind: ServiceAccount 191 metadata: 192 labels: 193 app: loki 194 chart: loki-2.6.0 195 heritage: Helm 196 release: promtail 197 annotations: 198 {} 199 name: promtail-loki 200 namespace: promtail-loki-stack-system 201 automountServiceAccountToken: true 202 --- 203 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml 204 apiVersion: v1 205 kind: ServiceAccount 206 metadata: 207 labels: 208 app.kubernetes.io/name: kube-state-metrics 209 helm.sh/chart: kube-state-metrics-2.8.14 210 app.kubernetes.io/managed-by: Helm 211 app.kubernetes.io/instance: promtail 212 name: promtail-kube-state-metrics 213 namespace: promtail-loki-stack-system 214 imagePullSecrets: 215 [] 216 --- 217 # Source: loki-stack/charts/prometheus/templates/alertmanager/serviceaccount.yaml 218 apiVersion: v1 219 kind: ServiceAccount 220 metadata: 221 labels: 222 component: "alertmanager" 223 app: prometheus 224 release: promtail 225 chart: prometheus-11.16.9 226 heritage: Helm 227 name: promtail-prometheus-alertmanager 228 namespace: promtail-loki-stack-system 229 annotations: 230 {} 231 --- 232 # Source: loki-stack/charts/prometheus/templates/node-exporter/serviceaccount.yaml 233 apiVersion: v1 234 kind: ServiceAccount 235 metadata: 236 labels: 237 component: "node-exporter" 238 app: prometheus 239 release: promtail 240 chart: prometheus-11.16.9 241 heritage: Helm 242 name: promtail-prometheus-node-exporter 243 namespace: promtail-loki-stack-system 244 annotations: 245 {} 246 --- 247 # Source: loki-stack/charts/prometheus/templates/pushgateway/serviceaccount.yaml 248 apiVersion: v1 249 kind: ServiceAccount 250 metadata: 251 labels: 252 component: "pushgateway" 253 app: prometheus 254 release: promtail 255 chart: prometheus-11.16.9 256 heritage: Helm 257 name: promtail-prometheus-pushgateway 258 namespace: promtail-loki-stack-system 259 annotations: 260 {} 261 --- 262 # Source: loki-stack/charts/prometheus/templates/server/serviceaccount.yaml 263 apiVersion: v1 264 kind: ServiceAccount 265 metadata: 266 labels: 267 component: "server" 268 app: prometheus 269 release: promtail 270 chart: prometheus-11.16.9 271 heritage: Helm 272 name: promtail-prometheus-server 273 namespace: promtail-loki-stack-system 274 annotations: 275 {} 276 --- 277 # Source: loki-stack/charts/promtail/templates/serviceaccount.yaml 278 apiVersion: v1 279 kind: ServiceAccount 280 metadata: 281 labels: 282 app: promtail 283 chart: promtail-2.2.0 284 heritage: Helm 285 release: promtail 286 name: promtail 287 namespace: promtail-loki-stack-system 288 --- 289 # Source: loki-stack/charts/grafana/templates/secret.yaml 290 apiVersion: v1 291 kind: Secret 292 metadata: 293 name: promtail-grafana 294 namespace: promtail-loki-stack-system 295 labels: 296 helm.sh/chart: grafana-6.16.12 297 app.kubernetes.io/name: grafana 298 app.kubernetes.io/instance: promtail 299 app.kubernetes.io/version: "8.1.6" 300 app.kubernetes.io/managed-by: Helm 301 type: Opaque 302 data: 303 admin-user: "YWRtaW4=" 304 admin-password: "UHVtaFRCcmtMTkphNlRKSFVmQVRzd3ptOXhSdmo3anBPMjZZUkpPQQ==" 305 ldap-toml: "" 306 --- 307 # Source: loki-stack/charts/loki/templates/secret.yaml 308 apiVersion: v1 309 kind: Secret 310 metadata: 311 name: promtail-loki 312 namespace: promtail-loki-stack-system 313 labels: 314 app: loki 315 chart: loki-2.6.0 316 release: promtail 317 heritage: Helm 318 data: 319 loki.yaml: YXV0aF9lbmFibGVkOiBmYWxzZQpjaHVua19zdG9yZV9jb25maWc6CiAgbWF4X2xvb2tfYmFja19wZXJpb2Q6IDBzCmNvbXBhY3RvcjoKICBzaGFyZWRfc3RvcmU6IGZpbGVzeXN0ZW0KICB3b3JraW5nX2RpcmVjdG9yeTogL2RhdGEvbG9raS9ib2x0ZGItc2hpcHBlci1jb21wYWN0b3IKaW5nZXN0ZXI6CiAgY2h1bmtfYmxvY2tfc2l6ZTogMjYyMTQ0CiAgY2h1bmtfaWRsZV9wZXJpb2Q6IDNtCiAgY2h1bmtfcmV0YWluX3BlcmlvZDogMW0KICBsaWZlY3ljbGVyOgogICAgcmluZzoKICAgICAga3ZzdG9yZToKICAgICAgICBzdG9yZTogaW5tZW1vcnkKICAgICAgcmVwbGljYXRpb25fZmFjdG9yOiAxCiAgbWF4X3RyYW5zZmVyX3JldHJpZXM6IDAKbGltaXRzX2NvbmZpZzoKICBlbmZvcmNlX21ldHJpY19uYW1lOiBmYWxzZQogIHJlamVjdF9vbGRfc2FtcGxlczogdHJ1ZQogIHJlamVjdF9vbGRfc2FtcGxlc19tYXhfYWdlOiAxNjhoCnNjaGVtYV9jb25maWc6CiAgY29uZmlnczoKICAtIGZyb206ICIyMDIwLTEwLTI0IgogICAgaW5kZXg6CiAgICAgIHBlcmlvZDogMjRoCiAgICAgIHByZWZpeDogaW5kZXhfCiAgICBvYmplY3Rfc3RvcmU6IGZpbGVzeXN0ZW0KICAgIHNjaGVtYTogdjExCiAgICBzdG9yZTogYm9sdGRiLXNoaXBwZXIKc2VydmVyOgogIGh0dHBfbGlzdGVuX3BvcnQ6IDMxMDAKc3RvcmFnZV9jb25maWc6CiAgYm9sdGRiX3NoaXBwZXI6CiAgICBhY3RpdmVfaW5kZXhfZGlyZWN0b3J5OiAvZGF0YS9sb2tpL2JvbHRkYi1zaGlwcGVyLWFjdGl2ZQogICAgY2FjaGVfbG9jYXRpb246IC9kYXRhL2xva2kvYm9sdGRiLXNoaXBwZXItY2FjaGUKICAgIGNhY2hlX3R0bDogMjRoCiAgICBzaGFyZWRfc3RvcmU6IGZpbGVzeXN0ZW0KICBmaWxlc3lzdGVtOgogICAgZGlyZWN0b3J5OiAvZGF0YS9sb2tpL2NodW5rcwp0YWJsZV9tYW5hZ2VyOgogIHJldGVudGlvbl9kZWxldGVzX2VuYWJsZWQ6IGZhbHNlCiAgcmV0ZW50aW9uX3BlcmlvZDogMHM= 320 --- 321 # Source: loki-stack/charts/grafana/templates/configmap.yaml 322 apiVersion: v1 323 kind: ConfigMap 324 metadata: 325 name: promtail-grafana 326 namespace: promtail-loki-stack-system 327 labels: 328 helm.sh/chart: grafana-6.16.12 329 app.kubernetes.io/name: grafana 330 app.kubernetes.io/instance: promtail 331 app.kubernetes.io/version: "8.1.6" 332 app.kubernetes.io/managed-by: Helm 333 data: 334 grafana.ini: | 335 [analytics] 336 check_for_updates = true 337 [grafana_net] 338 url = https://grafana.net 339 [log] 340 mode = console 341 [paths] 342 data = /var/lib/grafana/ 343 logs = /var/log/grafana 344 plugins = /var/lib/grafana/plugins 345 provisioning = /etc/grafana/provisioning 346 --- 347 # Source: loki-stack/charts/grafana/templates/tests/test-configmap.yaml 348 apiVersion: v1 349 kind: ConfigMap 350 metadata: 351 name: promtail-grafana-test 352 namespace: promtail-loki-stack-system 353 labels: 354 helm.sh/chart: grafana-6.16.12 355 app.kubernetes.io/name: grafana 356 app.kubernetes.io/instance: promtail 357 app.kubernetes.io/version: "8.1.6" 358 app.kubernetes.io/managed-by: Helm 359 data: 360 run.sh: |- 361 @test "Test Health" { 362 url="http://promtail-grafana/api/health" 363 364 code=$(wget --server-response --spider --timeout 10 --tries 1 ${url} 2>&1 | awk '/^ HTTP/{print $2}') 365 [ "$code" == "200" ] 366 } 367 --- 368 # Source: loki-stack/charts/prometheus/templates/alertmanager/cm.yaml 369 apiVersion: v1 370 kind: ConfigMap 371 metadata: 372 labels: 373 component: "alertmanager" 374 app: prometheus 375 release: promtail 376 chart: prometheus-11.16.9 377 heritage: Helm 378 name: promtail-prometheus-alertmanager 379 namespace: promtail-loki-stack-system 380 data: 381 alertmanager.yml: | 382 global: {} 383 receivers: 384 - name: default-receiver 385 route: 386 group_interval: 5m 387 group_wait: 10s 388 receiver: default-receiver 389 repeat_interval: 3h 390 --- 391 # Source: loki-stack/charts/prometheus/templates/server/cm.yaml 392 apiVersion: v1 393 kind: ConfigMap 394 metadata: 395 labels: 396 component: "server" 397 app: prometheus 398 release: promtail 399 chart: prometheus-11.16.9 400 heritage: Helm 401 name: promtail-prometheus-server 402 namespace: promtail-loki-stack-system 403 data: 404 alerting_rules.yml: | 405 {} 406 alerts: | 407 {} 408 prometheus.yml: | 409 global: 410 evaluation_interval: 1m 411 scrape_interval: 1m 412 scrape_timeout: 10s 413 rule_files: 414 - /etc/config/recording_rules.yml 415 - /etc/config/alerting_rules.yml 416 - /etc/config/rules 417 - /etc/config/alerts 418 scrape_configs: 419 - job_name: prometheus 420 static_configs: 421 - targets: 422 - localhost:9090 423 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 424 job_name: kubernetes-apiservers 425 kubernetes_sd_configs: 426 - role: endpoints 427 relabel_configs: 428 - action: keep 429 regex: default;kubernetes;https 430 source_labels: 431 - __meta_kubernetes_namespace 432 - __meta_kubernetes_service_name 433 - __meta_kubernetes_endpoint_port_name 434 scheme: https 435 tls_config: 436 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 437 insecure_skip_verify: true 438 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 439 job_name: kubernetes-nodes 440 kubernetes_sd_configs: 441 - role: node 442 relabel_configs: 443 - action: labelmap 444 regex: __meta_kubernetes_node_label_(.+) 445 - replacement: kubernetes.default.svc:443 446 target_label: __address__ 447 - regex: (.+) 448 replacement: /api/v1/nodes/$1/proxy/metrics 449 source_labels: 450 - __meta_kubernetes_node_name 451 target_label: __metrics_path__ 452 scheme: https 453 tls_config: 454 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 455 insecure_skip_verify: true 456 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 457 job_name: kubernetes-nodes-cadvisor 458 kubernetes_sd_configs: 459 - role: node 460 relabel_configs: 461 - action: labelmap 462 regex: __meta_kubernetes_node_label_(.+) 463 - replacement: kubernetes.default.svc:443 464 target_label: __address__ 465 - regex: (.+) 466 replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor 467 source_labels: 468 - __meta_kubernetes_node_name 469 target_label: __metrics_path__ 470 scheme: https 471 tls_config: 472 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 473 insecure_skip_verify: true 474 - job_name: kubernetes-service-endpoints 475 kubernetes_sd_configs: 476 - role: endpoints 477 relabel_configs: 478 - action: keep 479 regex: true 480 source_labels: 481 - __meta_kubernetes_service_annotation_prometheus_io_scrape 482 - action: replace 483 regex: (https?) 484 source_labels: 485 - __meta_kubernetes_service_annotation_prometheus_io_scheme 486 target_label: __scheme__ 487 - action: replace 488 regex: (.+) 489 source_labels: 490 - __meta_kubernetes_service_annotation_prometheus_io_path 491 target_label: __metrics_path__ 492 - action: replace 493 regex: ([^:]+)(?::\d+)?;(\d+) 494 replacement: $1:$2 495 source_labels: 496 - __address__ 497 - __meta_kubernetes_service_annotation_prometheus_io_port 498 target_label: __address__ 499 - action: labelmap 500 regex: __meta_kubernetes_service_label_(.+) 501 - action: replace 502 source_labels: 503 - __meta_kubernetes_namespace 504 target_label: kubernetes_namespace 505 - action: replace 506 source_labels: 507 - __meta_kubernetes_service_name 508 target_label: kubernetes_name 509 - action: replace 510 source_labels: 511 - __meta_kubernetes_pod_node_name 512 target_label: kubernetes_node 513 - job_name: kubernetes-service-endpoints-slow 514 kubernetes_sd_configs: 515 - role: endpoints 516 relabel_configs: 517 - action: keep 518 regex: true 519 source_labels: 520 - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow 521 - action: replace 522 regex: (https?) 523 source_labels: 524 - __meta_kubernetes_service_annotation_prometheus_io_scheme 525 target_label: __scheme__ 526 - action: replace 527 regex: (.+) 528 source_labels: 529 - __meta_kubernetes_service_annotation_prometheus_io_path 530 target_label: __metrics_path__ 531 - action: replace 532 regex: ([^:]+)(?::\d+)?;(\d+) 533 replacement: $1:$2 534 source_labels: 535 - __address__ 536 - __meta_kubernetes_service_annotation_prometheus_io_port 537 target_label: __address__ 538 - action: labelmap 539 regex: __meta_kubernetes_service_label_(.+) 540 - action: replace 541 source_labels: 542 - __meta_kubernetes_namespace 543 target_label: kubernetes_namespace 544 - action: replace 545 source_labels: 546 - __meta_kubernetes_service_name 547 target_label: kubernetes_name 548 - action: replace 549 source_labels: 550 - __meta_kubernetes_pod_node_name 551 target_label: kubernetes_node 552 scrape_interval: 5m 553 scrape_timeout: 30s 554 - honor_labels: true 555 job_name: prometheus-pushgateway 556 kubernetes_sd_configs: 557 - role: service 558 relabel_configs: 559 - action: keep 560 regex: pushgateway 561 source_labels: 562 - __meta_kubernetes_service_annotation_prometheus_io_probe 563 - job_name: kubernetes-services 564 kubernetes_sd_configs: 565 - role: service 566 metrics_path: /probe 567 params: 568 module: 569 - http_2xx 570 relabel_configs: 571 - action: keep 572 regex: true 573 source_labels: 574 - __meta_kubernetes_service_annotation_prometheus_io_probe 575 - source_labels: 576 - __address__ 577 target_label: __param_target 578 - replacement: blackbox 579 target_label: __address__ 580 - source_labels: 581 - __param_target 582 target_label: instance 583 - action: labelmap 584 regex: __meta_kubernetes_service_label_(.+) 585 - source_labels: 586 - __meta_kubernetes_namespace 587 target_label: kubernetes_namespace 588 - source_labels: 589 - __meta_kubernetes_service_name 590 target_label: kubernetes_name 591 - job_name: kubernetes-pods 592 kubernetes_sd_configs: 593 - role: pod 594 relabel_configs: 595 - action: keep 596 regex: true 597 source_labels: 598 - __meta_kubernetes_pod_annotation_prometheus_io_scrape 599 - action: replace 600 regex: (.+) 601 source_labels: 602 - __meta_kubernetes_pod_annotation_prometheus_io_path 603 target_label: __metrics_path__ 604 - action: replace 605 regex: ([^:]+)(?::\d+)?;(\d+) 606 replacement: $1:$2 607 source_labels: 608 - __address__ 609 - __meta_kubernetes_pod_annotation_prometheus_io_port 610 target_label: __address__ 611 - action: labelmap 612 regex: __meta_kubernetes_pod_label_(.+) 613 - action: replace 614 source_labels: 615 - __meta_kubernetes_namespace 616 target_label: kubernetes_namespace 617 - action: replace 618 source_labels: 619 - __meta_kubernetes_pod_name 620 target_label: kubernetes_pod_name 621 - action: drop 622 regex: Pending|Succeeded|Failed 623 source_labels: 624 - __meta_kubernetes_pod_phase 625 - job_name: kubernetes-pods-slow 626 kubernetes_sd_configs: 627 - role: pod 628 relabel_configs: 629 - action: keep 630 regex: true 631 source_labels: 632 - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow 633 - action: replace 634 regex: (.+) 635 source_labels: 636 - __meta_kubernetes_pod_annotation_prometheus_io_path 637 target_label: __metrics_path__ 638 - action: replace 639 regex: ([^:]+)(?::\d+)?;(\d+) 640 replacement: $1:$2 641 source_labels: 642 - __address__ 643 - __meta_kubernetes_pod_annotation_prometheus_io_port 644 target_label: __address__ 645 - action: labelmap 646 regex: __meta_kubernetes_pod_label_(.+) 647 - action: replace 648 source_labels: 649 - __meta_kubernetes_namespace 650 target_label: kubernetes_namespace 651 - action: replace 652 source_labels: 653 - __meta_kubernetes_pod_name 654 target_label: kubernetes_pod_name 655 - action: drop 656 regex: Pending|Succeeded|Failed 657 source_labels: 658 - __meta_kubernetes_pod_phase 659 scrape_interval: 5m 660 scrape_timeout: 30s 661 alerting: 662 alertmanagers: 663 - kubernetes_sd_configs: 664 - role: pod 665 tls_config: 666 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 667 bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 668 relabel_configs: 669 - source_labels: [__meta_kubernetes_namespace] 670 regex: promtail-loki-stack-system 671 action: keep 672 - source_labels: [__meta_kubernetes_pod_label_app] 673 regex: prometheus 674 action: keep 675 - source_labels: [__meta_kubernetes_pod_label_component] 676 regex: alertmanager 677 action: keep 678 - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_probe] 679 regex: .* 680 action: keep 681 - source_labels: [__meta_kubernetes_pod_container_port_number] 682 regex: "9093" 683 action: keep 684 recording_rules.yml: | 685 {} 686 rules: | 687 {} 688 --- 689 # Source: loki-stack/charts/promtail/templates/configmap.yaml 690 apiVersion: v1 691 kind: ConfigMap 692 metadata: 693 name: promtail 694 namespace: promtail-loki-stack-system 695 labels: 696 app: promtail 697 chart: promtail-2.2.0 698 release: promtail 699 heritage: Helm 700 data: 701 promtail.yaml: | 702 client: 703 backoff_config: 704 max_period: 5m 705 max_retries: 10 706 min_period: 500ms 707 batchsize: 1048576 708 batchwait: 1s 709 external_labels: {} 710 timeout: 10s 711 positions: 712 filename: /run/promtail/positions.yaml 713 server: 714 http_listen_port: 3101 715 target_config: 716 sync_period: 10s 717 scrape_configs: 718 - job_name: kubernetes-pods-name 719 pipeline_stages: 720 - docker: {} 721 kubernetes_sd_configs: 722 - role: pod 723 relabel_configs: 724 - source_labels: 725 - __meta_kubernetes_pod_label_name 726 target_label: __service__ 727 - source_labels: 728 - __meta_kubernetes_pod_node_name 729 target_label: __host__ 730 - action: drop 731 regex: '' 732 source_labels: 733 - __service__ 734 - action: labelmap 735 regex: __meta_kubernetes_pod_label_(.+) 736 - action: replace 737 replacement: $1 738 separator: / 739 source_labels: 740 - __meta_kubernetes_namespace 741 - __service__ 742 target_label: job 743 - action: replace 744 source_labels: 745 - __meta_kubernetes_namespace 746 target_label: namespace 747 - action: replace 748 source_labels: 749 - __meta_kubernetes_pod_name 750 target_label: pod 751 - action: replace 752 source_labels: 753 - __meta_kubernetes_pod_container_name 754 target_label: container 755 - replacement: /var/log/pods/*$1/*.log 756 separator: / 757 source_labels: 758 - __meta_kubernetes_pod_uid 759 - __meta_kubernetes_pod_container_name 760 target_label: __path__ 761 - job_name: kubernetes-pods-app 762 pipeline_stages: 763 - docker: {} 764 kubernetes_sd_configs: 765 - role: pod 766 relabel_configs: 767 - action: drop 768 regex: .+ 769 source_labels: 770 - __meta_kubernetes_pod_label_name 771 - source_labels: 772 - __meta_kubernetes_pod_label_app 773 target_label: __service__ 774 - source_labels: 775 - __meta_kubernetes_pod_node_name 776 target_label: __host__ 777 - action: drop 778 regex: '' 779 source_labels: 780 - __service__ 781 - action: labelmap 782 regex: __meta_kubernetes_pod_label_(.+) 783 - action: replace 784 replacement: $1 785 separator: / 786 source_labels: 787 - __meta_kubernetes_namespace 788 - __service__ 789 target_label: job 790 - action: replace 791 source_labels: 792 - __meta_kubernetes_namespace 793 target_label: namespace 794 - action: replace 795 source_labels: 796 - __meta_kubernetes_pod_name 797 target_label: pod 798 - action: replace 799 source_labels: 800 - __meta_kubernetes_pod_container_name 801 target_label: container 802 - replacement: /var/log/pods/*$1/*.log 803 separator: / 804 source_labels: 805 - __meta_kubernetes_pod_uid 806 - __meta_kubernetes_pod_container_name 807 target_label: __path__ 808 - job_name: kubernetes-pods-direct-controllers 809 pipeline_stages: 810 - docker: {} 811 kubernetes_sd_configs: 812 - role: pod 813 relabel_configs: 814 - action: drop 815 regex: .+ 816 separator: '' 817 source_labels: 818 - __meta_kubernetes_pod_label_name 819 - __meta_kubernetes_pod_label_app 820 - action: drop 821 regex: '[0-9a-z-.]+-[0-9a-f]{8,10}' 822 source_labels: 823 - __meta_kubernetes_pod_controller_name 824 - source_labels: 825 - __meta_kubernetes_pod_controller_name 826 target_label: __service__ 827 - source_labels: 828 - __meta_kubernetes_pod_node_name 829 target_label: __host__ 830 - action: drop 831 regex: '' 832 source_labels: 833 - __service__ 834 - action: labelmap 835 regex: __meta_kubernetes_pod_label_(.+) 836 - action: replace 837 replacement: $1 838 separator: / 839 source_labels: 840 - __meta_kubernetes_namespace 841 - __service__ 842 target_label: job 843 - action: replace 844 source_labels: 845 - __meta_kubernetes_namespace 846 target_label: namespace 847 - action: replace 848 source_labels: 849 - __meta_kubernetes_pod_name 850 target_label: pod 851 - action: replace 852 source_labels: 853 - __meta_kubernetes_pod_container_name 854 target_label: container 855 - replacement: /var/log/pods/*$1/*.log 856 separator: / 857 source_labels: 858 - __meta_kubernetes_pod_uid 859 - __meta_kubernetes_pod_container_name 860 target_label: __path__ 861 - job_name: kubernetes-pods-indirect-controller 862 pipeline_stages: 863 - docker: {} 864 kubernetes_sd_configs: 865 - role: pod 866 relabel_configs: 867 - action: drop 868 regex: .+ 869 separator: '' 870 source_labels: 871 - __meta_kubernetes_pod_label_name 872 - __meta_kubernetes_pod_label_app 873 - action: keep 874 regex: '[0-9a-z-.]+-[0-9a-f]{8,10}' 875 source_labels: 876 - __meta_kubernetes_pod_controller_name 877 - action: replace 878 regex: '([0-9a-z-.]+)-[0-9a-f]{8,10}' 879 source_labels: 880 - __meta_kubernetes_pod_controller_name 881 target_label: __service__ 882 - source_labels: 883 - __meta_kubernetes_pod_node_name 884 target_label: __host__ 885 - action: drop 886 regex: '' 887 source_labels: 888 - __service__ 889 - action: labelmap 890 regex: __meta_kubernetes_pod_label_(.+) 891 - action: replace 892 replacement: $1 893 separator: / 894 source_labels: 895 - __meta_kubernetes_namespace 896 - __service__ 897 target_label: job 898 - action: replace 899 source_labels: 900 - __meta_kubernetes_namespace 901 target_label: namespace 902 - action: replace 903 source_labels: 904 - __meta_kubernetes_pod_name 905 target_label: pod 906 - action: replace 907 source_labels: 908 - __meta_kubernetes_pod_container_name 909 target_label: container 910 - replacement: /var/log/pods/*$1/*.log 911 separator: / 912 source_labels: 913 - __meta_kubernetes_pod_uid 914 - __meta_kubernetes_pod_container_name 915 target_label: __path__ 916 - job_name: kubernetes-pods-static 917 pipeline_stages: 918 - docker: {} 919 kubernetes_sd_configs: 920 - role: pod 921 relabel_configs: 922 - action: drop 923 regex: '' 924 source_labels: 925 - __meta_kubernetes_pod_annotation_kubernetes_io_config_mirror 926 - action: replace 927 source_labels: 928 - __meta_kubernetes_pod_label_component 929 target_label: __service__ 930 - source_labels: 931 - __meta_kubernetes_pod_node_name 932 target_label: __host__ 933 - action: drop 934 regex: '' 935 source_labels: 936 - __service__ 937 - action: labelmap 938 regex: __meta_kubernetes_pod_label_(.+) 939 - action: replace 940 replacement: $1 941 separator: / 942 source_labels: 943 - __meta_kubernetes_namespace 944 - __service__ 945 target_label: job 946 - action: replace 947 source_labels: 948 - __meta_kubernetes_namespace 949 target_label: namespace 950 - action: replace 951 source_labels: 952 - __meta_kubernetes_pod_name 953 target_label: pod 954 - action: replace 955 source_labels: 956 - __meta_kubernetes_pod_container_name 957 target_label: container 958 - replacement: /var/log/pods/*$1/*.log 959 separator: / 960 source_labels: 961 - __meta_kubernetes_pod_annotation_kubernetes_io_config_mirror 962 - __meta_kubernetes_pod_container_name 963 target_label: __path__ 964 --- 965 # Source: loki-stack/templates/datasources.yaml 966 apiVersion: v1 967 kind: ConfigMap 968 metadata: 969 name: promtail-loki-stack 970 namespace: promtail-loki-stack-system 971 labels: 972 app: loki-stack 973 chart: loki-stack-2.5.0 974 release: promtail 975 heritage: Helm 976 grafana_datasource: "1" 977 data: 978 loki-stack-datasource.yaml: |- 979 apiVersion: 1 980 datasources: 981 - name: Loki 982 type: loki 983 access: proxy 984 url: http://promtail-loki:3100 985 version: 1 986 - name: Prometheus 987 type: prometheus 988 access: proxy 989 url: http://promtail-prometheus-server:80 990 version: 1 991 --- 992 # Source: loki-stack/templates/tests/loki-test-configmap.yaml 993 apiVersion: v1 994 kind: ConfigMap 995 metadata: 996 name: promtail-loki-stack-test 997 labels: 998 app: loki-stack 999 chart: loki-stack-2.5.0 1000 release: promtail 1001 heritage: Helm 1002 data: 1003 test.sh: | 1004 #!/usr/bin/env bash 1005 1006 LOKI_URI="http://${LOKI_SERVICE}:${LOKI_PORT}" 1007 1008 function setup() { 1009 apk add -u curl jq 1010 until (curl -s ${LOKI_URI}/api/prom/label/app/values | jq -e '.values[] | select(. == "loki")'); do 1011 sleep 1 1012 done 1013 } 1014 1015 @test "Has labels" { 1016 curl -s ${LOKI_URI}/api/prom/label | \ 1017 jq -e '.values[] | select(. == "app")' 1018 } 1019 1020 @test "Query log entry" { 1021 curl -sG ${LOKI_URI}/api/prom/query?limit=10 --data-urlencode 'query={app="loki"}' | \ 1022 jq -e '.streams[].entries | length >= 1' 1023 } 1024 1025 @test "Push log entry legacy" { 1026 local timestamp=$(date -Iseconds -u | sed 's/UTC/.000000000+00:00/') 1027 local data=$(jq -n --arg timestamp "${timestamp}" '{"streams": [{"labels": "{app=\"loki-test\"}", "entries": [{"ts": $timestamp, "line": "foobar"}]}]}') 1028 1029 curl -s -X POST -H "Content-Type: application/json" ${LOKI_URI}/api/prom/push -d "${data}" 1030 1031 curl -sG ${LOKI_URI}/api/prom/query?limit=1 --data-urlencode 'query={app="loki-test"}' | \ 1032 jq -e '.streams[].entries[].line == "foobar"' 1033 } 1034 1035 @test "Push log entry" { 1036 local timestamp=$(date +%s000000000) 1037 local data=$(jq -n --arg timestamp "${timestamp}" '{"streams": [{"stream": {"app": "loki-test"}, "values": [[$timestamp, "foobar"]]}]}') 1038 1039 curl -s -X POST -H "Content-Type: application/json" ${LOKI_URI}/loki/api/v1/push -d "${data}" 1040 1041 curl -sG ${LOKI_URI}/api/prom/query?limit=1 --data-urlencode 'query={app="loki-test"}' | \ 1042 jq -e '.streams[].entries[].line == "foobar"' 1043 } 1044 --- 1045 # Source: loki-stack/charts/grafana/templates/clusterrole.yaml 1046 kind: ClusterRole 1047 apiVersion: rbac.authorization.k8s.io/v1 1048 metadata: 1049 labels: 1050 helm.sh/chart: grafana-6.16.12 1051 app.kubernetes.io/name: grafana 1052 app.kubernetes.io/instance: promtail 1053 app.kubernetes.io/version: "8.1.6" 1054 app.kubernetes.io/managed-by: Helm 1055 name: promtail-grafana-clusterrole 1056 rules: 1057 - apiGroups: [""] # "" indicates the core API group 1058 resources: ["configmaps", "secrets"] 1059 verbs: ["get", "watch", "list"] 1060 --- 1061 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/clusterrole.yaml 1062 apiVersion: rbac.authorization.k8s.io/v1beta1 1063 kind: ClusterRole 1064 metadata: 1065 labels: 1066 app.kubernetes.io/name: kube-state-metrics 1067 helm.sh/chart: kube-state-metrics-2.8.14 1068 app.kubernetes.io/managed-by: Helm 1069 app.kubernetes.io/instance: promtail 1070 name: promtail-kube-state-metrics 1071 rules: 1072 1073 - apiGroups: ["certificates.k8s.io"] 1074 resources: 1075 - certificatesigningrequests 1076 verbs: ["list", "watch"] 1077 1078 - apiGroups: [""] 1079 resources: 1080 - configmaps 1081 verbs: ["list", "watch"] 1082 1083 - apiGroups: ["batch"] 1084 resources: 1085 - cronjobs 1086 verbs: ["list", "watch"] 1087 1088 - apiGroups: ["extensions", "apps"] 1089 resources: 1090 - daemonsets 1091 verbs: ["list", "watch"] 1092 1093 - apiGroups: ["extensions", "apps"] 1094 resources: 1095 - deployments 1096 verbs: ["list", "watch"] 1097 1098 - apiGroups: [""] 1099 resources: 1100 - endpoints 1101 verbs: ["list", "watch"] 1102 1103 - apiGroups: ["autoscaling"] 1104 resources: 1105 - horizontalpodautoscalers 1106 verbs: ["list", "watch"] 1107 1108 - apiGroups: ["extensions", "networking.k8s.io"] 1109 resources: 1110 - ingresses 1111 verbs: ["list", "watch"] 1112 1113 - apiGroups: ["batch"] 1114 resources: 1115 - jobs 1116 verbs: ["list", "watch"] 1117 1118 - apiGroups: [""] 1119 resources: 1120 - limitranges 1121 verbs: ["list", "watch"] 1122 1123 - apiGroups: ["admissionregistration.k8s.io"] 1124 resources: 1125 - mutatingwebhookconfigurations 1126 verbs: ["list", "watch"] 1127 1128 - apiGroups: [""] 1129 resources: 1130 - namespaces 1131 verbs: ["list", "watch"] 1132 1133 - apiGroups: ["networking.k8s.io"] 1134 resources: 1135 - networkpolicies 1136 verbs: ["list", "watch"] 1137 1138 - apiGroups: [""] 1139 resources: 1140 - nodes 1141 verbs: ["list", "watch"] 1142 1143 - apiGroups: [""] 1144 resources: 1145 - persistentvolumeclaims 1146 verbs: ["list", "watch"] 1147 1148 - apiGroups: [""] 1149 resources: 1150 - persistentvolumes 1151 verbs: ["list", "watch"] 1152 1153 - apiGroups: ["policy"] 1154 resources: 1155 - poddisruptionbudgets 1156 verbs: ["list", "watch"] 1157 1158 - apiGroups: [""] 1159 resources: 1160 - pods 1161 verbs: ["list", "watch"] 1162 1163 - apiGroups: ["extensions", "apps"] 1164 resources: 1165 - replicasets 1166 verbs: ["list", "watch"] 1167 1168 - apiGroups: [""] 1169 resources: 1170 - replicationcontrollers 1171 verbs: ["list", "watch"] 1172 1173 - apiGroups: [""] 1174 resources: 1175 - resourcequotas 1176 verbs: ["list", "watch"] 1177 1178 - apiGroups: [""] 1179 resources: 1180 - secrets 1181 verbs: ["list", "watch"] 1182 1183 - apiGroups: [""] 1184 resources: 1185 - services 1186 verbs: ["list", "watch"] 1187 1188 - apiGroups: ["apps"] 1189 resources: 1190 - statefulsets 1191 verbs: ["list", "watch"] 1192 1193 - apiGroups: ["storage.k8s.io"] 1194 resources: 1195 - storageclasses 1196 verbs: ["list", "watch"] 1197 1198 - apiGroups: ["admissionregistration.k8s.io"] 1199 resources: 1200 - validatingwebhookconfigurations 1201 verbs: ["list", "watch"] 1202 1203 - apiGroups: ["storage.k8s.io"] 1204 resources: 1205 - volumeattachments 1206 verbs: ["list", "watch"] 1207 --- 1208 # Source: loki-stack/charts/prometheus/templates/alertmanager/clusterrole.yaml 1209 apiVersion: rbac.authorization.k8s.io/v1 1210 kind: ClusterRole 1211 metadata: 1212 labels: 1213 component: "alertmanager" 1214 app: prometheus 1215 release: promtail 1216 chart: prometheus-11.16.9 1217 heritage: Helm 1218 name: promtail-prometheus-alertmanager 1219 rules: 1220 [] 1221 --- 1222 # Source: loki-stack/charts/prometheus/templates/pushgateway/clusterrole.yaml 1223 apiVersion: rbac.authorization.k8s.io/v1 1224 kind: ClusterRole 1225 metadata: 1226 labels: 1227 component: "pushgateway" 1228 app: prometheus 1229 release: promtail 1230 chart: prometheus-11.16.9 1231 heritage: Helm 1232 name: promtail-prometheus-pushgateway 1233 rules: 1234 [] 1235 --- 1236 # Source: loki-stack/charts/prometheus/templates/server/clusterrole.yaml 1237 apiVersion: rbac.authorization.k8s.io/v1 1238 kind: ClusterRole 1239 metadata: 1240 labels: 1241 component: "server" 1242 app: prometheus 1243 release: promtail 1244 chart: prometheus-11.16.9 1245 heritage: Helm 1246 name: promtail-prometheus-server 1247 rules: 1248 - apiGroups: 1249 - "" 1250 resources: 1251 - nodes 1252 - nodes/proxy 1253 - nodes/metrics 1254 - services 1255 - endpoints 1256 - pods 1257 - ingresses 1258 - configmaps 1259 verbs: 1260 - get 1261 - list 1262 - watch 1263 - apiGroups: 1264 - "extensions" 1265 - "networking.k8s.io" 1266 resources: 1267 - ingresses/status 1268 - ingresses 1269 verbs: 1270 - get 1271 - list 1272 - watch 1273 - nonResourceURLs: 1274 - "/metrics" 1275 verbs: 1276 - get 1277 --- 1278 # Source: loki-stack/charts/promtail/templates/clusterrole.yaml 1279 kind: ClusterRole 1280 apiVersion: rbac.authorization.k8s.io/v1 1281 metadata: 1282 labels: 1283 app: promtail 1284 chart: promtail-2.2.0 1285 release: promtail 1286 heritage: Helm 1287 name: promtail-clusterrole 1288 rules: 1289 - apiGroups: [""] # "" indicates the core API group 1290 resources: 1291 - nodes 1292 - nodes/proxy 1293 - services 1294 - endpoints 1295 - pods 1296 verbs: ["get", "watch", "list"] 1297 --- 1298 # Source: loki-stack/charts/grafana/templates/clusterrolebinding.yaml 1299 kind: ClusterRoleBinding 1300 apiVersion: rbac.authorization.k8s.io/v1 1301 metadata: 1302 name: promtail-grafana-clusterrolebinding 1303 labels: 1304 helm.sh/chart: grafana-6.16.12 1305 app.kubernetes.io/name: grafana 1306 app.kubernetes.io/instance: promtail 1307 app.kubernetes.io/version: "8.1.6" 1308 app.kubernetes.io/managed-by: Helm 1309 subjects: 1310 - kind: ServiceAccount 1311 name: promtail-grafana 1312 namespace: promtail-loki-stack-system 1313 roleRef: 1314 kind: ClusterRole 1315 name: promtail-grafana-clusterrole 1316 apiGroup: rbac.authorization.k8s.io 1317 --- 1318 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml 1319 apiVersion: rbac.authorization.k8s.io/v1beta1 1320 kind: ClusterRoleBinding 1321 metadata: 1322 labels: 1323 app.kubernetes.io/name: kube-state-metrics 1324 helm.sh/chart: kube-state-metrics-2.8.14 1325 app.kubernetes.io/managed-by: Helm 1326 app.kubernetes.io/instance: promtail 1327 name: promtail-kube-state-metrics 1328 roleRef: 1329 apiGroup: rbac.authorization.k8s.io 1330 kind: ClusterRole 1331 name: promtail-kube-state-metrics 1332 subjects: 1333 - kind: ServiceAccount 1334 name: promtail-kube-state-metrics 1335 namespace: promtail-loki-stack-system 1336 --- 1337 # Source: loki-stack/charts/prometheus/templates/alertmanager/clusterrolebinding.yaml 1338 apiVersion: rbac.authorization.k8s.io/v1 1339 kind: ClusterRoleBinding 1340 metadata: 1341 labels: 1342 component: "alertmanager" 1343 app: prometheus 1344 release: promtail 1345 chart: prometheus-11.16.9 1346 heritage: Helm 1347 name: promtail-prometheus-alertmanager 1348 subjects: 1349 - kind: ServiceAccount 1350 name: promtail-prometheus-alertmanager 1351 namespace: promtail-loki-stack-system 1352 roleRef: 1353 apiGroup: rbac.authorization.k8s.io 1354 kind: ClusterRole 1355 name: promtail-prometheus-alertmanager 1356 --- 1357 # Source: loki-stack/charts/prometheus/templates/pushgateway/clusterrolebinding.yaml 1358 apiVersion: rbac.authorization.k8s.io/v1 1359 kind: ClusterRoleBinding 1360 metadata: 1361 labels: 1362 component: "pushgateway" 1363 app: prometheus 1364 release: promtail 1365 chart: prometheus-11.16.9 1366 heritage: Helm 1367 name: promtail-prometheus-pushgateway 1368 subjects: 1369 - kind: ServiceAccount 1370 name: promtail-prometheus-pushgateway 1371 namespace: promtail-loki-stack-system 1372 roleRef: 1373 apiGroup: rbac.authorization.k8s.io 1374 kind: ClusterRole 1375 name: promtail-prometheus-pushgateway 1376 --- 1377 # Source: loki-stack/charts/prometheus/templates/server/clusterrolebinding.yaml 1378 apiVersion: rbac.authorization.k8s.io/v1 1379 kind: ClusterRoleBinding 1380 metadata: 1381 labels: 1382 component: "server" 1383 app: prometheus 1384 release: promtail 1385 chart: prometheus-11.16.9 1386 heritage: Helm 1387 name: promtail-prometheus-server 1388 subjects: 1389 - kind: ServiceAccount 1390 name: promtail-prometheus-server 1391 namespace: promtail-loki-stack-system 1392 roleRef: 1393 apiGroup: rbac.authorization.k8s.io 1394 kind: ClusterRole 1395 name: promtail-prometheus-server 1396 --- 1397 # Source: loki-stack/charts/promtail/templates/clusterrolebinding.yaml 1398 kind: ClusterRoleBinding 1399 apiVersion: rbac.authorization.k8s.io/v1 1400 metadata: 1401 name: promtail-clusterrolebinding 1402 labels: 1403 app: promtail 1404 chart: promtail-2.2.0 1405 release: promtail 1406 heritage: Helm 1407 subjects: 1408 - kind: ServiceAccount 1409 name: promtail 1410 namespace: promtail-loki-stack-system 1411 roleRef: 1412 kind: ClusterRole 1413 name: promtail-clusterrole 1414 apiGroup: rbac.authorization.k8s.io 1415 --- 1416 # Source: loki-stack/charts/grafana/templates/role.yaml 1417 apiVersion: rbac.authorization.k8s.io/v1 1418 kind: Role 1419 metadata: 1420 name: promtail-grafana 1421 namespace: promtail-loki-stack-system 1422 labels: 1423 helm.sh/chart: grafana-6.16.12 1424 app.kubernetes.io/name: grafana 1425 app.kubernetes.io/instance: promtail 1426 app.kubernetes.io/version: "8.1.6" 1427 app.kubernetes.io/managed-by: Helm 1428 rules: 1429 - apiGroups: ['extensions'] 1430 resources: ['podsecuritypolicies'] 1431 verbs: ['use'] 1432 resourceNames: [promtail-grafana] 1433 --- 1434 # Source: loki-stack/charts/grafana/templates/tests/test-role.yaml 1435 apiVersion: rbac.authorization.k8s.io/v1 1436 kind: Role 1437 metadata: 1438 name: promtail-grafana-test 1439 namespace: promtail-loki-stack-system 1440 labels: 1441 helm.sh/chart: grafana-6.16.12 1442 app.kubernetes.io/name: grafana 1443 app.kubernetes.io/instance: promtail 1444 app.kubernetes.io/version: "8.1.6" 1445 app.kubernetes.io/managed-by: Helm 1446 rules: 1447 - apiGroups: ['policy'] 1448 resources: ['podsecuritypolicies'] 1449 verbs: ['use'] 1450 resourceNames: [promtail-grafana-test] 1451 --- 1452 # Source: loki-stack/charts/loki/templates/role.yaml 1453 apiVersion: rbac.authorization.k8s.io/v1 1454 kind: Role 1455 metadata: 1456 name: promtail-loki 1457 namespace: promtail-loki-stack-system 1458 labels: 1459 app: loki 1460 chart: loki-2.6.0 1461 heritage: Helm 1462 release: promtail 1463 rules: 1464 - apiGroups: ['extensions'] 1465 resources: ['podsecuritypolicies'] 1466 verbs: ['use'] 1467 resourceNames: [promtail-loki] 1468 --- 1469 # Source: loki-stack/charts/promtail/templates/role.yaml 1470 apiVersion: rbac.authorization.k8s.io/v1 1471 kind: Role 1472 metadata: 1473 name: promtail 1474 namespace: promtail-loki-stack-system 1475 labels: 1476 app: promtail 1477 chart: promtail-2.2.0 1478 heritage: Helm 1479 release: promtail 1480 rules: 1481 - apiGroups: ['extensions'] 1482 resources: ['podsecuritypolicies'] 1483 verbs: ['use'] 1484 resourceNames: [promtail] 1485 --- 1486 # Source: loki-stack/charts/grafana/templates/rolebinding.yaml 1487 apiVersion: rbac.authorization.k8s.io/v1 1488 kind: RoleBinding 1489 metadata: 1490 name: promtail-grafana 1491 namespace: promtail-loki-stack-system 1492 labels: 1493 helm.sh/chart: grafana-6.16.12 1494 app.kubernetes.io/name: grafana 1495 app.kubernetes.io/instance: promtail 1496 app.kubernetes.io/version: "8.1.6" 1497 app.kubernetes.io/managed-by: Helm 1498 roleRef: 1499 apiGroup: rbac.authorization.k8s.io 1500 kind: Role 1501 name: promtail-grafana 1502 subjects: 1503 - kind: ServiceAccount 1504 name: promtail-grafana 1505 namespace: promtail-loki-stack-system 1506 --- 1507 # Source: loki-stack/charts/grafana/templates/tests/test-rolebinding.yaml 1508 apiVersion: rbac.authorization.k8s.io/v1 1509 kind: RoleBinding 1510 metadata: 1511 name: promtail-grafana-test 1512 namespace: promtail-loki-stack-system 1513 labels: 1514 helm.sh/chart: grafana-6.16.12 1515 app.kubernetes.io/name: grafana 1516 app.kubernetes.io/instance: promtail 1517 app.kubernetes.io/version: "8.1.6" 1518 app.kubernetes.io/managed-by: Helm 1519 roleRef: 1520 apiGroup: rbac.authorization.k8s.io 1521 kind: Role 1522 name: promtail-grafana-test 1523 subjects: 1524 - kind: ServiceAccount 1525 name: promtail-grafana-test 1526 namespace: promtail-loki-stack-system 1527 --- 1528 # Source: loki-stack/charts/loki/templates/rolebinding.yaml 1529 apiVersion: rbac.authorization.k8s.io/v1 1530 kind: RoleBinding 1531 metadata: 1532 name: promtail-loki 1533 namespace: promtail-loki-stack-system 1534 labels: 1535 app: loki 1536 chart: loki-2.6.0 1537 heritage: Helm 1538 release: promtail 1539 roleRef: 1540 apiGroup: rbac.authorization.k8s.io 1541 kind: Role 1542 name: promtail-loki 1543 subjects: 1544 - kind: ServiceAccount 1545 name: promtail-loki 1546 --- 1547 # Source: loki-stack/charts/promtail/templates/rolebinding.yaml 1548 apiVersion: rbac.authorization.k8s.io/v1 1549 kind: RoleBinding 1550 metadata: 1551 name: promtail 1552 namespace: promtail-loki-stack-system 1553 labels: 1554 app: promtail 1555 chart: promtail-2.2.0 1556 heritage: Helm 1557 release: promtail 1558 roleRef: 1559 apiGroup: rbac.authorization.k8s.io 1560 kind: Role 1561 name: promtail 1562 subjects: 1563 - kind: ServiceAccount 1564 name: promtail 1565 --- 1566 # Source: loki-stack/charts/grafana/templates/service.yaml 1567 apiVersion: v1 1568 kind: Service 1569 metadata: 1570 name: promtail-grafana 1571 namespace: promtail-loki-stack-system 1572 labels: 1573 helm.sh/chart: grafana-6.16.12 1574 app.kubernetes.io/name: grafana 1575 app.kubernetes.io/instance: promtail 1576 app.kubernetes.io/version: "8.1.6" 1577 app.kubernetes.io/managed-by: Helm 1578 spec: 1579 type: ClusterIP 1580 ports: 1581 - name: service 1582 port: 80 1583 protocol: TCP 1584 targetPort: 3000 1585 1586 selector: 1587 app.kubernetes.io/name: grafana 1588 app.kubernetes.io/instance: promtail 1589 --- 1590 # Source: loki-stack/charts/loki/templates/service-headless.yaml 1591 apiVersion: v1 1592 kind: Service 1593 metadata: 1594 name: promtail-loki-headless 1595 namespace: promtail-loki-stack-system 1596 labels: 1597 app: loki 1598 chart: loki-2.6.0 1599 release: promtail 1600 heritage: Helm 1601 variant: headless 1602 spec: 1603 clusterIP: None 1604 ports: 1605 - port: 3100 1606 protocol: TCP 1607 name: http-metrics 1608 targetPort: http-metrics 1609 selector: 1610 app: loki 1611 release: promtail 1612 --- 1613 # Source: loki-stack/charts/loki/templates/service.yaml 1614 apiVersion: v1 1615 kind: Service 1616 metadata: 1617 name: promtail-loki 1618 namespace: promtail-loki-stack-system 1619 labels: 1620 app: loki 1621 chart: loki-2.6.0 1622 release: promtail 1623 heritage: Helm 1624 annotations: 1625 {} 1626 spec: 1627 type: ClusterIP 1628 ports: 1629 - port: 3100 1630 protocol: TCP 1631 name: http-metrics 1632 targetPort: http-metrics 1633 selector: 1634 app: loki 1635 release: promtail 1636 --- 1637 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/service.yaml 1638 apiVersion: v1 1639 kind: Service 1640 metadata: 1641 name: promtail-kube-state-metrics 1642 namespace: promtail-loki-stack-system 1643 labels: 1644 app.kubernetes.io/name: kube-state-metrics 1645 helm.sh/chart: "kube-state-metrics-2.8.14" 1646 app.kubernetes.io/instance: "promtail" 1647 app.kubernetes.io/managed-by: "Helm" 1648 annotations: 1649 prometheus.io/scrape: 'true' 1650 spec: 1651 type: "ClusterIP" 1652 ports: 1653 - name: "http" 1654 protocol: TCP 1655 port: 8080 1656 targetPort: 8080 1657 selector: 1658 app.kubernetes.io/name: kube-state-metrics 1659 app.kubernetes.io/instance: promtail 1660 --- 1661 # Source: loki-stack/charts/prometheus/templates/alertmanager/service.yaml 1662 apiVersion: v1 1663 kind: Service 1664 metadata: 1665 labels: 1666 component: "alertmanager" 1667 app: prometheus 1668 release: promtail 1669 chart: prometheus-11.16.9 1670 heritage: Helm 1671 name: promtail-prometheus-alertmanager 1672 namespace: promtail-loki-stack-system 1673 spec: 1674 ports: 1675 - name: http 1676 port: 80 1677 protocol: TCP 1678 targetPort: 9093 1679 selector: 1680 component: "alertmanager" 1681 app: prometheus 1682 release: promtail 1683 sessionAffinity: None 1684 type: "ClusterIP" 1685 --- 1686 # Source: loki-stack/charts/prometheus/templates/node-exporter/svc.yaml 1687 apiVersion: v1 1688 kind: Service 1689 metadata: 1690 annotations: 1691 prometheus.io/scrape: "true" 1692 labels: 1693 component: "node-exporter" 1694 app: prometheus 1695 release: promtail 1696 chart: prometheus-11.16.9 1697 heritage: Helm 1698 name: promtail-prometheus-node-exporter 1699 namespace: promtail-loki-stack-system 1700 spec: 1701 clusterIP: None 1702 ports: 1703 - name: metrics 1704 port: 9100 1705 protocol: TCP 1706 targetPort: 9100 1707 selector: 1708 component: "node-exporter" 1709 app: prometheus 1710 release: promtail 1711 type: "ClusterIP" 1712 --- 1713 # Source: loki-stack/charts/prometheus/templates/pushgateway/service.yaml 1714 apiVersion: v1 1715 kind: Service 1716 metadata: 1717 annotations: 1718 prometheus.io/probe: pushgateway 1719 labels: 1720 component: "pushgateway" 1721 app: prometheus 1722 release: promtail 1723 chart: prometheus-11.16.9 1724 heritage: Helm 1725 name: promtail-prometheus-pushgateway 1726 namespace: promtail-loki-stack-system 1727 spec: 1728 ports: 1729 - name: http 1730 port: 9091 1731 protocol: TCP 1732 targetPort: 9091 1733 selector: 1734 component: "pushgateway" 1735 app: prometheus 1736 release: promtail 1737 type: "ClusterIP" 1738 --- 1739 # Source: loki-stack/charts/prometheus/templates/server/service.yaml 1740 apiVersion: v1 1741 kind: Service 1742 metadata: 1743 labels: 1744 component: "server" 1745 app: prometheus 1746 release: promtail 1747 chart: prometheus-11.16.9 1748 heritage: Helm 1749 name: promtail-prometheus-server 1750 namespace: promtail-loki-stack-system 1751 spec: 1752 ports: 1753 - name: http 1754 port: 80 1755 protocol: TCP 1756 targetPort: 9090 1757 selector: 1758 component: "server" 1759 app: prometheus 1760 release: promtail 1761 sessionAffinity: None 1762 type: "ClusterIP" 1763 --- 1764 # Source: loki-stack/charts/prometheus/templates/node-exporter/daemonset.yaml 1765 apiVersion: apps/v1 1766 kind: DaemonSet 1767 metadata: 1768 labels: 1769 component: "node-exporter" 1770 app: prometheus 1771 release: promtail 1772 chart: prometheus-11.16.9 1773 heritage: Helm 1774 name: promtail-prometheus-node-exporter 1775 namespace: promtail-loki-stack-system 1776 spec: 1777 selector: 1778 matchLabels: 1779 component: "node-exporter" 1780 app: prometheus 1781 release: promtail 1782 updateStrategy: 1783 type: RollingUpdate 1784 template: 1785 metadata: 1786 labels: 1787 component: "node-exporter" 1788 app: prometheus 1789 release: promtail 1790 chart: prometheus-11.16.9 1791 heritage: Helm 1792 spec: 1793 serviceAccountName: promtail-prometheus-node-exporter 1794 containers: 1795 - name: prometheus-node-exporter 1796 image: "prom/node-exporter:v1.0.1" 1797 imagePullPolicy: "IfNotPresent" 1798 args: 1799 - --path.procfs=/host/proc 1800 - --path.sysfs=/host/sys 1801 - --web.listen-address=:9100 1802 ports: 1803 - name: metrics 1804 containerPort: 9100 1805 hostPort: 9100 1806 resources: 1807 {} 1808 volumeMounts: 1809 - name: proc 1810 mountPath: /host/proc 1811 readOnly: true 1812 - name: sys 1813 mountPath: /host/sys 1814 readOnly: true 1815 hostNetwork: true 1816 hostPID: true 1817 volumes: 1818 - name: proc 1819 hostPath: 1820 path: /proc 1821 - name: sys 1822 hostPath: 1823 path: /sys 1824 --- 1825 # Source: loki-stack/charts/promtail/templates/daemonset.yaml 1826 apiVersion: apps/v1 1827 kind: DaemonSet 1828 metadata: 1829 name: promtail 1830 namespace: promtail-loki-stack-system 1831 labels: 1832 app: promtail 1833 chart: promtail-2.2.0 1834 release: promtail 1835 heritage: Helm 1836 annotations: 1837 {} 1838 spec: 1839 selector: 1840 matchLabels: 1841 app: promtail 1842 release: promtail 1843 updateStrategy: 1844 {} 1845 template: 1846 metadata: 1847 labels: 1848 app: promtail 1849 release: promtail 1850 annotations: 1851 checksum/config: 247089df771a852c189c31079b4ef910b45a2f1d26f0223e664ecd1c70219084 1852 prometheus.io/port: http-metrics 1853 prometheus.io/scrape: "true" 1854 spec: 1855 serviceAccountName: promtail 1856 containers: 1857 - name: promtail 1858 image: "grafana/promtail:2.1.0" 1859 imagePullPolicy: IfNotPresent 1860 args: 1861 - "-config.file=/etc/promtail/promtail.yaml" 1862 - "-client.url=http://promtail-loki:3100/loki/api/v1/push" 1863 volumeMounts: 1864 - name: config 1865 mountPath: /etc/promtail 1866 - name: run 1867 mountPath: /run/promtail 1868 - mountPath: /var/lib/docker/containers 1869 name: docker 1870 readOnly: true 1871 - mountPath: /var/log/pods 1872 name: pods 1873 readOnly: true 1874 env: 1875 - name: HOSTNAME 1876 valueFrom: 1877 fieldRef: 1878 fieldPath: spec.nodeName 1879 ports: 1880 - containerPort: 3101 1881 name: http-metrics 1882 securityContext: 1883 readOnlyRootFilesystem: true 1884 runAsGroup: 0 1885 runAsUser: 0 1886 readinessProbe: 1887 failureThreshold: 5 1888 httpGet: 1889 path: /ready 1890 port: http-metrics 1891 initialDelaySeconds: 10 1892 periodSeconds: 10 1893 successThreshold: 1 1894 timeoutSeconds: 1 1895 resources: 1896 {} 1897 nodeSelector: 1898 {} 1899 affinity: 1900 {} 1901 tolerations: 1902 - effect: NoSchedule 1903 key: node-role.kubernetes.io/master 1904 operator: Exists 1905 volumes: 1906 - name: config 1907 configMap: 1908 name: promtail 1909 - name: run 1910 hostPath: 1911 path: /run/promtail 1912 - hostPath: 1913 path: /var/lib/docker/containers 1914 name: docker 1915 - hostPath: 1916 path: /var/log/pods 1917 name: pods 1918 --- 1919 # Source: loki-stack/charts/grafana/templates/deployment.yaml 1920 apiVersion: apps/v1 1921 kind: Deployment 1922 metadata: 1923 name: promtail-grafana 1924 namespace: promtail-loki-stack-system 1925 labels: 1926 helm.sh/chart: grafana-6.16.12 1927 app.kubernetes.io/name: grafana 1928 app.kubernetes.io/instance: promtail 1929 app.kubernetes.io/version: "8.1.6" 1930 app.kubernetes.io/managed-by: Helm 1931 spec: 1932 replicas: 1 1933 revisionHistoryLimit: 10 1934 selector: 1935 matchLabels: 1936 app.kubernetes.io/name: grafana 1937 app.kubernetes.io/instance: promtail 1938 strategy: 1939 type: RollingUpdate 1940 template: 1941 metadata: 1942 labels: 1943 app.kubernetes.io/name: grafana 1944 app.kubernetes.io/instance: promtail 1945 annotations: 1946 checksum/config: 4f1eb9cddf8312b757f8d541fca4e213a2fe157f365fa28e4796dbdaf7a29e22 1947 checksum/dashboards-json-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 1948 checksum/sc-dashboard-provider-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 1949 checksum/secret: 39a1607ae38bc5f5c581a6ff51233d9c3487734ccdc4a5d6adee4e9bc0b75c8e 1950 spec: 1951 1952 serviceAccountName: promtail-grafana 1953 automountServiceAccountToken: true 1954 securityContext: 1955 fsGroup: 472 1956 runAsGroup: 472 1957 runAsUser: 472 1958 initContainers: 1959 - name: grafana-sc-datasources 1960 image: "quay.io/kiwigrid/k8s-sidecar:1.12.3" 1961 imagePullPolicy: IfNotPresent 1962 env: 1963 - name: METHOD 1964 value: LIST 1965 - name: LABEL 1966 value: "grafana_datasource" 1967 - name: FOLDER 1968 value: "/etc/grafana/provisioning/datasources" 1969 - name: RESOURCE 1970 value: "both" 1971 resources: 1972 {} 1973 volumeMounts: 1974 - name: sc-datasources-volume 1975 mountPath: "/etc/grafana/provisioning/datasources" 1976 enableServiceLinks: true 1977 containers: 1978 - name: grafana 1979 image: "grafana/grafana:8.1.6" 1980 imagePullPolicy: IfNotPresent 1981 volumeMounts: 1982 - name: config 1983 mountPath: "/etc/grafana/grafana.ini" 1984 subPath: grafana.ini 1985 - name: storage 1986 mountPath: "/var/lib/grafana" 1987 - name: sc-datasources-volume 1988 mountPath: "/etc/grafana/provisioning/datasources" 1989 ports: 1990 - name: service 1991 containerPort: 80 1992 protocol: TCP 1993 - name: grafana 1994 containerPort: 3000 1995 protocol: TCP 1996 env: 1997 - name: GF_SECURITY_ADMIN_USER 1998 valueFrom: 1999 secretKeyRef: 2000 name: promtail-grafana 2001 key: admin-user 2002 - name: GF_SECURITY_ADMIN_PASSWORD 2003 valueFrom: 2004 secretKeyRef: 2005 name: promtail-grafana 2006 key: admin-password 2007 2008 - name: GF_PATHS_DATA 2009 value: /var/lib/grafana/ 2010 - name: GF_PATHS_LOGS 2011 value: /var/log/grafana 2012 - name: GF_PATHS_PLUGINS 2013 value: /var/lib/grafana/plugins 2014 - name: GF_PATHS_PROVISIONING 2015 value: /etc/grafana/provisioning 2016 livenessProbe: 2017 failureThreshold: 10 2018 httpGet: 2019 path: /api/health 2020 port: 3000 2021 initialDelaySeconds: 60 2022 timeoutSeconds: 30 2023 readinessProbe: 2024 httpGet: 2025 path: /api/health 2026 port: 3000 2027 resources: 2028 {} 2029 volumes: 2030 - name: config 2031 configMap: 2032 name: promtail-grafana 2033 - name: storage 2034 emptyDir: {} 2035 - name: sc-datasources-volume 2036 emptyDir: {} 2037 --- 2038 # Source: loki-stack/charts/prometheus/charts/kube-state-metrics/templates/deployment.yaml 2039 apiVersion: apps/v1 2040 kind: Deployment 2041 metadata: 2042 name: promtail-kube-state-metrics 2043 namespace: promtail-loki-stack-system 2044 labels: 2045 app.kubernetes.io/name: kube-state-metrics 2046 helm.sh/chart: "kube-state-metrics-2.8.14" 2047 app.kubernetes.io/instance: "promtail" 2048 app.kubernetes.io/managed-by: "Helm" 2049 spec: 2050 selector: 2051 matchLabels: 2052 app.kubernetes.io/name: kube-state-metrics 2053 replicas: 1 2054 template: 2055 metadata: 2056 labels: 2057 app.kubernetes.io/name: kube-state-metrics 2058 app.kubernetes.io/instance: "promtail" 2059 spec: 2060 hostNetwork: false 2061 serviceAccountName: promtail-kube-state-metrics 2062 securityContext: 2063 fsGroup: 65534 2064 runAsGroup: 65534 2065 runAsUser: 65534 2066 containers: 2067 - name: kube-state-metrics 2068 args: 2069 2070 - --collectors=certificatesigningrequests 2071 2072 2073 - --collectors=configmaps 2074 2075 2076 - --collectors=cronjobs 2077 2078 2079 - --collectors=daemonsets 2080 2081 2082 - --collectors=deployments 2083 2084 2085 - --collectors=endpoints 2086 2087 2088 - --collectors=horizontalpodautoscalers 2089 2090 2091 - --collectors=ingresses 2092 2093 2094 - --collectors=jobs 2095 2096 2097 - --collectors=limitranges 2098 2099 2100 - --collectors=mutatingwebhookconfigurations 2101 2102 2103 - --collectors=namespaces 2104 2105 2106 - --collectors=networkpolicies 2107 2108 2109 - --collectors=nodes 2110 2111 2112 - --collectors=persistentvolumeclaims 2113 2114 2115 - --collectors=persistentvolumes 2116 2117 2118 - --collectors=poddisruptionbudgets 2119 2120 2121 - --collectors=pods 2122 2123 2124 - --collectors=replicasets 2125 2126 2127 - --collectors=replicationcontrollers 2128 2129 2130 - --collectors=resourcequotas 2131 2132 2133 - --collectors=secrets 2134 2135 2136 - --collectors=services 2137 2138 2139 - --collectors=statefulsets 2140 2141 2142 - --collectors=storageclasses 2143 2144 2145 - --collectors=validatingwebhookconfigurations 2146 2147 2148 2149 - --collectors=volumeattachments 2150 2151 2152 2153 imagePullPolicy: IfNotPresent 2154 image: "quay.io/coreos/kube-state-metrics:v1.9.7" 2155 ports: 2156 - containerPort: 8080 2157 livenessProbe: 2158 httpGet: 2159 path: /healthz 2160 port: 8080 2161 initialDelaySeconds: 5 2162 timeoutSeconds: 5 2163 readinessProbe: 2164 httpGet: 2165 path: / 2166 port: 8080 2167 initialDelaySeconds: 5 2168 timeoutSeconds: 5 2169 --- 2170 # Source: loki-stack/charts/prometheus/templates/alertmanager/deploy.yaml 2171 apiVersion: apps/v1 2172 kind: Deployment 2173 metadata: 2174 labels: 2175 component: "alertmanager" 2176 app: prometheus 2177 release: promtail 2178 chart: prometheus-11.16.9 2179 heritage: Helm 2180 name: promtail-prometheus-alertmanager 2181 namespace: promtail-loki-stack-system 2182 spec: 2183 selector: 2184 matchLabels: 2185 component: "alertmanager" 2186 app: prometheus 2187 release: promtail 2188 replicas: 1 2189 template: 2190 metadata: 2191 labels: 2192 component: "alertmanager" 2193 app: prometheus 2194 release: promtail 2195 chart: prometheus-11.16.9 2196 heritage: Helm 2197 spec: 2198 serviceAccountName: promtail-prometheus-alertmanager 2199 containers: 2200 - name: prometheus-alertmanager 2201 image: "prom/alertmanager:v0.21.0" 2202 imagePullPolicy: "IfNotPresent" 2203 env: 2204 - name: POD_IP 2205 valueFrom: 2206 fieldRef: 2207 apiVersion: v1 2208 fieldPath: status.podIP 2209 args: 2210 - --config.file=/etc/config/alertmanager.yml 2211 - --storage.path=/data 2212 - --cluster.advertise-address=$(POD_IP):6783 2213 - --web.external-url=http://localhost:9093 2214 2215 ports: 2216 - containerPort: 9093 2217 readinessProbe: 2218 httpGet: 2219 path: /-/ready 2220 port: 9093 2221 initialDelaySeconds: 30 2222 timeoutSeconds: 30 2223 resources: 2224 {} 2225 volumeMounts: 2226 - name: config-volume 2227 mountPath: /etc/config 2228 - name: storage-volume 2229 mountPath: "/data" 2230 subPath: "" 2231 - name: prometheus-alertmanager-configmap-reload 2232 image: "jimmidyson/configmap-reload:v0.4.0" 2233 imagePullPolicy: "IfNotPresent" 2234 args: 2235 - --volume-dir=/etc/config 2236 - --webhook-url=http://127.0.0.1:9093/-/reload 2237 resources: 2238 {} 2239 volumeMounts: 2240 - name: config-volume 2241 mountPath: /etc/config 2242 readOnly: true 2243 securityContext: 2244 fsGroup: 65534 2245 runAsGroup: 65534 2246 runAsNonRoot: true 2247 runAsUser: 65534 2248 volumes: 2249 - name: config-volume 2250 configMap: 2251 name: promtail-prometheus-alertmanager 2252 - name: storage-volume 2253 emptyDir: 2254 {} 2255 --- 2256 # Source: loki-stack/charts/prometheus/templates/pushgateway/deploy.yaml 2257 apiVersion: apps/v1 2258 kind: Deployment 2259 metadata: 2260 labels: 2261 component: "pushgateway" 2262 app: prometheus 2263 release: promtail 2264 chart: prometheus-11.16.9 2265 heritage: Helm 2266 name: promtail-prometheus-pushgateway 2267 namespace: promtail-loki-stack-system 2268 spec: 2269 selector: 2270 matchLabels: 2271 component: "pushgateway" 2272 app: prometheus 2273 release: promtail 2274 replicas: 1 2275 template: 2276 metadata: 2277 labels: 2278 component: "pushgateway" 2279 app: prometheus 2280 release: promtail 2281 chart: prometheus-11.16.9 2282 heritage: Helm 2283 spec: 2284 serviceAccountName: promtail-prometheus-pushgateway 2285 containers: 2286 - name: prometheus-pushgateway 2287 image: "prom/pushgateway:v1.2.0" 2288 imagePullPolicy: "IfNotPresent" 2289 args: 2290 ports: 2291 - containerPort: 9091 2292 livenessProbe: 2293 httpGet: 2294 path: /-/healthy 2295 port: 9091 2296 initialDelaySeconds: 10 2297 timeoutSeconds: 10 2298 readinessProbe: 2299 httpGet: 2300 path: /-/ready 2301 port: 9091 2302 initialDelaySeconds: 10 2303 timeoutSeconds: 10 2304 resources: 2305 {} 2306 securityContext: 2307 runAsNonRoot: true 2308 runAsUser: 65534 2309 --- 2310 # Source: loki-stack/charts/prometheus/templates/server/deploy.yaml 2311 apiVersion: apps/v1 2312 kind: Deployment 2313 metadata: 2314 labels: 2315 component: "server" 2316 app: prometheus 2317 release: promtail 2318 chart: prometheus-11.16.9 2319 heritage: Helm 2320 name: promtail-prometheus-server 2321 namespace: promtail-loki-stack-system 2322 spec: 2323 selector: 2324 matchLabels: 2325 component: "server" 2326 app: prometheus 2327 release: promtail 2328 replicas: 1 2329 template: 2330 metadata: 2331 labels: 2332 component: "server" 2333 app: prometheus 2334 release: promtail 2335 chart: prometheus-11.16.9 2336 heritage: Helm 2337 spec: 2338 serviceAccountName: promtail-prometheus-server 2339 containers: 2340 - name: prometheus-server-configmap-reload 2341 image: "jimmidyson/configmap-reload:v0.4.0" 2342 imagePullPolicy: "IfNotPresent" 2343 args: 2344 - --volume-dir=/etc/config 2345 - --webhook-url=http://127.0.0.1:9090/-/reload 2346 resources: 2347 {} 2348 volumeMounts: 2349 - name: config-volume 2350 mountPath: /etc/config 2351 readOnly: true 2352 2353 - name: prometheus-server 2354 image: "prom/prometheus:v2.21.0" 2355 imagePullPolicy: "IfNotPresent" 2356 args: 2357 - --storage.tsdb.retention.time=15d 2358 - --config.file=/etc/config/prometheus.yml 2359 - --storage.tsdb.path=/data 2360 - --web.console.libraries=/etc/prometheus/console_libraries 2361 - --web.console.templates=/etc/prometheus/consoles 2362 - --web.enable-lifecycle 2363 ports: 2364 - containerPort: 9090 2365 readinessProbe: 2366 httpGet: 2367 path: /-/ready 2368 port: 9090 2369 initialDelaySeconds: 30 2370 periodSeconds: 5 2371 timeoutSeconds: 30 2372 failureThreshold: 3 2373 successThreshold: 1 2374 livenessProbe: 2375 httpGet: 2376 path: /-/healthy 2377 port: 9090 2378 initialDelaySeconds: 30 2379 periodSeconds: 15 2380 timeoutSeconds: 30 2381 failureThreshold: 3 2382 successThreshold: 1 2383 resources: 2384 {} 2385 volumeMounts: 2386 - name: config-volume 2387 mountPath: /etc/config 2388 - name: storage-volume 2389 mountPath: /data 2390 subPath: "" 2391 securityContext: 2392 fsGroup: 65534 2393 runAsGroup: 65534 2394 runAsNonRoot: true 2395 runAsUser: 65534 2396 terminationGracePeriodSeconds: 300 2397 volumes: 2398 - name: config-volume 2399 configMap: 2400 name: promtail-prometheus-server 2401 - name: storage-volume 2402 emptyDir: 2403 {} 2404 --- 2405 # Source: loki-stack/charts/loki/templates/statefulset.yaml 2406 apiVersion: apps/v1 2407 kind: StatefulSet 2408 metadata: 2409 name: promtail-loki 2410 namespace: promtail-loki-stack-system 2411 labels: 2412 app: loki 2413 chart: loki-2.6.0 2414 release: promtail 2415 heritage: Helm 2416 annotations: 2417 {} 2418 spec: 2419 podManagementPolicy: OrderedReady 2420 replicas: 1 2421 selector: 2422 matchLabels: 2423 app: loki 2424 release: promtail 2425 serviceName: promtail-loki-headless 2426 updateStrategy: 2427 type: RollingUpdate 2428 template: 2429 metadata: 2430 labels: 2431 app: loki 2432 name: loki 2433 release: promtail 2434 annotations: 2435 checksum/config: 03b0f6255caecf17f7ace765c1487998221405bb5b3dd372bf206d1d5cb8429c 2436 prometheus.io/port: http-metrics 2437 prometheus.io/scrape: "true" 2438 spec: 2439 serviceAccountName: promtail-loki 2440 securityContext: 2441 fsGroup: 10001 2442 runAsGroup: 10001 2443 runAsNonRoot: true 2444 runAsUser: 10001 2445 initContainers: 2446 [] 2447 containers: 2448 - name: loki 2449 image: "grafana/loki:2.3.0" 2450 imagePullPolicy: IfNotPresent 2451 args: 2452 - "-config.file=/etc/loki/loki.yaml" 2453 volumeMounts: 2454 - name: config 2455 mountPath: /etc/loki 2456 - name: storage 2457 mountPath: "/data" 2458 subPath: 2459 ports: 2460 - name: http-metrics 2461 containerPort: 3100 2462 protocol: TCP 2463 livenessProbe: 2464 httpGet: 2465 path: /ready 2466 port: http-metrics 2467 initialDelaySeconds: 45 2468 readinessProbe: 2469 httpGet: 2470 path: /ready 2471 port: http-metrics 2472 initialDelaySeconds: 45 2473 resources: 2474 {} 2475 securityContext: 2476 readOnlyRootFilesystem: true 2477 env: 2478 nodeSelector: 2479 {} 2480 affinity: 2481 {} 2482 tolerations: 2483 [] 2484 terminationGracePeriodSeconds: 4800 2485 volumes: 2486 - name: config 2487 secret: 2488 secretName: promtail-loki 2489 volumeClaimTemplates: 2490 - metadata: 2491 name: storage 2492 annotations: 2493 {} 2494 spec: 2495 accessModes: 2496 - ReadWriteOnce 2497 resources: 2498 requests: 2499 storage: "50Gi" 2500 storageClassName: longhorn 2501