# -- Overrides the version used to determine compatibility of resources with the target Kubernetes cluster.
# This is useful when using `helm template`, because then helm will use the client version of kubectl as the Kubernetes version,
# which may or may not match your cluster's server version. Example: 'v1.24.4'. Set to null to use the version that helm
# devises.
kubeVersionOverride: null
global:
image:
# -- Overrides the Docker registry globally for all images
registry: null
# -- Overrides the priorityClassName for all pods
priorityClassName: null
# -- configures cluster domain ("cluster.local" by default)
clusterDomain: "cluster.local"
# -- configures DNS service name
dnsService: "kube-dns"
# -- configures DNS service namespace
dnsNamespace: "kube-system"
# -- Overrides the chart's name
nameOverride: null
# -- Overrides the chart's computed fullname
fullnameOverride: null
# -- Overrides the chart's cluster label
clusterLabelOverride: null
# -- Image pull secrets for Docker images
imagePullSecrets: []
# -- Deployment mode lets you specify how to deploy Loki.
# There are 3 options:
# - SingleBinary: Loki is deployed as a single binary, useful for small installs typically without HA, up to a few tens of GB/day.
# - SimpleScalable: Loki is deployed as 3 targets: read, write, and backend. Useful for medium installs easier to manage than distributed, up to a about 1TB/day.
# - Distributed: Loki is deployed as individual microservices. The most complicated but most capable, useful for large installs, typically over 1TB/day.
# There are also 2 additional modes used for migrating between deployment modes:
# - SingleBinary<->SimpleScalable: Migrate from SingleBinary to SimpleScalable (or vice versa)
# - SimpleScalable<->Distributed: Migrate from SimpleScalable to Distributed (or vice versa)
# Note: SimpleScalable and Distributed REQUIRE the use of object storage.
deploymentMode: SimpleScalable
######################################################################################################################
#
# Base Loki Configs including kubernetes configurations and configurations for Loki itself,
# see below for more specifics on Loki's configuration.
#
######################################################################################################################
# -- Configuration for running Loki
# @default -- See values.yaml
loki:
# Configures the readiness probe for all of the Loki pods
readinessProbe:
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 30
timeoutSeconds: 1
image:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: grafana/loki
# -- Overrides the image tag whose default is the chart's appVersion
tag: 3.3.1
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
# -- Common annotations for all deployments/StatefulSets
annotations: {}
# -- Common annotations for all pods
podAnnotations: {}
# -- Common labels for all pods
podLabels: {}
# -- Common annotations for all services
serviceAnnotations: {}
# -- Common labels for all services
serviceLabels: {}
# -- The number of old ReplicaSets to retain to allow rollback
revisionHistoryLimit: 10
# -- The SecurityContext for Loki pods
podSecurityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
# -- The SecurityContext for Loki containers
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
allowPrivilegeEscalation: false
# -- Should enableServiceLinks be enabled. Default to enable
enableServiceLinks: true
######################################################################################################################
#
# Loki Configuration
#
# There are several ways to pass configuration to Loki, listing them here in order of our preference for how
# you should use this chart.
# 1. Use the templated value of loki.config below and the corresponding override sections which follow.
# This allows us to set a lot of important Loki configurations and defaults and also allows us to maintain them
# over time as Loki changes and evolves.
# 2. Use the loki.structuredConfig section.
# This will completely override the templated value of loki.config, so you MUST provide the entire Loki config
# including any configuration that we set in loki.config unless you explicitly are trying to change one of those
# values and are not able to do so with the templated sections.
# If you choose this approach the burden is on you to maintain any changes we make to the templated config.
# 3. Use an existing secret or configmap to provide the configuration.
# This option is mostly provided for folks who have external processes which provide or modify the configuration.
# When using this option you can specify a different name for loki.generatedConfigObjectName and configObjectName
# if you have a process which takes the generated config and modifies it, or you can stop the chart from generating
# a config entirely by setting loki.generatedConfigObjectName to
#
######################################################################################################################
# -- Defines what kind of object stores the configuration, a ConfigMap or a Secret.
# In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use [environment variables in the configuration](https://grafana.com/docs/loki/latest/configuration/#use-environment-variables-in-the-configuration).
# Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/#use-case-as-container-environment-variables).
configStorageType: ConfigMap
# -- The name of the object which Loki will mount as a volume containing the config.
# If the configStorageType is Secret, this will be the name of the Secret, if it is ConfigMap, this will be the name of the ConfigMap.
# The value will be passed through tpl.
configObjectName: '{{ include "loki.name" . }}'
# -- The name of the Secret or ConfigMap that will be created by this chart.
# If empty, no configmap or secret will be created.
# The value will be passed through tpl.
generatedConfigObjectName: '{{ include "loki.name" . }}'
# -- Config file contents for Loki
# @default -- See values.yaml
config: |
{{- if .Values.enterprise.enabled}}
{{- tpl .Values.enterprise.config . }}
{{- else }}
auth_enabled: {{ .Values.loki.auth_enabled }}
{{- end }}
{{- with .Values.loki.server }}
server:
{{- toYaml . | nindent 2}}
{{- end}}
pattern_ingester:
enabled: {{ .Values.loki.pattern_ingester.enabled }}
memberlist:
{{- if .Values.loki.memberlistConfig }}
{{- toYaml .Values.loki.memberlistConfig | nindent 2 }}
{{- else }}
{{- if .Values.loki.extraMemberlistConfig}}
{{- toYaml .Values.loki.extraMemberlistConfig | nindent 2}}
{{- end }}
join_members:
- {{ include "loki.memberlist" . }}
{{- with .Values.migrate.fromDistributed }}
{{- if .enabled }}
- {{ .memberlistService }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.loki.ingester }}
ingester:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- if .Values.loki.commonConfig}}
common:
{{- toYaml .Values.loki.commonConfig | nindent 2}}
storage:
{{- include "loki.commonStorageConfig" . | nindent 4}}
{{- end}}
{{- with .Values.loki.limits_config }}
limits_config:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
runtime_config:
file: /etc/loki/runtime-config/runtime-config.yaml
{{- with .Values.chunksCache }}
{{- if .enabled }}
chunk_store_config:
chunk_cache_config:
default_validity: {{ .defaultValidity }}
background:
writeback_goroutines: {{ .writebackParallelism }}
writeback_buffer: {{ .writebackBuffer }}
writeback_size_limit: {{ .writebackSizeLimit }}
memcached:
batch_size: {{ .batchSize }}
parallelism: {{ .parallelism }}
memcached_client:
addresses: dnssrvnoa+_memcached-client._tcp.{{ template "loki.fullname" $ }}-chunks-cache.{{ $.Release.Namespace }}.svc
consistent_hash: true
timeout: {{ .timeout }}
max_idle_conns: 72
{{- end }}
{{- end }}
{{- if .Values.loki.schemaConfig }}
schema_config:
{{- toYaml .Values.loki.schemaConfig | nindent 2}}
{{- end }}
{{- if .Values.loki.useTestSchema }}
schema_config:
{{- toYaml .Values.loki.testSchemaConfig | nindent 2}}
{{- end }}
{{ include "loki.rulerConfig" . }}
{{- if or .Values.tableManager.retention_deletes_enabled .Values.tableManager.retention_period }}
table_manager:
retention_deletes_enabled: {{ .Values.tableManager.retention_deletes_enabled }}
retention_period: {{ .Values.tableManager.retention_period }}
{{- end }}
query_range:
align_queries_with_step: true
{{- with .Values.loki.query_range }}
{{- tpl (. | toYaml) $ | nindent 2 }}
{{- end }}
{{- if .Values.resultsCache.enabled }}
{{- with .Values.resultsCache }}
cache_results: true
results_cache:
cache:
default_validity: {{ .defaultValidity }}
background:
writeback_goroutines: {{ .writebackParallelism }}
writeback_buffer: {{ .writebackBuffer }}
writeback_size_limit: {{ .writebackSizeLimit }}
memcached_client:
consistent_hash: true
addresses: dnssrvnoa+_memcached-client._tcp.{{ template "loki.fullname" $ }}-results-cache.{{ $.Release.Namespace }}.svc
timeout: {{ .timeout }}
update_interval: 1m
{{- end }}
{{- end }}
{{- with .Values.loki.storage_config }}
storage_config:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.query_scheduler }}
query_scheduler:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.compactor }}
compactor:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.analytics }}
analytics:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.querier }}
querier:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.index_gateway }}
index_gateway:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.frontend }}
frontend:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.frontend_worker }}
frontend_worker:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.distributor }}
distributor:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
tracing:
enabled: {{ .Values.loki.tracing.enabled }}
{{- with .Values.loki.bloom_build }}
bloom_build:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with .Values.loki.bloom_gateway }}
bloom_gateway:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
# Should authentication be enabled
auth_enabled: true
# -- memberlist configuration (overrides embedded default)
memberlistConfig: {}
# -- Extra memberlist configuration
extraMemberlistConfig: {}
# -- Tenants list to be created on nginx htpasswd file, with name and password keys
tenants: []
# -- Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.
server:
http_listen_port: 3100
grpc_listen_port: 9095
http_server_read_timeout: 600s
http_server_write_timeout: 600s
# -- Limits config
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
max_cache_freshness_per_query: 10m
split_queries_by_interval: 15m
query_timeout: 300s
volume_enabled: true
# -- Provides a reloadable runtime configuration file for some specific configuration
runtimeConfig: {}
# -- Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
commonConfig:
path_prefix: /var/loki
replication_factor: 3
compactor_address: '{{ include "loki.compactorAddress" . }}'
# -- Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
storage:
# Loki requires a bucket for chunks and the ruler. GEL requires a third bucket for the admin API.
# Please provide these values if you are using object storage.
# bucketNames:
# chunks: FIXME
# ruler: FIXME
# admin: FIXME
type: s3
s3:
s3: null
endpoint: null
region: null
secretAccessKey: null
accessKeyId: null
signatureVersion: null
s3ForcePathStyle: false
insecure: false
http_config: {}
# -- Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config
backoff_config: {}
disable_dualstack: false
gcs:
chunkBufferSize: 0
requestTimeout: "0s"
enableHttp2: true
azure:
accountName: null
accountKey: null
connectionString: null
useManagedIdentity: false
useFederatedToken: false
userAssignedId: null
requestTimeout: null
endpointSuffix: null
chunkDelimiter: null
swift:
auth_version: null
auth_url: null
internal: null
username: null
user_domain_name: null
user_domain_id: null
user_id: null
password: null
domain_id: null
domain_name: null
project_id: null
project_name: null
project_domain_id: null
project_domain_name: null
region_name: null
container_name: null
max_retries: null
connect_timeout: null
request_timeout: null
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
admin_api_directory: /var/loki/admin
# -- Configure memcached as an external cache for chunk and results cache. Disabled by default
# must enable and specify a host for each cache you would like to use.
memcached:
chunk_cache:
enabled: false
host: ""
service: "memcached-client"
batch_size: 256
parallelism: 10
results_cache:
enabled: false
host: ""
service: "memcached-client"
timeout: "500ms"
default_validity: "12h"
# -- Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
schemaConfig: {}
# -- a real Loki install requires a proper schemaConfig defined above this, however for testing or playing around
# you can enable useTestSchema
useTestSchema: false
testSchemaConfig:
configs:
- from: 2024-04-01
store: tsdb
object_store: '{{ include "loki.testSchemaObjectStore" . }}'
schema: v13
index:
prefix: index_
period: 24h
# -- Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
rulerConfig:
wal:
dir: /var/loki/ruler-wal
# -- Structured loki configuration, takes precedence over `loki.config`, `loki.schemaConfig`, `loki.storageConfig`
structuredConfig: {}
# -- Additional query scheduler config
query_scheduler: {}
# -- Additional storage config
storage_config:
boltdb_shipper:
index_gateway_client:
server_address: '{{ include "loki.indexGatewayAddress" . }}'
tsdb_shipper:
index_gateway_client:
server_address: '{{ include "loki.indexGatewayAddress" . }}'
bloom_shipper:
working_directory: /var/loki/data/bloomshipper
hedging:
at: "250ms"
max_per_second: 20
up_to: 3
# -- Optional compactor configuration
compactor: {}
# -- Optional pattern ingester configuration
pattern_ingester:
enabled: false
# -- Optional analytics configuration
analytics: {}
# -- Optional querier configuration
query_range: {}
# -- Optional querier configuration
querier: {}
# -- Optional ingester configuration
ingester: {}
# -- Optional index gateway configuration
index_gateway:
mode: simple
frontend:
scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'
tail_proxy_url: '{{ include "loki.querierAddress" . }}'
frontend_worker:
scheduler_address: '{{ include "loki.querySchedulerAddress" . }}'
# -- Optional distributor configuration
distributor: {}
# -- Enable tracing
tracing:
enabled: false
bloom_build:
enabled: false
builder:
planner_address: '{{ include "loki.bloomPlannerAddress" . }}'
bloom_gateway:
enabled: false
client:
addresses: '{{ include "loki.bloomGatewayAddresses" . }}'
######################################################################################################################
#
# Enterprise Loki Configs
#
######################################################################################################################
# -- Configuration for running Enterprise Loki
enterprise:
# Enable enterprise features, license must be provided
enabled: false
# Default verion of GEL to deploy
version: 3.1.1
# -- Optional name of the GEL cluster, otherwise will use .Release.Name
# The cluster name must match what is in your GEL license
cluster_name: null
# -- Grafana Enterprise Logs license
# In order to use Grafana Enterprise Logs features, you will need to provide
# the contents of your Grafana Enterprise Logs license, either by providing the
# contents of the license.jwt, or the name Kubernetes Secret that contains your
# license.jwt.
# To set the license contents, use the flag `--set-file 'enterprise.license.contents=./license.jwt'`
license:
contents: "NOTAVALIDLICENSE"
# -- Set to true when providing an external license
useExternalLicense: false
# -- Name of external license secret to use
externalLicenseName: null
# -- Name of the external config secret to use
externalConfigName: ""
# -- Use GEL gateway, if false will use the default nginx gateway
gelGateway: true
# -- If enabled, the correct admin_client storage will be configured. If disabled while running enterprise,
# make sure auth is set to `type: trust`, or that `auth_enabled` is set to `false`.
adminApi:
enabled: true
# enterprise specific sections of the config.yaml file
config: |
{{- if .Values.enterprise.adminApi.enabled }}
admin_client:
{{ include "enterprise-logs.adminAPIStorageConfig" . | nindent 2 }}
{{ end }}
auth:
type: {{ .Values.enterprise.adminApi.enabled | ternary "enterprise" "trust" }}
auth_enabled: {{ .Values.loki.auth_enabled }}
cluster_name: {{ include "loki.clusterName" . }}
license:
path: /etc/loki/license/license.jwt
image:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: grafana/enterprise-logs
# -- Docker image tag
tag: 3.3.1
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
adminToken:
# -- Alternative name for admin token secret, needed by tokengen and provisioner jobs
secret: null
# -- Additional namespace to also create the token in. Useful if your Grafana instance
# is in a different namespace
additionalNamespaces: []
# -- Alternative name of the secret to store token for the canary
canarySecret: null
# -- Configuration for `tokengen` target
tokengen:
# -- Whether the job should be part of the deployment
enabled: true
# -- Comma-separated list of Loki modules to load for tokengen
targetModule: "tokengen"
# -- Additional CLI arguments for the `tokengen` target
extraArgs: []
# -- Additional Kubernetes environment
env: []
# -- Additional labels for the `tokengen` Job
labels: {}
# -- Additional annotations for the `tokengen` Job
annotations: {}
# -- Affinity for tokengen Pods
affinity: {}
# -- Node selector for tokengen Pods
nodeSelector: {}
# -- Tolerations for tokengen Job
tolerations: []
# -- Additional volumes for Pods
extraVolumes: []
# -- Additional volume mounts for Pods
extraVolumeMounts: []
# -- Run containers as user `enterprise-logs(uid=10001)`
securityContext:
runAsNonRoot: true
runAsGroup: 10001
runAsUser: 10001
fsGroup: 10001
# -- Environment variables from secrets or configmaps to add to the tokengen pods
extraEnvFrom: []
# -- The name of the PriorityClass for tokengen Pods
priorityClassName: ""
# -- Configuration for `provisioner` target
provisioner:
# -- Whether the job should be part of the deployment
enabled: true
# -- Name of the secret to store provisioned tokens in
provisionedSecretPrefix: null
# -- Additional tenants to be created. Each tenant will get a read and write policy
# and associated token. Tenant must have a name and a namespace for the secret containting
# the token to be created in. For example
# additionalTenants:
# - name: loki
# secretNamespace: grafana
additionalTenants: []
# -- Additional Kubernetes environment
env: []
# -- Additional labels for the `provisioner` Job
labels: {}
# -- Additional annotations for the `provisioner` Job
annotations: {}
# -- Affinity for tokengen Pods
affinity: {}
# -- Node selector for tokengen Pods
nodeSelector: {}
# -- Tolerations for tokengen Pods
tolerations: []
# -- The name of the PriorityClass for provisioner Job
priorityClassName: null
# -- Run containers as user `enterprise-logs(uid=10001)`
securityContext:
runAsNonRoot: true
runAsGroup: 10001
runAsUser: 10001
fsGroup: 10001
# -- Provisioner image to Utilize
image:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: grafana/enterprise-logs-provisioner
# -- Overrides the image tag whose default is the chart's appVersion
tag: null
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
# -- Volume mounts to add to the provisioner pods
extraVolumeMounts: []
# -- kubetclImage is used in the enterprise provisioner and tokengen jobs
kubectlImage:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: bitnami/kubectl
# -- Overrides the image tag whose default is the chart's appVersion
tag: null
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
######################################################################################################################
#
# Chart Testing
#
######################################################################################################################
# -- Section for configuring optional Helm test
test:
enabled: true
# -- Used to directly query the metrics endpoint of the canary for testing, this approach avoids needing prometheus for testing.
# This in a newer approach to using prometheusAddress such that tests do not have a dependency on prometheus
canaryServiceAddress: "http://loki-canary:3500/metrics"
# -- Address of the prometheus server to query for the test. This overrides any value set for canaryServiceAddress.
# This is kept for backward compatibility and may be removed in future releases. Previous value was 'http://prometheus:9090'
prometheusAddress: ""
# -- Number of times to retry the test before failing
timeout: 1m
# -- Additional labels for the test pods
labels: {}
# -- Additional annotations for test pods
annotations: {}
# -- Image to use for loki canary
image:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: grafana/loki-helm-test
# -- Overrides the image tag whose default is the chart's appVersion
tag: "ewelch-distributed-helm-chart-17db5ee"
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
# The Loki canary pushes logs to and queries from this loki installation to test
# that it's working correctly
lokiCanary:
enabled: true
# -- If true, the canary will send directly to Loki via the address configured for verification --
# -- If false, it will write to stdout and an Agent will be needed to scrape and send the logs --
push: true
# -- The name of the label to look for at loki when doing the checks.
labelname: pod
# -- Additional annotations for the `loki-canary` Daemonset
annotations: {}
# -- Additional labels for each `loki-canary` pod
podLabels: {}
service:
# -- Annotations for loki-canary Service
annotations: {}
# -- Additional labels for loki-canary Service
labels: {}
# -- Additional CLI arguments for the `loki-canary' command
extraArgs: []
# -- Environment variables to add to the canary pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the canary pods
extraEnvFrom: []
# -- Volume mounts to add to the canary pods
extraVolumeMounts: []
# -- Volumes to add to the canary pods
extraVolumes: []
# -- Resource requests and limits for the canary
resources: {}
# -- DNS config for canary pods
dnsConfig: {}
# -- Node selector for canary pods
nodeSelector: {}
# -- Tolerations for canary pods
tolerations: []
# -- The name of the PriorityClass for loki-canary pods
priorityClassName: null
# -- Image to use for loki canary
image:
# -- The Docker registry
registry: docker.io
# -- Docker image repository
repository: grafana/loki-canary
# -- Overrides the image tag whose default is the chart's appVersion
tag: null
# -- Overrides the image tag with an image digest
digest: null
# -- Docker image pull policy
pullPolicy: IfNotPresent
# -- Update strategy for the `loki-canary` Daemonset pods
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
######################################################################################################################
#
# Service Accounts and Kubernetes RBAC
#
######################################################################################################################
serviceAccount:
# -- Specifies whether a ServiceAccount should be created
create: true
# -- The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name: null
# -- Image pull secrets for the service account
imagePullSecrets: []
# -- Annotations for the service account
annotations: {}
# -- Labels for the service account
labels: {}
# -- Set this toggle to false to opt out of automounting API credentials for the service account
automountServiceAccountToken: true
# RBAC configuration
rbac:
# -- If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.
pspEnabled: false
# -- For OpenShift set pspEnabled to 'false' and sccEnabled to 'true' to use the SecurityContextConstraints.
sccEnabled: false
# -- Specify PSP annotations
# Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations
pspAnnotations: {}
# seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
# seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
# apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
# -- Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.
namespaced: false
######################################################################################################################
#
# Network Policy configuration
#
######################################################################################################################
networkPolicy:
# -- Specifies whether Network Policies should be created
enabled: false
# -- Specifies whether the policies created will be standard Network Policies (flavor: kubernetes)
# or Cilium Network Policies (flavor: cilium)
flavor: kubernetes
metrics:
# -- Specifies the Pods which are allowed to access the metrics port.
# As this is cross-namespace communication, you also need the namespaceSelector.
podSelector: {}
# -- Specifies the namespaces which are allowed to access the metrics port
namespaceSelector: {}
# -- Specifies specific network CIDRs which are allowed to access the metrics port.
# In case you use namespaceSelector, you also have to specify your kubelet networks here.
# The metrics ports are also used for probes.
cidrs: []
ingress:
# -- Specifies the Pods which are allowed to access the http port.
# As this is cross-namespace communication, you also need the namespaceSelector.
podSelector: {}
# -- Specifies the namespaces which are allowed to access the http port
namespaceSelector: {}
alertmanager:
# -- Specify the alertmanager port used for alerting
port: 9093
# -- Specifies the alertmanager Pods.
# As this is cross-namespace communication, you also need the namespaceSelector.
podSelector: {}
# -- Specifies the namespace the alertmanager is running in
namespaceSelector: {}
externalStorage:
# -- Specify the port used for external storage, e.g. AWS S3
ports: []
# -- Specifies specific network CIDRs you want to limit access to
cidrs: []
discovery:
# -- (int) Specify the port used for discovery
port: null
# -- Specifies the Pods labels used for discovery.
# As this is cross-namespace communication, you also need the namespaceSelector.
podSelector: {}
# -- Specifies the namespace the discovery Pods are running in
namespaceSelector: {}
egressWorld:
# -- Enable additional cilium egress rules to external world for write, read and backend.
enabled: false
egressKubeApiserver:
# -- Enable additional cilium egress rules to kube-apiserver for backend.
enabled: false
######################################################################################################################
#
# Global memberlist configuration
#
######################################################################################################################
# Configuration for the memberlist service
memberlist:
service:
publishNotReadyAddresses: false
annotations: {}
######################################################################################################################
#
# adminAPI configuration, enterprise only.
#
######################################################################################################################
# -- Configuration for the `admin-api` target
adminApi:
# -- Define the amount of instances
replicas: 1
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
# -- Additional CLI arguments for the `admin-api` target
extraArgs: {}
# -- Environment variables from secrets or configmaps to add to the admin-api pods
extraEnvFrom: []
# -- Additional labels for the `admin-api` Deployment
labels: {}
# -- Additional annotations for the `admin-api` Deployment
annotations: {}
# -- Additional labels and annotations for the `admin-api` Service
service:
labels: {}
annotations: {}
# -- Run container as user `enterprise-logs(uid=10001)`
# `fsGroup` must not be specified, because these security options are applied
# on container level not on Pod level.
podSecurityContext:
runAsNonRoot: true
runAsGroup: 10001
runAsUser: 10001
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
allowPrivilegeEscalation: false
# -- Update strategy
strategy:
type: RollingUpdate
# -- Readiness probe
readinessProbe:
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 45
# -- Request and limit Kubernetes resources
# -- Values are defined in small.yaml and large.yaml
resources: {}
# -- Configure optional environment variables
env: []
# -- Configure optional initContainers
initContainers: []
# -- Conifgure optional extraContainers
extraContainers: []
# -- Additional volumes for Pods
extraVolumes: []
# -- Additional volume mounts for Pods
extraVolumeMounts: []
# -- Affinity for admin-api Pods
affinity: {}
# -- Node selector for admin-api Pods
nodeSelector: {}
# -- Topology Spread Constraints for admin-api pods
topologySpreadConstraints: []
# -- Tolerations for admin-api Pods
tolerations: []
# -- Grace period to allow the admin-api to shutdown before it is killed
terminationGracePeriodSeconds: 60
######################################################################################################################
#
# Gateway and Ingress
#
# By default this chart will deploy a Nginx container to act as a gateway which handles routing of traffic
# and can also do auth.
#
# If you would prefer you can optionally disable this and enable using k8s ingress to do the incoming routing.
#
######################################################################################################################
# Configuration for the gateway
gateway:
# -- Specifies whether the gateway should be enabled
enabled: true
# -- Number of replicas for the gateway
replicas: 1
# -- Default container port
containerPort: 8080
# -- Enable logging of 2xx and 3xx HTTP requests
verboseLogging: true
autoscaling:
# -- Enable autoscaling for the gateway
enabled: false
# -- Minimum autoscaling replicas for the gateway
minReplicas: 1
# -- Maximum autoscaling replicas for the gateway
maxReplicas: 3
# -- Target CPU utilisation percentage for the gateway
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the gateway
targetMemoryUtilizationPercentage:
# -- See `kubectl explain deployment.spec.strategy` for more
# -- ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
# -- Behavior policies while scaling.
behavior: {}
# scaleUp:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 60
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 180
deploymentStrategy:
type: RollingUpdate
image:
# -- The Docker registry for the gateway image
registry: docker.io
# -- The gateway image repository
repository: nginxinc/nginx-unprivileged
# -- The gateway image tag
tag: 1.27-alpine
# -- Overrides the gateway image tag with an image digest
digest: null
# -- The gateway image pull policy
pullPolicy: IfNotPresent
# -- The name of the PriorityClass for gateway pods
priorityClassName: null
# -- Annotations for gateway deployment
annotations: {}
# -- Annotations for gateway pods
podAnnotations: {}
# -- Additional labels for gateway pods
podLabels: {}
# -- Additional CLI args for the gateway
extraArgs: []
# -- Environment variables to add to the gateway pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the gateway pods
extraEnvFrom: []
# -- Lifecycle for the gateway container
lifecycle: {}
# -- Volumes to add to the gateway pods
extraVolumes: []
# -- Volume mounts to add to the gateway pods
extraVolumeMounts: []
# -- The SecurityContext for gateway containers
podSecurityContext:
fsGroup: 101
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101
# -- The SecurityContext for gateway containers
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
allowPrivilegeEscalation: false
# -- Resource requests and limits for the gateway
resources: {}
# -- Containers to add to the gateway pods
extraContainers: []
# -- Grace period to allow the gateway to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for gateway pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: gateway
topologyKey: kubernetes.io/hostname
# -- DNS config for gateway pods
dnsConfig: {}
# -- Node selector for gateway pods
nodeSelector: {}
# -- Topology Spread Constraints for gateway pods
topologySpreadConstraints: []
# -- Tolerations for gateway pods
tolerations: []
# Gateway service configuration
service:
# -- Port of the gateway service
port: 80
# -- Type of the gateway service
type: ClusterIP
# -- ClusterIP of the gateway service
clusterIP: null
# -- (int) Node port if service type is NodePort
nodePort: null
# -- Load balancer IPO address if service type is LoadBalancer
loadBalancerIP: null
# -- Annotations for the gateway service
annotations: {}
# -- Labels for gateway service
labels: {}
# Gateway ingress configuration
ingress:
# -- Specifies whether an ingress for the gateway should be created
enabled: false
# -- Ingress Class Name. MAY be required for Kubernetes versions >= 1.18
ingressClassName: ""
# -- Annotations for the gateway ingress
annotations: {}
# -- Labels for the gateway ingress
labels: {}
# -- Hosts configuration for the gateway ingress, passed through the `tpl` function to allow templating
hosts:
- host: gateway.loki.example.com
paths:
- path: /
# -- pathType (e.g. ImplementationSpecific, Prefix, .. etc.) might also be required by some Ingress Controllers
# pathType: Prefix
# -- TLS configuration for the gateway ingress. Hosts passed through the `tpl` function to allow templating
tls:
- secretName: loki-gateway-tls
hosts:
- gateway.loki.example.com
# Basic auth configuration
basicAuth:
# -- Enables basic authentication for the gateway
enabled: false
# -- The basic auth username for the gateway
username: null
# -- The basic auth password for the gateway
password: null
# -- Uses the specified users from the `loki.tenants` list to create the htpasswd file.
# if `loki.tenants` is not set, the `gateway.basicAuth.username` and `gateway.basicAuth.password` are used.
# The value is templated using `tpl`. Override this to use a custom htpasswd, e.g. in case the default causes
# high CPU load.
# @default -- Either `loki.tenants` or `gateway.basicAuth.username` and `gateway.basicAuth.password`.
htpasswd: >-
{{ if .Values.loki.tenants }}
{{- range $t := .Values.loki.tenants }}
{{ htpasswd (required "All tenants must have a 'name' set" $t.name) (required "All tenants must have a 'password' set" $t.password) }}
{{- end }}
{{ else }} {{ htpasswd (required "'gateway.basicAuth.username' is required" .Values.gateway.basicAuth.username) (required "'gateway.basicAuth.password' is required" .Values.gateway.basicAuth.password) }} {{ end }}
# -- Existing basic auth secret to use. Must contain '.htpasswd'
existingSecret: null
# Configures the readiness probe for the gateway
readinessProbe:
httpGet:
path: /
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
nginxConfig:
# -- Which schema to be used when building URLs. Can be 'http' or 'https'.
schema: http
# -- Enable listener for IPv6, disable on IPv4-only systems
enableIPv6: true
# -- NGINX log format
logFormat: |-
main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# -- Allows appending custom configuration to the server block
serverSnippet: ""
# -- Allows appending custom configuration to the http block, passed through the `tpl` function to allow templating
httpSnippet: >-
{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}
# -- Allows customizing the `client_max_body_size` directive
clientMaxBodySize: 4M
# -- Whether ssl should be appended to the listen directive of the server block or not.
ssl: false
# -- Override Read URL
customReadUrl: null
# -- Override Write URL
customWriteUrl: null
# -- Override Backend URL
customBackendUrl: null
# -- Allows overriding the DNS resolver address nginx will use.
resolver: ""
# -- Config file contents for Nginx. Passed through the `tpl` function to allow templating
# @default -- See values.yaml
file: |
{{- include "loki.nginxFile" . | indent 2 -}}
# -- If running enterprise and using the default enterprise gateway, configs go here.
enterpriseGateway:
# -- Define the amount of instances
replicas: 1
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
# -- Additional CLI arguments for the `gateway` target
extraArgs: {}
# -- Environment variables from secrets or configmaps to add to the enterprise gateway pods
extraEnvFrom: []
# -- Additional labels for the `gateway` Pod
labels: {}
# -- Additional annotations for the `gateway` Pod
annotations: {}
# -- Additional labels and annotations for the `gateway` Service
# -- Service overriding service type
service:
type: ClusterIP
labels: {}
annotations: {}
# -- Run container as user `enterprise-logs(uid=10001)`
podSecurityContext:
runAsNonRoot: true
runAsGroup: 10001
runAsUser: 10001
fsGroup: 10001
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
allowPrivilegeEscalation: false
# -- If you want to use your own proxy URLs, set this to false.
useDefaultProxyURLs: true
# -- update strategy
strategy:
type: RollingUpdate
# -- Readiness probe
readinessProbe:
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 45
# -- Request and limit Kubernetes resources
# -- Values are defined in small.yaml and large.yaml
resources: {}
# -- Configure optional environment variables
env: []
# -- Configure optional initContainers
initContainers: []
# -- Conifgure optional extraContainers
extraContainers: []
# -- Additional volumes for Pods
extraVolumes: []
# -- Additional volume mounts for Pods
extraVolumeMounts: []
# -- Affinity for gateway Pods
affinity: {}
# -- Node selector for gateway Pods
nodeSelector: {}
# -- Topology Spread Constraints for enterprise-gateway pods
topologySpreadConstraints: []
# -- Tolerations for gateway Pods
tolerations: []
# -- Grace period to allow the gateway to shutdown before it is killed
terminationGracePeriodSeconds: 60
# -- Ingress configuration Use either this ingress or the gateway, but not both at once.
# If you enable this, make sure to disable the gateway.
# You'll need to supply authn configuration for your ingress controller.
ingress:
enabled: false
ingressClassName: ""
annotations: {}
# nginx.ingress.kubernetes.io/auth-type: basic
# nginx.ingress.kubernetes.io/auth-secret: loki-distributed-basic-auth
# nginx.ingress.kubernetes.io/auth-secret-type: auth-map
# nginx.ingress.kubernetes.io/configuration-snippet: |
# proxy_set_header X-Scope-OrgID $remote_user;
labels: {}
# blackbox.monitoring.exclude: "true"
paths:
# -- Paths that are exposed by Loki Distributor.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.distributorFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.writeFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
distributor:
- /api/prom/push
- /loki/api/v1/push
- /otlp/v1/logs
# -- Paths that are exposed by Loki Query Frontend.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.queryFrontendFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
queryFrontend:
- /api/prom/query
# this path covers labels and labelValues endpoints
- /api/prom/label
- /api/prom/series
- /api/prom/tail
- /loki/api/v1/query
- /loki/api/v1/query_range
- /loki/api/v1/tail
# this path covers labels and labelValues endpoints
- /loki/api/v1/label
- /loki/api/v1/labels
- /loki/api/v1/series
- /loki/api/v1/index/stats
- /loki/api/v1/index/volume
- /loki/api/v1/index/volume_range
- /loki/api/v1/format_query
- /loki/api/v1/detected_field
- /loki/api/v1/detected_fields
- /loki/api/v1/detected_labels
- /loki/api/v1/patterns
# -- Paths that are exposed by Loki Ruler.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.rulerFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.
# If deployment mode is SimpleScalable but `read.legacyReadTarget` is `true`, the requests are forwarded to k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
ruler:
- /api/prom/rules
- /api/prom/api/v1/rules
- /api/prom/api/v1/alerts
- /loki/api/v1/rules
- /prometheus/api/v1/rules
- /prometheus/api/v1/alerts
# -- Hosts configuration for the ingress, passed through the `tpl` function to allow templating
hosts:
- loki.example.com
# -- TLS configuration for the ingress. Hosts passed through the `tpl` function to allow templating
tls: []
# - hosts:
# - loki.example.com
# secretName: loki-distributed-tls
######################################################################################################################
#
# Migration
#
######################################################################################################################
# -- Options that may be necessary when performing a migration from another helm chart
migrate:
# -- When migrating from a distributed chart like loki-distributed or enterprise-logs
fromDistributed:
# -- Set to true if migrating from a distributed helm chart
enabled: false
# -- If migrating from a distributed service, provide the distributed deployment's
# memberlist service DNS so the new deployment can join its ring.
memberlistService: ""
######################################################################################################################
#
# Single Binary Deployment
#
# For small Loki installations up to a few 10's of GB per day, or for testing and development.
#
######################################################################################################################
# Configuration for the single binary node(s)
singleBinary:
# -- Number of replicas for the single binary
replicas: 0
autoscaling:
# -- Enable autoscaling
enabled: false
# -- Minimum autoscaling replicas for the single binary
minReplicas: 1
# -- Maximum autoscaling replicas for the single binary
maxReplicas: 3
# -- Target CPU utilisation percentage for the single binary
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the single binary
targetMemoryUtilizationPercentage:
image:
# -- The Docker registry for the single binary image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the single binary image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the single binary image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for single binary pods
priorityClassName: null
# -- Annotations for single binary StatefulSet
annotations: {}
# -- Annotations for single binary pods
podAnnotations: {}
# -- Additional labels for each `single binary` pod
podLabels: {}
# -- Additional selector labels for each `single binary` pod
selectorLabels: {}
service:
# -- Annotations for single binary Service
annotations: {}
# -- Additional labels for single binary Service
labels: {}
# -- Comma-separated list of Loki modules to load for the single binary
targetModule: "all"
# -- Labels for single binary service
extraArgs: []
# -- Environment variables to add to the single binary pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the single binary pods
extraEnvFrom: []
# -- Extra containers to add to the single binary loki pod
extraContainers: []
# -- Init containers to add to the single binary pods
initContainers: []
# -- Volume mounts to add to the single binary pods
extraVolumeMounts: []
# -- Volumes to add to the single binary pods
extraVolumes: []
# -- Resource requests and limits for the single binary
resources: {}
# -- Grace period to allow the single binary to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for single binary pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: single-binary
topologyKey: kubernetes.io/hostname
# -- DNS config for single binary pods
dnsConfig: {}
# -- Node selector for single binary pods
nodeSelector: {}
# -- Tolerations for single binary pods
tolerations: []
persistence:
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: true
# -- Enable persistent disk
enabled: true
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Selector for persistent disk
selector: null
# -- Annotations for volume claim
annotations: {}
######################################################################################################################
#
# Simple Scalable Deployment (SSD) Mode
#
# For small to medium size Loki deployments up to around 1 TB/day, this is the default mode for this helm chart
#
######################################################################################################################
# Configuration for the write pod(s)
write:
# -- Number of replicas for the write
replicas: 3
autoscaling:
# -- Enable autoscaling for the write.
enabled: false
# -- Minimum autoscaling replicas for the write.
minReplicas: 2
# -- Maximum autoscaling replicas for the write.
maxReplicas: 6
# -- Target CPU utilisation percentage for the write.
targetCPUUtilizationPercentage: 60
# -- Target memory utilization percentage for the write.
targetMemoryUtilizationPercentage:
# -- Behavior policies while scaling.
behavior:
# -- see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
scaleUp:
policies:
- type: Pods
value: 1
periodSeconds: 900
scaleDown:
policies:
- type: Pods
value: 1
periodSeconds: 1800
stabilizationWindowSeconds: 3600
image:
# -- The Docker registry for the write image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the write image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the write image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for write pods
priorityClassName: null
# -- Annotations for write StatefulSet
annotations: {}
# -- Annotations for write pods
podAnnotations: {}
# -- Additional labels for each `write` pod
podLabels: {}
# -- Additional selector labels for each `write` pod
selectorLabels: {}
service:
# -- Annotations for write Service
annotations: {}
# -- Additional labels for write Service
labels: {}
# -- Comma-separated list of Loki modules to load for the write
targetModule: "write"
# -- Additional CLI args for the write
extraArgs: []
# -- Environment variables to add to the write pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the write pods
extraEnvFrom: []
# -- Lifecycle for the write container
lifecycle: {}
# -- The default /flush_shutdown preStop hook is recommended as part of the ingester
# scaledown process so it's added to the template by default when autoscaling is enabled,
# but it's disabled to optimize rolling restarts in instances that will never be scaled
# down or when using chunks storage with WAL disabled.
# https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown
# -- Init containers to add to the write pods
initContainers: []
# -- Containers to add to the write pods
extraContainers: []
# -- Volume mounts to add to the write pods
extraVolumeMounts: []
# -- Volumes to add to the write pods
extraVolumes: []
# -- volumeClaimTemplates to add to StatefulSet
extraVolumeClaimTemplates: []
# -- Resource requests and limits for the write
resources: {}
# -- Grace period to allow the write to shutdown before it is killed. Especially for the ingester,
# this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring
# all data and to successfully leave the member ring on shutdown.
terminationGracePeriodSeconds: 300
# -- Affinity for write pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: write
topologyKey: kubernetes.io/hostname
# -- DNS config for write pods
dnsConfig: {}
# -- Node selector for write pods
nodeSelector: {}
# -- Topology Spread Constraints for write pods
topologySpreadConstraints: []
# -- Tolerations for write pods
tolerations: []
# -- The default is to deploy all pods in parallel.
podManagementPolicy: "Parallel"
persistence:
# -- Enable volume claims in pod spec
volumeClaimsEnabled: true
# -- Parameters used for the `data` volume when volumeClaimEnabled if false
dataVolumeParameters:
emptyDir: {}
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Selector for persistent disk
selector: null
# -- Annotations for volume claim
annotations: {}
# -- Configuration for the read pod(s)
read:
# -- Number of replicas for the read
replicas: 3
autoscaling:
# -- Enable autoscaling for the read, this is only used if `queryIndex.enabled: true`
enabled: false
# -- Minimum autoscaling replicas for the read
minReplicas: 2
# -- Maximum autoscaling replicas for the read
maxReplicas: 6
# -- Target CPU utilisation percentage for the read
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the read
targetMemoryUtilizationPercentage:
# -- Behavior policies while scaling.
behavior: {}
# scaleUp:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 60
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 180
image:
# -- The Docker registry for the read image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the read image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the read image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for read pods
priorityClassName: null
# -- Annotations for read deployment
annotations: {}
# -- Annotations for read pods
podAnnotations: {}
# -- Additional labels for each `read` pod
podLabels: {}
# -- Additional selector labels for each `read` pod
selectorLabels: {}
service:
# -- Annotations for read Service
annotations: {}
# -- Additional labels for read Service
labels: {}
# -- Comma-separated list of Loki modules to load for the read
targetModule: "read"
# -- Whether or not to use the 2 target type simple scalable mode (read, write) or the
# 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will
# run two targets, false will run 3 targets.
legacyReadTarget: false
# -- Additional CLI args for the read
extraArgs: []
# -- Containers to add to the read pods
extraContainers: []
# -- Environment variables to add to the read pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the read pods
extraEnvFrom: []
# -- Lifecycle for the read container
lifecycle: {}
# -- Volume mounts to add to the read pods
extraVolumeMounts: []
# -- Volumes to add to the read pods
extraVolumes: []
# -- Resource requests and limits for the read
resources: {}
# -- Grace period to allow the read to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for read pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: read
topologyKey: kubernetes.io/hostname
# -- DNS config for read pods
dnsConfig: {}
# -- Node selector for read pods
nodeSelector: {}
# -- Topology Spread Constraints for read pods
topologySpreadConstraints: []
# -- Tolerations for read pods
tolerations: []
# -- The default is to deploy all pods in parallel.
podManagementPolicy: "Parallel"
persistence:
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: true
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Selector for persistent disk
selector: null
# -- Annotations for volume claim
annotations: {}
# -- Configuration for the backend pod(s)
backend:
# -- Number of replicas for the backend
replicas: 3
autoscaling:
# -- Enable autoscaling for the backend.
enabled: false
# -- Minimum autoscaling replicas for the backend.
minReplicas: 3
# -- Maximum autoscaling replicas for the backend.
maxReplicas: 6
# -- Target CPU utilization percentage for the backend.
targetCPUUtilizationPercentage: 60
# -- Target memory utilization percentage for the backend.
targetMemoryUtilizationPercentage:
# -- Behavior policies while scaling.
behavior: {}
# scaleUp:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 60
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 180
image:
# -- The Docker registry for the backend image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the backend image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the backend image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for backend pods
priorityClassName: null
# -- Annotations for backend StatefulSet
annotations: {}
# -- Annotations for backend pods
podAnnotations: {}
# -- Additional labels for each `backend` pod
podLabels: {}
# -- Additional selector labels for each `backend` pod
selectorLabels: {}
service:
# -- Annotations for backend Service
annotations: {}
# -- Additional labels for backend Service
labels: {}
# -- Comma-separated list of Loki modules to load for the backend
targetModule: "backend"
# -- Additional CLI args for the backend
extraArgs: []
# -- Environment variables to add to the backend pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the backend pods
extraEnvFrom: []
# -- Init containers to add to the backend pods
initContainers: []
# -- Volume mounts to add to the backend pods
extraVolumeMounts: []
# -- Volumes to add to the backend pods
extraVolumes: []
# -- Resource requests and limits for the backend
resources: {}
# -- Grace period to allow the backend to shutdown before it is killed. Especially for the ingester,
# this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring
# all data and to successfully leave the member ring on shutdown.
terminationGracePeriodSeconds: 300
# -- Affinity for backend pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: backend
topologyKey: kubernetes.io/hostname
# -- DNS config for backend pods
dnsConfig: {}
# -- Node selector for backend pods
nodeSelector: {}
# -- Topology Spread Constraints for backend pods
topologySpreadConstraints: []
# -- Tolerations for backend pods
tolerations: []
# -- The default is to deploy all pods in parallel.
podManagementPolicy: "Parallel"
persistence:
# -- Enable volume claims in pod spec
volumeClaimsEnabled: true
# -- Parameters used for the `data` volume when volumeClaimEnabled if false
dataVolumeParameters:
emptyDir: {}
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: true
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Selector for persistent disk
selector: null
# -- Annotations for volume claim
annotations: {}
######################################################################################################################
#
# Microservices Mode
#
# For large Loki deployments ingesting more than 1 TB/day
#
######################################################################################################################
# -- Configuration for the ingester
ingester:
# -- Number of replicas for the ingester, when zoneAwareReplication.enabled is true, the total
# number of replicas will match this value with each zone having 1/3rd of the total replicas.
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
autoscaling:
# -- Enable autoscaling for the ingester
enabled: false
# -- Minimum autoscaling replicas for the ingester
minReplicas: 1
# -- Maximum autoscaling replicas for the ingester
maxReplicas: 3
# -- Target CPU utilisation percentage for the ingester
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the ingester
targetMemoryUtilizationPercentage: null
# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
customMetrics: []
# - type: Pods
# pods:
# metric:
# name: loki_lines_total
# target:
# type: AverageValue
# averageValue: 10k
behavior:
# -- Enable autoscaling behaviours
enabled: false
# -- define scale down policies, must conform to HPAScalingRules
scaleDown: {}
# -- define scale up policies, must conform to HPAScalingRules
scaleUp: {}
image:
# -- The Docker registry for the ingester image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the ingester image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the ingester image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
priorityClassName: null
# -- Labels for ingester pods
podLabels: {}
# -- Annotations for ingester pods
podAnnotations: {}
# -- The name of the PriorityClass for ingester pods
# -- Labels for ingestor service
serviceLabels: {}
# -- Annotations for ingestor service
serviceAnnotations: {}
# -- Additional CLI args for the ingester
extraArgs: []
# -- Environment variables to add to the ingester pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the ingester pods
extraEnvFrom: []
# -- Volume mounts to add to the ingester pods
extraVolumeMounts: []
# -- Volumes to add to the ingester pods
extraVolumes: []
# -- Resource requests and limits for the ingester
resources: {}
# -- Containers to add to the ingester pods
extraContainers: []
# -- Init containers to add to the ingester pods
initContainers: []
# -- Grace period to allow the ingester to shutdown before it is killed. Especially for the ingestor,
# this must be increased. It must be long enough so ingesters can be gracefully shutdown flushing/transferring
# all data and to successfully leave the member ring on shutdown.
terminationGracePeriodSeconds: 300
# -- Lifecycle for the ingester container
lifecycle: {}
# -- topologySpread for ingester pods.
# @default -- Defaults to allow skew no more than 1 node
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
# -- Affinity for ingester pods. Ignored if zoneAwareReplication is enabled.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: 1
# -- Node selector for ingester pods
nodeSelector: {}
# -- Tolerations for ingester pods
tolerations: []
# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
readinessProbe: {}
# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
livenessProbe: {}
# -- UpdateStrategy for the ingester StatefulSets.
updateStrategy:
# -- One of 'OnDelete' or 'RollingUpdate'
type: RollingUpdate
# -- Optional for updateStrategy.type=RollingUpdate. See [Partitioned rolling updates](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions) in the StatefulSet docs for details.
# rollingUpdate:
# partition: 0
persistence:
# -- Enable creating PVCs which is required when using boltdb-shipper
enabled: false
# -- Use emptyDir with ramdisk for storage. **Please note that all data in ingester will be lost on pod restart**
inMemory: false
# -- List of the ingester PVCs
# @notationType -- list
claims:
- name: data
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# - name: wal
# size: 150Gi
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
# -- Adds the appProtocol field to the ingester service. This allows ingester to work with istio protocol selection.
appProtocol:
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
grpc: ""
# -- Enabling zone awareness on ingesters will create 3 statefulests where all writes will send a replica to each zone.
# This is primarily intended to accelerate rollout operations by allowing for multiple ingesters within a single
# zone to be shutdown and restart simultaneously (the remaining 2 zones will be guaranteed to have at least one copy
# of the data).
# Note: This can be used to run Loki over multiple cloud provider availability zones however this is not currently
# recommended as Loki is not optimized for this and cross zone network traffic costs can become extremely high
# extremely quickly. Even with zone awareness enabled, it is recommended to run Loki in a single availability zone.
zoneAwareReplication:
# -- Enable zone awareness.
enabled: true
# -- The percent of replicas in each zone that will be restarted at once. In a value of 0-100
maxUnavailablePct: 33
# -- zoneA configuration
zoneA:
# -- optionally define a node selector for this zone
nodeSelector: null
# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
extraAffinity: {}
# -- Specific annotations to add to zone A statefulset
annotations: {}
# -- Specific annotations to add to zone A pods
podAnnotations: {}
zoneB:
# -- optionally define a node selector for this zone
nodeSelector: null
# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
extraAffinity: {}
# -- Specific annotations to add to zone B statefulset
annotations: {}
# -- Specific annotations to add to zone B pods
podAnnotations: {}
zoneC:
# -- optionally define a node selector for this zone
nodeSelector: null
# -- optionally define extra affinity rules, by default different zones are not allowed to schedule on the same host
extraAffinity: {}
# -- Specific annotations to add to zone C statefulset
annotations: {}
# -- Specific annotations to add to zone C pods
podAnnotations: {}
# -- The migration block allows migrating non zone aware ingesters to zone aware ingesters.
migration:
enabled: false
excludeDefaultZone: false
readPath: false
writePath: false
# -- Configuration for the distributor
distributor:
# -- Number of replicas for the distributor
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
autoscaling:
# -- Enable autoscaling for the distributor
enabled: false
# -- Minimum autoscaling replicas for the distributor
minReplicas: 1
# -- Maximum autoscaling replicas for the distributor
maxReplicas: 3
# -- Target CPU utilisation percentage for the distributor
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the distributor
targetMemoryUtilizationPercentage: null
# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
customMetrics: []
# - type: Pods
# pods:
# metric:
# name: loki_lines_total
# target:
# type: AverageValue
# averageValue: 10k
behavior:
# -- Enable autoscaling behaviours
enabled: false
# -- define scale down policies, must conform to HPAScalingRules
scaleDown: {}
# -- define scale up policies, must conform to HPAScalingRules
scaleUp: {}
image:
# -- The Docker registry for the distributor image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the distributor image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the distributor image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for distributor pods
priorityClassName: null
# -- Labels for distributor pods
podLabels: {}
# -- Annotations for distributor pods
podAnnotations: {}
# -- Labels for distributor service
serviceLabels: {}
# -- Annotations for distributor service
serviceAnnotations: {}
# -- Additional CLI args for the distributor
extraArgs: []
# -- Environment variables to add to the distributor pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the distributor pods
extraEnvFrom: []
# -- Volume mounts to add to the distributor pods
extraVolumeMounts: []
# -- Volumes to add to the distributor pods
extraVolumes: []
# -- Resource requests and limits for the distributor
resources: {}
# -- Containers to add to the distributor pods
extraContainers: []
# -- Grace period to allow the distributor to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for distributor pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: distributor
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Max Surge for distributor pods
maxSurge: 0
# -- Node selector for distributor pods
nodeSelector: {}
# -- Topology Spread Constraints for distributor pods
topologySpreadConstraints: []
# -- Tolerations for distributor pods
tolerations: []
# -- Adds the appProtocol field to the distributor service. This allows distributor to work with istio protocol selection.
appProtocol:
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
grpc: ""
# -- Configuration for the querier
querier:
# -- Number of replicas for the querier
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
autoscaling:
# -- Enable autoscaling for the querier, this is only used if `indexGateway.enabled: true`
enabled: false
# -- Minimum autoscaling replicas for the querier
minReplicas: 1
# -- Maximum autoscaling replicas for the querier
maxReplicas: 3
# -- Target CPU utilisation percentage for the querier
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the querier
targetMemoryUtilizationPercentage: null
# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
customMetrics: []
# - type: External
# external:
# metric:
# name: loki_inflight_queries
# target:
# type: AverageValue
# averageValue: 12
behavior:
# -- Enable autoscaling behaviours
enabled: false
# -- define scale down policies, must conform to HPAScalingRules
scaleDown: {}
# -- define scale up policies, must conform to HPAScalingRules
scaleUp: {}
image:
# -- The Docker registry for the querier image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the querier image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the querier image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for querier pods
priorityClassName: null
# -- Labels for querier pods
podLabels: {}
# -- Annotations for querier pods
podAnnotations: {}
# -- Labels for querier service
serviceLabels: {}
# -- Annotations for querier service
serviceAnnotations: {}
# -- Additional CLI args for the querier
extraArgs: []
# -- Environment variables to add to the querier pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the querier pods
extraEnvFrom: []
# -- Volume mounts to add to the querier pods
extraVolumeMounts: []
# -- Volumes to add to the querier pods
extraVolumes: []
# -- Resource requests and limits for the querier
resources: {}
# -- Containers to add to the querier pods
extraContainers: []
# -- Init containers to add to the querier pods
initContainers: []
# -- Grace period to allow the querier to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- topologySpread for querier pods.
# @default -- Defaults to allow skew no more then 1 node
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/component: querier
# -- Affinity for querier pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: querier
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Max Surge for querier pods
maxSurge: 0
# -- Node selector for querier pods
nodeSelector: {}
# -- Tolerations for querier pods
tolerations: []
# -- DNSConfig for querier pods
dnsConfig: {}
persistence:
# -- Enable creating PVCs for the querier cache
enabled: false
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Annotations for querier PVCs
annotations: {}
# -- Adds the appProtocol field to the querier service. This allows querier to work with istio protocol selection.
appProtocol:
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
grpc: ""
# -- Configuration for the query-frontend
queryFrontend:
# -- Number of replicas for the query-frontend
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
autoscaling:
# -- Enable autoscaling for the query-frontend
enabled: false
# -- Minimum autoscaling replicas for the query-frontend
minReplicas: 1
# -- Maximum autoscaling replicas for the query-frontend
maxReplicas: 3
# -- Target CPU utilisation percentage for the query-frontend
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the query-frontend
targetMemoryUtilizationPercentage: null
# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
customMetrics: []
# - type: Pods
# pods:
# metric:
# name: loki_query_rate
# target:
# type: AverageValue
# averageValue: 100
behavior:
# -- Enable autoscaling behaviours
enabled: false
# -- define scale down policies, must conform to HPAScalingRules
scaleDown: {}
# -- define scale up policies, must conform to HPAScalingRules
scaleUp: {}
image:
# -- The Docker registry for the query-frontend image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the query-frontend image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the query-frontend image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for query-frontend pods
priorityClassName: null
# -- Labels for query-frontend pods
podLabels: {}
# -- Annotations for query-frontend pods
podAnnotations: {}
# -- Labels for query-frontend service
serviceLabels: {}
# -- Annotations for query-frontend service
serviceAnnotations: {}
# -- Additional CLI args for the query-frontend
extraArgs: []
# -- Environment variables to add to the query-frontend pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the query-frontend pods
extraEnvFrom: []
# -- Volume mounts to add to the query-frontend pods
extraVolumeMounts: []
# -- Volumes to add to the query-frontend pods
extraVolumes: []
# -- Resource requests and limits for the query-frontend
resources: {}
# -- Containers to add to the query-frontend pods
extraContainers: []
# -- Grace period to allow the query-frontend to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for query-frontend pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-frontend
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Node selector for query-frontend pods
nodeSelector: {}
# -- Topology Spread Constraints for query-frontend pods
topologySpreadConstraints: []
# -- Tolerations for query-frontend pods
tolerations: []
# -- Adds the appProtocol field to the queryFrontend service. This allows queryFrontend to work with istio protocol selection.
appProtocol:
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
grpc: ""
# -- Configuration for the query-scheduler
queryScheduler:
# -- Number of replicas for the query-scheduler.
# It should be lower than `-querier.max-concurrent` to avoid generating back-pressure in queriers;
# it's also recommended that this value evenly divides the latter
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the query-scheduler image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the query-scheduler image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the query-scheduler image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for query-scheduler pods
priorityClassName: null
# -- Labels for query-scheduler pods
podLabels: {}
# -- Annotations for query-scheduler pods
podAnnotations: {}
# -- Labels for query-scheduler service
serviceLabels: {}
# -- Annotations for query-scheduler service
serviceAnnotations: {}
# -- Additional CLI args for the query-scheduler
extraArgs: []
# -- Environment variables to add to the query-scheduler pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the query-scheduler pods
extraEnvFrom: []
# -- Volume mounts to add to the query-scheduler pods
extraVolumeMounts: []
# -- Volumes to add to the query-scheduler pods
extraVolumes: []
# -- Resource requests and limits for the query-scheduler
resources: {}
# -- Containers to add to the query-scheduler pods
extraContainers: []
# -- Grace period to allow the query-scheduler to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for query-scheduler pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-scheduler
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: 1
# -- Node selector for query-scheduler pods
nodeSelector: {}
# -- Topology Spread Constraints for query-scheduler pods
topologySpreadConstraints: []
# -- Tolerations for query-scheduler pods
tolerations: []
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
# -- Configuration for the index-gateway
indexGateway:
# -- Number of replicas for the index-gateway
replicas: 0
# -- Whether the index gateway should join the memberlist hashring
joinMemberlist: true
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the index-gateway image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the index-gateway image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the index-gateway image. Overrides `loki.image.tag`
tag: null
# -- The name of the PriorityClass for index-gateway pods
priorityClassName: null
# -- Labels for index-gateway pods
podLabels: {}
# -- Annotations for index-gateway pods
podAnnotations: {}
# -- Labels for index-gateway service
serviceLabels: {}
# -- Annotations for index-gateway service
serviceAnnotations: {}
# -- Additional CLI args for the index-gateway
extraArgs: []
# -- Environment variables to add to the index-gateway pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the index-gateway pods
extraEnvFrom: []
# -- Volume mounts to add to the index-gateway pods
extraVolumeMounts: []
# -- Volumes to add to the index-gateway pods
extraVolumes: []
# -- Resource requests and limits for the index-gateway
resources: {}
# -- Containers to add to the index-gateway pods
extraContainers: []
# -- Init containers to add to the index-gateway pods
initContainers: []
# -- Grace period to allow the index-gateway to shutdown before it is killed.
terminationGracePeriodSeconds: 300
# -- Affinity for index-gateway pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: index-gateway
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Node selector for index-gateway pods
nodeSelector: {}
# -- Topology Spread Constraints for index-gateway pods
topologySpreadConstraints: []
# -- Tolerations for index-gateway pods
tolerations: []
persistence:
# -- Enable creating PVCs which is required when using boltdb-shipper
enabled: false
# -- Use emptyDir with ramdisk for storage. **Please note that all data in indexGateway will be lost on pod restart**
inMemory: false
# -- Size of persistent or memory disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Annotations for index gateway PVCs
annotations: {}
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
# -- UpdateStrategy for the indexGateway StatefulSet.
updateStrategy:
# -- One of 'OnDelete' or 'RollingUpdate'
type: RollingUpdate
# -- Optional for updateStrategy.type=RollingUpdate. See [Partitioned rolling updates](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions) in the StatefulSet docs for details.
# rollingUpdate:
# partition: 0
# -- Configuration for the compactor
compactor:
# -- Number of replicas for the compactor
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the compactor image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the compactor image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the compactor image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for compactor pods
priorityClassName: null
# -- Labels for compactor pods
podLabels: {}
# -- Annotations for compactor pods
podAnnotations: {}
# -- Affinity for compactor pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: compactor
topologyKey: kubernetes.io/hostname
# -- Labels for compactor service
serviceLabels: {}
# -- Annotations for compactor service
serviceAnnotations: {}
# -- Additional CLI args for the compactor
extraArgs: []
# -- Environment variables to add to the compactor pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the compactor pods
extraEnvFrom: []
# -- Volume mounts to add to the compactor pods
extraVolumeMounts: []
# -- Volumes to add to the compactor pods
extraVolumes: []
# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
readinessProbe: {}
# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
livenessProbe: {}
# -- Resource requests and limits for the compactor
resources: {}
# -- Containers to add to the compactor pods
extraContainers: []
# -- Init containers to add to the compactor pods
initContainers: []
# -- Grace period to allow the compactor to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Node selector for compactor pods
nodeSelector: {}
# -- Tolerations for compactor pods
tolerations: []
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
persistence:
# -- Enable creating PVCs for the compactor
enabled: false
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Annotations for compactor PVCs
annotations: {}
# -- List of the compactor PVCs
# @notationType -- list
claims:
- name: data
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# - name: wal
# size: 150Gi
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
serviceAccount:
create: false
# -- The name of the ServiceAccount to use for the compactor.
# If not set and create is true, a name is generated by appending
# "-compactor" to the common ServiceAccount.
name: null
# -- Image pull secrets for the compactor service account
imagePullSecrets: []
# -- Annotations for the compactor service account
annotations: {}
# -- Set this toggle to false to opt out of automounting API credentials for the service account
automountServiceAccountToken: true
# -- Configuration for the bloom-gateway
bloomGateway:
# -- Number of replicas for the bloom-gateway
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the bloom-gateway image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the bloom-gateway image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the bloom-gateway image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for bloom-gateway pods
priorityClassName: null
# -- Labels for bloom-gateway pods
podLabels: {}
# -- Annotations for bloom-gateway pods
podAnnotations: {}
# -- Affinity for bloom-gateway pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: bloom-gateway
topologyKey: kubernetes.io/hostname
# -- Labels for bloom-gateway service
serviceLabels: {}
# -- Annotations for bloom-gateway service
serviceAnnotations: {}
# -- Additional CLI args for the bloom-gateway
extraArgs: []
# -- Environment variables to add to the bloom-gateway pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the bloom-gateway pods
extraEnvFrom: []
# -- Volume mounts to add to the bloom-gateway pods
extraVolumeMounts: []
# -- Volumes to add to the bloom-gateway pods
extraVolumes: []
# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
readinessProbe: {}
# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
livenessProbe: {}
# -- Resource requests and limits for the bloom-gateway
resources: {}
# -- Containers to add to the bloom-gateway pods
extraContainers: []
# -- Init containers to add to the bloom-gateway pods
initContainers: []
# -- Grace period to allow the bloom-gateway to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Node selector for bloom-gateway pods
nodeSelector: {}
# -- Tolerations for bloom-gateway pods
tolerations: []
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
persistence:
# -- Enable creating PVCs for the bloom-gateway
enabled: false
# -- Annotations for bloom-gateway PVCs
annotations: {}
# -- List of the bloom-gateway PVCs
# @notationType -- list
claims:
- name: data
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
serviceAccount:
create: false
# -- The name of the ServiceAccount to use for the bloom-gateway.
# If not set and create is true, a name is generated by appending
# "-bloom-gateway" to the common ServiceAccount.
name: null
# -- Image pull secrets for the bloom-gateway service account
imagePullSecrets: []
# -- Annotations for the bloom-gateway service account
annotations: {}
# -- Set this toggle to false to opt out of automounting API credentials for the service account
automountServiceAccountToken: true
# -- Configuration for the bloom-planner
bloomPlanner:
# -- Number of replicas for the bloom-planner
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the bloom-planner image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the bloom-planner image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the bloom-planner image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for bloom-planner pods
priorityClassName: null
# -- Labels for bloom-planner pods
podLabels: {}
# -- Annotations for bloom-planner pods
podAnnotations: {}
# -- Affinity for bloom-planner pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: bloom-planner
topologyKey: kubernetes.io/hostname
# -- Labels for bloom-planner service
serviceLabels: {}
# -- Annotations for bloom-planner service
serviceAnnotations: {}
# -- Additional CLI args for the bloom-planner
extraArgs: []
# -- Environment variables to add to the bloom-planner pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the bloom-planner pods
extraEnvFrom: []
# -- Volume mounts to add to the bloom-planner pods
extraVolumeMounts: []
# -- Volumes to add to the bloom-planner pods
extraVolumes: []
# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
readinessProbe: {}
# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
livenessProbe: {}
# -- Resource requests and limits for the bloom-planner
resources: {}
# -- Containers to add to the bloom-planner pods
extraContainers: []
# -- Init containers to add to the bloom-planner pods
initContainers: []
# -- Grace period to allow the bloom-planner to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Node selector for bloom-planner pods
nodeSelector: {}
# -- Tolerations for bloom-planner pods
tolerations: []
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
persistence:
# -- Enable creating PVCs for the bloom-planner
enabled: false
# -- Annotations for bloom-planner PVCs
annotations: {}
# -- List of the bloom-planner PVCs
# @notationType -- list
claims:
- name: data
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
serviceAccount:
create: false
# -- The name of the ServiceAccount to use for the bloom-planner.
# If not set and create is true, a name is generated by appending
# "-bloom-planner" to the common ServiceAccount.
name: null
# -- Image pull secrets for the bloom-planner service account
imagePullSecrets: []
# -- Annotations for the bloom-planner service account
annotations: {}
# -- Set this toggle to false to opt out of automounting API credentials for the service account
automountServiceAccountToken: true
# -- Configuration for the bloom-builder
bloomBuilder:
# -- Number of replicas for the bloom-builder
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
autoscaling:
# -- Enable autoscaling for the bloom-builder
enabled: false
# -- Minimum autoscaling replicas for the bloom-builder
minReplicas: 1
# -- Maximum autoscaling replicas for the bloom-builder
maxReplicas: 3
# -- Target CPU utilisation percentage for the bloom-builder
targetCPUUtilizationPercentage: 60
# -- Target memory utilisation percentage for the bloom-builder
targetMemoryUtilizationPercentage: null
# -- Allows one to define custom metrics using the HPA/v2 schema (for example, Pods, Object or External metrics)
customMetrics: []
# - type: Pods
# pods:
# metric:
# name: loki_query_rate
# target:
# type: AverageValue
# averageValue: 100
behavior:
# -- Enable autoscaling behaviours
enabled: false
# -- define scale down policies, must conform to HPAScalingRules
scaleDown: {}
# -- define scale up policies, must conform to HPAScalingRules
scaleUp: {}
image:
# -- The Docker registry for the bloom-builder image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the bloom-builder image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the bloom-builder image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for bloom-builder pods
priorityClassName: null
# -- Labels for bloom-builder pods
podLabels: {}
# -- Annotations for bloom-builder pods
podAnnotations: {}
# -- Labels for bloom-builder service
serviceLabels: {}
# -- Annotations for bloom-builder service
serviceAnnotations: {}
# -- Additional CLI args for the bloom-builder
extraArgs: []
# -- Environment variables to add to the bloom-builder pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the bloom-builder pods
extraEnvFrom: []
# -- Volume mounts to add to the bloom-builder pods
extraVolumeMounts: []
# -- Volumes to add to the bloom-builder pods
extraVolumes: []
# -- Resource requests and limits for the bloom-builder
resources: {}
# -- Containers to add to the bloom-builder pods
extraContainers: []
# -- Grace period to allow the bloom-builder to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for bloom-builder pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: bloom-builder
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Node selector for bloom-builder pods
nodeSelector: {}
# -- Tolerations for bloom-builder pods
tolerations: []
# -- Adds the appProtocol field to the queryFrontend service. This allows bloomBuilder to work with istio protocol selection.
appProtocol:
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
grpc: ""
# -- Configuration for the pattern ingester
patternIngester:
# -- Number of replicas for the pattern ingester
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the pattern ingester image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the pattern ingester image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the pattern ingester image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for pattern ingester pods
priorityClassName: null
# -- Labels for pattern ingester pods
podLabels: {}
# -- Annotations for pattern ingester pods
podAnnotations: {}
# -- Affinity for pattern ingester pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: pattern-ingester
topologyKey: kubernetes.io/hostname
# -- Labels for pattern ingester service
serviceLabels: {}
# -- Annotations for pattern ingester service
serviceAnnotations: {}
# -- Additional CLI args for the pattern ingester
extraArgs: []
# -- Environment variables to add to the pattern ingester pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the pattern ingester pods
extraEnvFrom: []
# -- Volume mounts to add to the pattern ingester pods
extraVolumeMounts: []
# -- Volumes to add to the pattern ingester pods
extraVolumes: []
# -- readiness probe settings for ingester pods. If empty, use `loki.readinessProbe`
readinessProbe: {}
# -- liveness probe settings for ingester pods. If empty use `loki.livenessProbe`
livenessProbe: {}
# -- Resource requests and limits for the pattern ingester
resources: {}
# -- Containers to add to the pattern ingester pods
extraContainers: []
# -- Init containers to add to the pattern ingester pods
initContainers: []
# -- Grace period to allow the pattern ingester to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Node selector for pattern ingester pods
nodeSelector: {}
# -- Topology Spread Constraints for pattern ingester pods
topologySpreadConstraints: []
# -- Tolerations for pattern ingester pods
tolerations: []
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
persistence:
# -- Enable creating PVCs for the pattern ingester
enabled: false
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Annotations for pattern ingester PVCs
annotations: {}
# -- List of the pattern ingester PVCs
# @notationType -- list
claims:
- name: data
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# - name: wal
# size: 150Gi
# -- Enable StatefulSetAutoDeletePVC feature
enableStatefulSetAutoDeletePVC: false
whenDeleted: Retain
whenScaled: Retain
serviceAccount:
create: false
# -- The name of the ServiceAccount to use for the pattern ingester.
# If not set and create is true, a name is generated by appending
# "-pattern-ingester" to the common ServiceAccount.
name: null
# -- Image pull secrets for the pattern ingester service account
imagePullSecrets: []
# -- Annotations for the pattern ingester service account
annotations: {}
# -- Set this toggle to false to opt out of automounting API credentials for the service account
automountServiceAccountToken: true
# -- Configuration for the ruler
ruler:
# -- The ruler component is optional and can be disabled if desired.
enabled: true
# -- Number of replicas for the ruler
replicas: 0
# -- hostAliases to add
hostAliases: []
# - ip: 1.2.3.4
# hostnames:
# - domain.tld
image:
# -- The Docker registry for the ruler image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the ruler image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the ruler image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for ruler pods
priorityClassName: null
# -- Labels for compactor pods
podLabels: {}
# -- Annotations for ruler pods
podAnnotations: {}
# -- Labels for ruler service
serviceLabels: {}
# -- Annotations for ruler service
serviceAnnotations: {}
# -- Additional CLI args for the ruler
extraArgs: []
# -- Environment variables to add to the ruler pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the ruler pods
extraEnvFrom: []
# -- Volume mounts to add to the ruler pods
extraVolumeMounts: []
# -- Volumes to add to the ruler pods
extraVolumes: []
# -- Resource requests and limits for the ruler
resources: {}
# -- Containers to add to the ruler pods
extraContainers: []
# -- Init containers to add to the ruler pods
initContainers: []
# -- Grace period to allow the ruler to shutdown before it is killed
terminationGracePeriodSeconds: 300
# -- Affinity for ruler pods.
# @default -- Hard node anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ruler
topologyKey: kubernetes.io/hostname
# -- Pod Disruption Budget maxUnavailable
maxUnavailable: null
# -- Node selector for ruler pods
nodeSelector: {}
# -- Topology Spread Constraints for ruler pods
topologySpreadConstraints: []
# -- Tolerations for ruler pods
tolerations: []
# -- DNSConfig for ruler pods
dnsConfig: {}
persistence:
# -- Enable creating PVCs which is required when using recording rules
enabled: false
# -- Size of persistent disk
size: 10Gi
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Annotations for ruler PVCs
annotations: {}
# -- Set the optional grpc service protocol. Ex: "grpc", "http2" or "https"
appProtocol:
grpc: ""
# -- Directories containing rules files
directories: {}
# tenant_foo:
# rules1.txt: |
# groups:
# - name: should_fire
# rules:
# - alert: HighPercentageError
# expr: |
# sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)
# /
# sum(rate({app="foo", env="production"}[5m])) by (job)
# > 0.05
# for: 10m
# labels:
# severity: warning
# annotations:
# summary: High error rate
# - name: credentials_leak
# rules:
# - alert: http-credentials-leaked
# annotations:
# message: "{{ $labels.job }} is leaking http basic auth credentials."
# expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'
# for: 10m
# labels:
# severity: critical
# rules2.txt: |
# groups:
# - name: example
# rules:
# - alert: HighThroughputLogStreams
# expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000
# for: 2m
# tenant_bar:
# rules1.txt: |
# groups:
# - name: should_fire
# rules:
# - alert: HighPercentageError
# expr: |
# sum(rate({app="foo", env="production"} |= "error" [5m])) by (job)
# /
# sum(rate({app="foo", env="production"}[5m])) by (job)
# > 0.05
# for: 10m
# labels:
# severity: warning
# annotations:
# summary: High error rate
# - name: credentials_leak
# rules:
# - alert: http-credentials-leaked
# annotations:
# message: "{{ $labels.job }} is leaking http basic auth credentials."
# expr: 'sum by (cluster, job, pod) (count_over_time({namespace="prod"} |~ "http(s?)://(\\w+):(\\w+)@" [5m]) > 0)'
# for: 10m
# labels:
# severity: critical
# rules2.txt: |
# groups:
# - name: example
# rules:
# - alert: HighThroughputLogStreams
# expr: sum by(container) (rate({job=~"loki-dev/.*"}[1m])) > 1000
# for: 2m
memcached:
image:
# -- Memcached Docker image repository
repository: memcached
# -- Memcached Docker image tag
tag: 1.6.32-alpine
# -- Memcached Docker image pull policy
pullPolicy: IfNotPresent
# -- The SecurityContext override for memcached pods
podSecurityContext:
runAsNonRoot: true
runAsUser: 11211
runAsGroup: 11211
fsGroup: 11211
# -- The name of the PriorityClass for memcached pods
priorityClassName: null
# -- The SecurityContext for memcached containers
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop: [ALL]
allowPrivilegeEscalation: false
memcachedExporter:
# -- Whether memcached metrics should be exported
enabled: true
image:
repository: prom/memcached-exporter
tag: v0.15.0
pullPolicy: IfNotPresent
resources:
requests: {}
limits: {}
# -- The SecurityContext for memcached exporter containers
containerSecurityContext:
readOnlyRootFilesystem: true
capabilities:
drop: [ALL]
allowPrivilegeEscalation: false
# -- Extra args to add to the exporter container.
# Example:
# extraArgs:
# memcached.tls.enable: true
# memcached.tls.cert-file: /certs/cert.crt
# memcached.tls.key-file: /certs/cert.key
# memcached.tls.ca-file: /certs/ca.crt
# memcached.tls.insecure-skip-verify: false
# memcached.tls.server-name: memcached
extraArgs: {}
resultsCache:
# -- Specifies whether memcached based results-cache should be enabled
enabled: true
# -- Specify how long cached results should be stored in the results-cache before being expired
defaultValidity: 12h
# -- Memcached operation timeout
timeout: 500ms
# -- Total number of results-cache replicas
replicas: 1
# -- Port of the results-cache service
port: 11211
# -- Amount of memory allocated to results-cache for object storage (in MB).
allocatedMemory: 1024
# -- Maximum item results-cache for memcached (in MB).
maxItemMemory: 5
# -- Maximum number of connections allowed
connectionLimit: 16384
# -- Max memory to use for cache write back
writebackSizeLimit: 500MB
# -- Max number of objects to use for cache write back
writebackBuffer: 500000
# -- Number of parallel threads for cache write back
writebackParallelism: 1
# -- Extra init containers for results-cache pods
initContainers: []
# -- Annotations for the results-cache pods
annotations: {}
# -- Node selector for results-cache pods
nodeSelector: {}
# -- Affinity for results-cache pods
affinity: {}
# -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.
# labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.
topologySpreadConstraints: []
# maxSkew: 1
# topologyKey: kubernetes.io/hostname
# whenUnsatisfiable: ScheduleAnyway
# -- Tolerations for results-cache pods
tolerations: []
# -- Pod Disruption Budget
podDisruptionBudget:
maxUnavailable: 1
# -- The name of the PriorityClass for results-cache pods
priorityClassName: null
# -- Labels for results-cache pods
podLabels: {}
# -- Annotations for results-cache pods
podAnnotations: {}
# -- Management policy for results-cache pods
podManagementPolicy: Parallel
# -- Grace period to allow the results-cache to shutdown before it is killed
terminationGracePeriodSeconds: 60
# -- Stateful results-cache strategy
statefulStrategy:
type: RollingUpdate
# -- Add extended options for results-cache memcached container. The format is the same as for the memcached -o/--extend flag.
# Example:
# extraExtendedOptions: 'tls,modern,track_sizes'
extraExtendedOptions: ""
# -- Additional CLI args for results-cache
extraArgs: {}
# -- Additional containers to be added to the results-cache pod.
extraContainers: []
# -- Additional volumes to be added to the results-cache pod (applies to both memcached and exporter containers).
# Example:
# extraVolumes:
# - name: extra-volume
# secret:
# secretName: extra-volume-secret
extraVolumes: []
# -- Additional volume mounts to be added to the results-cache pod (applies to both memcached and exporter containers).
# Example:
# extraVolumeMounts:
# - name: extra-volume
# mountPath: /etc/extra-volume
# readOnly: true
extraVolumeMounts: []
# -- Resource requests and limits for the results-cache
# By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).
resources: null
# -- Service annotations and labels
service:
annotations: {}
labels: {}
# -- Persistence settings for the results-cache
persistence:
# -- Enable creating PVCs for the results-cache
enabled: false
# -- Size of persistent disk, must be in G or Gi
storageSize: 10G
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Volume mount path
mountPath: /data
chunksCache:
# -- Specifies whether memcached based chunks-cache should be enabled
enabled: true
# -- Batchsize for sending and receiving chunks from chunks cache
batchSize: 4
# -- Parallel threads for sending and receiving chunks from chunks cache
parallelism: 5
# -- Memcached operation timeout
timeout: 2000ms
# -- Specify how long cached chunks should be stored in the chunks-cache before being expired
defaultValidity: 0s
# -- Total number of chunks-cache replicas
replicas: 1
# -- Port of the chunks-cache service
port: 11211
# -- Amount of memory allocated to chunks-cache for object storage (in MB).
allocatedMemory: 8192
# -- Maximum item memory for chunks-cache (in MB).
maxItemMemory: 5
# -- Maximum number of connections allowed
connectionLimit: 16384
# -- Max memory to use for cache write back
writebackSizeLimit: 500MB
# -- Max number of objects to use for cache write back
writebackBuffer: 500000
# -- Number of parallel threads for cache write back
writebackParallelism: 1
# -- Extra init containers for chunks-cache pods
initContainers: []
# -- Annotations for the chunks-cache pods
annotations: {}
# -- Node selector for chunks-cache pods
nodeSelector: {}
# -- Affinity for chunks-cache pods
affinity: {}
# -- topologySpreadConstraints allows to customize the default topologySpreadConstraints. This can be either a single dict as shown below or a slice of topologySpreadConstraints.
# labelSelector is taken from the constraint itself (if it exists) or is generated by the chart using the same selectors as for services.
topologySpreadConstraints: []
# maxSkew: 1
# topologyKey: kubernetes.io/hostname
# whenUnsatisfiable: ScheduleAnyway
# -- Tolerations for chunks-cache pods
tolerations: []
# -- Pod Disruption Budget
podDisruptionBudget:
maxUnavailable: 1
# -- The name of the PriorityClass for chunks-cache pods
priorityClassName: null
# -- Labels for chunks-cache pods
podLabels: {}
# -- Annotations for chunks-cache pods
podAnnotations: {}
# -- Management policy for chunks-cache pods
podManagementPolicy: Parallel
# -- Grace period to allow the chunks-cache to shutdown before it is killed
terminationGracePeriodSeconds: 60
# -- Stateful chunks-cache strategy
statefulStrategy:
type: RollingUpdate
# -- Add extended options for chunks-cache memcached container. The format is the same as for the memcached -o/--extend flag.
# Example:
# extraExtendedOptions: 'tls,no_hashexpand'
extraExtendedOptions: ""
# -- Additional CLI args for chunks-cache
extraArgs: {}
# -- Additional containers to be added to the chunks-cache pod.
extraContainers: []
# -- Additional volumes to be added to the chunks-cache pod (applies to both memcached and exporter containers).
# Example:
# extraVolumes:
# - name: extra-volume
# secret:
# secretName: extra-volume-secret
extraVolumes: []
# -- Additional volume mounts to be added to the chunks-cache pod (applies to both memcached and exporter containers).
# Example:
# extraVolumeMounts:
# - name: extra-volume
# mountPath: /etc/extra-volume
# readOnly: true
extraVolumeMounts: []
# -- Resource requests and limits for the chunks-cache
# By default a safe memory limit will be requested based on allocatedMemory value (floor (* 1.2 allocatedMemory)).
resources: null
# -- Service annotations and labels
service:
annotations: {}
labels: {}
# -- Persistence settings for the chunks-cache
persistence:
# -- Enable creating PVCs for the chunks-cache
enabled: false
# -- Size of persistent disk, must be in G or Gi
storageSize: 10G
# -- Storage class to be used.
# If defined, storageClassName: <storageClass>.
# If set to "-", storageClassName: "", which disables dynamic provisioning.
# If empty or set to null, no storageClassName spec is
# set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).
storageClass: null
# -- Volume mount path
mountPath: /data
######################################################################################################################
#
# Subchart configurations
#
######################################################################################################################
# -- Setting for the Grafana Rollout Operator https://github.com/grafana/helm-charts/tree/main/charts/rollout-operator
rollout_operator:
enabled: false
# -- podSecurityContext is the pod security context for the rollout operator.
# When installing on OpenShift, override podSecurityContext settings with
#
# rollout_operator:
# podSecurityContext:
# fsGroup: null
# runAsGroup: null
# runAsUser: null
podSecurityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
seccompProfile:
type: RuntimeDefault
# Set the container security context
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop: [ALL]
allowPrivilegeEscalation: false
# -- Configuration for the minio subchart
minio:
enabled: false
replicas: 1
# Minio requires 2 to 16 drives for erasure code (drivesPerNode * replicas)
# https://docs.min.io/docs/minio-erasure-code-quickstart-guide
# Since we only have 1 replica, that means 2 drives must be used.
drivesPerNode: 2
rootUser: enterprise-logs
rootPassword: supersecret
buckets:
- name: chunks
policy: none
purge: false
- name: ruler
policy: none
purge: false
- name: admin
policy: none
purge: false
persistence:
size: 5Gi
annotations: {}
resources:
requests:
cpu: 100m
memory: 128Mi
# Allow the address used by Loki to refer to Minio to be overridden
address: null
# Create extra manifests via values. Would be passed through `tpl` for templating
# objects can also be provided as multiline strings, useful for templating field names
extraObjects: []
# - apiVersion: v1
# kind: ConfigMap
# metadata:
# name: loki-alerting-rules
# data:
# loki-alerting-rules.yaml: |-
# groups:
# - name: example
# rules:
# - alert: example
# expr: |
# sum(count_over_time({app="loki"} |~ "error")) > 0
# for: 3m
# labels:
# severity: warning
# category: logs
# annotations:
# message: "loki has encountered errors"
# - |
# apiVersion: v1
# kind: Secret
# type: Opaque
# metadata:
# name: loki-distributed-basic-auth
# data:
# {{- range .Values.loki.tenants }}
# {{ .name }}: {{ b64enc .password | quote }}
# {{- end }}
sidecar:
image:
# -- The Docker registry and image for the k8s sidecar
repository: kiwigrid/k8s-sidecar
# -- Docker image tag
tag: 1.28.0
# -- Docker image sha. If empty, no sha will be used
sha: ""
# -- Docker image pull policy
pullPolicy: IfNotPresent
# -- Resource requests and limits for the sidecar
resources: {}
# limits:
# cpu: 100m
# memory: 100Mi
# requests:
# cpu: 50m
# memory: 50Mi
# -- The SecurityContext for the sidecar.
securityContext: {}
# -- Set to true to skip tls verification for kube api calls.
skipTlsVerify: false
# -- Ensure that rule files aren't conflicting and being overwritten by prefixing their name with the namespace they are defined in.
enableUniqueFilenames: false
# -- Readiness probe definition. Probe is disabled on the sidecar by default.
readinessProbe: {}
# -- Liveness probe definition. Probe is disabled on the sidecar by default.
livenessProbe: {}
rules:
# -- Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.
enabled: true
# -- Label that the configmaps/secrets with rules will be marked with.
label: loki_rule
# -- Label value that the configmaps/secrets with rules will be set to.
labelValue: ""
# -- Folder into which the rules will be placed.
folder: /rules
# -- Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces.
# Otherwise the namespace in which the sidecar is running will be used.
# It's also possible to specify 'ALL' to search in all namespaces.
searchNamespace: null
# -- Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
watchMethod: WATCH
# -- Search in configmap, secret, or both.
resource: both
# -- Absolute path to the shell script to execute after a configmap or secret has been reloaded.
script: null
# -- WatchServerTimeout: request to the server, asking it to cleanly close the connection after that.
# defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.
watchServerTimeout: 60
#
# -- WatchClientTimeout: is a client-side timeout, configuring your local socket.
# If you have a network outage dropping all packets with no RST/FIN,
# this is how long your client waits before realizing & dropping the connection.
# Defaults to 66sec.
watchClientTimeout: 60
# -- Log level of the sidecar container.
logLevel: INFO
############################################## WARNING ###############################################################
#
# DEPRECATED VALUES
#
# The following values are deprecated and will be removed in a future version of the helm chart!
#
############################################## WARNING ##############################################################
# -- DEPRECATED Monitoring section determines which monitoring features to enable, this section is being replaced
# by https://github.com/grafana/meta-monitoring-chart
monitoring:
# Dashboards for monitoring Loki
dashboards:
# -- If enabled, create configmap with dashboards for monitoring Loki
enabled: false
# -- Alternative namespace to create dashboards ConfigMap in
namespace: null
# -- Additional annotations for the dashboards ConfigMap
annotations: {}
# -- Labels for the dashboards ConfigMap
labels:
grafana_dashboard: "1"
# -- DEPRECATED Recording rules for monitoring Loki, required for some dashboards
rules:
# -- If enabled, create PrometheusRule resource with Loki recording rules
enabled: false
# -- Include alerting rules
alerting: true
# -- Specify which individual alerts should be disabled
# -- Instead of turning off each alert one by one, set the .monitoring.rules.alerting value to false instead.
# -- If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.
disabled: {}
# LokiRequestErrors: true
# LokiRequestPanics: true
# -- Alternative namespace to create PrometheusRule resources in
namespace: null
# -- Additional annotations for the rules PrometheusRule resource
annotations: {}
# -- Additional labels for the rules PrometheusRule resource
labels: {}
# -- Additional labels for PrometheusRule alerts
additionalRuleLabels: {}
# -- Additional groups to add to the rules file
additionalGroups: []
# - name: additional-loki-rules
# rules:
# - record: job:loki_request_duration_seconds_bucket:sum_rate
# expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job)
# - record: job_route:loki_request_duration_seconds_bucket:sum_rate
# expr: sum(rate(loki_request_duration_seconds_bucket[1m])) by (le, job, route)
# - record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_rate
# expr: sum(rate(container_cpu_usage_seconds_total[1m])) by (node, namespace, pod, container)
# -- DEPRECATED ServiceMonitor configuration
serviceMonitor:
# -- If enabled, ServiceMonitor resources for Prometheus Operator are created
enabled: false
# -- Namespace selector for ServiceMonitor resources
namespaceSelector: {}
# -- ServiceMonitor annotations
annotations: {}
# -- Additional ServiceMonitor labels
labels: {}
# -- ServiceMonitor scrape interval
# Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at
# least 1/4 rate interval.
interval: 15s
# -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
scrapeTimeout: null
# -- ServiceMonitor relabel configs to apply to samples before scraping
# https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
relabelings: []
# -- ServiceMonitor metric relabel configs to apply to samples before ingestion
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
metricRelabelings: []
# -- ServiceMonitor will use http by default, but you can pick https as well
scheme: http
# -- ServiceMonitor will use these tlsConfig settings to make the health check requests
tlsConfig: null
# -- If defined, will create a MetricsInstance for the Grafana Agent Operator.
metricsInstance:
# -- If enabled, MetricsInstance resources for Grafana Agent Operator are created
enabled: true
# -- MetricsInstance annotations
annotations: {}
# -- Additional MetricsInstance labels
labels: {}
# -- If defined a MetricsInstance will be created to remote write metrics.
remoteWrite: null
# -- DEPRECATED Self monitoring determines whether Loki should scrape its own logs.
# This feature currently relies on the Grafana Agent Operator being installed,
# which is installed by default using the grafana-agent-operator sub-chart.
# It will create custom resources for GrafanaAgent, LogsInstance, and PodLogs to configure
# scrape configs to scrape its own logs with the labels expected by the included dashboards.
selfMonitoring:
enabled: false
# -- Tenant to use for self monitoring
tenant:
# -- Name of the tenant
name: "self-monitoring"
# -- Password of the gateway for Basic auth
password: null
# -- Namespace to create additional tenant token secret in. Useful if your Grafana instance
# is in a separate namespace. Token will still be created in the canary namespace.
secretNamespace: "{{ .Release.Namespace }}"
# -- DEPRECATED Grafana Agent configuration
grafanaAgent:
# -- DEPRECATED Controls whether to install the Grafana Agent Operator and its CRDs.
# Note that helm will not install CRDs if this flag is enabled during an upgrade.
# In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
installOperator: false
# -- Grafana Agent annotations
annotations: {}
# -- Additional Grafana Agent labels
labels: {}
# -- Enable the config read api on port 8080 of the agent
enableConfigReadAPI: false
# -- The name of the PriorityClass for GrafanaAgent pods
priorityClassName: null
# -- Resource requests and limits for the grafanaAgent pods
resources: {}
# limits:
# memory: 200Mi
# requests:
# cpu: 50m
# memory: 100Mi
# -- Tolerations for GrafanaAgent pods
tolerations: []
# PodLogs configuration
podLogs:
# -- PodLogs version
apiVersion: monitoring.grafana.com/v1alpha1
# -- PodLogs annotations
annotations: {}
# -- Additional PodLogs labels
labels: {}
# -- PodLogs relabel configs to apply to samples before scraping
# https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
relabelings: []
# -- Additional pipeline stages to process logs after scraping
# https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca
additionalPipelineStages: []
# LogsInstance configuration
logsInstance:
# -- LogsInstance annotations
annotations: {}
# -- Additional LogsInstance labels
labels: {}
# -- Additional clients for remote write
clients: null
# -- DEPRECATED Configuration for the table-manager. The table-manager is only necessary when using a deprecated
# index type such as Cassandra, Bigtable, or DynamoDB, it has not been necessary since loki introduced self-
# contained index types like 'boltdb-shipper' and 'tsdb'. This will be removed in a future helm chart.
tableManager:
# -- Specifies whether the table-manager should be enabled
enabled: false
image:
# -- The Docker registry for the table-manager image. Overrides `loki.image.registry`
registry: null
# -- Docker image repository for the table-manager image. Overrides `loki.image.repository`
repository: null
# -- Docker image tag for the table-manager image. Overrides `loki.image.tag`
tag: null
# -- Command to execute instead of defined in Docker image
command: null
# -- The name of the PriorityClass for table-manager pods
priorityClassName: null
# -- Labels for table-manager pods
podLabels: {}
# -- Annotations for table-manager deployment
annotations: {}
# -- Annotations for table-manager pods
podAnnotations: {}
service:
# -- Annotations for table-manager Service
annotations: {}
# -- Additional labels for table-manager Service
labels: {}
# -- Additional CLI args for the table-manager
extraArgs: []
# -- Environment variables to add to the table-manager pods
extraEnv: []
# -- Environment variables from secrets or configmaps to add to the table-manager pods
extraEnvFrom: []
# -- Volume mounts to add to the table-manager pods
extraVolumeMounts: []
# -- Volumes to add to the table-manager pods
extraVolumes: []
# -- Resource requests and limits for the table-manager
resources: {}
# -- Containers to add to the table-manager pods
extraContainers: []
# -- Grace period to allow the table-manager to shutdown before it is killed
terminationGracePeriodSeconds: 30
# -- Affinity for table-manager pods.
# @default -- Hard node and anti-affinity
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: table-manager
topologyKey: kubernetes.io/hostname
# -- DNS config table-manager pods
dnsConfig: {}
# -- Node selector for table-manager pods
nodeSelector: {}
# -- Tolerations for table-manager pods
tolerations: []
# -- Enable deletes by retention
retention_deletes_enabled: false
# -- Set retention period
retention_period: 0