{{- $isSingleBinary := eq (include "loki.deployment.isSingleBinary" .) "true" -}} {{- if $isSingleBinary }} --- apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "loki.singleBinaryFullname" . }} namespace: {{ $.Release.Namespace }} labels: {{- include "loki.singleBinaryLabels" . | nindent 4 }} app.kubernetes.io/part-of: memberlist {{- if or (not (empty .Values.loki.annotations)) (not (empty .Values.singleBinary.annotations))}} annotations: {{- with .Values.loki.annotations }} {{- toYaml . | nindent 4 }} {{- end }} {{- with .Values.singleBinary.annotations }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} spec: replicas: {{ include "loki.singleBinaryReplicas" . }} podManagementPolicy: Parallel updateStrategy: rollingUpdate: partition: 0 serviceName: {{ include "loki.singleBinaryFullname" . }}-headless revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }} {{- if and (semverCompare ">= 1.23-0" (include "loki.kubeVersion" .)) (.Values.singleBinary.persistence.enableStatefulSetAutoDeletePVC) (.Values.singleBinary.persistence.enabled) }} {{/* Data on the singleBinary nodes is easy to replace, so we want to always delete PVCs to make operation easier, and will rely on re-fetching data when needed. */}} persistentVolumeClaimRetentionPolicy: whenDeleted: Delete whenScaled: Delete {{- end }} selector: matchLabels: {{- include "loki.singleBinarySelectorLabels" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include "loki.configMapOrSecretContentHash" (dict "ctx" . "name" "/config.yaml") }} {{- with .Values.loki.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "loki.singleBinarySelectorLabels" . | nindent 8 }} {{- with .Values.loki.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.selectorLabels }} {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} app.kubernetes.io/part-of: memberlist spec: serviceAccountName: {{ include "loki.serviceAccountName" . }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} {{ include "loki.enableServiceLinks" . }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} {{- include "loki.singleBinaryPriorityClassName" . | nindent 6 }} securityContext: {{- toYaml .Values.loki.podSecurityContext | nindent 8 }} terminationGracePeriodSeconds: {{ .Values.singleBinary.terminationGracePeriodSeconds }} {{- if .Values.singleBinary.initContainers }} initContainers: {{- with .Values.singleBinary.initContainers }} {{- toYaml . | nindent 8 }} {{- end }} {{- end }} containers: {{- if .Values.sidecar.rules.enabled }} - name: loki-sc-rules {{- if .Values.sidecar.image.sha }} image: "{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" {{- else }} image: "{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" {{- end }} imagePullPolicy: {{ .Values.sidecar.image.pullPolicy }} env: - name: METHOD value: {{ .Values.sidecar.rules.watchMethod }} - name: LABEL value: "{{ .Values.sidecar.rules.label }}" {{- if .Values.sidecar.rules.labelValue }} - name: LABEL_VALUE value: {{ quote .Values.sidecar.rules.labelValue }} {{- end }} - name: FOLDER value: "{{ .Values.sidecar.rules.folder }}" - name: RESOURCE value: {{ quote .Values.sidecar.rules.resource }} {{- if .Values.sidecar.enableUniqueFilenames }} - name: UNIQUE_FILENAMES value: "{{ .Values.sidecar.enableUniqueFilenames }}" {{- end }} {{- if .Values.sidecar.rules.searchNamespace }} - name: NAMESPACE value: "{{ .Values.sidecar.rules.searchNamespace | join "," }}" {{- end }} {{- if .Values.sidecar.skipTlsVerify }} - name: SKIP_TLS_VERIFY value: "{{ .Values.sidecar.skipTlsVerify }}" {{- end }} {{- if .Values.sidecar.rules.script }} - name: SCRIPT value: "{{ .Values.sidecar.rules.script }}" {{- end }} {{- if .Values.sidecar.rules.watchServerTimeout }} - name: WATCH_SERVER_TIMEOUT value: "{{ .Values.sidecar.rules.watchServerTimeout }}" {{- end }} {{- if .Values.sidecar.rules.watchClientTimeout }} - name: WATCH_CLIENT_TIMEOUT value: "{{ .Values.sidecar.rules.watchClientTimeout }}" {{- end }} {{- if .Values.sidecar.rules.logLevel }} - name: LOG_LEVEL value: "{{ .Values.sidecar.rules.logLevel }}" {{- end }} {{- if .Values.sidecar.livenessProbe }} livenessProbe: {{- toYaml .Values.sidecar.livenessProbe | nindent 12 }} {{- end }} {{- if .Values.sidecar.readinessProbe }} readinessProbe: {{- toYaml .Values.sidecar.readinessProbe | nindent 12 }} {{- end }} {{- if .Values.sidecar.resources }} resources: {{- toYaml .Values.sidecar.resources | nindent 12 }} {{- end }} {{- if .Values.sidecar.securityContext }} securityContext: {{- toYaml .Values.sidecar.securityContext | nindent 12 }} {{- end }} volumeMounts: - name: sc-rules-volume mountPath: {{ .Values.sidecar.rules.folder | quote }} {{- end}} - name: loki image: {{ include "loki.image" . }} imagePullPolicy: {{ .Values.loki.image.pullPolicy }} args: - -config.file=/etc/loki/config/config.yaml - -target={{ .Values.singleBinary.targetModule }} {{- with .Values.singleBinary.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} ports: - name: http-metrics containerPort: {{ .Values.loki.server.http_listen_port }} protocol: TCP - name: grpc containerPort: {{ .Values.loki.server.grpc_listen_port }} protocol: TCP - name: http-memberlist containerPort: 7946 protocol: TCP {{- with .Values.singleBinary.extraEnv }} env: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.singleBinary.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} {{- end }} securityContext: {{- toYaml .Values.loki.containerSecurityContext | nindent 12 }} readinessProbe: {{- toYaml .Values.loki.readinessProbe | nindent 12 }} volumeMounts: - name: tmp mountPath: /tmp - name: config mountPath: /etc/loki/config - name: runtime-config mountPath: /etc/loki/runtime-config {{- if .Values.singleBinary.persistence.enabled }} - name: storage mountPath: /var/loki {{- end }} {{- if .Values.enterprise.enabled }} - name: license mountPath: /etc/loki/license {{- end }} {{- if .Values.sidecar.rules.enabled }} - name: sc-rules-volume mountPath: {{ .Values.sidecar.rules.folder | quote }} {{- end}} {{- with .Values.singleBinary.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.singleBinary.resources | nindent 12 }} {{- with .Values.singleBinary.extraContainers }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.dnsConfig }} dnsConfig: {{- tpl . $ | nindent 8 }} {{- end }} {{- with .Values.singleBinary.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.singleBinary.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: tmp emptyDir: {} - name: config {{- include "loki.configVolume" . | nindent 10 }} - name: runtime-config configMap: name: {{ template "loki.name" . }}-runtime {{- if .Values.enterprise.enabled }} - name: license secret: {{- if .Values.enterprise.useExternalLicense }} secretName: {{ .Values.enterprise.externalLicenseName }} {{- else }} secretName: enterprise-logs-license {{- end }} {{- end }} {{- if .Values.sidecar.rules.enabled }} - name: sc-rules-volume {{- if .Values.sidecar.rules.sizeLimit }} emptyDir: sizeLimit: {{ .Values.sidecar.rules.sizeLimit }} {{- else }} emptyDir: {} {{- end -}} {{- end -}} {{- with .Values.singleBinary.extraVolumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.singleBinary.persistence.enabled }} volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: storage {{- with .Values.singleBinary.persistence.annotations }} annotations: {{- toYaml . | nindent 10 }} {{- end }} spec: accessModes: - ReadWriteOnce {{- with .Values.singleBinary.persistence.storageClass }} storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }} {{- end }} resources: requests: storage: {{ .Values.singleBinary.persistence.size | quote }} {{- with .Values.singleBinary.persistence.selector }} selector: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} {{- end }}