279 lines
10 KiB
YAML
279 lines
10 KiB
YAML
{{- $isSingleBinary := eq (include "loki.deployment.isSingleBinary" .) "true" -}}
|
|
{{- if $isSingleBinary }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: {{ include "loki.singleBinaryFullname" . }}
|
|
namespace: {{ $.Release.Namespace }}
|
|
labels:
|
|
{{- include "loki.singleBinaryLabels" . | nindent 4 }}
|
|
app.kubernetes.io/part-of: memberlist
|
|
{{- if or (not (empty .Values.loki.annotations)) (not (empty .Values.singleBinary.annotations))}}
|
|
annotations:
|
|
{{- with .Values.loki.annotations }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.annotations }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ include "loki.singleBinaryReplicas" . }}
|
|
podManagementPolicy: Parallel
|
|
updateStrategy:
|
|
rollingUpdate:
|
|
partition: 0
|
|
serviceName: {{ include "loki.singleBinaryFullname" . }}-headless
|
|
revisionHistoryLimit: {{ .Values.loki.revisionHistoryLimit }}
|
|
{{- if and (semverCompare ">= 1.23-0" (include "loki.kubeVersion" .)) (.Values.singleBinary.persistence.enableStatefulSetAutoDeletePVC) (.Values.singleBinary.persistence.enabled) }}
|
|
{{/*
|
|
Data on the singleBinary nodes is easy to replace, so we want to always delete PVCs to make
|
|
operation easier, and will rely on re-fetching data when needed.
|
|
*/}}
|
|
persistentVolumeClaimRetentionPolicy:
|
|
whenDeleted: Delete
|
|
whenScaled: Delete
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "loki.singleBinarySelectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/config: {{ include "loki.configMapOrSecretContentHash" (dict "ctx" . "name" "/config.yaml") }}
|
|
{{- with .Values.loki.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "loki.singleBinarySelectorLabels" . | nindent 8 }}
|
|
{{- with .Values.loki.podLabels }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.podLabels }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.selectorLabels }}
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
app.kubernetes.io/part-of: memberlist
|
|
spec:
|
|
serviceAccountName: {{ include "loki.serviceAccountName" . }}
|
|
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
|
|
{{ include "loki.enableServiceLinks" . }}
|
|
{{- with .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- include "loki.singleBinaryPriorityClassName" . | nindent 6 }}
|
|
securityContext:
|
|
{{- toYaml .Values.loki.podSecurityContext | nindent 8 }}
|
|
terminationGracePeriodSeconds: {{ .Values.singleBinary.terminationGracePeriodSeconds }}
|
|
{{- if .Values.singleBinary.initContainers }}
|
|
initContainers:
|
|
{{- with .Values.singleBinary.initContainers }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
containers:
|
|
{{- if .Values.sidecar.rules.enabled }}
|
|
- name: loki-sc-rules
|
|
{{- if .Values.sidecar.image.sha }}
|
|
image: "{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
|
|
{{- else }}
|
|
image: "{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
|
|
{{- end }}
|
|
imagePullPolicy: {{ .Values.sidecar.image.pullPolicy }}
|
|
env:
|
|
- name: METHOD
|
|
value: {{ .Values.sidecar.rules.watchMethod }}
|
|
- name: LABEL
|
|
value: "{{ .Values.sidecar.rules.label }}"
|
|
{{- if .Values.sidecar.rules.labelValue }}
|
|
- name: LABEL_VALUE
|
|
value: {{ quote .Values.sidecar.rules.labelValue }}
|
|
{{- end }}
|
|
- name: FOLDER
|
|
value: "{{ .Values.sidecar.rules.folder }}"
|
|
- name: RESOURCE
|
|
value: {{ quote .Values.sidecar.rules.resource }}
|
|
{{- if .Values.sidecar.enableUniqueFilenames }}
|
|
- name: UNIQUE_FILENAMES
|
|
value: "{{ .Values.sidecar.enableUniqueFilenames }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.searchNamespace }}
|
|
- name: NAMESPACE
|
|
value: "{{ .Values.sidecar.rules.searchNamespace | join "," }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.skipTlsVerify }}
|
|
- name: SKIP_TLS_VERIFY
|
|
value: "{{ .Values.sidecar.skipTlsVerify }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.script }}
|
|
- name: SCRIPT
|
|
value: "{{ .Values.sidecar.rules.script }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.watchServerTimeout }}
|
|
- name: WATCH_SERVER_TIMEOUT
|
|
value: "{{ .Values.sidecar.rules.watchServerTimeout }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.watchClientTimeout }}
|
|
- name: WATCH_CLIENT_TIMEOUT
|
|
value: "{{ .Values.sidecar.rules.watchClientTimeout }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.logLevel }}
|
|
- name: LOG_LEVEL
|
|
value: "{{ .Values.sidecar.rules.logLevel }}"
|
|
{{- end }}
|
|
{{- if .Values.sidecar.livenessProbe }}
|
|
livenessProbe:
|
|
{{- toYaml .Values.sidecar.livenessProbe | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.sidecar.readinessProbe }}
|
|
readinessProbe:
|
|
{{- toYaml .Values.sidecar.readinessProbe | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.sidecar.resources }}
|
|
resources:
|
|
{{- toYaml .Values.sidecar.resources | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.sidecar.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.sidecar.securityContext | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: sc-rules-volume
|
|
mountPath: {{ .Values.sidecar.rules.folder | quote }}
|
|
{{- end}}
|
|
- name: loki
|
|
image: {{ include "loki.image" . }}
|
|
imagePullPolicy: {{ .Values.loki.image.pullPolicy }}
|
|
args:
|
|
- -config.file=/etc/loki/config/config.yaml
|
|
- -target={{ .Values.singleBinary.targetModule }}
|
|
{{- with .Values.singleBinary.extraArgs }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: http-metrics
|
|
containerPort: {{ .Values.loki.server.http_listen_port }}
|
|
protocol: TCP
|
|
- name: grpc
|
|
containerPort: {{ .Values.loki.server.grpc_listen_port }}
|
|
protocol: TCP
|
|
- name: http-memberlist
|
|
containerPort: 7946
|
|
protocol: TCP
|
|
{{- with .Values.singleBinary.extraEnv }}
|
|
env:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.extraEnvFrom }}
|
|
envFrom:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
securityContext:
|
|
{{- toYaml .Values.loki.containerSecurityContext | nindent 12 }}
|
|
readinessProbe:
|
|
{{- toYaml .Values.loki.readinessProbe | nindent 12 }}
|
|
volumeMounts:
|
|
- name: tmp
|
|
mountPath: /tmp
|
|
- name: config
|
|
mountPath: /etc/loki/config
|
|
- name: runtime-config
|
|
mountPath: /etc/loki/runtime-config
|
|
{{- if .Values.singleBinary.persistence.enabled }}
|
|
- name: storage
|
|
mountPath: /var/loki
|
|
{{- end }}
|
|
{{- if .Values.enterprise.enabled }}
|
|
- name: license
|
|
mountPath: /etc/loki/license
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.enabled }}
|
|
- name: sc-rules-volume
|
|
mountPath: {{ .Values.sidecar.rules.folder | quote }}
|
|
{{- end}}
|
|
{{- with .Values.singleBinary.extraVolumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml .Values.singleBinary.resources | nindent 12 }}
|
|
{{- with .Values.singleBinary.extraContainers }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.dnsConfig }}
|
|
dnsConfig:
|
|
{{- tpl . $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.singleBinary.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: tmp
|
|
emptyDir: {}
|
|
- name: config
|
|
{{- include "loki.configVolume" . | nindent 10 }}
|
|
- name: runtime-config
|
|
configMap:
|
|
name: {{ template "loki.name" . }}-runtime
|
|
{{- if .Values.enterprise.enabled }}
|
|
- name: license
|
|
secret:
|
|
{{- if .Values.enterprise.useExternalLicense }}
|
|
secretName: {{ .Values.enterprise.externalLicenseName }}
|
|
{{- else }}
|
|
secretName: enterprise-logs-license
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.sidecar.rules.enabled }}
|
|
- name: sc-rules-volume
|
|
{{- if .Values.sidecar.rules.sizeLimit }}
|
|
emptyDir:
|
|
sizeLimit: {{ .Values.sidecar.rules.sizeLimit }}
|
|
{{- else }}
|
|
emptyDir: {}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
{{- with .Values.singleBinary.extraVolumes }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.singleBinary.persistence.enabled }}
|
|
volumeClaimTemplates:
|
|
- apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: storage
|
|
{{- with .Values.singleBinary.persistence.annotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 10 }}
|
|
{{- end }}
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
{{- with .Values.singleBinary.persistence.storageClass }}
|
|
storageClassName: {{ if (eq "-" .) }}""{{ else }}{{ . }}{{ end }}
|
|
{{- end }}
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.singleBinary.persistence.size | quote }}
|
|
{{- with .Values.singleBinary.persistence.selector }}
|
|
selector:
|
|
{{- toYaml . | nindent 10 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|