From 4062bf40c84f04c5abc7476facf8df89ce9a843e Mon Sep 17 00:00:00 2001 From: YuleZ Date: Fri, 1 Sep 2023 15:29:49 +0200 Subject: [PATCH 1/5] add secret for loki config Signed-off-by: YuleZ --- .../loki-distributed/templates/config-secret.yaml | 13 +++++++++++++ charts/loki-distributed/values.yaml | 2 ++ 2 files changed, 15 insertions(+) create mode 100644 charts/loki-distributed/templates/config-secret.yaml diff --git a/charts/loki-distributed/templates/config-secret.yaml b/charts/loki-distributed/templates/config-secret.yaml new file mode 100644 index 0000000000..07f35f2680 --- /dev/null +++ b/charts/loki-distributed/templates/config-secret.yaml @@ -0,0 +1,13 @@ +{{- if and (.Values.loki.configAsSecret) (not .Values.loki.existingSecretForConfig) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "loki.fullname" . }}-config + namespace: {{ .Release.Namespace }} + labels: + {{- include "loki.labels" . | nindent 4 }} + foo: bar +stringData: + config.yaml: | + {{- tpl (mergeOverwrite (tpl .Values.loki.config . | fromYaml) .Values.loki.structuredConfig | toYaml) . | nindent 4 }} +{{- end -}} diff --git a/charts/loki-distributed/values.yaml b/charts/loki-distributed/values.yaml index a10724d430..fb7d2875b2 100644 --- a/charts/loki-distributed/values.yaml +++ b/charts/loki-distributed/values.yaml @@ -70,6 +70,8 @@ loki: allowPrivilegeEscalation: false # -- Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config` existingSecretForConfig: "" + # -- Store the loki configuration as a secret. + configAsSecret: false # -- Adds the appProtocol field to the memberlist service. This allows memberlist to work with istio protocol selection. Ex: "http" or "tcp" appProtocol: "" # -- Common annotations for all loki services From 4f2f9fcfb85ab745888c74ca337ffb7c8f3b9bf6 Mon Sep 17 00:00:00 2001 From: YuleZ Date: Fri, 1 Sep 2023 15:30:28 +0200 Subject: [PATCH 2/5] use config-secret if "configAsSecret" is true Signed-off-by: YuleZ --- .../templates/compactor/deployment-compactor.yaml | 3 +++ charts/loki-distributed/templates/configmap.yaml | 2 +- .../templates/distributor/deployment-distributor.yaml | 3 +++ .../templates/index-gateway/statefulset-index-gateway.yaml | 3 +++ .../templates/ingester/deployment-ingester.yaml | 3 +++ .../templates/ingester/statefulset-ingester.yaml | 3 +++ .../loki-distributed/templates/querier/deployment-querier.yaml | 3 +++ .../templates/querier/statefulset-querier.yaml | 3 +++ .../templates/query-frontend/deployment-query-frontend.yaml | 3 +++ .../templates/query-scheduler/deployment-query-scheduler.yaml | 3 +++ charts/loki-distributed/templates/ruler/deployment-ruler.yaml | 3 +++ charts/loki-distributed/templates/ruler/statefulset-ruler.yaml | 3 +++ .../templates/table-manager/deployment-table-manager.yaml | 3 +++ 13 files changed, 37 insertions(+), 1 deletion(-) diff --git a/charts/loki-distributed/templates/compactor/deployment-compactor.yaml b/charts/loki-distributed/templates/compactor/deployment-compactor.yaml index c09c93bd8d..85c20616bf 100644 --- a/charts/loki-distributed/templates/compactor/deployment-compactor.yaml +++ b/charts/loki-distributed/templates/compactor/deployment-compactor.yaml @@ -123,6 +123,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/configmap.yaml b/charts/loki-distributed/templates/configmap.yaml index 950a5f17a1..db068b5d70 100644 --- a/charts/loki-distributed/templates/configmap.yaml +++ b/charts/loki-distributed/templates/configmap.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.loki.existingSecretForConfig -}} +{{- if and (not .Values.loki.existingSecretForConfig) (not .Values.loki.configAsSecret) -}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/loki-distributed/templates/distributor/deployment-distributor.yaml b/charts/loki-distributed/templates/distributor/deployment-distributor.yaml index 10265184f8..02994e875b 100644 --- a/charts/loki-distributed/templates/distributor/deployment-distributor.yaml +++ b/charts/loki-distributed/templates/distributor/deployment-distributor.yaml @@ -119,6 +119,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/index-gateway/statefulset-index-gateway.yaml b/charts/loki-distributed/templates/index-gateway/statefulset-index-gateway.yaml index 484b6de1b8..56c02a80d8 100644 --- a/charts/loki-distributed/templates/index-gateway/statefulset-index-gateway.yaml +++ b/charts/loki-distributed/templates/index-gateway/statefulset-index-gateway.yaml @@ -114,6 +114,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/ingester/deployment-ingester.yaml b/charts/loki-distributed/templates/ingester/deployment-ingester.yaml index b5a1a82c7f..b9a5f54311 100644 --- a/charts/loki-distributed/templates/ingester/deployment-ingester.yaml +++ b/charts/loki-distributed/templates/ingester/deployment-ingester.yaml @@ -118,6 +118,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/ingester/statefulset-ingester.yaml b/charts/loki-distributed/templates/ingester/statefulset-ingester.yaml index 8b0722c6c2..5fa0a13c30 100644 --- a/charts/loki-distributed/templates/ingester/statefulset-ingester.yaml +++ b/charts/loki-distributed/templates/ingester/statefulset-ingester.yaml @@ -133,6 +133,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/querier/deployment-querier.yaml b/charts/loki-distributed/templates/querier/deployment-querier.yaml index bb00b9801a..1004456977 100644 --- a/charts/loki-distributed/templates/querier/deployment-querier.yaml +++ b/charts/loki-distributed/templates/querier/deployment-querier.yaml @@ -132,6 +132,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/querier/statefulset-querier.yaml b/charts/loki-distributed/templates/querier/statefulset-querier.yaml index 35d09a90f4..0aece82900 100644 --- a/charts/loki-distributed/templates/querier/statefulset-querier.yaml +++ b/charts/loki-distributed/templates/querier/statefulset-querier.yaml @@ -135,6 +135,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/query-frontend/deployment-query-frontend.yaml b/charts/loki-distributed/templates/query-frontend/deployment-query-frontend.yaml index f8a467f912..5e7ce41532 100644 --- a/charts/loki-distributed/templates/query-frontend/deployment-query-frontend.yaml +++ b/charts/loki-distributed/templates/query-frontend/deployment-query-frontend.yaml @@ -114,6 +114,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/query-scheduler/deployment-query-scheduler.yaml b/charts/loki-distributed/templates/query-scheduler/deployment-query-scheduler.yaml index 15d54220d4..5e82e50df6 100644 --- a/charts/loki-distributed/templates/query-scheduler/deployment-query-scheduler.yaml +++ b/charts/loki-distributed/templates/query-scheduler/deployment-query-scheduler.yaml @@ -111,6 +111,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/ruler/deployment-ruler.yaml b/charts/loki-distributed/templates/ruler/deployment-ruler.yaml index 2e390b3143..c0d9ebdcfa 100644 --- a/charts/loki-distributed/templates/ruler/deployment-ruler.yaml +++ b/charts/loki-distributed/templates/ruler/deployment-ruler.yaml @@ -133,6 +133,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/ruler/statefulset-ruler.yaml b/charts/loki-distributed/templates/ruler/statefulset-ruler.yaml index 82432a6be7..c543539a3a 100644 --- a/charts/loki-distributed/templates/ruler/statefulset-ruler.yaml +++ b/charts/loki-distributed/templates/ruler/statefulset-ruler.yaml @@ -126,6 +126,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} diff --git a/charts/loki-distributed/templates/table-manager/deployment-table-manager.yaml b/charts/loki-distributed/templates/table-manager/deployment-table-manager.yaml index 81ed81ed40..2d430f0b6b 100644 --- a/charts/loki-distributed/templates/table-manager/deployment-table-manager.yaml +++ b/charts/loki-distributed/templates/table-manager/deployment-table-manager.yaml @@ -110,6 +110,9 @@ spec: {{- if .Values.loki.existingSecretForConfig }} secret: secretName: {{ .Values.loki.existingSecretForConfig }} + {{- else if .Values.loki.configAsSecret }} + secret: + secretName: {{ include "loki.fullname" . }}-config {{- else }} configMap: name: {{ include "loki.fullname" . }} From ee271b81ca128c30cde9dd7a7c371dea0f149256 Mon Sep 17 00:00:00 2001 From: YuleZ Date: Fri, 1 Sep 2023 15:30:35 +0200 Subject: [PATCH 3/5] bump version Signed-off-by: YuleZ --- charts/loki-distributed/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/loki-distributed/Chart.yaml b/charts/loki-distributed/Chart.yaml index f94948bc0b..495b5d5112 100644 --- a/charts/loki-distributed/Chart.yaml +++ b/charts/loki-distributed/Chart.yaml @@ -3,7 +3,7 @@ name: loki-distributed description: Helm chart for Grafana Loki in microservices mode type: application appVersion: 2.8.3 -version: 0.70.5 +version: 0.71.0 home: https://grafana.github.io/helm-charts sources: - https://github.com/grafana/loki From 9293468870e4c199ada8c7ed78cf07cf138776ef Mon Sep 17 00:00:00 2001 From: YuleZ Date: Fri, 1 Sep 2023 15:30:40 +0200 Subject: [PATCH 4/5] regenerate docs Signed-off-by: YuleZ --- charts/loki-distributed/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/loki-distributed/README.md b/charts/loki-distributed/README.md index 87ee4d539c..fbfcb297e7 100644 --- a/charts/loki-distributed/README.md +++ b/charts/loki-distributed/README.md @@ -1,6 +1,6 @@ # loki-distributed -![Version: 0.70.5](https://img.shields.io/badge/Version-0.70.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.8.3](https://img.shields.io/badge/AppVersion-2.8.3-informational?style=flat-square) +![Version: 0.71.0](https://img.shields.io/badge/Version-0.71.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.8.3](https://img.shields.io/badge/AppVersion-2.8.3-informational?style=flat-square) Helm chart for Grafana Loki in microservices mode @@ -291,6 +291,7 @@ kubectl delete statefulset RELEASE_NAME-loki-distributed-querier -n LOKI_NAMESPA | loki.appProtocol | string | `""` | Adds the appProtocol field to the memberlist service. This allows memberlist to work with istio protocol selection. Ex: "http" or "tcp" | | loki.command | string | `nil` | Common command override for all pods (except gateway) | | loki.config | string | See values.yaml | Config file contents for Loki | +| loki.configAsSecret | bool | `false` | Store the loki configuration as a secret. | | loki.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}` | The SecurityContext for Loki containers | | loki.existingSecretForConfig | string | `""` | Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config` | | loki.image.pullPolicy | string | `"IfNotPresent"` | Docker image pull policy | From d7dec4b1126947179fc8e26ef72abe61b28c09da Mon Sep 17 00:00:00 2001 From: MH Date: Sat, 9 Sep 2023 20:09:52 +0800 Subject: [PATCH 5/5] Update README.md Signed-off-by: MH --- charts/loki-distributed/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/loki-distributed/README.md b/charts/loki-distributed/README.md index 82052f7870..cc045bd372 100644 --- a/charts/loki-distributed/README.md +++ b/charts/loki-distributed/README.md @@ -1,6 +1,6 @@ # loki-distributed -![Version: 0.74.0](https://img.shields.io/badge/Version-0.73.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.9.0](https://img.shields.io/badge/AppVersion-2.9.0-informational?style=flat-square) +![Version: 0.74.0](https://img.shields.io/badge/Version-0.74.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.9.0](https://img.shields.io/badge/AppVersion-2.9.0-informational?style=flat-square) Helm chart for Grafana Loki in microservices mode