diff --git a/production/helm/loki/templates/loki-canary/_pod.tpl b/production/helm/loki/templates/loki-canary/_pod.tpl new file mode 100644 index 0000000000000..5716e53987947 --- /dev/null +++ b/production/helm/loki/templates/loki-canary/_pod.tpl @@ -0,0 +1,107 @@ +{{/* +Pod template used in Daemonset and Deployment +*/}} +{{- define "canary.podTemplate" -}} +metadata: + {{- with $.Values.lokiCanary.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "loki-canary.selectorLabels" $ | nindent 4 }} + {{- with $.Values.lokiCanary.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} +spec: + serviceAccountName: {{ include "loki-canary.fullname" $ }} + {{- with $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- include "loki-canary.priorityClassName" $ | nindent 2 }} + securityContext: + {{- toYaml $.Values.loki.podSecurityContext | nindent 4 }} + containers: + - name: loki-canary + image: {{ include "loki-canary.image" $ }} + imagePullPolicy: {{ $.Values.loki.image.pullPolicy }} + args: + - -addr={{- include "loki.host" $ }} + - -labelname={{ $.Values.lokiCanary.labelname }} + - -labelvalue=$(POD_NAME) + {{- if $.Values.enterprise.enabled }} + - -user=$(USER) + - -tenant-id=$(USER) + - -pass=$(PASS) + {{- else if $.Values.loki.auth_enabled }} + - -user={{ $.Values.monitoring.selfMonitoring.tenant.name }} + - -tenant-id={{ $.Values.monitoring.selfMonitoring.tenant.name }} + - -pass={{ $.Values.monitoring.selfMonitoring.tenant.password }} + {{- end }} + {{- if $.Values.lokiCanary.push }} + - -push=true + {{- end }} + {{- with $.Values.lokiCanary.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml $.Values.loki.containerSecurityContext | nindent 8 }} + volumeMounts: + {{- with $.Values.lokiCanary.extraVolumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + ports: + - name: http-metrics + containerPort: 3500 + protocol: TCP + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + {{ if $.Values.enterprise.enabled }} + - name: USER + valueFrom: + secretKeyRef: + name: {{ include "enterprise-logs.selfMonitoringTenantSecret" $ }} + key: username + - name: PASS + valueFrom: + secretKeyRef: + name: {{ include "enterprise-logs.selfMonitoringTenantSecret" $ }} + key: password + {{- end -}} + {{- with $.Values.lokiCanary.extraEnv }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $.Values.lokiCanary.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 8 }} + {{- end }} + readinessProbe: + httpGet: + path: /metrics + port: http-metrics + initialDelaySeconds: 15 + timeoutSeconds: 1 + {{- with $.Values.lokiCanary.resources}} + resources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $.Values.lokiCanary.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $.Values.lokiCanary.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $.Values.lokiCanary.tolerations }} + tolerations: + {{- toYaml . | nindent 4 }} + {{- end }} + volumes: + {{- with $.Values.lokiCanary.extraVolumes }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/production/helm/loki/templates/loki-canary/daemonset.yaml b/production/helm/loki/templates/loki-canary/daemonset.yaml index dc5c6296891c7..85ae989040450 100644 --- a/production/helm/loki/templates/loki-canary/daemonset.yaml +++ b/production/helm/loki/templates/loki-canary/daemonset.yaml @@ -1,5 +1,5 @@ {{- with .Values.lokiCanary -}} -{{- if .enabled -}} +{{- if and .enabled (eq .mode "daemonset") -}} --- apiVersion: apps/v1 kind: DaemonSet @@ -17,107 +17,6 @@ spec: {{- toYaml . | nindent 4 }} {{- end }} template: - metadata: - {{- with .annotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "loki-canary.selectorLabels" $ | nindent 8 }} - {{- with .podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ include "loki-canary.fullname" $ }} - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- include "loki-canary.priorityClassName" $ | nindent 6 }} - securityContext: - {{- toYaml $.Values.loki.podSecurityContext | nindent 8 }} - containers: - - name: loki-canary - image: {{ include "loki-canary.image" $ }} - imagePullPolicy: {{ $.Values.loki.image.pullPolicy }} - args: - - -addr={{- include "loki.host" $ }} - - -labelname={{ .labelname }} - - -labelvalue=$(POD_NAME) - {{- if $.Values.enterprise.enabled }} - - -user=$(USER) - - -tenant-id=$(USER) - - -pass=$(PASS) - {{- else if $.Values.loki.auth_enabled }} - - -user={{ $.Values.monitoring.selfMonitoring.tenant.name }} - - -tenant-id={{ $.Values.monitoring.selfMonitoring.tenant.name }} - - -pass={{ $.Values.monitoring.selfMonitoring.tenant.password }} - {{- end }} - {{- if .push }} - - -push=true - {{- end }} - {{- with .extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - securityContext: - {{- toYaml $.Values.loki.containerSecurityContext | nindent 12 }} - volumeMounts: - {{- with $.Values.lokiCanary.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http-metrics - containerPort: 3500 - protocol: TCP - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - {{ if $.Values.enterprise.enabled }} - - name: USER - valueFrom: - secretKeyRef: - name: {{ include "enterprise-logs.selfMonitoringTenantSecret" $ }} - key: username - - name: PASS - valueFrom: - secretKeyRef: - name: {{ include "enterprise-logs.selfMonitoringTenantSecret" $ }} - key: password - {{- end -}} - {{- with .extraEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .extraEnvFrom }} - envFrom: - {{- toYaml . | nindent 12 }} - {{- end }} - readinessProbe: - httpGet: - path: /metrics - port: http-metrics - initialDelaySeconds: 15 - timeoutSeconds: 1 - {{- with .resources}} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- with $.Values.lokiCanary.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "canary.podTemplate" $ | nindent 4 }} {{- end }} {{- end }} diff --git a/production/helm/loki/templates/loki-canary/deployment.yaml b/production/helm/loki/templates/loki-canary/deployment.yaml new file mode 100644 index 0000000000000..c0069384567c3 --- /dev/null +++ b/production/helm/loki/templates/loki-canary/deployment.yaml @@ -0,0 +1,23 @@ +{{- with .Values.lokiCanary -}} +{{- if and .enabled (eq .mode "deployment") -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "loki-canary.fullname" $ }} + namespace: {{ $.Release.Namespace }} + labels: + {{- include "loki-canary.labels" $ | nindent 4 }} +spec: + replicas: {{ .deployment.replicaCount }} + selector: + matchLabels: + {{- include "loki-canary.selectorLabels" $ | nindent 6 }} + {{- with .deployment.strategy }} + strategy: + {{- toYaml . | trim | nindent 4 }} + {{- end }} + template: + {{- include "canary.podTemplate" $ | nindent 4 }} +{{- end }} +{{- end }} diff --git a/production/helm/loki/values.yaml b/production/helm/loki/values.yaml index 359217fc7e219..fb8f122d752db 100644 --- a/production/helm/loki/values.yaml +++ b/production/helm/loki/values.yaml @@ -625,6 +625,13 @@ test: # that it's working correctly lokiCanary: enabled: true + # -- Mode can be either `daemonset` or `deployment` + mode: daemonset + # -- Used when `mode=deployment` + deployment: + replicaCount: 3 + strategy: + type: RollingUpdate # -- If true, the canary will send directly to Loki via the address configured for verification -- # -- If false, it will write to stdout and an Agent will be needed to scrape and send the logs -- push: true