platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: inline tempo and loki values

Browse Source
This commit is contained in:
Jonas Juselius
2024-09-26 21:30:02 +02:00
parent 06b5b3e4a4
commit 50d2c88be2
4 changed files with 170 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files
applications/loki.yaml
+120 -13
View File
@@ -11,19 +11,6 @@ spec:
destination:
namespace: loki
server: 'https://kubernetes.default.svc'
sources:
- repoURL: https://gitlab.com/serit/k8s/serit-platform-manifests.git
path: network-policies/netpol-loki
targetRevision: HEAD
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: HEAD
ref: values
- repoURL: 'https://grafana.github.io/helm-charts'
targetRevision: 3.3.4
chart: loki
helm:
valueFiles:
- $values/kustomizations/loki/values.yaml
project: aux
ignoreDifferences:
- group: apps
@@ -40,3 +27,123 @@ spec:
automated:
prune: true
selfHeal: true
sources:
- repoURL: https://gitlab.com/serit/k8s/serit-platform-manifests.git
path: network-policies/netpol-loki
targetRevision: HEAD
- repoURL: 'https://grafana.github.io/helm-charts'
targetRevision: 3.3.4
chart: loki
helm:
values: |
loki:
auth_enabled: false
storage:
bucketNames:
chunks: loki-chunks
ruler: loki-chunks
admin: loki-chunks
s3:
endpoint: http://10.255.241.30:30080
region: tos
secretAccessKey: ${S3SECRET}
accessKeyId: ${S3KEY}
s3ForcePathStyle: true
http_config:
insecure_skip_verify: true
write:
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_SECRET
tolerations:
- effect: "NoSchedule"
operator: "Equal"
key: "unschedulable"
value: "true"
read:
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_SECRET
tolerations:
- effect: "NoSchedule"
operator: "Equal"
key: "unschedulable"
value: "true"
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
atlantis.oceanbox.io/expose: internal
paths:
# -- Paths that are exposed by Loki Distributor.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.distributorFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.writeFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
distributor:
- /api/prom/push
- /loki/api/v1/push
- /otlp/v1/logs
# -- Paths that are exposed by Loki Query Frontend.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.queryFrontendFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
queryFrontend:
- /api/prom/query
# this path covers labels and labelValues endpoints
- /api/prom/label
- /api/prom/series
- /api/prom/tail
- /loki/api/v1/query
- /loki/api/v1/query_range
- /loki/api/v1/tail
# this path covers labels and labelValues endpoints
- /loki/api/v1/label
- /loki/api/v1/labels
- /loki/api/v1/series
- /loki/api/v1/index/stats
- /loki/api/v1/index/volume
- /loki/api/v1/index/volume_range
- /loki/api/v1/format_query
- /loki/api/v1/detected_fields
- /loki/api/v1/detected_labels
- /loki/api/v1/patterns
# -- Paths that are exposed by Loki Ruler.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.rulerFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.
# If deployment mode is SimpleScalable but `read.legacyReadTarget` is `true`, the requests are forwarded to k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
ruler:
- /api/prom/rules
- /api/prom/api/v1/rules
- /api/prom/api/v1/alerts
- /loki/api/v1/rules
- /prometheus/api/v1/rules
- /prometheus/api/v1/alerts
hosts:
- loki.adm.oceanbox.io
tls:
- hosts:
- loki.adm.oceanbox.io
secretName: loki-distributed-tls
applications/tempo.yaml
+50 -11
View File
@@ -11,16 +11,6 @@ spec:
destination:
namespace: tempo
server: 'https://kubernetes.default.svc'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: HEAD
ref: values
- repoURL: 'https://grafana.github.io/helm-charts'
targetRevision: 1.10.3
chart: tempo
helm:
valueFiles:
- $values/kustomizations/tempo/values.yaml
project: aux
syncPolicy:
# managedNamespaceMetadata:
@@ -32,4 +22,53 @@ spec:
automated:
prune: true
selfHeal: true
sources:
- repoURL: 'https://grafana.github.io/helm-charts'
targetRevision: 1.10.3
chart: tempo
helm:
values: |
tempo:
storage:
trace:
backend: s3
s3:
bucket: tempo-traces
endpoint: http://10.255.241.30:30080
access_key: ${S3SECRET}
secret_key: ${S3KEY}
insecure: true
backend: local
local:
path: /var/tempo/traces
wal:
path: /var/tempo/wal
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: tempo-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: tempo-s3
key: AWS_ACCESS_KEY_SECRET
tempoQuery:
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
atlantis.oceanbox.io/expose: internal
path: /
pathType: Prefix
hosts:
- query.tempo.adm.oceanbox.io
tls:
- secretName: tempo-query-tls
hosts:
- query.tempo.adm.oceanbox.io
kustomizations/loki/values.yaml
-111
View File
@@ -1,111 +0,0 @@
loki:
auth_enabled: false
storage:
bucketNames:
chunks: loki-chunks
ruler: loki-chunks
admin: loki-chunks
s3:
endpoint: http://10.255.241.30:30080
region: tos
secretAccessKey: ${S3SECRET}
accessKeyId: ${S3KEY}
s3ForcePathStyle: true
http_config:
insecure_skip_verify: true
write:
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_SECRET
tolerations:
- effect: "NoSchedule"
operator: "Equal"
key: "unschedulable"
value: "true"
read:
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: loki-s3
key: AWS_ACCESS_KEY_SECRET
tolerations:
- effect: "NoSchedule"
operator: "Equal"
key: "unschedulable"
value: "true"
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
atlantis.oceanbox.io/expose: internal
paths:
# -- Paths that are exposed by Loki Distributor.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.distributorFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.writeFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
distributor:
- /api/prom/push
- /loki/api/v1/push
- /otlp/v1/logs
# -- Paths that are exposed by Loki Query Frontend.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.queryFrontendFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to write k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
queryFrontend:
- /api/prom/query
# this path covers labels and labelValues endpoints
- /api/prom/label
- /api/prom/series
- /api/prom/tail
- /loki/api/v1/query
- /loki/api/v1/query_range
- /loki/api/v1/tail
# this path covers labels and labelValues endpoints
- /loki/api/v1/label
- /loki/api/v1/labels
- /loki/api/v1/series
- /loki/api/v1/index/stats
- /loki/api/v1/index/volume
- /loki/api/v1/index/volume_range
- /loki/api/v1/format_query
- /loki/api/v1/detected_fields
- /loki/api/v1/detected_labels
- /loki/api/v1/patterns
# -- Paths that are exposed by Loki Ruler.
# If deployment mode is Distributed, the requests are forwarded to the service: `{{"loki.rulerFullname"}}`.
# If deployment mode is SimpleScalable, the requests are forwarded to k8s service: `{{"loki.backendFullname"}}`.
# If deployment mode is SimpleScalable but `read.legacyReadTarget` is `true`, the requests are forwarded to k8s service: `{{"loki.readFullname"}}`.
# If deployment mode is SingleBinary, the requests are forwarded to the central/single k8s service: `{{"loki.singleBinaryFullname"}}`
ruler:
- /api/prom/rules
- /api/prom/api/v1/rules
- /api/prom/api/v1/alerts
- /loki/api/v1/rules
- /prometheus/api/v1/rules
- /prometheus/api/v1/alerts
hosts:
- loki.adm.oceanbox.io
tls:
- hosts:
- loki.adm.oceanbox.io
secretName: loki-distributed-tls
kustomizations/tempo/values.yaml
-45
View File
@@ -1,45 +0,0 @@
tempo:
storage:
trace:
backend: s3
s3:
bucket: tempo-traces
endpoint: http://10.255.241.30:30080
access_key: ${S3SECRET}
secret_key: ${S3KEY}
insecure: true
backend: local
local:
path: /var/tempo/traces
wal:
path: /var/tempo/wal
extraArgs:
- -config.expand-env=true
extraEnv:
- name: S3KEY
valueFrom:
secretKeyRef:
name: tempo-s3
key: AWS_ACCESS_KEY_ID
- name: S3SECRET
valueFrom:
secretKeyRef:
name: tempo-s3
key: AWS_ACCESS_KEY_SECRET
tempoQuery:
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
atlantis.oceanbox.io/expose: internal
path: /
pathType: Prefix
hosts:
- query.tempo.adm.oceanbox.io
tls:
- secretName: tempo-query-tls
hosts:
- query.tempo.adm.oceanbox.io