Skip to content

loki values.yaml💣

global.image.registry💣

Type: string

Default value
nil

Description: Overrides the Docker registry globally for all images

global.priorityClassName💣

Type: string

Default value
nil

Description: Overrides the priorityClassName for all pods

global.clusterDomain💣

Type: string

Default value
"cluster.local"

Description: configures cluster domain (“cluster.local” by default)

global.dnsService💣

Type: string

Default value
"kube-dns"

Description: configures DNS service name

global.dnsNamespace💣

Type: string

Default value
"kube-system"

Description: configures DNS service namespace

nameOverride💣

Type: string

Default value
"logging-loki"

Description: Overrides the chart’s name

fullnameOverride💣

Type: string

Default value
"logging-loki"

Description: Overrides the chart’s computed fullname

imagePullSecrets💣

Type: list

Default value
[{"name":"private-registry"}]
Default value (formatted)
[
  {
    "name": "private-registry"
  }
]

Description: Image pull secrets for Docker images

loki.readinessProbe.httpGet.path💣

Type: string

Default value
"/ready"

loki.readinessProbe.httpGet.port💣

Type: string

Default value
"http-metrics"

loki.readinessProbe.initialDelaySeconds💣

Type: int

Default value
30

loki.readinessProbe.timeoutSeconds💣

Type: int

Default value
1

loki.image.registry💣

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry

loki.image.repository💣

Type: string

Default value
"ironbank/opensource/grafana/loki"

Description: Docker image repository

loki.image.tag💣

Type: string

Default value
"2.6.1"

Description: Overrides the image tag whose default is the chart’s appVersion

loki.image.pullPolicy💣

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

loki.podAnnotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Common annotations for all pods

loki.revisionHistoryLimit💣

Type: int

Default value
10

Description: The number of old ReplicaSets to retain to allow rollback

loki.podSecurityContext💣

Type: object

Default value
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
  "fsGroup": 10001,
  "runAsGroup": 10001,
  "runAsNonRoot": true,
  "runAsUser": 10001
}

Description: The SecurityContext for Loki pods

loki.containerSecurityContext💣

Type: object

Default value
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
  "allowPrivilegeEscalation": false,
  "capabilities": {
    "drop": [
      "ALL"
    ]
  },
  "readOnlyRootFilesystem": true
}

Description: The SecurityContext for Loki containers

loki.existingSecretForConfig💣

Type: string

Default value
""

Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config

loki.auth_enabled💣

Type: bool

Default value
false

loki.commonConfig💣

Type: object

Default value
{"path_prefix":"/var/loki","replication_factor":3}
Default value (formatted)
{
  "path_prefix": "/var/loki",
  "replication_factor": 3
}

Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration

loki.extraServerConfig💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Extra server configurations. Check https://grafana.com/docs/loki/latest/configuration/#server for more info

loki.storage.bucketNames.chunks💣

Type: string

Default value
"loki"

loki.storage.bucketNames.ruler💣

Type: string

Default value
"loki"

loki.storage.bucketNames.admin💣

Type: string

Default value
"loki-admin"

loki.storage.type💣

Type: string

Default value
"s3"

loki.storage.s3.s3💣

Type: string

Default value
nil

loki.storage.s3.endpoint💣

Type: string

Default value
nil

loki.storage.s3.region💣

Type: string

Default value
nil

loki.storage.s3.secretAccessKey💣

Type: string

Default value
nil

loki.storage.s3.accessKeyId💣

Type: string

Default value
nil

loki.storage.s3.s3ForcePathStyle💣

Type: bool

Default value
false

loki.storage.s3.insecure💣

Type: bool

Default value
false

loki.storage.gcs.chunkBufferSize💣

Type: int

Default value
0

loki.storage.gcs.requestTimeout💣

Type: string

Default value
"0s"

loki.storage.gcs.enableHttp2💣

Type: bool

Default value
true

loki.storage.local.chunks_directory💣

Type: string

Default value
"/var/loki/chunks"

loki.storage.local.rules_directory💣

Type: string

Default value
"/var/loki/rules"

loki.memcached💣

Type: object

Default value
{"chunk_cache":{"batch_size":256,"enabled":false,"host":"","parallelism":10,"service":"memcached-client"},"results_cache":{"default_validity":"12h","enabled":false,"host":"","service":"memcached-client","timeout":"500ms"}}
Default value (formatted)
{
  "chunk_cache": {
    "batch_size": 256,
    "enabled": false,
    "host": "",
    "parallelism": 10,
    "service": "memcached-client"
  },
  "results_cache": {
    "default_validity": "12h",
    "enabled": false,
    "host": "",
    "service": "memcached-client",
    "timeout": "500ms"
  }
}

Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.

loki.schemaConfig💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas

loki.structuredConfig💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Structured loki configuration, takes precedence over loki.config, loki.schemaConfig, loki.storageConfig

loki.query_scheduler💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional query scheduler config

loki.storage_config💣

Type: object

Default value
{"boltdb_shipper":{"active_index_directory":"/var/loki/boltdb-shipper-active","cache_location":"/var/loki/boltdb-shipper-cache","cache_ttl":"24h","shared_store":"s3"},"hedging":{"at":"250ms","max_per_second":20,"up_to":3}}
Default value (formatted)
{
  "boltdb_shipper": {
    "active_index_directory": "/var/loki/boltdb-shipper-active",
    "cache_location": "/var/loki/boltdb-shipper-cache",
    "cache_ttl": "24h",
    "shared_store": "s3"
  },
  "hedging": {
    "at": "250ms",
    "max_per_second": 20,
    "up_to": 3
  }
}

Description: Additional storage config

enterprise.enabled💣

Type: bool

Default value
false

enterprise.version💣

Type: string

Default value
"v1.5.0"

enterprise.license💣

Type: object

Default value
{"contents":"NOTAVALIDLICENSE"}
Default value (formatted)
{
  "contents": "NOTAVALIDLICENSE"
}

Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'license.contents=./license.jwt'

enterprise.useExternalLicense💣

Type: bool

Default value
false

Description: Set to true when providing an external license

enterprise.externalLicenseName💣

Type: string

Default value
nil

Description: Name of external licesne secret to use

enterprise.cluster_name💣

Type: string

Default value
""

Description: Name of cluster, must match cluster ID/Name on Grafana License

enterprise.adminApi💣

Type: object

Default value
{"enabled":true}
Default value (formatted)
{
  "enabled": true
}

Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust, or that auth_enabled is set to false.

enterprise.config💣

Type: string

Default value
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") }}\nadmin_client:\n  storage:\n    s3:\n      bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n  type: {{ .Values.enterprise.adminApi.enabled | ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ default .Release.Name .Values.enterprise.cluster_name | quote }}\nlicense:\n  path: /etc/loki/license/license.jwt\n"
Default value (formatted)
{{- if .Values.enterprise.adminApi.enabled }}
{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") }}
admin_client:
  storage:
    s3:
      bucket_name: {{ .Values.loki.storage.bucketNames.admin }}
{{- end }}
{{- end }}
auth:
  type: {{ .Values.enterprise.adminApi.enabled | ternary \"enterprise\" \"trust\" }}
auth_enabled: {{ .Values.loki.auth_enabled }}
cluster_name: {{ default .Release.Name .Values.enterprise.cluster_name | quote }}
license:
  path: /etc/loki/license/license.jwt

enterprise.image.registry💣

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry

enterprise.image.repository💣

Type: string

Default value
"ironbank/grafana/grafana-enterprise-logs"

Description: Docker image repository

enterprise.image.tag💣

Type: string

Default value
"v1.5.0"

Description: Overrides the image tag whose default is the chart’s appVersion

enterprise.image.pullPolicy💣

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

enterprise.tokengen💣

Type: object

Default value
{"adminTokenSecret":"gel-admin-token","annotations":{"sidecar.istio.io/inject":"false"},"enabled":true,"env":[],"extraArgs":[],"extraVolumeMounts":[],"extraVolumes":[],"image":"registry1.dso.mil/ironbank/big-bang/base:2.0.0","labels":{},"securityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001},"tolerations":[]}
Default value (formatted)
{
  "adminTokenSecret": "gel-admin-token",
  "annotations": {
    "sidecar.istio.io/inject": "false"
  },
  "enabled": true,
  "env": [],
  "extraArgs": [],
  "extraVolumeMounts": [],
  "extraVolumes": [],
  "image": "registry1.dso.mil/ironbank/big-bang/base:2.0.0",
  "labels": {},
  "securityContext": {
    "fsGroup": 10001,
    "runAsGroup": 10001,
    "runAsNonRoot": true,
    "runAsUser": 10001
  },
  "tolerations": []
}

Description: Configuration for tokengen target

enterprise.tokengen.enabled💣

Type: bool

Default value
true

Description: Whether the job should be part of the deployment

enterprise.tokengen.adminTokenSecret💣

Type: string

Default value
"gel-admin-token"

Description: Name of the secret to store the admin token in

enterprise.tokengen.extraArgs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional CLI arguments for the tokengen target

enterprise.tokengen.env💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional Kubernetes environment

enterprise.tokengen.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional labels for the tokengen Job

enterprise.tokengen.annotations💣

Type: object

Default value
{"sidecar.istio.io/inject":"false"}
Default value (formatted)
{
  "sidecar.istio.io/inject": "false"
}

Description: Additional annotations for the tokengen Job

enterprise.tokengen.extraVolumes💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional volumes for Pods

enterprise.tokengen.tolerations💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Tolerations for tokengen Job

enterprise.tokengen.extraVolumeMounts💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional volume mounts for Pods

enterprise.tokengen.securityContext💣

Type: object

Default value
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
  "fsGroup": 10001,
  "runAsGroup": 10001,
  "runAsNonRoot": true,
  "runAsUser": 10001
}

Description: Run containers as user enterprise-logs(uid=10001)

enterprise.tokengen.image💣

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base:2.0.0"

Description: Create Secret Job Image to utilize

serviceAccount.create💣

Type: bool

Default value
true

Description: Specifies whether a ServiceAccount should be created

serviceAccount.name💣

Type: string

Default value
nil

Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template

serviceAccount.imagePullSecrets💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Image pull secrets for the service account

serviceAccount.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for the service account

serviceAccount.automountServiceAccountToken💣

Type: bool

Default value
true

Description: Set this toggle to false to opt out of automounting API credentials for the service account

rbac.pspEnabled💣

Type: bool

Default value
false

Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.

rbac.sccEnabled💣

Type: bool

Default value
false

Description: For OpenShift set pspEnabled to ‘false’ and sccEnabled to ‘true’ to use the SecurityContextConstraints.

monitoring.enabled💣

Type: bool

Default value
false

Description: Enable BigBang integration of Monitoring components

monitoring.dashboards.enabled💣

Type: bool

Default value
false

Description: If enabled, create configmap with dashboards for monitoring Loki

monitoring.dashboards.namespace💣

Type: string

Default value
nil

Description: Alternative namespace to create dashboards ConfigMap in

monitoring.dashboards.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional annotations for the dashboards ConfigMap

monitoring.dashboards.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional labels for the dashboards ConfigMap

monitoring.rules.enabled💣

Type: bool

Default value
false

Description: If enabled, create PrometheusRule resource with Loki recording rules

monitoring.rules.alerting💣

Type: bool

Default value
true

Description: Include alerting rules

monitoring.rules.namespace💣

Type: string

Default value
nil

Description: Alternative namespace to create recording rules PrometheusRule resource in

monitoring.rules.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional annotations for the rules PrometheusRule resource

monitoring.rules.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional labels for the rules PrometheusRule resource

monitoring.rules.additionalGroups💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional groups to add to the rules file

monitoring.alerts.enabled💣

Type: bool

Default value
false

Description: If enabled, create PrometheusRule resource with Loki alerting rules

monitoring.alerts.namespace💣

Type: string

Default value
nil

Description: Alternative namespace to create alerting rules PrometheusRule resource in

monitoring.alerts.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional annotations for the alerts PrometheusRule resource

monitoring.alerts.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional labels for the alerts PrometheusRule resource

monitoring.serviceMonitor.enabled💣

Type: bool

Default value
false

Description: If enabled, ServiceMonitor resources for Prometheus Operator are created

monitoring.serviceMonitor.namespace💣

Type: string

Default value
nil

Description: Alternative namespace for ServiceMonitor resources

monitoring.serviceMonitor.namespaceSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Namespace selector for ServiceMonitor resources

monitoring.serviceMonitor.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: ServiceMonitor annotations

monitoring.serviceMonitor.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional ServiceMonitor labels

monitoring.serviceMonitor.interval💣

Type: string

Default value
nil

Description: ServiceMonitor scrape interval

monitoring.serviceMonitor.scrapeTimeout💣

Type: string

Default value
nil

Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)

monitoring.serviceMonitor.relabelings💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

monitoring.serviceMonitor.scheme💣

Type: string

Default value
"http"

Description: ServiceMonitor will use http by default, but you can pick https as well

monitoring.serviceMonitor.tlsConfig💣

Type: string

Default value
nil

Description: ServiceMonitor will use these tlsConfig settings to make the health check requests

monitoring.selfMonitoring.enabled💣

Type: bool

Default value
false

monitoring.selfMonitoring.grafanaAgent.installOperator💣

Type: bool

Default value
false

Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds

monitoring.selfMonitoring.grafanaAgent.namespace💣

Type: string

Default value
nil

Description: Alternative namespace for Grafana Agent resources

monitoring.selfMonitoring.grafanaAgent.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Grafana Agent annotations

monitoring.selfMonitoring.grafanaAgent.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional Grafana Agent labels

monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPI💣

Type: bool

Default value
false

Description: Enable the config read api on port 8080 of the agent

monitoring.selfMonitoring.podLogs.namespace💣

Type: string

Default value
nil

Description: Alternative namespace for PodLogs resources

monitoring.selfMonitoring.podLogs.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: PodLogs annotations

monitoring.selfMonitoring.podLogs.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional PodLogs labels

monitoring.selfMonitoring.podLogs.relabelings💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

monitoring.selfMonitoring.logsInstance.namespace💣

Type: string

Default value
nil

Description: Alternative namespace for LogsInstance resources

monitoring.selfMonitoring.logsInstance.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: LogsInstance annotations

monitoring.selfMonitoring.logsInstance.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional LogsInstance labels

write.replicas💣

Type: int

Default value
2

Description: Number of replicas for the write

write.image.registry💣

Type: string

Default value
nil

Description: The Docker registry for the write image. Overrides loki.image.registry

write.image.repository💣

Type: string

Default value
nil

Description: Docker image repository for the write image. Overrides loki.image.repository

write.image.tag💣

Type: string

Default value
nil

Description: Docker image tag for the write image. Overrides loki.image.tag

write.priorityClassName💣

Type: string

Default value
nil

Description: The name of the PriorityClass for write pods

write.podAnnotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for write pods

write.selectorLabels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional selector labels for each write pod

write.serviceLabels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Labels for ingestor service

write.extraArgs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional CLI args for the write

write.extraEnv💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables to add to the write pods

write.extraEnvFrom💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables from secrets or configmaps to add to the write pods

write.extraVolumeMounts💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volume mounts to add to the write pods

write.extraVolumes💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volumes to add to the write pods

write.resources💣

Type: object

Default value
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
  "limits": {
    "cpu": "300m",
    "memory": "2Gi"
  },
  "requests": {
    "cpu": "300m",
    "memory": "2Gi"
  }
}

Description: Resource requests and limits for the write

write.terminationGracePeriodSeconds💣

Type: int

Default value
300

Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.

write.nodeSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Node selector for write pods

write.tolerations💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Tolerations for write pods

write.persistence.size💣

Type: string

Default value
"10Gi"

Description: Size of persistent disk

write.persistence.storageClass💣

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

read.replicas💣

Type: int

Default value
2

Description: Number of replicas for the read

read.autoscaling.enabled💣

Type: bool

Default value
false

Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true

read.autoscaling.minReplicas💣

Type: int

Default value
1

Description: Minimum autoscaling replicas for the read

read.autoscaling.maxReplicas💣

Type: int

Default value
3

Description: Maximum autoscaling replicas for the read

read.autoscaling.targetCPUUtilizationPercentage💣

Type: int

Default value
60

Description: Target CPU utilisation percentage for the read

read.autoscaling.targetMemoryUtilizationPercentage💣

Type: string

Default value
nil

Description: Target memory utilisation percentage for the read

read.image.registry💣

Type: string

Default value
nil

Description: The Docker registry for the read image. Overrides loki.image.registry

read.image.repository💣

Type: string

Default value
nil

Description: Docker image repository for the read image. Overrides loki.image.repository

read.image.tag💣

Type: string

Default value
nil

Description: Docker image tag for the read image. Overrides loki.image.tag

read.priorityClassName💣

Type: string

Default value
nil

Description: The name of the PriorityClass for read pods

read.podAnnotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for read pods

read.selectorLabels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Additional selecto labels for each read pod

read.serviceLabels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Labels for read service

read.extraArgs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional CLI args for the read

read.extraEnv💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables to add to the read pods

read.extraEnvFrom💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables from secrets or configmaps to add to the read pods

read.extraVolumeMounts💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volume mounts to add to the read pods

read.extraVolumes💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volumes to add to the read pods

read.resources💣

Type: object

Default value
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
  "limits": {
    "cpu": "300m",
    "memory": "2Gi"
  },
  "requests": {
    "cpu": "300m",
    "memory": "2Gi"
  }
}

Description: Resource requests and limits for the read

read.terminationGracePeriodSeconds💣

Type: int

Default value
30

Description: Grace period to allow the read to shutdown before it is killed

read.nodeSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Node selector for read pods

read.tolerations💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Tolerations for read pods

read.persistence.size💣

Type: string

Default value
"10Gi"

Description: Size of persistent disk

read.persistence.storageClass💣

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

gateway.enabled💣

Type: bool

Default value
false

Description: Specifies whether the gateway should be enabled

gateway.replicas💣

Type: int

Default value
1

Description: Number of replicas for the gateway

gateway.verboseLogging💣

Type: bool

Default value
true

Description: Enable logging of 2xx and 3xx HTTP requests

gateway.autoscaling.enabled💣

Type: bool

Default value
false

Description: Enable autoscaling for the gateway

gateway.autoscaling.minReplicas💣

Type: int

Default value
1

Description: Minimum autoscaling replicas for the gateway

gateway.autoscaling.maxReplicas💣

Type: int

Default value
3

Description: Maximum autoscaling replicas for the gateway

gateway.autoscaling.targetCPUUtilizationPercentage💣

Type: int

Default value
60

Description: Target CPU utilisation percentage for the gateway

gateway.autoscaling.targetMemoryUtilizationPercentage💣

Type: string

Default value
nil

Description: Target memory utilisation percentage for the gateway

gateway.deploymentStrategy💣

Type: object

Default value
{"type":"RollingUpdate"}
Default value (formatted)
{
  "type": "RollingUpdate"
}

Description: ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy

gateway.image.registry💣

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry for the gateway image

gateway.image.repository💣

Type: string

Default value
"ironbank/opensource/nginx/nginx"

Description: The gateway image repository

gateway.image.tag💣

Type: string

Default value
"1.23.1"

Description: The gateway image tag

gateway.image.pullPolicy💣

Type: string

Default value
"IfNotPresent"

Description: The gateway image pull policy

gateway.priorityClassName💣

Type: string

Default value
nil

Description: The name of the PriorityClass for gateway pods

gateway.podAnnotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for gateway pods

gateway.extraArgs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Additional CLI args for the gateway

gateway.extraEnv💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables to add to the gateway pods

gateway.extraEnvFrom💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Environment variables from secrets or configmaps to add to the gateway pods

gateway.extraVolumes💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volumes to add to the gateway pods

gateway.extraVolumeMounts💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Volume mounts to add to the gateway pods

gateway.podSecurityContext💣

Type: object

Default value
{"fsGroup":101,"runAsGroup":101,"runAsNonRoot":true,"runAsUser":101}
Default value (formatted)
{
  "fsGroup": 101,
  "runAsGroup": 101,
  "runAsNonRoot": true,
  "runAsUser": 101
}

Description: The SecurityContext for gateway containers

gateway.containerSecurityContext💣

Type: object

Default value
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
  "allowPrivilegeEscalation": false,
  "capabilities": {
    "drop": [
      "ALL"
    ]
  },
  "readOnlyRootFilesystem": true
}

Description: The SecurityContext for gateway containers

gateway.resources💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Resource requests and limits for the gateway

gateway.terminationGracePeriodSeconds💣

Type: int

Default value
30

Description: Grace period to allow the gateway to shutdown before it is killed

gateway.nodeSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Node selector for gateway pods

gateway.tolerations💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Tolerations for gateway pods

gateway.service.port💣

Type: int

Default value
80

Description: Port of the gateway service

gateway.service.type💣

Type: string

Default value
"ClusterIP"

Description: Type of the gateway service

gateway.service.clusterIP💣

Type: string

Default value
nil

Description: ClusterIP of the gateway service

gateway.service.nodePort💣

Type: int

Default value
nil

Description: Node port if service type is NodePort

gateway.service.loadBalancerIP💣

Type: string

Default value
nil

Description: Load balancer IPO address if service type is LoadBalancer

gateway.service.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for the gateway service

gateway.service.labels💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Labels for gateway service

gateway.ingress.enabled💣

Type: bool

Default value
false

Description: Specifies whether an ingress for the gateway should be created

gateway.ingress.annotations💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Annotations for the gateway ingress

gateway.ingress.hosts💣

Type: list

Default value
[{"host":"gateway.loki.example.com","paths":[{"path":"/"}]}]
Default value (formatted)
[
  {
    "host": "gateway.loki.example.com",
    "paths": [
      {
        "path": "/"
      }
    ]
  }
]

Description: Hosts configuration for the gateway ingress

gateway.ingress.tls💣

Type: list

Default value
[{"hosts":["gateway.loki.example.com"],"secretName":"loki-gateway-tls"}]
Default value (formatted)
[
  {
    "hosts": [
      "gateway.loki.example.com"
    ],
    "secretName": "loki-gateway-tls"
  }
]

Description: TLS configuration for the gateway ingress

gateway.basicAuth.enabled💣

Type: bool

Default value
false

Description: Enables basic authentication for the gateway

gateway.basicAuth.username💣

Type: string

Default value
nil

Description: The basic auth username for the gateway

gateway.basicAuth.password💣

Type: string

Default value
nil

Description: The basic auth password for the gateway

gateway.basicAuth.htpasswd💣

Type: string

Default value
'{{ htpasswd (required "''gateway.basicAuth.username'' is required" .Values.gateway.basicAuth.username) (required "''gateway.basicAuth.password'' is required" .Values.gateway.basicAuth.password) }}'

Description: Uses the specified username and password to compute a htpasswd using Sprig’s htpasswd function. The value is templated using tpl. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.

gateway.basicAuth.existingSecret💣

Type: string

Default value
nil

Description: Existing basic auth secret to use. Must contain ‘.htpasswd’

gateway.readinessProbe.httpGet.path💣

Type: string

Default value
"/"

gateway.readinessProbe.httpGet.port💣

Type: string

Default value
"http"

gateway.readinessProbe.initialDelaySeconds💣

Type: int

Default value
15

gateway.readinessProbe.timeoutSeconds💣

Type: int

Default value
1

gateway.nginxConfig.logFormat💣

Type: string

Default value
"main '$remote_addr - $remote_user [$time_local]  $status '\n        '\"$request\" $body_bytes_sent \"$http_referer\" '\n        '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
Default value (formatted)
main '$remote_addr - $remote_user [$time_local]  $status '
        '\"$request\" $body_bytes_sent \"$http_referer\" '
        '\"$http_user_agent\" \"$http_x_forwarded_for\"';

Description: NGINX log format

gateway.nginxConfig.serverSnippet💣

Type: string

Default value
""

Description: Allows appending custom configuration to the server block

gateway.nginxConfig.httpSnippet💣

Type: string

Default value
""

Description: Allows appending custom configuration to the http block

networkPolicy.enabled💣

Type: bool

Default value
false

Description: Specifies whether Network Policies should be created

networkPolicy.metrics.podSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.metrics.namespaceSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the namespaces which are allowed to access the metrics port

networkPolicy.metrics.cidrs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.

networkPolicy.ingress.podSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.ingress.namespaceSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the namespaces which are allowed to access the http port

networkPolicy.alertmanager.port💣

Type: int

Default value
9093

Description: Specify the alertmanager port used for alerting

networkPolicy.alertmanager.podSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.alertmanager.namespaceSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the namespace the alertmanager is running in

networkPolicy.externalStorage.ports💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Specify the port used for external storage, e.g. AWS S3

networkPolicy.externalStorage.cidrs💣

Type: list

Default value
[]
Default value (formatted)
[]

Description: Specifies specific network CIDRs you want to limit access to

networkPolicy.discovery.port💣

Type: int

Default value
nil

Description: Specify the port used for discovery

networkPolicy.discovery.podSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.discovery.namespaceSelector💣

Type: object

Default value
{}
Default value (formatted)
{}

Description: Specifies the namespace the discovery Pods are running in

minio💣

Type: object

Default value
{"enabled":false,"secrets":{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"},"service":{"nameOverride":"minio.logging.svc.cluster.local"},"tenant":{"buckets":[{"name":"loki"},{"name":"loki-admin"}],"defaultUserCredentials":{"password":"","username":"minio-user"},"metrics":{"enabled":false,"memory":"128Mi","port":9000},"pools":[{"securityContext":{"fsGroup":1001,"runAsGroup":1001,"runAsUser":1001},"servers":1,"size":"750Mi","volumesPerServer":4}],"users":[{"name":"minio-user"}]}}
Default value (formatted)
{
  "enabled": false,
  "secrets": {
    "accessKey": "minio",
    "name": "loki-objstore-creds",
    "secretKey": "minio123"
  },
  "service": {
    "nameOverride": "minio.logging.svc.cluster.local"
  },
  "tenant": {
    "buckets": [
      {
        "name": "loki"
      },
      {
        "name": "loki-admin"
      }
    ],
    "defaultUserCredentials": {
      "password": "",
      "username": "minio-user"
    },
    "metrics": {
      "enabled": false,
      "memory": "128Mi",
      "port": 9000
    },
    "pools": [
      {
        "securityContext": {
          "fsGroup": 1001,
          "runAsGroup": 1001,
          "runAsUser": 1001
        },
        "servers": 1,
        "size": "750Mi",
        "volumesPerServer": 4
      }
    ],
    "users": [
      {
        "name": "minio-user"
      }
    ]
  }
}

Description: -----------------------------------

minio.enabled💣

Type: bool

Default value
false

Description: Enable minio instance support, must have minio-operator installed

minio.secrets💣

Type: object

Default value
{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"}
Default value (formatted)
{
  "accessKey": "minio",
  "name": "loki-objstore-creds",
  "secretKey": "minio123"
}

Description: Minio root credentials

minio.tenant.buckets💣

Type: list

Default value
[{"name":"loki"},{"name":"loki-admin"}]
Default value (formatted)
[
  {
    "name": "loki"
  },
  {
    "name": "loki-admin"
  }
]

Description: Buckets to be provisioned to for tenant

minio.tenant.users💣

Type: list

Default value
[{"name":"minio-user"}]
Default value (formatted)
[
  {
    "name": "minio-user"
  }
]

Description: Users to to be provisioned to for tenant

minio.tenant.defaultUserCredentials💣

Type: object

Default value
{"password":"","username":"minio-user"}
Default value (formatted)
{
  "password": "",
  "username": "minio-user"
}

Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki

monolith💣

Type: object

Default value
{"containerSecurityContext":{"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true},"enabled":true,"extraPorts":[{"name":"grpc","port":9095,"protocol":"TCP","targetPort":"grpc"},{"name":"tcp-memberlist","port":7946,"protocol":"TCP"}],"fullnameOverride":"loki","image":{"pullPolicy":"IfNotPresent","pullSecrets":["private-registry"],"repository":"registry1.dso.mil/ironbank/opensource/grafana/loki","tag":"2.6.1"},"livenessProbe":{"initialDelaySeconds":80},"nameOverride":"loki","persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"12Gi"},"readinessProbe":{"initialDelaySeconds":80},"resources":{"limits":{"cpu":"100m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"labels":{"app":"loki","release":"logging-loki"}}}
Default value (formatted)
{
  "containerSecurityContext": {
    "capabilities": {
      "drop": [
        "ALL"
      ]
    },
    "readOnlyRootFilesystem": true
  },
  "enabled": true,
  "extraPorts": [
    {
      "name": "grpc",
      "port": 9095,
      "protocol": "TCP",
      "targetPort": "grpc"
    },
    {
      "name": "tcp-memberlist",
      "port": 7946,
      "protocol": "TCP"
    }
  ],
  "fullnameOverride": "loki",
  "image": {
    "pullPolicy": "IfNotPresent",
    "pullSecrets": [
      "private-registry"
    ],
    "repository": "registry1.dso.mil/ironbank/opensource/grafana/loki",
    "tag": "2.6.1"
  },
  "livenessProbe": {
    "initialDelaySeconds": 80
  },
  "nameOverride": "loki",
  "persistence": {
    "accessModes": [
      "ReadWriteOnce"
    ],
    "enabled": true,
    "size": "12Gi"
  },
  "readinessProbe": {
    "initialDelaySeconds": 80
  },
  "resources": {
    "limits": {
      "cpu": "100m",
      "memory": "256Mi"
    },
    "requests": {
      "cpu": "100m",
      "memory": "256Mi"
    }
  },
  "service": {
    "labels": {
      "app": "loki",
      "release": "logging-loki"
    }
  }
}

Description: ----------------------------------------------

monolith.enabled💣

Type: bool

Default value
true

Description: Enable Loki chart in single binary mode. Recommended for smaller or non-production environments

monolith.extraPorts[0]💣

Type: object

Default value
{"name":"grpc","port":9095,"protocol":"TCP","targetPort":"grpc"}
Default value (formatted)
{
  "name": "grpc",
  "port": 9095,
  "protocol": "TCP",
  "targetPort": "grpc"
}

Description: Extra ports for loki pods. Additional ports exposed to support HA communication

monolith.extraPorts[1]💣

Type: object

Default value
{"name":"tcp-memberlist","port":7946,"protocol":"TCP"}
Default value (formatted)
{
  "name": "tcp-memberlist",
  "port": 7946,
  "protocol": "TCP"
}

Description: Extra ports for loki pods. Additional ports exposed to support memberlist

domain💣

Type: string

Default value
"bigbang.dev"

istio.enabled💣

Type: bool

Default value
false

istio.mtls.mode💣

Type: string

Default value
"STRICT"

networkPolicies.enabled💣

Type: bool

Default value
false

bbtests.enabled💣

Type: bool

Default value
false

bbtests.cypress.artifacts💣

Type: bool

Default value
true

bbtests.cypress.envs.cypress_check_datasource💣

Type: string

Default value
"false"

bbtests.cypress.envs.cypress_grafana_url💣

Type: string

Default value
"http://monitoring-grafana.monitoring.svc.cluster.local"

bbtests.scripts.image💣

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base:2.0.0"

bbtests.scripts.envs.LOKI_URL💣

Type: string

Default value
"http://{{ .Values.monolith.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"

bbtests.scripts.envs.LOKI_VERSION💣

Type: string

Default value
"{{ .Values.monolith.image.tag }}"