loki values.yaml
💣
global.image.registry💣
Type: string
nil
Description: Overrides the Docker registry globally for all images
global.priorityClassName💣
Type: string
nil
Description: Overrides the priorityClassName for all pods
global.clusterDomain💣
Type: string
"cluster.local"
Description: configures cluster domain (“cluster.local” by default)
global.dnsService💣
Type: string
"kube-dns"
Description: configures DNS service name
global.dnsNamespace💣
Type: string
"kube-system"
Description: configures DNS service namespace
nameOverride💣
Type: string
"logging-loki"
Description: Overrides the chart’s name
fullnameOverride💣
Type: string
"logging-loki"
Description: Overrides the chart’s computed fullname
imagePullSecrets💣
Type: list
[{"name":"private-registry"}]
Default value (formatted)
[
{
"name": "private-registry"
}
]
Description: Image pull secrets for Docker images
kubectlImage.registry💣
Type: string
"registry1.dso.mil"
Description: The Docker registry
kubectlImage.repository💣
Type: string
"ironbank/opensource/kubernetes/kubectl"
Description: Docker image repository
kubectlImage.tag💣
Type: string
"v1.25.2"
Description: Overrides the image tag whose default is the chart’s appVersion
kubectlImage.pullPolicy💣
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.readinessProbe.httpGet.path💣
Type: string
"/ready"
loki.readinessProbe.httpGet.port💣
Type: string
"http-metrics"
loki.readinessProbe.initialDelaySeconds💣
Type: int
30
loki.readinessProbe.timeoutSeconds💣
Type: int
1
loki.image.registry💣
Type: string
"registry1.dso.mil"
Description: The Docker registry
loki.image.repository💣
Type: string
"ironbank/opensource/grafana/loki"
Description: Docker image repository
loki.image.tag💣
Type: string
"2.6.1"
Description: Overrides the image tag whose default is the chart’s appVersion
loki.image.pullPolicy💣
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Common annotations for all pods
loki.revisionHistoryLimit💣
Type: int
10
Description: The number of old ReplicaSets to retain to allow rollback
loki.podSecurityContext💣
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: The SecurityContext for Loki pods
loki.containerSecurityContext💣
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"readOnlyRootFilesystem": true
}
Description: The SecurityContext for Loki containers
loki.existingSecretForConfig💣
Type: string
""
Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config
loki.auth_enabled💣
Type: bool
false
loki.server💣
Type: object
{"grpc_listen_port":9095,"http_listen_port":3100}
Default value (formatted)
{
"grpc_listen_port": 9095,
"http_listen_port": 3100
}
Description: Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.
loki.limits_config💣
Type: object
{"enforce_metric_name":false,"max_cache_freshness_per_query":"10m","reject_old_samples":true,"reject_old_samples_max_age":"168h","split_queries_by_interval":"15m"}
Default value (formatted)
{
"enforce_metric_name": false,
"max_cache_freshness_per_query": "10m",
"reject_old_samples": true,
"reject_old_samples_max_age": "168h",
"split_queries_by_interval": "15m"
}
Description: Limits config
loki.commonConfig💣
Type: object
{"path_prefix":"/var/loki","replication_factor":3}
Default value (formatted)
{
"path_prefix": "/var/loki",
"replication_factor": 3
}
Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
loki.storage💣
Type: object
{"bucketNames":{"admin":"loki-admin","chunks":"loki","ruler":"loki"},"filesystem":{"chunks_directory":"/var/loki/chunks","rules_directory":"/var/loki/rules"},"gcs":{"chunkBufferSize":0,"enableHttp2":true,"requestTimeout":"0s"},"s3":{"accessKeyId":null,"endpoint":null,"http_config":{},"insecure":false,"region":null,"s3":null,"s3ForcePathStyle":false,"secretAccessKey":null},"type":"s3"}
Default value (formatted)
{
"bucketNames": {
"admin": "loki-admin",
"chunks": "loki",
"ruler": "loki"
},
"filesystem": {
"chunks_directory": "/var/loki/chunks",
"rules_directory": "/var/loki/rules"
},
"gcs": {
"chunkBufferSize": 0,
"enableHttp2": true,
"requestTimeout": "0s"
},
"s3": {
"accessKeyId": null,
"endpoint": null,
"http_config": {},
"insecure": false,
"region": null,
"s3": null,
"s3ForcePathStyle": false,
"secretAccessKey": null
},
"type": "s3"
}
Description: Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
loki.memcached💣
Type: object
{"chunk_cache":{"batch_size":256,"enabled":false,"host":"","parallelism":10,"service":"memcached-client"},"results_cache":{"default_validity":"12h","enabled":false,"host":"","service":"memcached-client","timeout":"500ms"}}
Default value (formatted)
{
"chunk_cache": {
"batch_size": 256,
"enabled": false,
"host": "",
"parallelism": 10,
"service": "memcached-client"
},
"results_cache": {
"default_validity": "12h",
"enabled": false,
"host": "",
"service": "memcached-client",
"timeout": "500ms"
}
}
Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.
loki.schemaConfig💣
Type: object
{}
Default value (formatted)
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
loki.rulerConfig💣
Type: object
{}
Default value (formatted)
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
loki.structuredConfig💣
Type: object
{}
Default value (formatted)
{}
Description: Structured loki configuration, takes precedence over loki.config
, loki.schemaConfig
, loki.storageConfig
loki.query_scheduler💣
Type: object
{}
Default value (formatted)
{}
Description: Additional query scheduler config
loki.storage_config💣
Type: object
{"boltdb_shipper":{"active_index_directory":"/var/loki/boltdb-shipper-active","cache_location":"/var/loki/boltdb-shipper-cache","cache_ttl":"24h","shared_store":"s3"},"hedging":{"at":"250ms","max_per_second":20,"up_to":3}}
Default value (formatted)
{
"boltdb_shipper": {
"active_index_directory": "/var/loki/boltdb-shipper-active",
"cache_location": "/var/loki/boltdb-shipper-cache",
"cache_ttl": "24h",
"shared_store": "s3"
},
"hedging": {
"at": "250ms",
"max_per_second": 20,
"up_to": 3
}
}
Description: Additional storage config
loki.compactor💣
Type: object
{}
Default value (formatted)
{}
Description: Optional compactor configuration
enterprise.enabled💣
Type: bool
false
enterprise.version💣
Type: string
"v1.5.2"
enterprise.cluster_name💣
Type: string
nil
Description: Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license
enterprise.license💣
Type: object
{"contents":"NOTAVALIDLICENSE"}
Default value (formatted)
{
"contents": "NOTAVALIDLICENSE"
}
Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'license.contents=./license.jwt'
enterprise.useExternalLicense💣
Type: bool
false
Description: Set to true when providing an external license
enterprise.externalLicenseName💣
Type: string
nil
Description: Name of external licesne secret to use
enterprise.adminApi💣
Type: object
{"enabled":true}
Default value (formatted)
{
"enabled": true
}
Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust
, or that auth_enabled
is set to false
.
enterprise.config💣
Type: string
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") }}\nadmin_client:\n storage:\n s3:\n bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n path: /etc/loki/license/license.jwt\n"
Default value (formatted)
{{- if .Values.enterprise.adminApi.enabled }}
{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") }}
admin_client:
storage:
s3:
bucket_name: {{ .Values.loki.storage.bucketNames.admin }}
{{- end }}
{{- end }}
auth:
type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}
auth_enabled: {{ .Values.loki.auth_enabled }}
cluster_name: {{ include \"loki.clusterName\" . }}
license:
path: /etc/loki/license/license.jwt
enterprise.image.registry💣
Type: string
"registry1.dso.mil"
Description: The Docker registry
enterprise.image.repository💣
Type: string
"ironbank/grafana/grafana-enterprise-logs"
Description: Docker image repository
enterprise.image.tag💣
Type: string
"v1.5.2"
Description: Overrides the image tag whose default is the chart’s appVersion
enterprise.image.pullPolicy💣
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.adminTokenSecret💣
Type: string
nil
Description: Alternative name for admin token secret, needed by tokengen and provisioner jobs
enterprise.canarySecret💣
Type: string
nil
Description: Alternative name of the secret to store token for the canary
enterprise.tokengen💣
Type: object
{"annotations":{"sidecar.istio.io/inject":"false"},"enabled":true,"env":[],"extraArgs":[],"extraVolumeMounts":[],"extraVolumes":[],"labels":{},"securityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001},"tolerations":[]}
Default value (formatted)
{
"annotations": {
"sidecar.istio.io/inject": "false"
},
"enabled": true,
"env": [],
"extraArgs": [],
"extraVolumeMounts": [],
"extraVolumes": [],
"labels": {},
"securityContext": {
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
},
"tolerations": []
}
Description: Configuration for tokengen
target
enterprise.tokengen.enabled💣
Type: bool
true
Description: Whether the job should be part of the deployment
enterprise.tokengen.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI arguments for the tokengen
target
enterprise.tokengen.env💣
Type: list
[]
Default value (formatted)
[]
Description: Additional Kubernetes environment
enterprise.tokengen.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the tokengen
Job
enterprise.tokengen.annotations💣
Type: object
{"sidecar.istio.io/inject":"false"}
Default value (formatted)
{
"sidecar.istio.io/inject": "false"
}
Description: Additional annotations for the tokengen
Job
enterprise.tokengen.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for tokengen Job
enterprise.tokengen.extraVolumes💣
Type: list
[]
Default value (formatted)
[]
Description: Additional volumes for Pods
enterprise.tokengen.extraVolumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Additional volume mounts for Pods
enterprise.tokengen.securityContext💣
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.provisioner💣
Type: object
{"annotations":{},"enabled":false,"env":[],"image":{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/enterprise-logs-provisioner","tag":null},"labels":{},"priorityClassName":null,"provisionedSecretPrefix":"{{ include \"loki.name\" . }}-provisioned","securityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001},"tenants":[]}
Default value (formatted)
{
"annotations": {},
"enabled": false,
"env": [],
"image": {
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/enterprise-logs-provisioner",
"tag": null
},
"labels": {},
"priorityClassName": null,
"provisionedSecretPrefix": "{{ include \"loki.name\" . }}-provisioned",
"securityContext": {
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
},
"tenants": []
}
Description: Configuration for provisioner
target
enterprise.provisioner.enabled💣
Type: bool
false
Description: Whether the job should be part of the deployment
enterprise.provisioner.provisionedSecretPrefix💣
Type: string
'{{ include "loki.name" . }}-provisioned'
Description: Name of the secret to store provisioned tokens in
enterprise.provisioner.tenants💣
Type: list
[]
Default value (formatted)
[]
Description: Tenants to be created. Each tenant will get a read and write policy and associated token.
enterprise.provisioner.env💣
Type: list
[]
Default value (formatted)
[]
Description: Additional Kubernetes environment
enterprise.provisioner.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the provisioner
Job
enterprise.provisioner.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the provisioner
Job
enterprise.provisioner.priorityClassName💣
Type: string
nil
Description: The name of the PriorityClass for provisioner Job
enterprise.provisioner.securityContext💣
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.provisioner.image💣
Type: object
{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/enterprise-logs-provisioner","tag":null}
Default value (formatted)
{
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/enterprise-logs-provisioner",
"tag": null
}
Description: Provisioner image to Utilize
enterprise.provisioner.image.registry💣
Type: string
"docker.io"
Description: The Docker registry
enterprise.provisioner.image.repository💣
Type: string
"grafana/enterprise-logs-provisioner"
Description: Docker image repository
enterprise.provisioner.image.tag💣
Type: string
nil
Description: Overrides the image tag whose default is the chart’s appVersion
enterprise.provisioner.image.pullPolicy💣
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.nginxConfig.file💣
Type: string
"worker_processes 5; ## Default: 1\nerror_log /dev/stderr;\npid /tmp/nginx.pid;\nworker_rlimit_nofile 8192;\n\nevents {\n worker_connections 4096; ## Default: 1024\n}\n\nhttp {\n client_body_temp_path /tmp/client_temp;\n proxy_temp_path /tmp/proxy_temp_path;\n fastcgi_temp_path /tmp/fastcgi_temp;\n uwsgi_temp_path /tmp/uwsgi_temp;\n scgi_temp_path /tmp/scgi_temp;\n\n proxy_http_version 1.1;\n\n default_type application/octet-stream;\n log_format {{ .Values.gateway.nginxConfig.logFormat }}\n\n {{- if .Values.gateway.verboseLogging }}\n access_log /dev/stderr main;\n {{- else }}\n\n map $status $loggable {\n ~^[23] 0;\n default 1;\n }\n access_log /dev/stderr main if=$loggable;\n {{- end }}\n\n sendfile on;\n tcp_nopush on;\n resolver {{ .Values.global.dnsService }}.{{ .Values.global.dnsNamespace }}.svc.{{ .Values.global.clusterDomain }};\n\n {{- with .Values.gateway.nginxConfig.httpSnippet }}\n {{ . \| nindent 2 }}\n {{- end }}\n\n server {\n listen 8080;\n\n {{- if .Values.gateway.basicAuth.enabled }}\n auth_basic \"Loki\";\n auth_basic_user_file /etc/nginx/secrets/.htpasswd;\n {{- end }}\n\n location = / {\n return 200 'OK';\n auth_basic off;\n }\n\n location = /api/prom/push {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location = /api/prom/tail {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n }\n\n location ~ /api/prom/.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /prometheus/api/v1/alerts.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /prometheus/api/v1/rules.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location = /loki/api/v1/push {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location = /loki/api/v1/tail {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n }\n\n location ~ /loki/api/.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /admin/api/.* {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /compactor/.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /distributor/.* {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /ring {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /ingester/.* {\n proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /ruler/.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n location ~ /scheduler/.* {\n proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;\n }\n\n {{- with .Values.gateway.nginxConfig.serverSnippet }}\n {{ . \| nindent 4 }}\n {{- end }}\n }\n}\n"
Default value (formatted)
worker_processes 5; ## Default: 1
error_log /dev/stderr;
pid /tmp/nginx.pid;
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
proxy_http_version 1.1;
default_type application/octet-stream;
log_format {{ .Values.gateway.nginxConfig.logFormat }}
{{- if .Values.gateway.verboseLogging }}
access_log /dev/stderr main;
{{- else }}
map $status $loggable {
~^[23] 0;
default 1;
}
access_log /dev/stderr main if=$loggable;
{{- end }}
sendfile on;
tcp_nopush on;
resolver {{ .Values.global.dnsService }}.{{ .Values.global.dnsNamespace }}.svc.{{ .Values.global.clusterDomain }};
{{- with .Values.gateway.nginxConfig.httpSnippet }}
{{ . \| nindent 2 }}
{{- end }}
server {
listen 8080;
{{- if .Values.gateway.basicAuth.enabled }}
auth_basic \"Loki\";
auth_basic_user_file /etc/nginx/secrets/.htpasswd;
{{- end }}
location = / {
return 200 'OK';
auth_basic off;
}
location = /api/prom/push {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location = /api/prom/tail {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection \"upgrade\";
}
location ~ /api/prom/.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /prometheus/api/v1/alerts.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /prometheus/api/v1/rules.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location = /loki/api/v1/push {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location = /loki/api/v1/tail {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection \"upgrade\";
}
location ~ /loki/api/.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /admin/api/.* {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /compactor/.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /distributor/.* {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /ring {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /ingester/.* {
proxy_pass http://{{ include \"loki.writeFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /ruler/.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
location ~ /scheduler/.* {
proxy_pass http://{{ include \"loki.readFullname\" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:3100$request_uri;
}
{{- with .Values.gateway.nginxConfig.serverSnippet }}
{{ . \| nindent 4 }}
{{- end }}
}
}
serviceAccount.create💣
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.name💣
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
serviceAccount.imagePullSecrets💣
Type: list
[]
Default value (formatted)
[]
Description: Image pull secrets for the service account
serviceAccount.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the service account
serviceAccount.automountServiceAccountToken💣
Type: bool
true
Description: Set this toggle to false to opt out of automounting API credentials for the service account
rbac.pspEnabled💣
Type: bool
false
Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.
rbac.sccEnabled💣
Type: bool
false
Description: For OpenShift set pspEnabled to ‘false’ and sccEnabled to ‘true’ to use the SecurityContextConstraints.
monitoring.enabled💣
Type: bool
false
Description: Enable BigBang integration of Monitoring components
monitoring.dashboards.enabled💣
Type: bool
false
Description: If enabled, create configmap with dashboards for monitoring Loki
monitoring.dashboards.namespace💣
Type: string
nil
Description: Alternative namespace to create dashboards ConfigMap in
monitoring.dashboards.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the dashboards ConfigMap
monitoring.dashboards.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the dashboards ConfigMap
monitoring.rules.enabled💣
Type: bool
false
Description: If enabled, create PrometheusRule resource with Loki recording rules
monitoring.rules.alerting💣
Type: bool
true
Description: Include alerting rules
monitoring.rules.namespace💣
Type: string
nil
Description: Alternative namespace to create recording rules PrometheusRule resource in
monitoring.rules.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the rules PrometheusRule resource
monitoring.rules.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the rules PrometheusRule resource
monitoring.rules.additionalGroups💣
Type: list
[]
Default value (formatted)
[]
Description: Additional groups to add to the rules file
monitoring.alerts.enabled💣
Type: bool
false
Description: If enabled, create PrometheusRule resource with Loki alerting rules
monitoring.alerts.namespace💣
Type: string
nil
Description: Alternative namespace to create alerting rules PrometheusRule resource in
monitoring.alerts.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the alerts PrometheusRule resource
monitoring.alerts.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the alerts PrometheusRule resource
monitoring.serviceMonitor.enabled💣
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
monitoring.serviceMonitor.namespace💣
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
monitoring.serviceMonitor.namespaceSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Namespace selector for ServiceMonitor resources
monitoring.serviceMonitor.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: ServiceMonitor annotations
monitoring.serviceMonitor.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional ServiceMonitor labels
monitoring.serviceMonitor.interval💣
Type: string
nil
Description: ServiceMonitor scrape interval
monitoring.serviceMonitor.scrapeTimeout💣
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
monitoring.serviceMonitor.relabelings💣
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.serviceMonitor.scheme💣
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
monitoring.serviceMonitor.tlsConfig💣
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
monitoring.selfMonitoring.enabled💣
Type: bool
false
monitoring.selfMonitoring.tenant💣
Type: string
"self-monitoring"
Description: Tenant to use for self monitoring
monitoring.selfMonitoring.grafanaAgent.installOperator💣
Type: bool
false
Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
monitoring.selfMonitoring.grafanaAgent.namespace💣
Type: string
nil
Description: Alternative namespace for Grafana Agent resources
monitoring.selfMonitoring.grafanaAgent.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Grafana Agent annotations
monitoring.selfMonitoring.grafanaAgent.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional Grafana Agent labels
monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPI💣
Type: bool
false
Description: Enable the config read api on port 8080 of the agent
monitoring.selfMonitoring.podLogs.namespace💣
Type: string
nil
Description: Alternative namespace for PodLogs resources
monitoring.selfMonitoring.podLogs.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: PodLogs annotations
monitoring.selfMonitoring.podLogs.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional PodLogs labels
monitoring.selfMonitoring.podLogs.relabelings💣
Type: list
[]
Default value (formatted)
[]
Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.selfMonitoring.logsInstance.namespace💣
Type: string
nil
Description: Alternative namespace for LogsInstance resources
monitoring.selfMonitoring.logsInstance.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: LogsInstance annotations
monitoring.selfMonitoring.logsInstance.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional LogsInstance labels
monitoring.selfMonitoring.lokiCanary.enabled💣
Type: bool
false
monitoring.selfMonitoring.lokiCanary.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the loki-canary
Daemonset
monitoring.selfMonitoring.lokiCanary.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI arguments for the `loki-canary’ command
monitoring.selfMonitoring.lokiCanary.extraEnv💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the canary pods
monitoring.selfMonitoring.lokiCanary.extraEnvFrom💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the canary pods
monitoring.selfMonitoring.lokiCanary.resources💣
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the canary
monitoring.selfMonitoring.lokiCanary.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Node selector for canary pods
monitoring.selfMonitoring.lokiCanary.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for canary pods
monitoring.selfMonitoring.lokiCanary.image💣
Type: object
{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/loki-canary","tag":null}
Default value (formatted)
{
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/loki-canary",
"tag": null
}
Description: Image to use for loki canary
monitoring.selfMonitoring.lokiCanary.image.registry💣
Type: string
"docker.io"
Description: The Docker registry
monitoring.selfMonitoring.lokiCanary.image.repository💣
Type: string
"grafana/loki-canary"
Description: Docker image repository
monitoring.selfMonitoring.lokiCanary.image.tag💣
Type: string
nil
Description: Overrides the image tag whose default is the chart’s appVersion
monitoring.selfMonitoring.lokiCanary.image.pullPolicy💣
Type: string
"IfNotPresent"
Description: Docker image pull policy
write.replicas💣
Type: int
2
Description: Number of replicas for the write
write.image.registry💣
Type: string
nil
Description: The Docker registry for the write image. Overrides loki.image.registry
write.image.repository💣
Type: string
nil
Description: Docker image repository for the write image. Overrides loki.image.repository
write.image.tag💣
Type: string
nil
Description: Docker image tag for the write image. Overrides loki.image.tag
write.priorityClassName💣
Type: string
nil
Description: The name of the PriorityClass for write pods
write.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for write pods
write.selectorLabels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional selector labels for each write
pod
write.serviceLabels💣
Type: object
{}
Default value (formatted)
{}
Description: Labels for ingestor service
write.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the write
write.extraEnv💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the write pods
write.extraEnvFrom💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the write pods
write.extraVolumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the write pods
write.extraVolumes💣
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the write pods
write.resources💣
Type: object
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": "300m",
"memory": "2Gi"
},
"requests": {
"cpu": "300m",
"memory": "2Gi"
}
}
Description: Resource requests and limits for the write
write.terminationGracePeriodSeconds💣
Type: int
300
Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
write.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Node selector for write pods
write.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for write pods
write.persistence.size💣
Type: string
"10Gi"
Description: Size of persistent disk
write.persistence.storageClass💣
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
read.replicas💣
Type: int
2
Description: Number of replicas for the read
read.autoscaling.enabled💣
Type: bool
false
Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true
read.autoscaling.minReplicas💣
Type: int
1
Description: Minimum autoscaling replicas for the read
read.autoscaling.maxReplicas💣
Type: int
3
Description: Maximum autoscaling replicas for the read
read.autoscaling.targetCPUUtilizationPercentage💣
Type: int
60
Description: Target CPU utilisation percentage for the read
read.autoscaling.targetMemoryUtilizationPercentage💣
Type: string
nil
Description: Target memory utilisation percentage for the read
read.image.registry💣
Type: string
nil
Description: The Docker registry for the read image. Overrides loki.image.registry
read.image.repository💣
Type: string
nil
Description: Docker image repository for the read image. Overrides loki.image.repository
read.image.tag💣
Type: string
nil
Description: Docker image tag for the read image. Overrides loki.image.tag
read.priorityClassName💣
Type: string
nil
Description: The name of the PriorityClass for read pods
read.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for read pods
read.selectorLabels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional selecto labels for each read
pod
read.serviceLabels💣
Type: object
{}
Default value (formatted)
{}
Description: Labels for read service
read.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the read
read.extraEnv💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the read pods
read.extraEnvFrom💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the read pods
read.extraVolumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the read pods
read.extraVolumes💣
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the read pods
read.resources💣
Type: object
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": "300m",
"memory": "2Gi"
},
"requests": {
"cpu": "300m",
"memory": "2Gi"
}
}
Description: Resource requests and limits for the read
read.terminationGracePeriodSeconds💣
Type: int
30
Description: Grace period to allow the read to shutdown before it is killed
read.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Node selector for read pods
read.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for read pods
read.persistence.size💣
Type: string
"10Gi"
Description: Size of persistent disk
read.persistence.storageClass💣
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
singleBinary.replicas💣
Type: int
1
Description: Number of replicas for the single binary
singleBinary.autoscaling.enabled💣
Type: bool
false
Description: Enable autoscaling, this is only used if queryIndex.enabled: true
singleBinary.autoscaling.minReplicas💣
Type: int
1
Description: Minimum autoscaling replicas for the single binary
singleBinary.autoscaling.maxReplicas💣
Type: int
3
Description: Maximum autoscaling replicas for the single binary
singleBinary.autoscaling.targetCPUUtilizationPercentage💣
Type: int
60
Description: Target CPU utilisation percentage for the single binary
singleBinary.autoscaling.targetMemoryUtilizationPercentage💣
Type: string
nil
Description: Target memory utilisation percentage for the single binary
singleBinary.image.registry💣
Type: string
nil
Description: The Docker registry for the single binary image. Overrides loki.image.registry
singleBinary.image.repository💣
Type: string
nil
Description: Docker image repository for the single binary image. Overrides loki.image.repository
singleBinary.image.tag💣
Type: string
nil
Description: Docker image tag for the single binary image. Overrides loki.image.tag
singleBinary.priorityClassName💣
Type: string
nil
Description: The name of the PriorityClass for single binary pods
singleBinary.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for single binary pods
singleBinary.selectorLabels💣
Type: object
{}
Default value (formatted)
{}
Description: Additional selecto labels for each single binary
pod
singleBinary.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Labels for single binary service
singleBinary.extraEnv💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the single binary pods
singleBinary.extraEnvFrom💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the single binary pods
singleBinary.extraVolumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the single binary pods
singleBinary.extraVolumes💣
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the single binary pods
singleBinary.resources💣
Type: object
{"limits":{"cpu":"100m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}}
Default value (formatted)
{
"limits": {
"cpu": "100m",
"memory": "256Mi"
},
"requests": {
"cpu": "100m",
"memory": "256Mi"
}
}
Description: Resource requests and limits for the single binary
singleBinary.terminationGracePeriodSeconds💣
Type: int
30
Description: Grace period to allow the single binary to shutdown before it is killed
singleBinary.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Node selector for single binary pods
singleBinary.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for single binary pods
singleBinary.persistence.size💣
Type: string
"12Gi"
Description: Size of persistent disk
singleBinary.persistence.storageClass💣
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
ingress.enabled💣
Type: bool
false
ingress.annotations💣
Type: object
{}
Default value (formatted)
{}
ingress.paths.write[0]💣
Type: string
"/api/prom/push"
ingress.paths.write[1]💣
Type: string
"/loki/api/v1/push"
ingress.paths.read[0]💣
Type: string
"/api/prom/tail"
ingress.paths.read[1]💣
Type: string
"/loki/api/v1/tail"
ingress.paths.read[2]💣
Type: string
"/loki/api"
ingress.paths.read[3]💣
Type: string
"/api/prom/rules"
ingress.paths.read[4]💣
Type: string
"/loki/api/v1/rules"
ingress.paths.read[5]💣
Type: string
"/prometheus/api/v1/rules"
ingress.paths.read[6]💣
Type: string
"/prometheus/api/v1/alerts"
ingress.hosts[0]💣
Type: string
"loki.example.com"
gateway.enabled💣
Type: bool
false
Description: Specifies whether the gateway should be enabled
gateway.replicas💣
Type: int
1
Description: Number of replicas for the gateway
gateway.verboseLogging💣
Type: bool
true
Description: Enable logging of 2xx and 3xx HTTP requests
gateway.autoscaling.enabled💣
Type: bool
false
Description: Enable autoscaling for the gateway
gateway.autoscaling.minReplicas💣
Type: int
1
Description: Minimum autoscaling replicas for the gateway
gateway.autoscaling.maxReplicas💣
Type: int
3
Description: Maximum autoscaling replicas for the gateway
gateway.autoscaling.targetCPUUtilizationPercentage💣
Type: int
60
Description: Target CPU utilisation percentage for the gateway
gateway.autoscaling.targetMemoryUtilizationPercentage💣
Type: string
nil
Description: Target memory utilisation percentage for the gateway
gateway.deploymentStrategy💣
Type: object
{"type":"RollingUpdate"}
Default value (formatted)
{
"type": "RollingUpdate"
}
Description: ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
gateway.image.registry💣
Type: string
"registry1.dso.mil"
Description: The Docker registry for the gateway image
gateway.image.repository💣
Type: string
"ironbank/opensource/nginx/nginx"
Description: The gateway image repository
gateway.image.tag💣
Type: string
"1.23.1"
Description: The gateway image tag
gateway.image.pullPolicy💣
Type: string
"IfNotPresent"
Description: The gateway image pull policy
gateway.priorityClassName💣
Type: string
nil
Description: The name of the PriorityClass for gateway pods
gateway.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for gateway pods
gateway.extraArgs💣
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the gateway
gateway.extraEnv💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the gateway pods
gateway.extraEnvFrom💣
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the gateway pods
gateway.extraVolumes💣
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the gateway pods
gateway.extraVolumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the gateway pods
gateway.podSecurityContext💣
Type: object
{"fsGroup":101,"runAsGroup":101,"runAsNonRoot":true,"runAsUser":101}
Default value (formatted)
{
"fsGroup": 101,
"runAsGroup": 101,
"runAsNonRoot": true,
"runAsUser": 101
}
Description: The SecurityContext for gateway containers
gateway.containerSecurityContext💣
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"readOnlyRootFilesystem": true
}
Description: The SecurityContext for gateway containers
gateway.resources💣
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the gateway
gateway.terminationGracePeriodSeconds💣
Type: int
30
Description: Grace period to allow the gateway to shutdown before it is killed
gateway.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Node selector for gateway pods
gateway.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for gateway pods
gateway.service.port💣
Type: int
80
Description: Port of the gateway service
gateway.service.type💣
Type: string
"ClusterIP"
Description: Type of the gateway service
gateway.service.clusterIP💣
Type: string
nil
Description: ClusterIP of the gateway service
gateway.service.nodePort💣
Type: int
nil
Description: Node port if service type is NodePort
gateway.service.loadBalancerIP💣
Type: string
nil
Description: Load balancer IPO address if service type is LoadBalancer
gateway.service.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the gateway service
gateway.service.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Labels for gateway service
gateway.ingress.enabled💣
Type: bool
false
Description: Specifies whether an ingress for the gateway should be created
gateway.ingress.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the gateway ingress
gateway.ingress.hosts💣
Type: list
[{"host":"gateway.loki.example.com","paths":[{"path":"/"}]}]
Default value (formatted)
[
{
"host": "gateway.loki.example.com",
"paths": [
{
"path": "/"
}
]
}
]
Description: Hosts configuration for the gateway ingress
gateway.ingress.tls💣
Type: list
[{"hosts":["gateway.loki.example.com"],"secretName":"loki-gateway-tls"}]
Default value (formatted)
[
{
"hosts": [
"gateway.loki.example.com"
],
"secretName": "loki-gateway-tls"
}
]
Description: TLS configuration for the gateway ingress
gateway.basicAuth.enabled💣
Type: bool
false
Description: Enables basic authentication for the gateway
gateway.basicAuth.username💣
Type: string
nil
Description: The basic auth username for the gateway
gateway.basicAuth.password💣
Type: string
nil
Description: The basic auth password for the gateway
gateway.basicAuth.htpasswd💣
Type: string
'{{ htpasswd (required "''gateway.basicAuth.username'' is required" .Values.gateway.basicAuth.username) (required "''gateway.basicAuth.password'' is required" .Values.gateway.basicAuth.password) }}'
Description: Uses the specified username and password to compute a htpasswd using Sprig’s htpasswd
function. The value is templated using tpl
. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.
gateway.basicAuth.existingSecret💣
Type: string
nil
Description: Existing basic auth secret to use. Must contain ‘.htpasswd’
gateway.readinessProbe.httpGet.path💣
Type: string
"/"
gateway.readinessProbe.httpGet.port💣
Type: string
"http"
gateway.readinessProbe.initialDelaySeconds💣
Type: int
15
gateway.readinessProbe.timeoutSeconds💣
Type: int
1
gateway.nginxConfig.logFormat💣
Type: string
"main '$remote_addr - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
Default value (formatted)
main '$remote_addr - $remote_user [$time_local] $status '
'\"$request\" $body_bytes_sent \"$http_referer\" '
'\"$http_user_agent\" \"$http_x_forwarded_for\"';
Description: NGINX log format
gateway.nginxConfig.serverSnippet💣
Type: string
""
Description: Allows appending custom configuration to the server block
gateway.nginxConfig.httpSnippet💣
Type: string
""
Description: Allows appending custom configuration to the http block
networkPolicy.enabled💣
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.metrics.podSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.metrics.namespaceSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrs💣
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.ingress.podSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.ingress.namespaceSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespaces which are allowed to access the http port
networkPolicy.alertmanager.port💣
Type: int
9093
Description: Specify the alertmanager port used for alerting
networkPolicy.alertmanager.podSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.alertmanager.namespaceSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespace the alertmanager is running in
networkPolicy.externalStorage.ports💣
Type: list
[]
Default value (formatted)
[]
Description: Specify the port used for external storage, e.g. AWS S3
networkPolicy.externalStorage.cidrs💣
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs you want to limit access to
networkPolicy.discovery.port💣
Type: int
nil
Description: Specify the port used for discovery
networkPolicy.discovery.podSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.discovery.namespaceSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespace the discovery Pods are running in
tracing.jaegerAgentHost💣
Type: string
""
minio💣
Type: object
{"enabled":false,"secrets":{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"},"service":{"nameOverride":"minio.logging.svc.cluster.local"},"tenant":{"buckets":[{"name":"loki"},{"name":"loki-admin"}],"defaultUserCredentials":{"password":"","username":"minio-user"},"metrics":{"enabled":false,"memory":"128M","port":9000},"pools":[{"securityContext":{"fsGroup":1001,"runAsGroup":1001,"runAsUser":1001},"servers":1,"size":"750Mi","volumesPerServer":4}],"users":[{"name":"minio-user"}]}}
Default value (formatted)
{
"enabled": false,
"secrets": {
"accessKey": "minio",
"name": "loki-objstore-creds",
"secretKey": "minio123"
},
"service": {
"nameOverride": "minio.logging.svc.cluster.local"
},
"tenant": {
"buckets": [
{
"name": "loki"
},
{
"name": "loki-admin"
}
],
"defaultUserCredentials": {
"password": "",
"username": "minio-user"
},
"metrics": {
"enabled": false,
"memory": "128M",
"port": 9000
},
"pools": [
{
"securityContext": {
"fsGroup": 1001,
"runAsGroup": 1001,
"runAsUser": 1001
},
"servers": 1,
"size": "750Mi",
"volumesPerServer": 4
}
],
"users": [
{
"name": "minio-user"
}
]
}
}
Description: -----------------------------------
minio.enabled💣
Type: bool
false
Description: Enable minio instance support, must have minio-operator installed
minio.secrets💣
Type: object
{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"}
Default value (formatted)
{
"accessKey": "minio",
"name": "loki-objstore-creds",
"secretKey": "minio123"
}
Description: Minio root credentials
minio.tenant.buckets💣
Type: list
[{"name":"loki"},{"name":"loki-admin"}]
Default value (formatted)
[
{
"name": "loki"
},
{
"name": "loki-admin"
}
]
Description: Buckets to be provisioned to for tenant
minio.tenant.users💣
Type: list
[{"name":"minio-user"}]
Default value (formatted)
[
{
"name": "minio-user"
}
]
Description: Users to to be provisioned to for tenant
minio.tenant.defaultUserCredentials💣
Type: object
{"password":"","username":"minio-user"}
Default value (formatted)
{
"password": "",
"username": "minio-user"
}
Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki
domain💣
Type: string
"bigbang.dev"
istio.enabled💣
Type: bool
false
istio.mtls.mode💣
Type: string
"STRICT"
networkPolicies.enabled💣
Type: bool
false
networkPolicies.controlPlaneCidr💣
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR to allow init job communication to the Kubernetes API. Use kubectl get endpoints kubernetes
to get the CIDR range needed for your cluster
bbtests.enabled💣
Type: bool
false
bbtests.cypress.artifacts💣
Type: bool
true
bbtests.cypress.envs.cypress_check_datasource💣
Type: string
"false"
bbtests.cypress.envs.cypress_grafana_url💣
Type: string
"http://monitoring-grafana.monitoring.svc.cluster.local"
bbtests.scripts.image💣
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.0.0"
bbtests.scripts.envs.LOKI_URL💣
Type: string
"http://{{ .Values.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"
bbtests.scripts.envs.LOKI_VERSION💣
Type: string
"{{ .Values.loki.image.tag }}"