loki values.yamlπ
global.image.registryπ
Type: string
nil
Description: Overrides the Docker registry globally for all images
global.priorityClassNameπ
Type: string
nil
Description: Overrides the priorityClassName for all pods
global.clusterDomainπ
Type: string
"cluster.local"
Description: configures cluster domain (βcluster.localβ by default)
global.dnsServiceπ
Type: string
"kube-dns"
Description: configures DNS service name
global.dnsNamespaceπ
Type: string
"kube-system"
Description: configures DNS service namespace
nameOverrideπ
Type: string
"logging-loki"
Description: Overrides the chartβs name
fullnameOverrideπ
Type: string
"logging-loki"
Description: Overrides the chartβs computed fullname
clusterLabelOverrideπ
Type: string
nil
Description: Overrides the chartβs cluster label
imagePullSecretsπ
Type: list
[{"name":"private-registry"}]
Default value (formatted)
[
{
"name": "private-registry"
}
]
Description: Image pull secrets for Docker images
kubectlImage.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
kubectlImage.repositoryπ
Type: string
"ironbank/opensource/kubernetes/kubectl"
Description: Docker image repository
kubectlImage.tagπ
Type: string
"v1.28.4"
Description: Overrides the image tag whose default is the chartβs appVersion
kubectlImage.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
kubectlImage.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.readinessProbe.httpGet.pathπ
Type: string
"/ready"
loki.readinessProbe.httpGet.portπ
Type: string
"http-metrics"
loki.readinessProbe.initialDelaySecondsπ
Type: int
30
loki.readinessProbe.timeoutSecondsπ
Type: int
1
loki.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
loki.image.repositoryπ
Type: string
"ironbank/opensource/grafana/loki"
Description: Docker image repository
loki.image.tagπ
Type: string
"2.9.3"
Description: Overrides the image tag whose default is the chartβs appVersion
loki.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
loki.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Common annotations for all deployments/StatefulSets
loki.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Common annotations for all pods
loki.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Common labels for all pods
loki.serviceAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Common annotations for all services
loki.serviceLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Common labels for all services
loki.revisionHistoryLimitπ
Type: int
10
Description: The number of old ReplicaSets to retain to allow rollback
loki.podSecurityContextπ
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: The SecurityContext for Loki pods
loki.containerSecurityContextπ
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"readOnlyRootFilesystem": true
}
Description: The SecurityContext for Loki containers
loki.enableServiceLinksπ
Type: bool
true
Description: Should enableServiceLinks be enabled. Default to enable
loki.existingSecretForConfigπ
Type: string
""
Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config
loki.configStorageTypeπ
Type: string
"ConfigMap"
Description: Defines what kind of object stores the configuration, a ConfigMap or a Secret. In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use environment variables in the configuration. Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see Secrets.
loki.externalConfigSecretNameπ
Type: string
"{{ include \"loki.name\" . }}"
Description: Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).
loki.auth_enabledπ
Type: bool
false
loki.memberlistConfigπ
Type: object
{}
Default value (formatted)
{}
Description: memberlist configuration (overrides embedded default)
loki.extraMemberlistConfigπ
Type: object
{}
Default value (formatted)
{}
Description: Extra memberlist configuration
loki.tenantsπ
Type: list
[]
Default value (formatted)
[]
Description: Tenants list to be created on nginx htpasswd file, with name and password keys
loki.serverπ
Type: object
{"grpc_listen_port":9095,"http_listen_port":3100}
Default value (formatted)
{
"grpc_listen_port": 9095,
"http_listen_port": 3100
}
Description: Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.
loki.limits_configπ
Type: object
{"max_cache_freshness_per_query":"10m","reject_old_samples":true,"reject_old_samples_max_age":"168h","split_queries_by_interval":"15m"}
Default value (formatted)
{
"max_cache_freshness_per_query": "10m",
"reject_old_samples": true,
"reject_old_samples_max_age": "168h",
"split_queries_by_interval": "15m"
}
Description: Limits config
loki.runtimeConfigπ
Type: object
{}
Default value (formatted)
{}
Description: Provides a reloadable runtime configuration file for some specific configuration
loki.commonConfigπ
Type: object
{"compactor_address":"{{ include \"loki.compactorAddress\" . }}","path_prefix":"/var/loki","replication_factor":3}
Default value (formatted)
{
"compactor_address": "{{ include \"loki.compactorAddress\" . }}",
"path_prefix": "/var/loki",
"replication_factor": 3
}
Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
loki.storageπ
Type: object
{"azure":{"accountKey":null,"accountName":null,"connectionString":null,"endpointSuffix":null,"requestTimeout":null,"useFederatedToken":false,"useManagedIdentity":false,"userAssignedId":null},"bucketNames":{"admin":"loki-admin","chunks":"loki","ruler":"loki"},"filesystem":{"chunks_directory":"/var/loki/chunks","rules_directory":"/var/loki/rules"},"gcs":{"chunkBufferSize":0,"enableHttp2":true,"requestTimeout":"0s"},"s3":{"accessKeyId":null,"backoff_config":{},"endpoint":null,"http_config":{},"insecure":false,"region":null,"s3":null,"s3ForcePathStyle":false,"secretAccessKey":null,"signatureVersion":null},"swift":{"auth_url":null,"auth_version":null,"connect_timeout":null,"container_name":null,"domain_id":null,"domain_name":null,"internal":null,"max_retries":null,"password":null,"project_domain_id":null,"project_domain_name":null,"project_id":null,"project_name":null,"region_name":null,"request_timeout":null,"user_domain_id":null,"user_domain_name":null,"user_id":null,"username":null},"type":"s3"}
Default value (formatted)
{
"azure": {
"accountKey": null,
"accountName": null,
"connectionString": null,
"endpointSuffix": null,
"requestTimeout": null,
"useFederatedToken": false,
"useManagedIdentity": false,
"userAssignedId": null
},
"bucketNames": {
"admin": "loki-admin",
"chunks": "loki",
"ruler": "loki"
},
"filesystem": {
"chunks_directory": "/var/loki/chunks",
"rules_directory": "/var/loki/rules"
},
"gcs": {
"chunkBufferSize": 0,
"enableHttp2": true,
"requestTimeout": "0s"
},
"s3": {
"accessKeyId": null,
"backoff_config": {},
"endpoint": null,
"http_config": {},
"insecure": false,
"region": null,
"s3": null,
"s3ForcePathStyle": false,
"secretAccessKey": null,
"signatureVersion": null
},
"swift": {
"auth_url": null,
"auth_version": null,
"connect_timeout": null,
"container_name": null,
"domain_id": null,
"domain_name": null,
"internal": null,
"max_retries": null,
"password": null,
"project_domain_id": null,
"project_domain_name": null,
"project_id": null,
"project_name": null,
"region_name": null,
"request_timeout": null,
"user_domain_id": null,
"user_domain_name": null,
"user_id": null,
"username": null
},
"type": "s3"
}
Description: Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
loki.storage.s3.backoff_configπ
Type: object
{}
Default value (formatted)
{}
Description: Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config
loki.memcachedπ
Type: object
{"chunk_cache":{"batch_size":256,"enabled":false,"host":"","parallelism":10,"service":"memcached-client"},"results_cache":{"default_validity":"12h","enabled":false,"host":"","service":"memcached-client","timeout":"500ms"}}
Default value (formatted)
{
"chunk_cache": {
"batch_size": 256,
"enabled": false,
"host": "",
"parallelism": 10,
"service": "memcached-client"
},
"results_cache": {
"default_validity": "12h",
"enabled": false,
"host": "",
"service": "memcached-client",
"timeout": "500ms"
}
}
Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.
loki.schemaConfigπ
Type: object
{}
Default value (formatted)
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
loki.rulerConfigπ
Type: object
{}
Default value (formatted)
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
loki.structuredConfigπ
Type: object
{}
Default value (formatted)
{}
Description: Structured loki configuration, takes precedence over loki.config, loki.schemaConfig, loki.storageConfig
loki.query_schedulerπ
Type: object
{}
Default value (formatted)
{}
Description: Additional query scheduler config
loki.storage_configπ
Type: object
{"boltdb_shipper":{"active_index_directory":"/var/loki/boltdb-shipper-active","cache_location":"/var/loki/boltdb-shipper-cache","cache_ttl":"24h"},"hedging":{"at":"250ms","max_per_second":20,"up_to":3},"tsdb_shipper":{"active_index_directory":"/var/loki/tsdb-index","cache_location":"/var/loki/tsdb-cache","cache_ttl":"24h"}}
Default value (formatted)
{
"boltdb_shipper": {
"active_index_directory": "/var/loki/boltdb-shipper-active",
"cache_location": "/var/loki/boltdb-shipper-cache",
"cache_ttl": "24h"
},
"hedging": {
"at": "250ms",
"max_per_second": 20,
"up_to": 3
},
"tsdb_shipper": {
"active_index_directory": "/var/loki/tsdb-index",
"cache_location": "/var/loki/tsdb-cache",
"cache_ttl": "24h"
}
}
Description: Additional storage config
loki.compactorπ
Type: object
{}
Default value (formatted)
{}
Description: Optional compactor configuration
loki.analyticsπ
Type: object
{}
Default value (formatted)
{}
Description: Optional analytics configuration
loki.querierπ
Type: object
{}
Default value (formatted)
{}
Description: Optional querier configuration
loki.ingesterπ
Type: object
{"autoforget_unhealthy":true,"chunk_target_size":196608,"flush_check_period":"5s","flush_op_timeout":"100m","lifecycler":{"ring":{"kvstore":{"store":"memberlist"}}}}
Default value (formatted)
{
"autoforget_unhealthy": true,
"chunk_target_size": 196608,
"flush_check_period": "5s",
"flush_op_timeout": "100m",
"lifecycler": {
"ring": {
"kvstore": {
"store": "memberlist"
}
}
}
}
Description: Optional ingester configuration
loki.index_gatewayπ
Type: object
{"mode":"ring"}
Default value (formatted)
{
"mode": "ring"
}
Description: Optional index gateway configuration
loki.frontend.scheduler_addressπ
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.frontend_worker.scheduler_addressπ
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.distributorπ
Type: object
{}
Default value (formatted)
{}
Description: Optional distributor configuration
loki.tracingπ
Type: object
{"enabled":false}
Default value (formatted)
{
"enabled": false
}
Description: Enable tracing
enterprise.enabledπ
Type: bool
false
enterprise.versionπ
Type: string
"v1.8.4"
enterprise.cluster_nameπ
Type: string
nil
Description: Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license
enterprise.licenseπ
Type: object
{"contents":"NOTAVALIDLICENSE"}
Default value (formatted)
{
"contents": "NOTAVALIDLICENSE"
}
Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'enterprise.license.contents=./license.jwt'
enterprise.useExternalLicenseπ
Type: bool
false
Description: Set to true when providing an external license
enterprise.externalLicenseNameπ
Type: string
nil
Description: Name of external license secret to use
enterprise.externalConfigNameπ
Type: string
""
Description: Name of the external config secret to use
enterprise.adminApiπ
Type: object
{"enabled":true}
Default value (formatted)
{
"enabled": true
}
Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust, or that auth_enabled is set to false.
enterprise.configπ
Type: string
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}\nadmin_client:\n storage:\n s3:\n bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n path: /etc/loki/license/license.jwt\n"
Default value (formatted)
{{- if .Values.enterprise.adminApi.enabled }}
{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}
admin_client:
storage:
s3:
bucket_name: {{ .Values.loki.storage.bucketNames.admin }}
{{- end }}
{{- end }}
auth:
type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}
auth_enabled: {{ .Values.loki.auth_enabled }}
cluster_name: {{ include \"loki.clusterName\" . }}
license:
path: /etc/loki/license/license.jwt
enterprise.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
enterprise.image.repositoryπ
Type: string
"ironbank/grafana/grafana-enterprise-logs"
Description: Docker image repository
enterprise.image.tagπ
Type: string
"v1.7.1"
Description: Overrides the image tag whose default is the chartβs appVersion
enterprise.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.adminToken.secretπ
Type: string
nil
Description: Alternative name for admin token secret, needed by tokengen and provisioner jobs
enterprise.adminToken.additionalNamespacesπ
Type: list
[]
Default value (formatted)
[]
Description: Additional namespace to also create the token in. Useful if your Grafana instance is in a different namespace
enterprise.canarySecretπ
Type: string
nil
Description: Alternative name of the secret to store token for the canary
enterprise.tokengenπ
Type: object
{"annotations":{"sidecar.istio.io/inject":"false"},"enabled":true,"env":[],"extraArgs":[],"extraEnvFrom":[],"extraVolumeMounts":[],"extraVolumes":[],"labels":{},"priorityClassName":"","securityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001},"targetModule":"tokengen","tolerations":[]}
Default value (formatted)
{
"annotations": {
"sidecar.istio.io/inject": "false"
},
"enabled": true,
"env": [],
"extraArgs": [],
"extraEnvFrom": [],
"extraVolumeMounts": [],
"extraVolumes": [],
"labels": {},
"priorityClassName": "",
"securityContext": {
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
},
"targetModule": "tokengen",
"tolerations": []
}
Description: Configuration for tokengen target
enterprise.tokengen.enabledπ
Type: bool
true
Description: Whether the job should be part of the deployment
enterprise.tokengen.targetModuleπ
Type: string
"tokengen"
Description: Comma-separated list of Loki modules to load for tokengen
enterprise.tokengen.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI arguments for the tokengen target
enterprise.tokengen.envπ
Type: list
[]
Default value (formatted)
[]
Description: Additional Kubernetes environment
enterprise.tokengen.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the tokengen Job
enterprise.tokengen.annotationsπ
Type: object
{"sidecar.istio.io/inject":"false"}
Default value (formatted)
{
"sidecar.istio.io/inject": "false"
}
Description: Additional annotations for the tokengen Job
enterprise.tokengen.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for tokengen Job
enterprise.tokengen.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Additional volumes for Pods
enterprise.tokengen.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional volume mounts for Pods
enterprise.tokengen.securityContextπ
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.tokengen.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the tokengen pods
enterprise.tokengen.priorityClassNameπ
Type: string
""
Description: The name of the PriorityClass for tokengen Pods
enterprise.provisionerπ
Type: object
{"additionalTenants":[],"annotations":{},"enabled":false,"env":[],"extraVolumeMounts":[],"image":{"digest":null,"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/enterprise-logs-provisioner","tag":null},"labels":{},"priorityClassName":null,"provisionedSecretPrefix":null,"securityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}}
Default value (formatted)
{
"additionalTenants": [],
"annotations": {},
"enabled": false,
"env": [],
"extraVolumeMounts": [],
"image": {
"digest": null,
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/enterprise-logs-provisioner",
"tag": null
},
"labels": {},
"priorityClassName": null,
"provisionedSecretPrefix": null,
"securityContext": {
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
}
Description: Configuration for provisioner target
enterprise.provisioner.enabledπ
Type: bool
false
Description: Whether the job should be part of the deployment
enterprise.provisioner.provisionedSecretPrefixπ
Type: string
nil
Description: Name of the secret to store provisioned tokens in
enterprise.provisioner.additionalTenantsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional tenants to be created. Each tenant will get a read and write policy and associated token. Tenant must have a name and a namespace for the secret containting the token to be created in. For example additionalTenants: - name: loki secretNamespace: grafana
enterprise.provisioner.envπ
Type: list
[]
Default value (formatted)
[]
Description: Additional Kubernetes environment
enterprise.provisioner.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the provisioner Job
enterprise.provisioner.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the provisioner Job
enterprise.provisioner.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for provisioner Job
enterprise.provisioner.securityContextπ
Type: object
{"fsGroup":10001,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10001}
Default value (formatted)
{
"fsGroup": 10001,
"runAsGroup": 10001,
"runAsNonRoot": true,
"runAsUser": 10001
}
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.provisioner.imageπ
Type: object
{"digest":null,"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/enterprise-logs-provisioner","tag":null}
Default value (formatted)
{
"digest": null,
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/enterprise-logs-provisioner",
"tag": null
}
Description: Provisioner image to Utilize
enterprise.provisioner.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
enterprise.provisioner.image.repositoryπ
Type: string
"grafana/enterprise-logs-provisioner"
Description: Docker image repository
enterprise.provisioner.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
enterprise.provisioner.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.provisioner.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.provisioner.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the provisioner pods
migrateπ
Type: object
{"fromDistributed":{"enabled":false,"memberlistService":""}}
Default value (formatted)
{
"fromDistributed": {
"enabled": false,
"memberlistService": ""
}
}
Description: Options that may be necessary when performing a migration from another helm chart
migrate.fromDistributedπ
Type: object
{"enabled":false,"memberlistService":""}
Default value (formatted)
{
"enabled": false,
"memberlistService": ""
}
Description: When migrating from a distributed chart like loki-distributed or enterprise-logs
migrate.fromDistributed.enabledπ
Type: bool
false
Description: Set to true if migrating from a distributed helm chart
migrate.fromDistributed.memberlistServiceπ
Type: string
""
Description: If migrating from a distributed service, provide the distributed deploymentβs memberlist service DNS so the new deployment can join its ring.
serviceAccount.createπ
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.nameπ
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
serviceAccount.imagePullSecretsπ
Type: list
[]
Default value (formatted)
[]
Description: Image pull secrets for the service account
serviceAccount.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the service account
serviceAccount.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Labels for the service account
serviceAccount.automountServiceAccountTokenπ
Type: bool
false
Description: Set this toggle to false to opt out of automounting API credentials for the service account
rbac.pspEnabledπ
Type: bool
false
Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.
rbac.sccEnabledπ
Type: bool
false
Description: For OpenShift set pspEnabled to βfalseβ and sccEnabled to βtrueβ to use the SecurityContextConstraints.
rbac.pspAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Specify PSP annotations Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations
rbac.namespacedπ
Type: bool
false
Description: Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.
testπ
Type: object
{"annotations":{},"enabled":false,"image":{"digest":null,"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/loki-helm-test","tag":null},"labels":{},"prometheusAddress":"http://prometheus:9090","timeout":"1m"}
Default value (formatted)
{
"annotations": {},
"enabled": false,
"image": {
"digest": null,
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/loki-helm-test",
"tag": null
},
"labels": {},
"prometheusAddress": "http://prometheus:9090",
"timeout": "1m"
}
Description: Section for configuring optional Helm test
test.prometheusAddressπ
Type: string
"http://prometheus:9090"
Description: Address of the prometheus server to query for the test
test.timeoutπ
Type: string
"1m"
Description: Number of times to retry the test before failing
test.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the test pods
test.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for test pods
test.imageπ
Type: object
{"digest":null,"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/loki-helm-test","tag":null}
Default value (formatted)
{
"digest": null,
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/loki-helm-test",
"tag": null
}
Description: Image to use for loki canary
test.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
test.image.repositoryπ
Type: string
"grafana/loki-helm-test"
Description: Docker image repository
test.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
test.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
test.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
fluentbit.enabledπ
Type: bool
false
promtail.enabledπ
Type: bool
false
monitoring.enabledπ
Type: bool
false
Description: Enable BigBang integration of Monitoring components
monitoring.dashboards.enabledπ
Type: bool
false
Description: If enabled, create configmap with dashboards for monitoring Loki
monitoring.dashboards.namespaceπ
Type: string
nil
Description: Alternative namespace to create dashboards ConfigMap in
monitoring.dashboards.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the dashboards ConfigMap
monitoring.dashboards.labelsπ
Type: object
{"grafana_dashboard":"1"}
Default value (formatted)
{
"grafana_dashboard": "1"
}
Description: Labels for the dashboards ConfigMap
monitoring.rules.enabledπ
Type: bool
false
Description: If enabled, create PrometheusRule resource with Loki recording rules
monitoring.rules.alertingπ
Type: bool
true
Description: Include alerting rules
monitoring.rules.namespaceπ
Type: string
nil
Description: Alternative namespace to create PrometheusRule resources in
monitoring.rules.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the rules PrometheusRule resource
monitoring.rules.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for the rules PrometheusRule resource
monitoring.rules.additionalRuleLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for PrometheusRule alerts
monitoring.rules.additionalGroupsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional groups to add to the rules file
monitoring.serviceMonitor.enabledπ
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
monitoring.serviceMonitor.namespaceπ
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
monitoring.serviceMonitor.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Namespace selector for ServiceMonitor resources
monitoring.serviceMonitor.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: ServiceMonitor annotations
monitoring.serviceMonitor.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional ServiceMonitor labels
monitoring.serviceMonitor.intervalπ
Type: string
"15s"
Description: ServiceMonitor scrape interval Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at least 1/4 rate interval.
monitoring.serviceMonitor.scrapeTimeoutπ
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
monitoring.serviceMonitor.relabelingsπ
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.serviceMonitor.metricRelabelingsπ
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor metric relabel configs to apply to samples before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
monitoring.serviceMonitor.schemeπ
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
monitoring.serviceMonitor.tlsConfigπ
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
monitoring.serviceMonitor.metricsInstanceπ
Type: object
{"annotations":{},"enabled":false,"labels":{},"remoteWrite":null}
Default value (formatted)
{
"annotations": {},
"enabled": false,
"labels": {},
"remoteWrite": null
}
Description: If defined, will create a MetricsInstance for the Grafana Agent Operator.
monitoring.serviceMonitor.metricsInstance.enabledπ
Type: bool
false
Description: If enabled, MetricsInstance resources for Grafana Agent Operator are created
monitoring.serviceMonitor.metricsInstance.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: MetricsInstance annotations
monitoring.serviceMonitor.metricsInstance.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional MetricsInstance labels
monitoring.serviceMonitor.metricsInstance.remoteWriteπ
Type: string
nil
Description: If defined a MetricsInstance will be created to remote write metrics.
monitoring.selfMonitoring.enabledπ
Type: bool
false
monitoring.selfMonitoring.tenantπ
Type: object
{"name":"self-monitoring","secretNamespace":"{{ .Release.Namespace }}"}
Default value (formatted)
{
"name": "self-monitoring",
"secretNamespace": "{{ .Release.Namespace }}"
}
Description: Tenant to use for self monitoring
monitoring.selfMonitoring.tenant.nameπ
Type: string
"self-monitoring"
Description: Name of the tenant
monitoring.selfMonitoring.tenant.secretNamespaceπ
Type: string
"{{ .Release.Namespace }}"
Description: Namespace to create additional tenant token secret in. Useful if your Grafana instance is in a separate namespace. Token will still be created in the canary namespace.
monitoring.selfMonitoring.grafanaAgent.installOperatorπ
Type: bool
false
Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
monitoring.selfMonitoring.grafanaAgent.namespaceπ
Type: string
nil
Description: Alternative namespace for Grafana Agent resources
monitoring.selfMonitoring.grafanaAgent.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Grafana Agent annotations
monitoring.selfMonitoring.grafanaAgent.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional Grafana Agent labels
monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPIπ
Type: bool
false
Description: Enable the config read api on port 8080 of the agent
monitoring.selfMonitoring.grafanaAgent.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for GrafanaAgent pods
monitoring.selfMonitoring.grafanaAgent.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for GrafanaAgent pods
monitoring.selfMonitoring.podLogs.apiVersionπ
Type: string
"monitoring.grafana.com/v1alpha1"
Description: PodLogs version
monitoring.selfMonitoring.podLogs.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: PodLogs annotations
monitoring.selfMonitoring.podLogs.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional PodLogs labels
monitoring.selfMonitoring.podLogs.relabelingsπ
Type: list
[]
Default value (formatted)
[]
Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.selfMonitoring.logsInstance.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: LogsInstance annotations
monitoring.selfMonitoring.logsInstance.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional LogsInstance labels
monitoring.selfMonitoring.logsInstance.clientsπ
Type: string
nil
Description: Additional clients for remote write
monitoring.lokiCanary.enabledπ
Type: bool
false
monitoring.lokiCanary.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional annotations for the loki-canary Daemonset
monitoring.lokiCanary.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for each loki-canary pod
monitoring.lokiCanary.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for loki-canary Service
monitoring.lokiCanary.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for loki-canary Service
monitoring.lokiCanary.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI arguments for the `loki-canaryβ command
monitoring.lokiCanary.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the canary pods
monitoring.lokiCanary.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the canary pods
monitoring.lokiCanary.resourcesπ
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the canary
monitoring.lokiCanary.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for canary pods
monitoring.lokiCanary.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for canary pods
monitoring.lokiCanary.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for canary pods
monitoring.lokiCanary.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for loki-canary pods
monitoring.lokiCanary.imageπ
Type: object
{"digest":null,"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"grafana/loki-canary","tag":null}
Default value (formatted)
{
"digest": null,
"pullPolicy": "IfNotPresent",
"registry": "docker.io",
"repository": "grafana/loki-canary",
"tag": null
}
Description: Image to use for loki canary
monitoring.lokiCanary.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
monitoring.lokiCanary.image.repositoryπ
Type: string
"grafana/loki-canary"
Description: Docker image repository
monitoring.lokiCanary.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
monitoring.lokiCanary.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
monitoring.lokiCanary.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
monitoring.lokiCanary.updateStrategyπ
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "RollingUpdate"
}
Description: Update strategy for the loki-canary Daemonset pods
write.replicasπ
Type: int
3
Description: Number of replicas for the write
write.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the write.
write.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the write.
write.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the write.
write.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the write.
write.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilization percentage for the write.
write.autoscaling.behaviorπ
Type: object
{"scaleDown":{"policies":[{"periodSeconds":1800,"type":"Pods","value":1}],"stabilizationWindowSeconds":3600},"scaleUp":{"policies":[{"periodSeconds":900,"type":"Pods","value":1}]}}
Default value (formatted)
{
"scaleDown": {
"policies": [
{
"periodSeconds": 1800,
"type": "Pods",
"value": 1
}
],
"stabilizationWindowSeconds": 3600
},
"scaleUp": {
"policies": [
{
"periodSeconds": 900,
"type": "Pods",
"value": 1
}
]
}
}
Description: Behavior policies while scaling.
write.autoscaling.behavior.scaleUpπ
Type: object
{"policies":[{"periodSeconds":900,"type":"Pods","value":1}]}
Default value (formatted)
{
"policies": [
{
"periodSeconds": 900,
"type": "Pods",
"value": 1
}
]
}
Description: see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
write.image.registryπ
Type: string
nil
Description: The Docker registry for the write image. Overrides loki.image.registry
write.image.repositoryπ
Type: string
nil
Description: Docker image repository for the write image. Overrides loki.image.repository
write.image.tagπ
Type: string
nil
Description: Docker image tag for the write image. Overrides loki.image.tag
write.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for write pods
write.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for write StatefulSet
write.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for write pods
write.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for each write pod
write.selectorLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional selector labels for each write pod
write.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for write Service
write.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for write Service
write.targetModuleπ
Type: string
"write"
Description: Comma-separated list of Loki modules to load for the write
write.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the write
write.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the write pods
write.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the write pods
write.lifecycleπ
Type: object
{}
Default value (formatted)
{}
Description: Lifecycle for the write container
write.initContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Init containers to add to the write pods
write.extraContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Containers to add to the write pods
write.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the write pods
write.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the write pods
write.extraVolumeClaimTemplatesπ
Type: list
[]
Default value (formatted)
[]
Description: volumeClaimTemplates to add to StatefulSet
write.resourcesπ
Type: object
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": "300m",
"memory": "2Gi"
},
"requests": {
"cpu": "300m",
"memory": "2Gi"
}
}
Description: Resource requests and limits for the write
write.terminationGracePeriodSecondsπ
Type: int
300
Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
write.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for write pods
write.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for write pods
write.topologySpreadConstraintsπ
Type: list
[]
Default value (formatted)
[]
Description: Topology Spread Constraints for write pods
write.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for write pods
write.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
write.persistence.volumeClaimsEnabledπ
Type: bool
true
Description: Enable volume claims in pod spec
write.persistence.dataVolumeParametersπ
Type: object
{"emptyDir":{}}
Default value (formatted)
{
"emptyDir": {}
}
Description: Parameters used for the data volume when volumeClaimEnabled if false
write.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
write.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
write.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
write.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
write.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
tableManager.enabledπ
Type: bool
false
Description: Specifies whether the table-manager should be enabled
tableManager.image.registryπ
Type: string
nil
Description: The Docker registry for the table-manager image. Overrides loki.image.registry
tableManager.image.repositoryπ
Type: string
nil
Description: Docker image repository for the table-manager image. Overrides loki.image.repository
tableManager.image.tagπ
Type: string
nil
Description: Docker image tag for the table-manager image. Overrides loki.image.tag
tableManager.commandπ
Type: string
nil
Description: Command to execute instead of defined in Docker image
tableManager.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for table-manager pods
tableManager.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Labels for table-manager pods
tableManager.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for table-manager deployment
tableManager.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for table-manager pods
tableManager.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for table-manager Service
tableManager.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for table-manager Service
tableManager.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the table-manager
tableManager.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the table-manager pods
tableManager.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the table-manager pods
tableManager.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the table-manager pods
tableManager.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the table-manager pods
tableManager.resourcesπ
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the table-manager
tableManager.extraContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Containers to add to the table-manager pods
tableManager.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the table-manager to shutdown before it is killed
tableManager.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config table-manager pods
tableManager.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for table-manager pods
tableManager.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for table-manager pods
tableManager.retention_deletes_enabledπ
Type: bool
false
Description: Enable deletes by retention
tableManager.retention_periodπ
Type: int
0
Description: Set retention period
read.replicasπ
Type: int
3
Description: Number of replicas for the read
read.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true
read.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the read
read.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the read
read.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the read
read.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the read
read.autoscaling.behaviorπ
Type: object
{}
Default value (formatted)
{}
Description: Behavior policies while scaling.
read.image.registryπ
Type: string
nil
Description: The Docker registry for the read image. Overrides loki.image.registry
read.image.repositoryπ
Type: string
nil
Description: Docker image repository for the read image. Overrides loki.image.repository
read.image.tagπ
Type: string
nil
Description: Docker image tag for the read image. Overrides loki.image.tag
read.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for read pods
read.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for read deployment
read.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for read pods
read.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for each read pod
read.selectorLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional selector labels for each read pod
read.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for read Service
read.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for read Service
read.targetModuleπ
Type: string
"read"
Description: Comma-separated list of Loki modules to load for the read
read.legacyReadTargetπ
Type: bool
false
Description: Whether or not to use the 2 target type simple scalable mode (read, write) or the 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will run two targets, false will run 3 targets.
read.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the read
read.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the read pods
read.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the read pods
read.lifecycleπ
Type: object
{}
Default value (formatted)
{}
Description: Lifecycle for the read container
read.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the read pods
read.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the read pods
read.resourcesπ
Type: object
{"limits":{"cpu":"300m","memory":"2Gi"},"requests":{"cpu":"300m","memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": "300m",
"memory": "2Gi"
},
"requests": {
"cpu": "300m",
"memory": "2Gi"
}
}
Description: Resource requests and limits for the read
read.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the read to shutdown before it is killed
read.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for read pods
read.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for read pods
read.topologySpreadConstraintsπ
Type: list
[]
Default value (formatted)
[]
Description: Topology Spread Constraints for read pods
read.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for read pods
read.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
read.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
read.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
read.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
read.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
read.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
backend.replicasπ
Type: int
3
Description: Number of replicas for the backend
backend.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the backend.
backend.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the backend.
backend.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the backend.
backend.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilization percentage for the backend.
backend.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilization percentage for the backend.
backend.autoscaling.behaviorπ
Type: object
{}
Default value (formatted)
{}
Description: Behavior policies while scaling.
backend.image.registryπ
Type: string
nil
Description: The Docker registry for the backend image. Overrides loki.image.registry
backend.image.repositoryπ
Type: string
nil
Description: Docker image repository for the backend image. Overrides loki.image.repository
backend.image.tagπ
Type: string
nil
Description: Docker image tag for the backend image. Overrides loki.image.tag
backend.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for backend pods
backend.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for backend StatefulSet
backend.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for backend pods
backend.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for each backend pod
backend.selectorLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional selector labels for each backend pod
backend.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for backend Service
backend.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for backend Service
backend.targetModuleπ
Type: string
"backend"
Description: Comma-separated list of Loki modules to load for the read
backend.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the backend
backend.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the backend pods
backend.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the backend pods
backend.initContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Init containers to add to the backend pods
backend.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the backend pods
backend.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the backend pods
backend.resourcesπ
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the backend
backend.terminationGracePeriodSecondsπ
Type: int
300
Description: Grace period to allow the backend to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
backend.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for backend pods
backend.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for backend pods
backend.topologySpreadConstraintsπ
Type: list
[]
Default value (formatted)
[]
Description: Topology Spread Constraints for backend pods
backend.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for backend pods
backend.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
backend.persistence.volumeClaimsEnabledπ
Type: bool
true
Description: Enable volume claims in pod spec
backend.persistence.dataVolumeParametersπ
Type: object
{"emptyDir":{}}
Default value (formatted)
{
"emptyDir": {}
}
Description: Parameters used for the data volume when volumeClaimEnabled if false
backend.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
backend.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
backend.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
backend.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
backend.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
singleBinary.replicasπ
Type: int
1
Description: Number of replicas for the single binary
singleBinary.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling
singleBinary.autoscaling.minReplicasπ
Type: int
1
Description: Minimum autoscaling replicas for the single binary
singleBinary.autoscaling.maxReplicasπ
Type: int
3
Description: Maximum autoscaling replicas for the single binary
singleBinary.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the single binary
singleBinary.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the single binary
singleBinary.image.registryπ
Type: string
nil
Description: The Docker registry for the single binary image. Overrides loki.image.registry
singleBinary.image.repositoryπ
Type: string
nil
Description: Docker image repository for the single binary image. Overrides loki.image.repository
singleBinary.image.tagπ
Type: string
nil
Description: Docker image tag for the single binary image. Overrides loki.image.tag
singleBinary.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for single binary pods
singleBinary.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for single binary StatefulSet
singleBinary.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for single binary pods
singleBinary.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for each single binary pod
singleBinary.selectorLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional selector labels for each single binary pod
singleBinary.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for single binary Service
singleBinary.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for single binary Service
singleBinary.targetModuleπ
Type: string
"all"
Description: Comma-separated list of Loki modules to load for the single binary
singleBinary.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Labels for single binary service
singleBinary.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the single binary pods
singleBinary.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the single binary pods
singleBinary.extraContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Extra containers to add to the single binary loki pod
singleBinary.initContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Init containers to add to the single binary pods
singleBinary.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the single binary pods
singleBinary.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the single binary pods
singleBinary.resourcesπ
Type: object
{"limits":{"cpu":"100m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}}
Default value (formatted)
{
"limits": {
"cpu": "100m",
"memory": "256Mi"
},
"requests": {
"cpu": "100m",
"memory": "256Mi"
}
}
Description: Resource requests and limits for the single binary
singleBinary.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the single binary to shutdown before it is killed
singleBinary.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for single binary pods
singleBinary.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for single binary pods
singleBinary.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for single binary pods
singleBinary.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
singleBinary.persistence.enabledπ
Type: bool
true
Description: Enable persistent disk
singleBinary.persistence.sizeπ
Type: string
"12Gi"
Description: Size of persistent disk
singleBinary.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
singleBinary.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
ingress.enabledπ
Type: bool
false
ingress.ingressClassNameπ
Type: string
""
ingress.annotationsπ
Type: object
{}
Default value (formatted)
{}
ingress.labelsπ
Type: object
{}
Default value (formatted)
{}
ingress.paths.write[0]π
Type: string
"/api/prom/push"
ingress.paths.write[1]π
Type: string
"/loki/api/v1/push"
ingress.paths.read[0]π
Type: string
"/api/prom/tail"
ingress.paths.read[1]π
Type: string
"/loki/api/v1/tail"
ingress.paths.read[2]π
Type: string
"/loki/api"
ingress.paths.read[3]π
Type: string
"/api/prom/rules"
ingress.paths.read[4]π
Type: string
"/loki/api/v1/rules"
ingress.paths.read[5]π
Type: string
"/prometheus/api/v1/rules"
ingress.paths.read[6]π
Type: string
"/prometheus/api/v1/alerts"
ingress.paths.singleBinary[0]π
Type: string
"/api/prom/push"
ingress.paths.singleBinary[1]π
Type: string
"/loki/api/v1/push"
ingress.paths.singleBinary[2]π
Type: string
"/api/prom/tail"
ingress.paths.singleBinary[3]π
Type: string
"/loki/api/v1/tail"
ingress.paths.singleBinary[4]π
Type: string
"/loki/api"
ingress.paths.singleBinary[5]π
Type: string
"/api/prom/rules"
ingress.paths.singleBinary[6]π
Type: string
"/loki/api/v1/rules"
ingress.paths.singleBinary[7]π
Type: string
"/prometheus/api/v1/rules"
ingress.paths.singleBinary[8]π
Type: string
"/prometheus/api/v1/alerts"
ingress.hostsπ
Type: list
["loki.example.com"]
Default value (formatted)
[
"loki.example.com"
]
Description: Hosts configuration for the ingress, passed through the tpl function to allow templating
ingress.tlsπ
Type: list
[]
Default value (formatted)
[]
Description: TLS configuration for the ingress. Hosts passed through the tpl function to allow templating
memberlist.service.publishNotReadyAddressesπ
Type: bool
false
gateway.enabledπ
Type: bool
false
Description: Specifies whether the gateway should be enabled
gateway.replicasπ
Type: int
1
Description: Number of replicas for the gateway
gateway.verboseLoggingπ
Type: bool
true
Description: Enable logging of 2xx and 3xx HTTP requests
gateway.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the gateway
gateway.autoscaling.minReplicasπ
Type: int
1
Description: Minimum autoscaling replicas for the gateway
gateway.autoscaling.maxReplicasπ
Type: int
3
Description: Maximum autoscaling replicas for the gateway
gateway.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the gateway
gateway.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the gateway
gateway.autoscaling.behaviorπ
Type: object
{}
Default value (formatted)
{}
Description: Behavior policies while scaling.
gateway.deploymentStrategy.typeπ
Type: string
"RollingUpdate"
gateway.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry for the gateway image
gateway.image.repositoryπ
Type: string
"ironbank/opensource/nginx/nginx"
Description: The gateway image repository
gateway.image.tagπ
Type: string
"1.25.3"
Description: The gateway image tag
gateway.image.digestπ
Type: string
nil
Description: Overrides the gateway image tag with an image digest
gateway.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: The gateway image pull policy
gateway.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for gateway pods
gateway.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for gateway deployment
gateway.podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for gateway pods
gateway.podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional labels for gateway pods
gateway.extraArgsπ
Type: list
[]
Default value (formatted)
[]
Description: Additional CLI args for the gateway
gateway.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables to add to the gateway pods
gateway.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Environment variables from secrets or configmaps to add to the gateway pods
gateway.lifecycleπ
Type: object
{}
Default value (formatted)
{}
Description: Lifecycle for the gateway container
gateway.extraVolumesπ
Type: list
[]
Default value (formatted)
[]
Description: Volumes to add to the gateway pods
gateway.extraVolumeMountsπ
Type: list
[]
Default value (formatted)
[]
Description: Volume mounts to add to the gateway pods
gateway.podSecurityContextπ
Type: object
{"fsGroup":101,"runAsGroup":101,"runAsNonRoot":true,"runAsUser":101}
Default value (formatted)
{
"fsGroup": 101,
"runAsGroup": 101,
"runAsNonRoot": true,
"runAsUser": 101
}
Description: The SecurityContext for gateway containers
gateway.containerSecurityContextπ
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"readOnlyRootFilesystem": true
}
Description: The SecurityContext for gateway containers
gateway.resourcesπ
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for the gateway
gateway.extraContainersπ
Type: list
[]
Default value (formatted)
[]
Description: Containers to add to the gateway pods
gateway.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the gateway to shutdown before it is killed
gateway.dnsConfigπ
Type: object
{}
Default value (formatted)
{}
Description: DNS config for gateway pods
gateway.nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for gateway pods
gateway.topologySpreadConstraintsπ
Type: list
[]
Default value (formatted)
[]
Description: Topology Spread Constraints for gateway pods
gateway.tolerationsπ
Type: list
[]
Default value (formatted)
[]
Description: Tolerations for gateway pods
gateway.service.portπ
Type: int
80
Description: Port of the gateway service
gateway.service.typeπ
Type: string
"ClusterIP"
Description: Type of the gateway service
gateway.service.clusterIPπ
Type: string
nil
Description: ClusterIP of the gateway service
gateway.service.nodePortπ
Type: int
nil
Description: Node port if service type is NodePort
gateway.service.loadBalancerIPπ
Type: string
nil
Description: Load balancer IPO address if service type is LoadBalancer
gateway.service.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the gateway service
gateway.service.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Labels for gateway service
gateway.ingress.enabledπ
Type: bool
false
Description: Specifies whether an ingress for the gateway should be created
gateway.ingress.ingressClassNameπ
Type: string
""
Description: Ingress Class Name. MAY be required for Kubernetes versions >= 1.18
gateway.ingress.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the gateway ingress
gateway.ingress.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Labels for the gateway ingress
gateway.ingress.hostsπ
Type: list
[{"host":"gateway.loki.example.com","paths":[{"path":"/"}]}]
Default value (formatted)
[
{
"host": "gateway.loki.example.com",
"paths": [
{
"path": "/"
}
]
}
]
Description: Hosts configuration for the gateway ingress, passed through the tpl function to allow templating
gateway.ingress.tlsπ
Type: list
[{"hosts":["gateway.loki.example.com"],"secretName":"loki-gateway-tls"}]
Default value (formatted)
[
{
"hosts": [
"gateway.loki.example.com"
],
"secretName": "loki-gateway-tls"
}
]
Description: TLS configuration for the gateway ingress. Hosts passed through the tpl function to allow templating
gateway.basicAuth.enabledπ
Type: bool
false
Description: Enables basic authentication for the gateway
gateway.basicAuth.usernameπ
Type: string
nil
Description: The basic auth username for the gateway
gateway.basicAuth.passwordπ
Type: string
nil
Description: The basic auth password for the gateway
gateway.basicAuth.htpasswdπ
Type: string
"{{ if .Values.loki.tenants }}\n\n {{- range $t := .Values.loki.tenants }}\n{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}\n\n {{- end }}\n{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}"
Default value (formatted)
{{ if .Values.loki.tenants }}
{{- range $t := .Values.loki.tenants }}
{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}
{{- end }}
{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}
Description: Uses the specified users from the loki.tenants list to create the htpasswd file if loki.tenants is not set, the gateway.basicAuth.username and gateway.basicAuth.password are used The value is templated using tpl. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.
gateway.basicAuth.existingSecretπ
Type: string
nil
Description: Existing basic auth secret to use. Must contain β.htpasswdβ
gateway.readinessProbe.httpGet.pathπ
Type: string
"/"
gateway.readinessProbe.httpGet.portπ
Type: string
"http"
gateway.readinessProbe.initialDelaySecondsπ
Type: int
15
gateway.readinessProbe.timeoutSecondsπ
Type: int
1
gateway.nginxConfig.logFormatπ
Type: string
"main '$remote_addr - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
Default value (formatted)
main '$remote_addr - $remote_user [$time_local] $status '
'\"$request\" $body_bytes_sent \"$http_referer\" '
'\"$http_user_agent\" \"$http_x_forwarded_for\"';
Description: NGINX log format
gateway.nginxConfig.serverSnippetπ
Type: string
""
Description: Allows appending custom configuration to the server block
gateway.nginxConfig.httpSnippetπ
Type: string
"{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}"
Description: Allows appending custom configuration to the http block, passed through the tpl function to allow templating
gateway.nginxConfig.customReadUrlπ
Type: string
nil
Description: Override Read URL
gateway.nginxConfig.customWriteUrlπ
Type: string
nil
Description: Override Write URL
gateway.nginxConfig.customBackendUrlπ
Type: string
nil
Description: Override Backend URL
gateway.nginxConfig.resolverπ
Type: string
""
Description: Allows overriding the DNS resolver address nginx will use.
gateway.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
networkPolicy.enabledπ
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.flavorπ
Type: string
"kubernetes"
Description: Specifies whether the policies created will be standard Network Policies (flavor: kubernetes) or Cilium Network Policies (flavor: cilium)
networkPolicy.metrics.podSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.metrics.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrsπ
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.ingress.podSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.ingress.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespaces which are allowed to access the http port
networkPolicy.alertmanager.portπ
Type: int
9093
Description: Specify the alertmanager port used for alerting
networkPolicy.alertmanager.podSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.alertmanager.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespace the alertmanager is running in
networkPolicy.externalStorage.portsπ
Type: list
[]
Default value (formatted)
[]
Description: Specify the port used for external storage, e.g. AWS S3
networkPolicy.externalStorage.cidrsπ
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs you want to limit access to
networkPolicy.discovery.portπ
Type: int
nil
Description: Specify the port used for discovery
networkPolicy.discovery.podSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.discovery.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespace the discovery Pods are running in
minioπ
Type: object
{"enabled":false,"secrets":{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"},"service":{"nameOverride":"minio.logging.svc.cluster.local"},"tenant":{"buckets":[{"name":"loki"},{"name":"loki-admin"}],"defaultUserCredentials":{"password":"","username":"minio-user"},"metrics":{"enabled":false,"memory":"128M","port":9000},"pools":[{"securityContext":{"fsGroup":1001,"runAsGroup":1001,"runAsUser":1001},"servers":1,"size":"750Mi","volumesPerServer":4}],"users":[{"name":"minio-user"}]}}
Default value (formatted)
{
"enabled": false,
"secrets": {
"accessKey": "minio",
"name": "loki-objstore-creds",
"secretKey": "minio123"
},
"service": {
"nameOverride": "minio.logging.svc.cluster.local"
},
"tenant": {
"buckets": [
{
"name": "loki"
},
{
"name": "loki-admin"
}
],
"defaultUserCredentials": {
"password": "",
"username": "minio-user"
},
"metrics": {
"enabled": false,
"memory": "128M",
"port": 9000
},
"pools": [
{
"securityContext": {
"fsGroup": 1001,
"runAsGroup": 1001,
"runAsUser": 1001
},
"servers": 1,
"size": "750Mi",
"volumesPerServer": 4
}
],
"users": [
{
"name": "minio-user"
}
]
}
}
Description: -----------------------------------
minio.enabledπ
Type: bool
false
Description: Enable minio instance support, must have minio-operator installed
minio.secretsπ
Type: object
{"accessKey":"minio","name":"loki-objstore-creds","secretKey":"minio123"}
Default value (formatted)
{
"accessKey": "minio",
"name": "loki-objstore-creds",
"secretKey": "minio123"
}
Description: Minio root credentials
minio.tenant.bucketsπ
Type: list
[{"name":"loki"},{"name":"loki-admin"}]
Default value (formatted)
[
{
"name": "loki"
},
{
"name": "loki-admin"
}
]
Description: Buckets to be provisioned to for tenant
minio.tenant.usersπ
Type: list
[{"name":"minio-user"}]
Default value (formatted)
[
{
"name": "minio-user"
}
]
Description: Users to to be provisioned to for tenant
minio.tenant.defaultUserCredentialsπ
Type: object
{"password":"","username":"minio-user"}
Default value (formatted)
{
"password": "",
"username": "minio-user"
}
Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki
domainπ
Type: string
"bigbang.dev"
istio.enabledπ
Type: bool
false
istio.hardened.enabledπ
Type: bool
false
istio.hardened.customAuthorizationPoliciesπ
Type: list
[]
Default value (formatted)
[]
istio.hardened.monitoring.enabledπ
Type: bool
true
istio.hardened.monitoring.namespaces[0]π
Type: string
"monitoring"
istio.hardened.monitoring.principals[0]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.monitoring.principals[1]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.monitoring.principals[2]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.monitoring.principals[3]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.monitoring.principals[4]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.monitoring.principals[5]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.promtail.enabledπ
Type: bool
true
istio.hardened.promtail.namespaces[0]π
Type: string
"promtail"
istio.hardened.promtail.principals[0]π
Type: string
"cluster.local/ns/promtail/sa/promtail-promtail"
istio.loki.enabledπ
Type: bool
false
istio.loki.annotationsπ
Type: object
{}
Default value (formatted)
{}
istio.loki.labelsπ
Type: object
{}
Default value (formatted)
{}
istio.loki.gateways[0]π
Type: string
"istio-system/public"
istio.loki.hosts[0]π
Type: string
"loki.{{ .Values.domain }}"
istio.loki.serviceπ
Type: string
""
istio.loki.portπ
Type: string
""
istio.loki.exposeReadyEndpointπ
Type: bool
false
istio.mtls.modeπ
Type: string
"STRICT"
networkPolicies.enabledπ
Type: bool
false
networkPolicies.controlPlaneCidrπ
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR to allow init job communication to the Kubernetes API. Use kubectl get endpoints kubernetes to get the CIDR range needed for your cluster
networkPolicies.ingressLabels.appπ
Type: string
"public-ingressgateway"
networkPolicies.ingressLabels.istioπ
Type: string
"ingressgateway"
bbtests.enabledπ
Type: bool
false
bbtests.cypress.artifactsπ
Type: bool
true
bbtests.cypress.envs.cypress_check_datasourceπ
Type: string
"false"
bbtests.cypress.envs.cypress_grafana_urlπ
Type: string
"http://monitoring-grafana.monitoring.svc.cluster.local"
bbtests.scripts.imageπ
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"
bbtests.scripts.envs.LOKI_URLπ
Type: string
"http://{{ .Values.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"
bbtests.scripts.envs.LOKI_VERSIONπ
Type: string
"{{ .Values.loki.image.tag }}"
sidecar.image.repositoryπ
Type: string
"registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar"
sidecar.image.tagπ
Type: string
"1.25.2"
sidecar.image.shaπ
Type: string
""
sidecar.image.pullPolicyπ
Type: string
"IfNotPresent"
sidecar.resources.limits.cpuπ
Type: string
"100m"
sidecar.resources.limits.memoryπ
Type: string
"100Mi"
sidecar.resources.requests.cpuπ
Type: string
"100m"
sidecar.resources.requests.memoryπ
Type: string
"100Mi"
sidecar.securityContext.allowPrivilegeEscalationπ
Type: bool
false
sidecar.securityContext.capabilities.drop[0]π
Type: string
"ALL"
sidecar.securityContext.seccompProfile.typeπ
Type: string
"RuntimeDefault"
sidecar.skipTlsVerifyπ
Type: bool
false
Description: Set to true to skip tls verification for kube api calls.
sidecar.enableUniqueFilenamesπ
Type: bool
false
Description: Ensure that rule files arenβt conflicting and being overwritten by prefixing their name with the namespace they are defined in.
sidecar.readinessProbeπ
Type: object
{}
Default value (formatted)
{}
Description: Readiness probe definition. Probe is disabled on the sidecar by default.
sidecar.livenessProbeπ
Type: object
{}
Default value (formatted)
{}
Description: Liveness probe definition. Probe is disabled on the sidecar by default.
sidecar.rules.enabledπ
Type: bool
false
Description: Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.
sidecar.rules.labelπ
Type: string
"loki_rule"
Description: Label that the configmaps/secrets with rules will be marked with.
sidecar.rules.labelValueπ
Type: string
""
Description: Label value that the configmaps/secrets with rules will be set to.
sidecar.rules.folderπ
Type: string
"/rules"
Description: Folder into which the rules will be placed.
sidecar.rules.searchNamespaceπ
Type: string
nil
Description: Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. Itβs also possible to specify βALLβ to search in all namespaces.
sidecar.rules.watchMethodπ
Type: string
"WATCH"
Description: Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
sidecar.rules.resourceπ
Type: string
"both"
Description: Search in configmap, secret, or both.
sidecar.rules.scriptπ
Type: string
nil
Description: Absolute path to the shell script to execute after a configmap or secret has been reloaded.
sidecar.rules.watchServerTimeoutπ
Type: int
60
Description: WatchServerTimeout: request to the server, asking it to cleanly close the connection after that. defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.
sidecar.rules.watchClientTimeoutπ
Type: int
60
Description: WatchClientTimeout: is a client-side timeout, configuring your local socket. If you have a network outage dropping all packets with no RST/FIN, this is how long your client waits before realizing & dropping the connection. Defaults to 66sec.
sidecar.rules.logLevelπ
Type: string
"INFO"
Description: Log level of the sidecar container.