promtail values.yaml
π
nameOverrideπ
Type: string
nil
Description: Overrides the chartβs name
fullnameOverrideπ
Type: string
nil
Description: Overrides the chartβs computed fullname
vpaπ
Type: object
{"annotations":{},"controlledResources":[],"enabled":false,"kind":"DaemonSet","maxAllowed":{},"minAllowed":{},"updatePolicy":{"updateMode":"Auto"}}
Default value (formatted)
{
"annotations": {},
"controlledResources": [],
"enabled": false,
"kind": "DaemonSet",
"maxAllowed": {},
"minAllowed": {},
"updatePolicy": {
"updateMode": "Auto"
}
}
Description: config for VerticalPodAutoscaler
daemonset.enabledπ
Type: bool
true
Description: Deploys Promtail as a DaemonSet
daemonset.autoscaling.enabledπ
Type: bool
false
Description: Creates a VerticalPodAutoscaler for the daemonset
daemonset.autoscaling.controlledResourcesπ
Type: list
[]
Default value (formatted)
[]
Description: List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
daemonset.autoscaling.maxAllowedπ
Type: object
{}
Default value (formatted)
{}
Description: Defines the max allowed resources for the pod
daemonset.autoscaling.minAllowedπ
Type: object
{}
Default value (formatted)
{}
Description: Defines the min allowed resources for the pod
deployment.enabledπ
Type: bool
false
Description: Deploys Promtail as a Deployment
deployment.replicaCountπ
Type: int
1
deployment.autoscaling.enabledπ
Type: bool
false
Description: Creates a HorizontalPodAutoscaler for the deployment
deployment.autoscaling.minReplicasπ
Type: int
1
deployment.autoscaling.maxReplicasπ
Type: int
10
deployment.autoscaling.targetCPUUtilizationPercentageπ
Type: int
80
deployment.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
deployment.autoscaling.strategyπ
Type: object
{"type":"RollingUpdate"}
Default value (formatted)
{
"type": "RollingUpdate"
}
Description: Set deployment object update strategy
secret.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Labels for the Secret
secret.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the Secret
configmap.enabledπ
Type: bool
false
Description: If enabled, promtail config will be created as a ConfigMap instead of a secret
initContainerπ
Type: list
[]
Default value (formatted)
[]
image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
image.repositoryπ
Type: string
"ironbank/opensource/grafana/promtail"
Description: Docker image repository
image.tagπ
Type: string
"v2.9.2"
Description: Overrides the image tag whose default is the chartβs appVersion
image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
imagePullSecretsπ
Type: list
[{"name":"private-registry"}]
Default value (formatted)
[
{
"name": "private-registry"
}
]
Description: Image pull secrets for Docker images
hostAliasesπ
Type: list
[]
Default value (formatted)
[]
Description: hostAliases to add
hostNetworkπ
Type: string
nil
Description: Controls whether the pod has the hostNetwork
flag set.
annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the DaemonSet
updateStrategyπ
Type: object
{}
Default value (formatted)
{}
Description: The update strategy for the DaemonSet
podLabelsπ
Type: object
{}
Default value (formatted)
{}
Description: Pod labels
podAnnotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Pod annotations
priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass
livenessProbeπ
Type: object
{}
Default value (formatted)
{}
Description: Liveness probe
resourcesπ
Type: object
{"limits":{"cpu":"200m","memory":"128Mi"},"requests":{"cpu":"200m","memory":"128Mi"}}
Default value (formatted)
{
"limits": {
"cpu": "200m",
"memory": "128Mi"
},
"requests": {
"cpu": "200m",
"memory": "128Mi"
}
}
Description: Resource requests and limits
podSecurityContextπ
Type: object
{"runAsGroup":0,"runAsUser":0}
Default value (formatted)
{
"runAsGroup": 0,
"runAsUser": 0
}
Description: The security context for pods
containerSecurityContextπ
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsUser":0,"seLinuxOptions":{"type":"spc_t"}}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"privileged": false,
"readOnlyRootFilesystem": true,
"runAsUser": 0,
"seLinuxOptions": {
"type": "spc_t"
}
}
Description: The security context for containers
rbac.createπ
Type: bool
true
Description: Specifies whether RBAC resources are to be created
rbac.pspEnabledπ
Type: bool
false
Description: Specifies whether a PodSecurityPolicy is to be created
namespaceπ
Type: string
nil
Description: The name of the Namespace to deploy If not set, .Release.Namespace
is used
serviceAccount.createπ
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.nameπ
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create
is true, a name is generated using the fullname template
serviceAccount.imagePullSecretsπ
Type: list
[]
Default value (formatted)
[]
Description: Image pull secrets for the service account
serviceAccount.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: Annotations for the service account
nodeSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Node selector for pods
affinityπ
Type: object
{}
Default value (formatted)
{}
Description: Affinity configuration for pods
tolerationsπ
Type: list
[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"},{"effect":"NoSchedule","key":"node-role.kubernetes.io/control-plane","operator":"Exists"}]
Default value (formatted)
[
{
"effect": "NoSchedule",
"key": "node-role.kubernetes.io/master",
"operator": "Exists"
},
{
"effect": "NoSchedule",
"key": "node-role.kubernetes.io/control-plane",
"operator": "Exists"
}
]
Description: Tolerations for pods. By default, pods will be scheduled on master/control-plane nodes.
extraVolumes[0].nameπ
Type: string
"varlog"
extraVolumes[0].hostPath.pathπ
Type: string
"/var/log"
extraVolumes[1].nameπ
Type: string
"machine-id"
extraVolumes[1].hostPath.pathπ
Type: string
"/etc/machine-id"
extraVolumeMounts[0].nameπ
Type: string
"varlog"
extraVolumeMounts[0].mountPathπ
Type: string
"/var/log"
extraVolumeMounts[0].readOnlyπ
Type: bool
true
extraVolumeMounts[1].nameπ
Type: string
"machine-id"
extraVolumeMounts[1].mountPathπ
Type: string
"/etc/machine-id"
extraVolumeMounts[1].readOnlyπ
Type: bool
true
extraArgsπ
Type: list
["-config.expand-env=true"]
Default value (formatted)
[
"-config.expand-env=true"
]
Description: - -client.external-labels=hostname=$(HOSTNAME)
extraEnvπ
Type: list
[{"name":"NODE_HOSTNAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}}]
Default value (formatted)
[
{
"name": "NODE_HOSTNAME",
"valueFrom": {
"fieldRef": {
"fieldPath": "spec.nodeName"
}
}
}
]
Description: Extra environment variables
extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Extra environment variables from secrets or configmaps
enableServiceLinksπ
Type: bool
true
Description: Configure enableServiceLinks in pod
serviceMonitor.enabledπ
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
serviceMonitor.namespaceπ
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
serviceMonitor.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Namespace selector for ServiceMonitor resources
serviceMonitor.annotationsπ
Type: object
{}
Default value (formatted)
{}
Description: ServiceMonitor annotations
serviceMonitor.labelsπ
Type: object
{}
Default value (formatted)
{}
Description: Additional ServiceMonitor labels
serviceMonitor.intervalπ
Type: string
nil
Description: ServiceMonitor scrape interval
serviceMonitor.scrapeTimeoutπ
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
serviceMonitor.relabelingsπ
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig (defines relabel_configs
)
serviceMonitor.metricRelabelingsπ
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor relabel configs to apply to samples as the last step before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig (defines metric_relabel_configs
)
serviceMonitor.targetLabelsπ
Type: list
[]
Default value (formatted)
[]
Description: ServiceMonitor will add labels from the service to the Prometheus metric https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec
serviceMonitor.schemeπ
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
serviceMonitor.tlsConfigπ
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
serviceMonitor.prometheusRuleπ
Type: object
{"additionalLabels":{},"enabled":false,"rules":[]}
Default value (formatted)
{
"additionalLabels": {},
"enabled": false,
"rules": []
}
Description: Prometheus rules will be deployed for alerting purposes
extraContainersπ
Type: object
{}
Default value (formatted)
{}
extraPortsπ
Type: object
{}
Default value (formatted)
{}
Description: Configure additional ports and services. For each configured port, a corresponding service is created. See values.yaml for details
config.enabledπ
Type: bool
true
Description: Enable Promtail config from Helm chart Set configmap.enabled: true
and this to false
to manage your own Promtail config See default config in values.yaml
config.logLevelπ
Type: string
"info"
Description: The log level of the Promtail server Must be reference in config.file
to configure server.log_level
See default config in values.yaml
config.logFormatπ
Type: string
"logfmt"
Description: The log format of the Promtail server Must be reference in config.file
to configure server.log_format
Valid formats: logfmt, json
See default config in values.yaml
config.serverPortπ
Type: int
3101
Description: The port of the Promtail server Must be reference in config.file
to configure server.http_listen_port
See default config in values.yaml
config.positionsπ
Type: object
{"filename":"/run/promtail/positions.yaml"}
Default value (formatted)
{
"filename": "/run/promtail/positions.yaml"
}
Description: Configures where Promtail will save itβs positions file, to resume reading after restarts. Must be referenced in config.file
to configure positions
config.enableTracingπ
Type: bool
false
Description: The config to enable tracing
config.snippets.extraRelabelConfigsπ
Type: list
[]
Default value (formatted)
[]
Description: You can put here any additional relabel_configs to βkubernetes-podsβ job
networkPolicy.enabledπ
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.metrics.podSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also neeed the namespaceSelector.
networkPolicy.metrics.namespaceSelectorπ
Type: object
{}
Default value (formatted)
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrsπ
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.k8sApi.portπ
Type: int
8443
Description: Specify the k8s API endpoint port
networkPolicy.k8sApi.cidrsπ
Type: list
[]
Default value (formatted)
[]
Description: Specifies specific network CIDRs you want to limit access to
httpPathPrefixπ
Type: string
""
Description: Base path to server all API routes fro
sidecar.configReloader.enabledπ
Type: bool
false
sidecar.configReloader.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry for sidecar config-reloader
sidecar.configReloader.image.repositoryπ
Type: string
"ironbank/opensource/jimmidyson/configmap-reload"
Description: Docker image repository for sidecar config-reloader
sidecar.configReloader.image.tagπ
Type: string
"v0.12.0"
Description: Docker image tag for sidecar config-reloader
sidecar.configReloader.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy for sidecar config-reloader
sidecar.configReloader.extraArgsπ
Type: list
[]
Default value (formatted)
[]
sidecar.configReloader.extraEnvπ
Type: list
[]
Default value (formatted)
[]
Description: Extra environment variables for sidecar config-reloader
sidecar.configReloader.extraEnvFromπ
Type: list
[]
Default value (formatted)
[]
Description: Extra environment variables from secrets or configmaps for sidecar config-reloader
sidecar.configReloader.containerSecurityContextπ
Type: object
{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}
Default value (formatted)
{
"allowPrivilegeEscalation": false,
"capabilities": {
"drop": [
"ALL"
]
},
"readOnlyRootFilesystem": true
}
Description: The security context for containers for sidecar config-reloader
sidecar.configReloader.readinessProbeπ
Type: object
{}
Default value (formatted)
{}
Description: Readiness probe for sidecar config-reloader
sidecar.configReloader.livenessProbeπ
Type: object
{}
Default value (formatted)
{}
Description: Liveness probe for sidecar config-reloader
sidecar.configReloader.resourcesπ
Type: object
{}
Default value (formatted)
{}
Description: Resource requests and limits for sidecar config-reloader
sidecar.configReloader.config.serverPortπ
Type: int
9533
Description: The port of the config-reloader server
sidecar.configReloader.serviceMonitor.enabledπ
Type: bool
true
extraObjectsπ
Type: list
[]
Default value (formatted)
[]
Description: Extra K8s manifests to deploy
istio.enabledπ
Type: bool
false
Description: Toggle interaction with Istio
istio.hardened.enabledπ
Type: bool
false
istio.hardened.customAuthorizationPoliciesπ
Type: list
[]
Default value (formatted)
[]
istio.hardened.prometheus.enabledπ
Type: bool
true
istio.hardened.prometheus.namespaces[0]π
Type: string
"monitoring"
istio.hardened.prometheus.principals[0]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.prometheus.principals[1]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.prometheus.principals[2]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.prometheus.principals[3]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.prometheus.principals[4]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.prometheus.principals[5]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.mtls.modeπ
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic PERMISSIVE = Allow both plain text and mutual TLS traffic
networkPolicies.enabledπ
Type: bool
false
Description: Toggle networkPolicies
networkPolicies.controlPlaneCidrπ
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR, defaults to 0.0.0.0/0, use kubectl get endpoints -n default kubernetes
to get the CIDR range needed for your cluster Must be an IP CIDR range (x.x.x.x/x - ideally with /32 for the specific IP of a single endpoint, broader range for multiple masters/endpoints) Used by package NetworkPolicies to allow Kube API access
openshiftπ
Type: bool
false
Description: Toggle or openshift specific config
lokiπ
Type: object
{"enabled":false}
Default value (formatted)
{
"enabled": false
}
Description: Toggle Loki network policy enabling