loki values.yamlπ
global.image.registryπ
Type: string
nil
Description: Overrides the Docker registry globally for all images
global.priorityClassNameπ
Type: string
nil
Description: Overrides the priorityClassName for all pods
global.clusterDomainπ
Type: string
"cluster.local"
Description: configures cluster domain (βcluster.localβ by default)
global.dnsServiceπ
Type: string
"kube-dns"
Description: configures DNS service name
global.dnsNamespaceπ
Type: string
"kube-system"
Description: configures DNS service namespace
nameOverrideπ
Type: string
"logging-loki"
Description: Overrides the chartβs name
openshiftπ
Type: bool
false
fullnameOverrideπ
Type: string
"logging-loki"
Description: Overrides the chartβs computed fullname
clusterLabelOverrideπ
Type: string
nil
Description: Overrides the chartβs cluster label
imagePullSecretsπ
Type: list
- name: private-registry
Description: Image pull secrets for Docker images
kubectlImage.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
kubectlImage.repositoryπ
Type: string
"ironbank/opensource/kubernetes/kubectl"
Description: Docker image repository
kubectlImage.tagπ
Type: string
"v1.28.8"
Description: Overrides the image tag whose default is the chartβs appVersion
kubectlImage.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
kubectlImage.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.readinessProbe.httpGet.pathπ
Type: string
"/ready"
loki.readinessProbe.httpGet.portπ
Type: string
"http-metrics"
loki.readinessProbe.initialDelaySecondsπ
Type: int
30
loki.readinessProbe.timeoutSecondsπ
Type: int
1
loki.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
loki.image.repositoryπ
Type: string
"ironbank/opensource/grafana/loki"
Description: Docker image repository
loki.image.tagπ
Type: string
"2.9.6"
Description: Overrides the image tag whose default is the chartβs appVersion
loki.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
loki.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.annotationsπ
Type: object
{}
Description: Common annotations for all deployments/StatefulSets
loki.podAnnotationsπ
Type: object
{}
Description: Common annotations for all pods
loki.podLabelsπ
Type: object
{}
Description: Common labels for all pods
loki.serviceAnnotationsπ
Type: object
{}
Description: Common annotations for all services
loki.serviceLabelsπ
Type: object
{}
Description: Common labels for all services
loki.revisionHistoryLimitπ
Type: int
10
Description: The number of old ReplicaSets to retain to allow rollback
loki.podSecurityContextπ
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: The SecurityContext for Loki pods
loki.containerSecurityContextπ
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
Description: The SecurityContext for Loki containers
loki.enableServiceLinksπ
Type: bool
true
Description: Should enableServiceLinks be enabled. Default to enable
loki.existingSecretForConfigπ
Type: string
""
Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config
loki.configStorageTypeπ
Type: string
"ConfigMap"
Description: Defines what kind of object stores the configuration, a ConfigMap or a Secret. In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use environment variables in the configuration. Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see Secrets.
loki.externalConfigSecretNameπ
Type: string
"{{ include \"loki.name\" . }}"
Description: Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).
loki.auth_enabledπ
Type: bool
false
loki.memberlistConfigπ
Type: object
{}
Description: memberlist configuration (overrides embedded default)
loki.extraMemberlistConfigπ
Type: object
{}
Description: Extra memberlist configuration
loki.tenantsπ
Type: list
[]
Description: Tenants list to be created on nginx htpasswd file, with name and password keys
loki.serverπ
Type: object
grpc_listen_port: 9095
http_listen_port: 3100
Description: Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.
loki.limits_configπ
Type: object
max_cache_freshness_per_query: 10m
reject_old_samples: true
reject_old_samples_max_age: 168h
split_queries_by_interval: 15m
Description: Limits config
loki.runtimeConfigπ
Type: object
{}
Description: Provides a reloadable runtime configuration file for some specific configuration
loki.commonConfigπ
Type: object
compactor_address: '{{ include "loki.compactorAddress" . }}'
path_prefix: /var/loki
replication_factor: 1
Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
loki.storageπ
Type: object
azure:
accountKey: null
accountName: null
connectionString: null
endpointSuffix: null
requestTimeout: null
useFederatedToken: false
useManagedIdentity: false
userAssignedId: null
bucketNames:
admin: loki-admin
chunks: loki
ruler: loki
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
gcs:
chunkBufferSize: 0
enableHttp2: true
requestTimeout: 0s
s3:
accessKeyId: null
backoff_config: {}
endpoint: null
http_config: {}
insecure: false
region: null
s3: null
s3ForcePathStyle: false
secretAccessKey: null
signatureVersion: null
swift:
auth_url: null
auth_version: null
connect_timeout: null
container_name: null
domain_id: null
domain_name: null
internal: null
max_retries: null
password: null
project_domain_id: null
project_domain_name: null
project_id: null
project_name: null
region_name: null
request_timeout: null
user_domain_id: null
user_domain_name: null
user_id: null
username: null
type: s3
Description: Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
loki.storage.s3.backoff_configπ
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config
loki.memcachedπ
Type: object
chunk_cache:
batch_size: 256
enabled: false
host: ''
parallelism: 10
service: memcached-client
results_cache:
default_validity: 12h
enabled: false
host: ''
service: memcached-client
timeout: 500ms
Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.
loki.schemaConfigπ
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
loki.rulerConfigπ
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
loki.structuredConfigπ
Type: object
{}
Description: Structured loki configuration, takes precedence over loki.config, loki.schemaConfig, loki.storageConfig
loki.query_schedulerπ
Type: object
{}
Description: Additional query scheduler config
loki.storage_configπ
Type: object
boltdb_shipper:
active_index_directory: /var/loki/boltdb-shipper-active
cache_location: /var/loki/boltdb-shipper-cache
cache_ttl: 24h
hedging:
at: 250ms
max_per_second: 20
up_to: 3
tsdb_shipper:
active_index_directory: /var/loki/tsdb-index
cache_location: /var/loki/tsdb-cache
cache_ttl: 24h
Description: Additional storage config
loki.compactorπ
Type: object
{}
Description: Optional compactor configuration
loki.analyticsπ
Type: object
{}
Description: Optional analytics configuration
loki.querierπ
Type: object
{}
Description: Optional querier configuration
loki.ingesterπ
Type: object
autoforget_unhealthy: true
chunk_target_size: 196608
flush_check_period: 5s
flush_op_timeout: 100m
lifecycler:
ring:
kvstore:
store: memberlist
Description: Optional ingester configuration
loki.index_gatewayπ
Type: object
mode: ring
Description: Optional index gateway configuration
loki.frontend.scheduler_addressπ
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.frontend_worker.scheduler_addressπ
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.distributorπ
Type: object
{}
Description: Optional distributor configuration
loki.tracingπ
Type: object
enabled: false
Description: Enable tracing
enterprise.enabledπ
Type: bool
false
enterprise.versionπ
Type: string
"v1.8.6"
enterprise.cluster_nameπ
Type: string
nil
Description: Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license
enterprise.licenseπ
Type: object
contents: NOTAVALIDLICENSE
Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'enterprise.license.contents=./license.jwt'
enterprise.useExternalLicenseπ
Type: bool
false
Description: Set to true when providing an external license
enterprise.externalLicenseNameπ
Type: string
nil
Description: Name of external license secret to use
enterprise.externalConfigNameπ
Type: string
""
Description: Name of the external config secret to use
enterprise.adminApiπ
Type: object
enabled: true
Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust, or that auth_enabled is set to false.
enterprise.configπ
Type: string
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}\nadmin_client:\n storage:\n s3:\n bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n path: /etc/loki/license/license.jwt\n"
enterprise.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry
enterprise.image.repositoryπ
Type: string
"ironbank/grafana/grafana-enterprise-logs"
Description: Docker image repository
enterprise.image.tagπ
Type: string
"v1.7.1"
Description: Overrides the image tag whose default is the chartβs appVersion
enterprise.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.adminToken.secretπ
Type: string
nil
Description: Alternative name for admin token secret, needed by tokengen and provisioner jobs
enterprise.adminToken.additionalNamespacesπ
Type: list
[]
Description: Additional namespace to also create the token in. Useful if your Grafana instance is in a different namespace
enterprise.canarySecretπ
Type: string
nil
Description: Alternative name of the secret to store token for the canary
enterprise.tokengenπ
Type: object
annotations:
sidecar.istio.io/inject: 'false'
enabled: true
env: []
extraArgs: []
extraEnvFrom: []
extraVolumeMounts: []
extraVolumes: []
labels: {}
priorityClassName: ''
securityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
targetModule: tokengen
tolerations: []
Description: Configuration for tokengen target
enterprise.tokengen.enabledπ
Type: bool
true
Description: Whether the job should be part of the deployment
enterprise.tokengen.targetModuleπ
Type: string
"tokengen"
Description: Comma-separated list of Loki modules to load for tokengen
enterprise.tokengen.extraArgsπ
Type: list
[]
Description: Additional CLI arguments for the tokengen target
enterprise.tokengen.envπ
Type: list
[]
Description: Additional Kubernetes environment
enterprise.tokengen.labelsπ
Type: object
{}
Description: Additional labels for the tokengen Job
enterprise.tokengen.annotationsπ
Type: object
sidecar.istio.io/inject: 'false'
Description: Additional annotations for the tokengen Job
enterprise.tokengen.tolerationsπ
Type: list
[]
Description: Tolerations for tokengen Job
enterprise.tokengen.extraVolumesπ
Type: list
[]
Description: Additional volumes for Pods
enterprise.tokengen.extraVolumeMountsπ
Type: list
[]
Description: Additional volume mounts for Pods
enterprise.tokengen.securityContextπ
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.tokengen.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the tokengen pods
enterprise.tokengen.priorityClassNameπ
Type: string
""
Description: The name of the PriorityClass for tokengen Pods
enterprise.provisionerπ
Type: object
additionalTenants: []
annotations: {}
enabled: false
env: []
extraVolumeMounts: []
image:
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/enterprise-logs-provisioner
tag: null
labels: {}
priorityClassName: null
provisionedSecretPrefix: null
securityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Configuration for provisioner target
enterprise.provisioner.enabledπ
Type: bool
false
Description: Whether the job should be part of the deployment
enterprise.provisioner.provisionedSecretPrefixπ
Type: string
nil
Description: Name of the secret to store provisioned tokens in
enterprise.provisioner.additionalTenantsπ
Type: list
[]
Description: Additional tenants to be created. Each tenant will get a read and write policy and associated token. Tenant must have a name and a namespace for the secret containting the token to be created in. For example additionalTenants: - name: loki secretNamespace: grafana
enterprise.provisioner.envπ
Type: list
[]
Description: Additional Kubernetes environment
enterprise.provisioner.labelsπ
Type: object
{}
Description: Additional labels for the provisioner Job
enterprise.provisioner.annotationsπ
Type: object
{}
Description: Additional annotations for the provisioner Job
enterprise.provisioner.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for provisioner Job
enterprise.provisioner.securityContextπ
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.provisioner.imageπ
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/enterprise-logs-provisioner
tag: null
Description: Provisioner image to Utilize
enterprise.provisioner.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
enterprise.provisioner.image.repositoryπ
Type: string
"grafana/enterprise-logs-provisioner"
Description: Docker image repository
enterprise.provisioner.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
enterprise.provisioner.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.provisioner.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.provisioner.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the provisioner pods
migrateπ
Type: object
fromDistributed:
enabled: false
memberlistService: ''
Description: Options that may be necessary when performing a migration from another helm chart
migrate.fromDistributedπ
Type: object
enabled: false
memberlistService: ''
Description: When migrating from a distributed chart like loki-distributed or enterprise-logs
migrate.fromDistributed.enabledπ
Type: bool
false
Description: Set to true if migrating from a distributed helm chart
migrate.fromDistributed.memberlistServiceπ
Type: string
""
Description: If migrating from a distributed service, provide the distributed deploymentβs memberlist service DNS so the new deployment can join its ring.
serviceAccount.createπ
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.nameπ
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
serviceAccount.imagePullSecretsπ
Type: list
[]
Description: Image pull secrets for the service account
serviceAccount.annotationsπ
Type: object
{}
Description: Annotations for the service account
serviceAccount.labelsπ
Type: object
{}
Description: Labels for the service account
serviceAccount.automountServiceAccountTokenπ
Type: bool
false
Description: Set this toggle to false to opt out of automounting API credentials for the service account
rbac.pspEnabledπ
Type: bool
false
Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.
rbac.sccEnabledπ
Type: bool
false
Description: For OpenShift set pspEnabled to βfalseβ and sccEnabled to βtrueβ to use the SecurityContextConstraints.
rbac.pspAnnotationsπ
Type: object
{}
Description: Specify PSP annotations Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations
rbac.namespacedπ
Type: bool
false
Description: Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.
testπ
Type: object
annotations: {}
enabled: false
image:
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-helm-test
tag: null
labels: {}
prometheusAddress: http://prometheus:9090
timeout: 1m
Description: Section for configuring optional Helm test
test.prometheusAddressπ
Type: string
"http://prometheus:9090"
Description: Address of the prometheus server to query for the test
test.timeoutπ
Type: string
"1m"
Description: Number of times to retry the test before failing
test.labelsπ
Type: object
{}
Description: Additional labels for the test pods
test.annotationsπ
Type: object
{}
Description: Additional annotations for test pods
test.imageπ
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-helm-test
tag: null
Description: Image to use for loki canary
test.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
test.image.repositoryπ
Type: string
"grafana/loki-helm-test"
Description: Docker image repository
test.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
test.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
test.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
fluentbit.enabledπ
Type: bool
false
promtail.enabledπ
Type: bool
false
monitoring.enabledπ
Type: bool
false
Description: Enable BigBang integration of Monitoring components
monitoring.dashboards.enabledπ
Type: bool
false
Description: If enabled, create configmap with dashboards for monitoring Loki
monitoring.dashboards.namespaceπ
Type: string
nil
Description: Alternative namespace to create dashboards ConfigMap in
monitoring.dashboards.annotationsπ
Type: object
{}
Description: Additional annotations for the dashboards ConfigMap
monitoring.dashboards.labelsπ
Type: object
grafana_dashboard: '1'
Description: Labels for the dashboards ConfigMap
monitoring.rules.enabledπ
Type: bool
false
Description: If enabled, create PrometheusRule resource with Loki recording rules
monitoring.rules.alertingπ
Type: bool
true
Description: Include alerting rules
monitoring.rules.disabledπ
Type: object
{}
Description: If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.
monitoring.rules.namespaceπ
Type: string
nil
Description: Alternative namespace to create PrometheusRule resources in
monitoring.rules.annotationsπ
Type: object
{}
Description: Additional annotations for the rules PrometheusRule resource
monitoring.rules.labelsπ
Type: object
{}
Description: Additional labels for the rules PrometheusRule resource
monitoring.rules.additionalRuleLabelsπ
Type: object
{}
Description: Additional labels for PrometheusRule alerts
monitoring.rules.additionalGroupsπ
Type: list
[]
Description: Additional groups to add to the rules file
monitoring.serviceMonitor.enabledπ
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
monitoring.serviceMonitor.namespaceπ
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
monitoring.serviceMonitor.namespaceSelectorπ
Type: object
{}
Description: Namespace selector for ServiceMonitor resources
monitoring.serviceMonitor.annotationsπ
Type: object
{}
Description: ServiceMonitor annotations
monitoring.serviceMonitor.labelsπ
Type: object
{}
Description: Additional ServiceMonitor labels
monitoring.serviceMonitor.intervalπ
Type: string
"15s"
Description: ServiceMonitor scrape interval Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at least 1/4 rate interval.
monitoring.serviceMonitor.scrapeTimeoutπ
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
monitoring.serviceMonitor.relabelingsπ
Type: list
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.serviceMonitor.metricRelabelingsπ
Type: list
[]
Description: ServiceMonitor metric relabel configs to apply to samples before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
monitoring.serviceMonitor.schemeπ
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
monitoring.serviceMonitor.tlsConfigπ
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
monitoring.serviceMonitor.metricsInstanceπ
Type: object
annotations: {}
enabled: false
labels: {}
remoteWrite: null
Description: If defined, will create a MetricsInstance for the Grafana Agent Operator.
monitoring.serviceMonitor.metricsInstance.enabledπ
Type: bool
false
Description: If enabled, MetricsInstance resources for Grafana Agent Operator are created
monitoring.serviceMonitor.metricsInstance.annotationsπ
Type: object
{}
Description: MetricsInstance annotations
monitoring.serviceMonitor.metricsInstance.labelsπ
Type: object
{}
Description: Additional MetricsInstance labels
monitoring.serviceMonitor.metricsInstance.remoteWriteπ
Type: string
nil
Description: If defined a MetricsInstance will be created to remote write metrics.
monitoring.selfMonitoring.enabledπ
Type: bool
false
monitoring.selfMonitoring.tenantπ
Type: object
name: self-monitoring
secretNamespace: '{{ .Release.Namespace }}'
Description: Tenant to use for self monitoring
monitoring.selfMonitoring.tenant.nameπ
Type: string
"self-monitoring"
Description: Name of the tenant
monitoring.selfMonitoring.tenant.secretNamespaceπ
Type: string
"{{ .Release.Namespace }}"
Description: Namespace to create additional tenant token secret in. Useful if your Grafana instance is in a separate namespace. Token will still be created in the canary namespace.
monitoring.selfMonitoring.grafanaAgent.installOperatorπ
Type: bool
false
Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
monitoring.selfMonitoring.grafanaAgent.namespaceπ
Type: string
nil
Description: Alternative namespace for Grafana Agent resources
monitoring.selfMonitoring.grafanaAgent.annotationsπ
Type: object
{}
Description: Grafana Agent annotations
monitoring.selfMonitoring.grafanaAgent.labelsπ
Type: object
{}
Description: Additional Grafana Agent labels
monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPIπ
Type: bool
false
Description: Enable the config read api on port 8080 of the agent
monitoring.selfMonitoring.grafanaAgent.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for GrafanaAgent pods
monitoring.selfMonitoring.grafanaAgent.resourcesπ
Type: object
{}
Description: Resource requests and limits for the grafanaAgent pods
monitoring.selfMonitoring.grafanaAgent.tolerationsπ
Type: list
[]
Description: Tolerations for GrafanaAgent pods
monitoring.selfMonitoring.podLogs.apiVersionπ
Type: string
"monitoring.grafana.com/v1alpha1"
Description: PodLogs version
monitoring.selfMonitoring.podLogs.annotationsπ
Type: object
{}
Description: PodLogs annotations
monitoring.selfMonitoring.podLogs.labelsπ
Type: object
{}
Description: Additional PodLogs labels
monitoring.selfMonitoring.podLogs.relabelingsπ
Type: list
[]
Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.selfMonitoring.podLogs.additionalPipelineStagesπ
Type: list
[]
Description: Additional pipeline stages to process logs after scraping https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca
monitoring.selfMonitoring.logsInstance.annotationsπ
Type: object
{}
Description: LogsInstance annotations
monitoring.selfMonitoring.logsInstance.labelsπ
Type: object
{}
Description: Additional LogsInstance labels
monitoring.selfMonitoring.logsInstance.clientsπ
Type: string
nil
Description: Additional clients for remote write
monitoring.lokiCanary.enabledπ
Type: bool
false
monitoring.lokiCanary.annotationsπ
Type: object
{}
Description: Additional annotations for the loki-canary Daemonset
monitoring.lokiCanary.podLabelsπ
Type: object
{}
Description: Additional labels for each loki-canary pod
monitoring.lokiCanary.service.annotationsπ
Type: object
{}
Description: Annotations for loki-canary Service
monitoring.lokiCanary.service.labelsπ
Type: object
{}
Description: Additional labels for loki-canary Service
monitoring.lokiCanary.extraArgsπ
Type: list
[]
Description: Additional CLI arguments for the `loki-canaryβ command
monitoring.lokiCanary.extraEnvπ
Type: list
[]
Description: Environment variables to add to the canary pods
monitoring.lokiCanary.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the canary pods
monitoring.lokiCanary.resourcesπ
Type: object
{}
Description: Resource requests and limits for the canary
monitoring.lokiCanary.dnsConfigπ
Type: object
{}
Description: DNS config for canary pods
monitoring.lokiCanary.nodeSelectorπ
Type: object
{}
Description: Node selector for canary pods
monitoring.lokiCanary.tolerationsπ
Type: list
[]
Description: Tolerations for canary pods
monitoring.lokiCanary.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for loki-canary pods
monitoring.lokiCanary.imageπ
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-canary
tag: null
Description: Image to use for loki canary
monitoring.lokiCanary.image.registryπ
Type: string
"docker.io"
Description: The Docker registry
monitoring.lokiCanary.image.repositoryπ
Type: string
"grafana/loki-canary"
Description: Docker image repository
monitoring.lokiCanary.image.tagπ
Type: string
nil
Description: Overrides the image tag whose default is the chartβs appVersion
monitoring.lokiCanary.image.digestπ
Type: string
nil
Description: Overrides the image tag with an image digest
monitoring.lokiCanary.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
monitoring.lokiCanary.updateStrategyπ
Type: object
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
Description: Update strategy for the loki-canary Daemonset pods
write.replicasπ
Type: int
3
Description: Number of replicas for the write
write.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the write.
write.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the write.
write.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the write.
write.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the write.
write.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilization percentage for the write.
write.autoscaling.behaviorπ
Type: object
scaleDown:
policies:
- periodSeconds: 1800
type: Pods
value: 1
stabilizationWindowSeconds: 3600
scaleUp:
policies:
- periodSeconds: 900
type: Pods
value: 1
Description: Behavior policies while scaling.
write.autoscaling.behavior.scaleUpπ
Type: object
policies:
- periodSeconds: 900
type: Pods
value: 1
Description: see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
write.image.registryπ
Type: string
nil
Description: The Docker registry for the write image. Overrides loki.image.registry
write.image.repositoryπ
Type: string
nil
Description: Docker image repository for the write image. Overrides loki.image.repository
write.image.tagπ
Type: string
nil
Description: Docker image tag for the write image. Overrides loki.image.tag
write.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for write pods
write.annotationsπ
Type: object
{}
Description: Annotations for write StatefulSet
write.podAnnotationsπ
Type: object
{}
Description: Annotations for write pods
write.podLabelsπ
Type: object
{}
Description: Additional labels for each write pod
write.selectorLabelsπ
Type: object
{}
Description: Additional selector labels for each write pod
write.service.annotationsπ
Type: object
{}
Description: Annotations for write Service
write.service.labelsπ
Type: object
{}
Description: Additional labels for write Service
write.targetModuleπ
Type: string
"write"
Description: Comma-separated list of Loki modules to load for the write
write.extraArgsπ
Type: list
[]
Description: Additional CLI args for the write
write.extraEnvπ
Type: list
[]
Description: Environment variables to add to the write pods
write.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the write pods
write.lifecycleπ
Type: object
{}
Description: Lifecycle for the write container
write.initContainersπ
Type: list
[]
Description: Init containers to add to the write pods
write.extraContainersπ
Type: list
[]
Description: Containers to add to the write pods
write.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the write pods
write.extraVolumesπ
Type: list
[]
Description: Volumes to add to the write pods
write.extraVolumeClaimTemplatesπ
Type: list
[]
Description: volumeClaimTemplates to add to StatefulSet
write.resourcesπ
Type: object
limits:
cpu: 300m
memory: 2Gi
requests:
cpu: 300m
memory: 2Gi
Description: Resource requests and limits for the write
write.terminationGracePeriodSecondsπ
Type: int
300
Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
write.dnsConfigπ
Type: object
{}
Description: DNS config for write pods
write.nodeSelectorπ
Type: object
{}
Description: Node selector for write pods
write.topologySpreadConstraintsπ
Type: list
[]
Description: Topology Spread Constraints for write pods
write.tolerationsπ
Type: list
[]
Description: Tolerations for write pods
write.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
write.persistence.volumeClaimsEnabledπ
Type: bool
true
Description: Enable volume claims in pod spec
write.persistence.dataVolumeParametersπ
Type: object
emptyDir: {}
Description: Parameters used for the data volume when volumeClaimEnabled if false
write.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
write.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
write.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
write.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
write.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
tableManager.enabledπ
Type: bool
false
Description: Specifies whether the table-manager should be enabled
tableManager.image.registryπ
Type: string
nil
Description: The Docker registry for the table-manager image. Overrides loki.image.registry
tableManager.image.repositoryπ
Type: string
nil
Description: Docker image repository for the table-manager image. Overrides loki.image.repository
tableManager.image.tagπ
Type: string
nil
Description: Docker image tag for the table-manager image. Overrides loki.image.tag
tableManager.commandπ
Type: string
nil
Description: Command to execute instead of defined in Docker image
tableManager.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for table-manager pods
tableManager.podLabelsπ
Type: object
{}
Description: Labels for table-manager pods
tableManager.annotationsπ
Type: object
{}
Description: Annotations for table-manager deployment
tableManager.podAnnotationsπ
Type: object
{}
Description: Annotations for table-manager pods
tableManager.service.annotationsπ
Type: object
{}
Description: Annotations for table-manager Service
tableManager.service.labelsπ
Type: object
{}
Description: Additional labels for table-manager Service
tableManager.extraArgsπ
Type: list
[]
Description: Additional CLI args for the table-manager
tableManager.extraEnvπ
Type: list
[]
Description: Environment variables to add to the table-manager pods
tableManager.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the table-manager pods
tableManager.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the table-manager pods
tableManager.extraVolumesπ
Type: list
[]
Description: Volumes to add to the table-manager pods
tableManager.resourcesπ
Type: object
{}
Description: Resource requests and limits for the table-manager
tableManager.extraContainersπ
Type: list
[]
Description: Containers to add to the table-manager pods
tableManager.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the table-manager to shutdown before it is killed
tableManager.dnsConfigπ
Type: object
{}
Description: DNS config table-manager pods
tableManager.nodeSelectorπ
Type: object
{}
Description: Node selector for table-manager pods
tableManager.tolerationsπ
Type: list
[]
Description: Tolerations for table-manager pods
tableManager.retention_deletes_enabledπ
Type: bool
false
Description: Enable deletes by retention
tableManager.retention_periodπ
Type: int
0
Description: Set retention period
read.replicasπ
Type: int
3
Description: Number of replicas for the read
read.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true
read.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the read
read.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the read
read.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the read
read.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the read
read.autoscaling.behaviorπ
Type: object
{}
Description: Behavior policies while scaling.
read.image.registryπ
Type: string
nil
Description: The Docker registry for the read image. Overrides loki.image.registry
read.image.repositoryπ
Type: string
nil
Description: Docker image repository for the read image. Overrides loki.image.repository
read.image.tagπ
Type: string
nil
Description: Docker image tag for the read image. Overrides loki.image.tag
read.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for read pods
read.annotationsπ
Type: object
{}
Description: Annotations for read deployment
read.podAnnotationsπ
Type: object
{}
Description: Annotations for read pods
read.podLabelsπ
Type: object
{}
Description: Additional labels for each read pod
read.selectorLabelsπ
Type: object
{}
Description: Additional selector labels for each read pod
read.service.annotationsπ
Type: object
{}
Description: Annotations for read Service
read.service.labelsπ
Type: object
{}
Description: Additional labels for read Service
read.targetModuleπ
Type: string
"read"
Description: Comma-separated list of Loki modules to load for the read
read.legacyReadTargetπ
Type: bool
false
Description: Whether or not to use the 2 target type simple scalable mode (read, write) or the 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will run two targets, false will run 3 targets.
read.extraArgsπ
Type: list
[]
Description: Additional CLI args for the read
read.extraContainersπ
Type: list
[]
Description: Containers to add to the read pods
read.extraEnvπ
Type: list
[]
Description: Environment variables to add to the read pods
read.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the read pods
read.lifecycleπ
Type: object
{}
Description: Lifecycle for the read container
read.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the read pods
read.extraVolumesπ
Type: list
[]
Description: Volumes to add to the read pods
read.resourcesπ
Type: object
limits:
cpu: 300m
memory: 2Gi
requests:
cpu: 300m
memory: 2Gi
Description: Resource requests and limits for the read
read.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the read to shutdown before it is killed
read.dnsConfigπ
Type: object
{}
Description: DNS config for read pods
read.nodeSelectorπ
Type: object
{}
Description: Node selector for read pods
read.topologySpreadConstraintsπ
Type: list
[]
Description: Topology Spread Constraints for read pods
read.tolerationsπ
Type: list
[]
Description: Tolerations for read pods
read.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
read.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
read.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
read.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
read.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
read.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
backend.replicasπ
Type: int
3
Description: Number of replicas for the backend
backend.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the backend.
backend.autoscaling.minReplicasπ
Type: int
2
Description: Minimum autoscaling replicas for the backend.
backend.autoscaling.maxReplicasπ
Type: int
6
Description: Maximum autoscaling replicas for the backend.
backend.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilization percentage for the backend.
backend.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilization percentage for the backend.
backend.autoscaling.behaviorπ
Type: object
{}
Description: Behavior policies while scaling.
backend.image.registryπ
Type: string
nil
Description: The Docker registry for the backend image. Overrides loki.image.registry
backend.image.repositoryπ
Type: string
nil
Description: Docker image repository for the backend image. Overrides loki.image.repository
backend.image.tagπ
Type: string
nil
Description: Docker image tag for the backend image. Overrides loki.image.tag
backend.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for backend pods
backend.annotationsπ
Type: object
{}
Description: Annotations for backend StatefulSet
backend.podAnnotationsπ
Type: object
{}
Description: Annotations for backend pods
backend.podLabelsπ
Type: object
{}
Description: Additional labels for each backend pod
backend.selectorLabelsπ
Type: object
{}
Description: Additional selector labels for each backend pod
backend.service.annotationsπ
Type: object
{}
Description: Annotations for backend Service
backend.service.labelsπ
Type: object
{}
Description: Additional labels for backend Service
backend.targetModuleπ
Type: string
"backend"
Description: Comma-separated list of Loki modules to load for the read
backend.extraArgsπ
Type: list
[]
Description: Additional CLI args for the backend
backend.extraEnvπ
Type: list
[]
Description: Environment variables to add to the backend pods
backend.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the backend pods
backend.initContainersπ
Type: list
[]
Description: Init containers to add to the backend pods
backend.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the backend pods
backend.extraVolumesπ
Type: list
[]
Description: Volumes to add to the backend pods
backend.resourcesπ
Type: object
{}
Description: Resource requests and limits for the backend
backend.terminationGracePeriodSecondsπ
Type: int
300
Description: Grace period to allow the backend to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
backend.dnsConfigπ
Type: object
{}
Description: DNS config for backend pods
backend.nodeSelectorπ
Type: object
{}
Description: Node selector for backend pods
backend.topologySpreadConstraintsπ
Type: list
[]
Description: Topology Spread Constraints for backend pods
backend.tolerationsπ
Type: list
[]
Description: Tolerations for backend pods
backend.podManagementPolicyπ
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
backend.persistence.volumeClaimsEnabledπ
Type: bool
true
Description: Enable volume claims in pod spec
backend.persistence.dataVolumeParametersπ
Type: object
emptyDir: {}
Description: Parameters used for the data volume when volumeClaimEnabled if false
backend.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
backend.persistence.sizeπ
Type: string
"10Gi"
Description: Size of persistent disk
backend.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
backend.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
backend.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
singleBinary.replicasπ
Type: int
1
Description: Number of replicas for the single binary
singleBinary.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling
singleBinary.autoscaling.minReplicasπ
Type: int
1
Description: Minimum autoscaling replicas for the single binary
singleBinary.autoscaling.maxReplicasπ
Type: int
3
Description: Maximum autoscaling replicas for the single binary
singleBinary.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the single binary
singleBinary.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the single binary
singleBinary.image.registryπ
Type: string
nil
Description: The Docker registry for the single binary image. Overrides loki.image.registry
singleBinary.image.repositoryπ
Type: string
nil
Description: Docker image repository for the single binary image. Overrides loki.image.repository
singleBinary.image.tagπ
Type: string
nil
Description: Docker image tag for the single binary image. Overrides loki.image.tag
singleBinary.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for single binary pods
singleBinary.annotationsπ
Type: object
{}
Description: Annotations for single binary StatefulSet
singleBinary.podAnnotationsπ
Type: object
{}
Description: Annotations for single binary pods
singleBinary.podLabelsπ
Type: object
{}
Description: Additional labels for each single binary pod
singleBinary.selectorLabelsπ
Type: object
{}
Description: Additional selector labels for each single binary pod
singleBinary.service.annotationsπ
Type: object
{}
Description: Annotations for single binary Service
singleBinary.service.labelsπ
Type: object
{}
Description: Additional labels for single binary Service
singleBinary.targetModuleπ
Type: string
"all"
Description: Comma-separated list of Loki modules to load for the single binary
singleBinary.extraArgsπ
Type: list
[]
Description: Labels for single binary service
singleBinary.extraEnvπ
Type: list
[]
Description: Environment variables to add to the single binary pods
singleBinary.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the single binary pods
singleBinary.extraContainersπ
Type: list
[]
Description: Extra containers to add to the single binary loki pod
singleBinary.initContainersπ
Type: list
[]
Description: Init containers to add to the single binary pods
singleBinary.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the single binary pods
singleBinary.extraVolumesπ
Type: list
[]
Description: Volumes to add to the single binary pods
singleBinary.resourcesπ
Type: object
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
Description: Resource requests and limits for the single binary
singleBinary.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the single binary to shutdown before it is killed
singleBinary.dnsConfigπ
Type: object
{}
Description: DNS config for single binary pods
singleBinary.nodeSelectorπ
Type: object
{}
Description: Node selector for single binary pods
singleBinary.tolerationsπ
Type: list
[]
Description: Tolerations for single binary pods
singleBinary.persistence.enableStatefulSetAutoDeletePVCπ
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
singleBinary.persistence.enabledπ
Type: bool
true
Description: Enable persistent disk
singleBinary.persistence.sizeπ
Type: string
"12Gi"
Description: Size of persistent disk
singleBinary.persistence.storageClassπ
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
singleBinary.persistence.selectorπ
Type: string
nil
Description: Selector for persistent disk
ingress.enabledπ
Type: bool
false
ingress.ingressClassNameπ
Type: string
""
ingress.annotationsπ
Type: object
{}
ingress.labelsπ
Type: object
{}
ingress.paths.write[0]π
Type: string
"/api/prom/push"
ingress.paths.write[1]π
Type: string
"/loki/api/v1/push"
ingress.paths.read[0]π
Type: string
"/api/prom/tail"
ingress.paths.read[1]π
Type: string
"/loki/api/v1/tail"
ingress.paths.read[2]π
Type: string
"/loki/api"
ingress.paths.read[3]π
Type: string
"/api/prom/rules"
ingress.paths.read[4]π
Type: string
"/loki/api/v1/rules"
ingress.paths.read[5]π
Type: string
"/prometheus/api/v1/rules"
ingress.paths.read[6]π
Type: string
"/prometheus/api/v1/alerts"
ingress.paths.singleBinary[0]π
Type: string
"/api/prom/push"
ingress.paths.singleBinary[1]π
Type: string
"/loki/api/v1/push"
ingress.paths.singleBinary[2]π
Type: string
"/api/prom/tail"
ingress.paths.singleBinary[3]π
Type: string
"/loki/api/v1/tail"
ingress.paths.singleBinary[4]π
Type: string
"/loki/api"
ingress.paths.singleBinary[5]π
Type: string
"/api/prom/rules"
ingress.paths.singleBinary[6]π
Type: string
"/loki/api/v1/rules"
ingress.paths.singleBinary[7]π
Type: string
"/prometheus/api/v1/rules"
ingress.paths.singleBinary[8]π
Type: string
"/prometheus/api/v1/alerts"
ingress.hostsπ
Type: list
- loki.example.com
Description: Hosts configuration for the ingress, passed through the tpl function to allow templating
ingress.tlsπ
Type: list
[]
Description: TLS configuration for the ingress. Hosts passed through the tpl function to allow templating
memberlist.service.publishNotReadyAddressesπ
Type: bool
false
gateway.enabledπ
Type: bool
false
Description: Specifies whether the gateway should be enabled
gateway.replicasπ
Type: int
1
Description: Number of replicas for the gateway
gateway.verboseLoggingπ
Type: bool
true
Description: Enable logging of 2xx and 3xx HTTP requests
gateway.autoscaling.enabledπ
Type: bool
false
Description: Enable autoscaling for the gateway
gateway.autoscaling.minReplicasπ
Type: int
1
Description: Minimum autoscaling replicas for the gateway
gateway.autoscaling.maxReplicasπ
Type: int
3
Description: Maximum autoscaling replicas for the gateway
gateway.autoscaling.targetCPUUtilizationPercentageπ
Type: int
60
Description: Target CPU utilisation percentage for the gateway
gateway.autoscaling.targetMemoryUtilizationPercentageπ
Type: string
nil
Description: Target memory utilisation percentage for the gateway
gateway.autoscaling.behaviorπ
Type: object
{}
Description: Behavior policies while scaling.
gateway.deploymentStrategy.typeπ
Type: string
"RollingUpdate"
gateway.image.registryπ
Type: string
"registry1.dso.mil"
Description: The Docker registry for the gateway image
gateway.image.repositoryπ
Type: string
"ironbank/opensource/nginx/nginx"
Description: The gateway image repository
gateway.image.tagπ
Type: string
"1.25.4"
Description: The gateway image tag
gateway.image.digestπ
Type: string
nil
Description: Overrides the gateway image tag with an image digest
gateway.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: The gateway image pull policy
gateway.priorityClassNameπ
Type: string
nil
Description: The name of the PriorityClass for gateway pods
gateway.annotationsπ
Type: object
{}
Description: Annotations for gateway deployment
gateway.podAnnotationsπ
Type: object
{}
Description: Annotations for gateway pods
gateway.podLabelsπ
Type: object
{}
Description: Additional labels for gateway pods
gateway.extraArgsπ
Type: list
[]
Description: Additional CLI args for the gateway
gateway.extraEnvπ
Type: list
[]
Description: Environment variables to add to the gateway pods
gateway.extraEnvFromπ
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the gateway pods
gateway.lifecycleπ
Type: object
{}
Description: Lifecycle for the gateway container
gateway.extraVolumesπ
Type: list
[]
Description: Volumes to add to the gateway pods
gateway.extraVolumeMountsπ
Type: list
[]
Description: Volume mounts to add to the gateway pods
gateway.podSecurityContextπ
Type: object
fsGroup: 101
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101
Description: The SecurityContext for gateway containers
gateway.containerSecurityContextπ
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
Description: The SecurityContext for gateway containers
gateway.resourcesπ
Type: object
{}
Description: Resource requests and limits for the gateway
gateway.extraContainersπ
Type: list
[]
Description: Containers to add to the gateway pods
gateway.terminationGracePeriodSecondsπ
Type: int
30
Description: Grace period to allow the gateway to shutdown before it is killed
gateway.dnsConfigπ
Type: object
{}
Description: DNS config for gateway pods
gateway.nodeSelectorπ
Type: object
{}
Description: Node selector for gateway pods
gateway.topologySpreadConstraintsπ
Type: list
[]
Description: Topology Spread Constraints for gateway pods
gateway.tolerationsπ
Type: list
[]
Description: Tolerations for gateway pods
gateway.service.portπ
Type: int
80
Description: Port of the gateway service
gateway.service.typeπ
Type: string
"ClusterIP"
Description: Type of the gateway service
gateway.service.clusterIPπ
Type: string
nil
Description: ClusterIP of the gateway service
gateway.service.nodePortπ
Type: int
nil
Description: Node port if service type is NodePort
gateway.service.loadBalancerIPπ
Type: string
nil
Description: Load balancer IPO address if service type is LoadBalancer
gateway.service.annotationsπ
Type: object
{}
Description: Annotations for the gateway service
gateway.service.labelsπ
Type: object
{}
Description: Labels for gateway service
gateway.ingress.enabledπ
Type: bool
false
Description: Specifies whether an ingress for the gateway should be created
gateway.ingress.ingressClassNameπ
Type: string
""
Description: Ingress Class Name. MAY be required for Kubernetes versions >= 1.18
gateway.ingress.annotationsπ
Type: object
{}
Description: Annotations for the gateway ingress
gateway.ingress.labelsπ
Type: object
{}
Description: Labels for the gateway ingress
gateway.ingress.hostsπ
Type: list
- host: gateway.loki.example.com
paths:
- path: /
Description: Hosts configuration for the gateway ingress, passed through the tpl function to allow templating
gateway.ingress.tlsπ
Type: list
- hosts:
- gateway.loki.example.com
secretName: loki-gateway-tls
Description: TLS configuration for the gateway ingress. Hosts passed through the tpl function to allow templating
gateway.basicAuth.enabledπ
Type: bool
false
Description: Enables basic authentication for the gateway
gateway.basicAuth.usernameπ
Type: string
nil
Description: The basic auth username for the gateway
gateway.basicAuth.passwordπ
Type: string
nil
Description: The basic auth password for the gateway
gateway.basicAuth.htpasswdπ
Type: string
"{{ if .Values.loki.tenants }}\n\n {{- range $t := .Values.loki.tenants }}\n{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}\n\n {{- end }}\n{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}"
Description: Uses the specified users from the loki.tenants list to create the htpasswd file if loki.tenants is not set, the gateway.basicAuth.username and gateway.basicAuth.password are used The value is templated using tpl. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.
gateway.basicAuth.existingSecretπ
Type: string
nil
Description: Existing basic auth secret to use. Must contain β.htpasswdβ
gateway.readinessProbe.httpGet.pathπ
Type: string
"/"
gateway.readinessProbe.httpGet.portπ
Type: string
"http"
gateway.readinessProbe.initialDelaySecondsπ
Type: int
15
gateway.readinessProbe.timeoutSecondsπ
Type: int
1
gateway.nginxConfig.enableIPv6π
Type: bool
true
Description: Enable listener for IPv6, disable on IPv4-only systems
gateway.nginxConfig.logFormatπ
Type: string
"main '$remote_addr - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
Description: NGINX log format
gateway.nginxConfig.serverSnippetπ
Type: string
""
Description: Allows appending custom configuration to the server block
gateway.nginxConfig.httpSnippetπ
Type: string
"{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}"
Description: Allows appending custom configuration to the http block, passed through the tpl function to allow templating
gateway.nginxConfig.customReadUrlπ
Type: string
nil
Description: Override Read URL
gateway.nginxConfig.customWriteUrlπ
Type: string
nil
Description: Override Write URL
gateway.nginxConfig.customBackendUrlπ
Type: string
nil
Description: Override Backend URL
gateway.nginxConfig.resolverπ
Type: string
""
Description: Allows overriding the DNS resolver address nginx will use.
gateway.podDisruptionBudget.maxUnavailableπ
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
networkPolicy.enabledπ
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.flavorπ
Type: string
"kubernetes"
Description: Specifies whether the policies created will be standard Network Policies (flavor: kubernetes) or Cilium Network Policies (flavor: cilium)
networkPolicy.metrics.podSelectorπ
Type: object
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.metrics.namespaceSelectorπ
Type: object
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrsπ
Type: list
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.ingress.podSelectorπ
Type: object
{}
Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.ingress.namespaceSelectorπ
Type: object
{}
Description: Specifies the namespaces which are allowed to access the http port
networkPolicy.alertmanager.portπ
Type: int
9093
Description: Specify the alertmanager port used for alerting
networkPolicy.alertmanager.podSelectorπ
Type: object
{}
Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.alertmanager.namespaceSelectorπ
Type: object
{}
Description: Specifies the namespace the alertmanager is running in
networkPolicy.externalStorage.portsπ
Type: list
[]
Description: Specify the port used for external storage, e.g. AWS S3
networkPolicy.externalStorage.cidrsπ
Type: list
[]
Description: Specifies specific network CIDRs you want to limit access to
networkPolicy.discovery.portπ
Type: int
nil
Description: Specify the port used for discovery
networkPolicy.discovery.podSelectorπ
Type: object
{}
Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.discovery.namespaceSelectorπ
Type: object
{}
Description: Specifies the namespace the discovery Pods are running in
networkPolicy.egressWorld.enabledπ
Type: bool
false
Description: Enable additional cilium egress rules to external world for write, read and backend.
networkPolicy.egressKubeApiserver.enabledπ
Type: bool
false
Description: Enable additional cilium egress rules to kube-apiserver for backend.
minioπ
Type: object
enabled: false
secrets:
accessKey: minio
name: loki-objstore-creds
secretKey: minio123
service:
nameOverride: minio.logging.svc.cluster.local
tenant:
buckets:
- name: loki
- name: loki-admin
defaultUserCredentials:
password: ''
username: minio-user
metrics:
enabled: false
memory: 128M
port: 9000
pools:
- containerSecurityContext:
capabilities:
drop:
- ALL
securityContext:
fsGroup: 1001
runAsGroup: 1001
runAsUser: 1001
servers: 1
size: 750Mi
volumesPerServer: 4
users:
- name: minio-user
Description: -----------------------------------
minio.enabledπ
Type: bool
false
Description: Enable minio instance support, must have minio-operator installed
minio.secretsπ
Type: object
accessKey: minio
name: loki-objstore-creds
secretKey: minio123
Description: Minio root credentials
minio.tenant.bucketsπ
Type: list
- name: loki
- name: loki-admin
Description: Buckets to be provisioned to for tenant
minio.tenant.usersπ
Type: list
- name: minio-user
Description: Users to to be provisioned to for tenant
minio.tenant.defaultUserCredentialsπ
Type: object
password: ''
username: minio-user
Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki
domainπ
Type: string
"bigbang.dev"
istio.enabledπ
Type: bool
false
istio.hardened.enabledπ
Type: bool
false
istio.hardened.outboundTrafficPolicyModeπ
Type: string
"REGISTRY_ONLY"
istio.hardened.customServiceEntriesπ
Type: list
[]
istio.hardened.customAuthorizationPoliciesπ
Type: list
[]
istio.hardened.monitoring.enabledπ
Type: bool
true
istio.hardened.monitoring.namespaces[0]π
Type: string
"monitoring"
istio.hardened.monitoring.principals[0]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.monitoring.principals[1]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.monitoring.principals[2]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.monitoring.principals[3]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.monitoring.principals[4]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.monitoring.principals[5]π
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.promtail.enabledπ
Type: bool
true
istio.hardened.promtail.namespaces[0]π
Type: string
"promtail"
istio.hardened.promtail.principals[0]π
Type: string
"cluster.local/ns/promtail/sa/promtail-promtail"
istio.hardened.fluentbit.enabledπ
Type: bool
true
istio.hardened.fluentbit.namespaces[0]π
Type: string
"fluentbit"
istio.hardened.fluentbit.principals[0]π
Type: string
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"
istio.hardened.minioOperator.enabledπ
Type: bool
true
istio.hardened.minioOperator.namespaces[0]π
Type: string
"minio-operator"
istio.hardened.minioOperator.principals[0]π
Type: string
"cluster.local/ns/minio-operator/sa/minio-operator"
istio.loki.enabledπ
Type: bool
false
istio.loki.annotationsπ
Type: object
{}
istio.loki.labelsπ
Type: object
{}
istio.loki.gateways[0]π
Type: string
"istio-system/public"
istio.loki.hosts[0]π
Type: string
"loki.{{ .Values.domain }}"
istio.loki.serviceπ
Type: string
""
istio.loki.portπ
Type: string
""
istio.loki.exposeReadyEndpointπ
Type: bool
false
istio.mtls.modeπ
Type: string
"STRICT"
networkPolicies.enabledπ
Type: bool
false
networkPolicies.controlPlaneCidrπ
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR to allow init job communication to the Kubernetes API. Use kubectl get endpoints kubernetes to get the CIDR range needed for your cluster
networkPolicies.ingressLabels.appπ
Type: string
"public-ingressgateway"
networkPolicies.ingressLabels.istioπ
Type: string
"ingressgateway"
networkPolicies.additionalPoliciesπ
Type: list
[]
bbtests.enabledπ
Type: bool
false
bbtests.cypress.artifactsπ
Type: bool
true
bbtests.cypress.envs.cypress_check_datasourceπ
Type: string
"false"
bbtests.cypress.envs.cypress_grafana_urlπ
Type: string
"http://monitoring-grafana.monitoring.svc.cluster.local"
bbtests.scripts.imageπ
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"
bbtests.scripts.envs.LOKI_URLπ
Type: string
"http://{{ .Values.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"
bbtests.scripts.envs.LOKI_VERSIONπ
Type: string
"{{ .Values.loki.image.tag }}"
sidecar.image.repositoryπ
Type: string
"registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar"
sidecar.image.tagπ
Type: string
"1.26.1"
sidecar.image.shaπ
Type: string
""
sidecar.image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Docker image pull policy
sidecar.resources.limits.cpuπ
Type: string
"100m"
sidecar.resources.limits.memoryπ
Type: string
"100Mi"
sidecar.resources.requests.cpuπ
Type: string
"100m"
sidecar.resources.requests.memoryπ
Type: string
"100Mi"
sidecar.securityContext.allowPrivilegeEscalationπ
Type: bool
false
sidecar.securityContext.capabilities.drop[0]π
Type: string
"ALL"
sidecar.securityContext.seccompProfile.typeπ
Type: string
"RuntimeDefault"
sidecar.skipTlsVerifyπ
Type: bool
false
Description: Set to true to skip tls verification for kube api calls.
sidecar.enableUniqueFilenamesπ
Type: bool
false
Description: Ensure that rule files arenβt conflicting and being overwritten by prefixing their name with the namespace they are defined in.
sidecar.readinessProbeπ
Type: object
{}
Description: Readiness probe definition. Probe is disabled on the sidecar by default.
sidecar.livenessProbeπ
Type: object
{}
Description: Liveness probe definition. Probe is disabled on the sidecar by default.
sidecar.rules.enabledπ
Type: bool
false
Description: Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.
sidecar.rules.labelπ
Type: string
"loki_rule"
Description: Label that the configmaps/secrets with rules will be marked with.
sidecar.rules.labelValueπ
Type: string
""
Description: Label value that the configmaps/secrets with rules will be set to.
sidecar.rules.folderπ
Type: string
"/rules"
Description: Folder into which the rules will be placed.
sidecar.rules.searchNamespaceπ
Type: string
nil
Description: Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. Itβs also possible to specify βALLβ to search in all namespaces.
sidecar.rules.watchMethodπ
Type: string
"WATCH"
Description: Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
sidecar.rules.resourceπ
Type: string
"both"
Description: Search in configmap, secret, or both.
sidecar.rules.scriptπ
Type: string
nil
Description: Absolute path to the shell script to execute after a configmap or secret has been reloaded.
sidecar.rules.watchServerTimeoutπ
Type: int
60
Description: WatchServerTimeout: request to the server, asking it to cleanly close the connection after that. defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.
sidecar.rules.watchClientTimeoutπ
Type: int
60
Description: WatchClientTimeout: is a client-side timeout, configuring your local socket. If you have a network outage dropping all packets with no RST/FIN, this is how long your client waits before realizing & dropping the connection. Defaults to 66sec.
sidecar.rules.logLevelπ
Type: string
"INFO"
Description: Log level of the sidecar container.