Skip to content

loki values.yaml📜

global.image.registry📜

Type: string

Default value
nil

Description: Overrides the Docker registry globally for all images

global.priorityClassName📜

Type: string

Default value
nil

Description: Overrides the priorityClassName for all pods

global.clusterDomain📜

Type: string

Default value
"cluster.local"

Description: configures cluster domain (“cluster.local” by default)

global.dnsService📜

Type: string

Default value
"kube-dns"

Description: configures DNS service name

global.dnsNamespace📜

Type: string

Default value
"kube-system"

Description: configures DNS service namespace

nameOverride📜

Type: string

Default value
"logging-loki"

Description: Overrides the chart’s name

openshift📜

Type: bool

Default value
false

fullnameOverride📜

Type: string

Default value
"logging-loki"

Description: Overrides the chart’s computed fullname

clusterLabelOverride📜

Type: string

Default value
nil

Description: Overrides the chart’s cluster label

imagePullSecrets📜

Type: list

Default value
- name: private-registry

Description: Image pull secrets for Docker images

kubectlImage.registry📜

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry

kubectlImage.repository📜

Type: string

Default value
"ironbank/opensource/kubernetes/kubectl"

Description: Docker image repository

kubectlImage.tag📜

Type: string

Default value
"v1.28.8"

Description: Overrides the image tag whose default is the chart’s appVersion

kubectlImage.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

kubectlImage.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

loki.readinessProbe.httpGet.path📜

Type: string

Default value
"/ready"

loki.readinessProbe.httpGet.port📜

Type: string

Default value
"http-metrics"

loki.readinessProbe.initialDelaySeconds📜

Type: int

Default value
30

loki.readinessProbe.timeoutSeconds📜

Type: int

Default value
1

loki.image.registry📜

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry

loki.image.repository📜

Type: string

Default value
"ironbank/opensource/grafana/loki"

Description: Docker image repository

loki.image.tag📜

Type: string

Default value
"2.9.6"

Description: Overrides the image tag whose default is the chart’s appVersion

loki.image.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

loki.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

loki.annotations📜

Type: object

Default value
{}

Description: Common annotations for all deployments/StatefulSets

loki.podAnnotations📜

Type: object

Default value
{}

Description: Common annotations for all pods

loki.podLabels📜

Type: object

Default value
{}

Description: Common labels for all pods

loki.serviceAnnotations📜

Type: object

Default value
{}

Description: Common annotations for all services

loki.serviceLabels📜

Type: object

Default value
{}

Description: Common labels for all services

loki.revisionHistoryLimit📜

Type: int

Default value
10

Description: The number of old ReplicaSets to retain to allow rollback

loki.podSecurityContext📜

Type: object

Default value
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001

Description: The SecurityContext for Loki pods

loki.containerSecurityContext📜

Type: object

Default value
allowPrivilegeEscalation: false
capabilities:
  drop:
  - ALL
readOnlyRootFilesystem: true

Description: The SecurityContext for Loki containers

Type: bool

Default value
true

Description: Should enableServiceLinks be enabled. Default to enable

loki.existingSecretForConfig📜

Type: string

Default value
""

Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config

loki.configStorageType📜

Type: string

Default value
"ConfigMap"

Description: Defines what kind of object stores the configuration, a ConfigMap or a Secret. In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use environment variables in the configuration. Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see Secrets.

loki.externalConfigSecretName📜

Type: string

Default value
"{{ include \"loki.name\" . }}"

Description: Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).

loki.auth_enabled📜

Type: bool

Default value
false

loki.memberlistConfig📜

Type: object

Default value
{}

Description: memberlist configuration (overrides embedded default)

loki.extraMemberlistConfig📜

Type: object

Default value
{}

Description: Extra memberlist configuration

loki.tenants📜

Type: list

Default value
[]

Description: Tenants list to be created on nginx htpasswd file, with name and password keys

loki.server📜

Type: object

Default value
grpc_listen_port: 9095
http_listen_port: 3100

Description: Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.

loki.limits_config📜

Type: object

Default value
max_cache_freshness_per_query: 10m
reject_old_samples: true
reject_old_samples_max_age: 168h
split_queries_by_interval: 15m

Description: Limits config

loki.runtimeConfig📜

Type: object

Default value
{}

Description: Provides a reloadable runtime configuration file for some specific configuration

loki.commonConfig📜

Type: object

Default value
compactor_address: '{{ include "loki.compactorAddress" . }}'
path_prefix: /var/loki
replication_factor: 1

Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration

loki.storage📜

Type: object

Default value
azure:
  accountKey: null
  accountName: null
  connectionString: null
  endpointSuffix: null
  requestTimeout: null
  useFederatedToken: false
  useManagedIdentity: false
  userAssignedId: null
bucketNames:
  admin: loki-admin
  chunks: loki
  ruler: loki
filesystem:
  chunks_directory: /var/loki/chunks
  rules_directory: /var/loki/rules
gcs:
  chunkBufferSize: 0
  enableHttp2: true
  requestTimeout: 0s
s3:
  accessKeyId: null
  backoff_config: {}
  endpoint: null
  http_config: {}
  insecure: false
  region: null
  s3: null
  s3ForcePathStyle: false
  secretAccessKey: null
  signatureVersion: null
swift:
  auth_url: null
  auth_version: null
  connect_timeout: null
  container_name: null
  domain_id: null
  domain_name: null
  internal: null
  max_retries: null
  password: null
  project_domain_id: null
  project_domain_name: null
  project_id: null
  project_name: null
  region_name: null
  request_timeout: null
  user_domain_id: null
  user_domain_name: null
  user_id: null
  username: null
type: s3

Description: Storage config. Providing this will automatically populate all necessary storage configs in the templated config.

loki.storage.s3.backoff_config📜

Type: object

Default value
{}

Description: Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config

loki.memcached📜

Type: object

Default value
chunk_cache:
  batch_size: 256
  enabled: false
  host: ''
  parallelism: 10
  service: memcached-client
results_cache:
  default_validity: 12h
  enabled: false
  host: ''
  service: memcached-client
  timeout: 500ms

Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.

loki.schemaConfig📜

Type: object

Default value
{}

Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas

loki.rulerConfig📜

Type: object

Default value
{}

Description: Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler

loki.structuredConfig📜

Type: object

Default value
{}

Description: Structured loki configuration, takes precedence over loki.config, loki.schemaConfig, loki.storageConfig

loki.query_scheduler📜

Type: object

Default value
{}

Description: Additional query scheduler config

loki.storage_config📜

Type: object

Default value
boltdb_shipper:
  active_index_directory: /var/loki/boltdb-shipper-active
  cache_location: /var/loki/boltdb-shipper-cache
  cache_ttl: 24h
hedging:
  at: 250ms
  max_per_second: 20
  up_to: 3
tsdb_shipper:
  active_index_directory: /var/loki/tsdb-index
  cache_location: /var/loki/tsdb-cache
  cache_ttl: 24h

Description: Additional storage config

loki.compactor📜

Type: object

Default value
{}

Description: Optional compactor configuration

loki.analytics📜

Type: object

Default value
{}

Description: Optional analytics configuration

loki.querier📜

Type: object

Default value
{}

Description: Optional querier configuration

loki.ingester📜

Type: object

Default value
autoforget_unhealthy: true
chunk_target_size: 196608
flush_check_period: 5s
flush_op_timeout: 100m
lifecycler:
  ring:
    kvstore:
      store: memberlist

Description: Optional ingester configuration

loki.index_gateway📜

Type: object

Default value
mode: ring

Description: Optional index gateway configuration

loki.frontend.scheduler_address📜

Type: string

Default value
"{{ include \"loki.querySchedulerAddress\" . }}"

loki.frontend_worker.scheduler_address📜

Type: string

Default value
"{{ include \"loki.querySchedulerAddress\" . }}"

loki.distributor📜

Type: object

Default value
{}

Description: Optional distributor configuration

loki.tracing📜

Type: object

Default value
enabled: false

Description: Enable tracing

enterprise.enabled📜

Type: bool

Default value
false

enterprise.version📜

Type: string

Default value
"v1.8.6"

enterprise.cluster_name📜

Type: string

Default value
nil

Description: Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license

enterprise.license📜

Type: object

Default value
contents: NOTAVALIDLICENSE

Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'enterprise.license.contents=./license.jwt'

enterprise.useExternalLicense📜

Type: bool

Default value
false

Description: Set to true when providing an external license

enterprise.externalLicenseName📜

Type: string

Default value
nil

Description: Name of external license secret to use

enterprise.externalConfigName📜

Type: string

Default value
""

Description: Name of the external config secret to use

enterprise.adminApi📜

Type: object

Default value
enabled: true

Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust, or that auth_enabled is set to false.

enterprise.config📜

Type: string

Default value
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}\nadmin_client:\n  storage:\n    s3:\n      bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n  type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n  path: /etc/loki/license/license.jwt\n"

enterprise.image.registry📜

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry

enterprise.image.repository📜

Type: string

Default value
"ironbank/grafana/grafana-enterprise-logs"

Description: Docker image repository

enterprise.image.tag📜

Type: string

Default value
"v1.7.1"

Description: Overrides the image tag whose default is the chart’s appVersion

enterprise.image.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

enterprise.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

enterprise.adminToken.secret📜

Type: string

Default value
nil

Description: Alternative name for admin token secret, needed by tokengen and provisioner jobs

enterprise.adminToken.additionalNamespaces📜

Type: list

Default value
[]

Description: Additional namespace to also create the token in. Useful if your Grafana instance is in a different namespace

enterprise.canarySecret📜

Type: string

Default value
nil

Description: Alternative name of the secret to store token for the canary

enterprise.tokengen📜

Type: object

Default value
annotations:
  sidecar.istio.io/inject: 'false'
enabled: true
env: []
extraArgs: []
extraEnvFrom: []
extraVolumeMounts: []
extraVolumes: []
labels: {}
priorityClassName: ''
securityContext:
  fsGroup: 10001
  runAsGroup: 10001
  runAsNonRoot: true
  runAsUser: 10001
targetModule: tokengen
tolerations: []

Description: Configuration for tokengen target

enterprise.tokengen.enabled📜

Type: bool

Default value
true

Description: Whether the job should be part of the deployment

enterprise.tokengen.targetModule📜

Type: string

Default value
"tokengen"

Description: Comma-separated list of Loki modules to load for tokengen

enterprise.tokengen.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI arguments for the tokengen target

enterprise.tokengen.env📜

Type: list

Default value
[]

Description: Additional Kubernetes environment

enterprise.tokengen.labels📜

Type: object

Default value
{}

Description: Additional labels for the tokengen Job

enterprise.tokengen.annotations📜

Type: object

Default value
sidecar.istio.io/inject: 'false'

Description: Additional annotations for the tokengen Job

enterprise.tokengen.tolerations📜

Type: list

Default value
[]

Description: Tolerations for tokengen Job

enterprise.tokengen.extraVolumes📜

Type: list

Default value
[]

Description: Additional volumes for Pods

enterprise.tokengen.extraVolumeMounts📜

Type: list

Default value
[]

Description: Additional volume mounts for Pods

enterprise.tokengen.securityContext📜

Type: object

Default value
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001

Description: Run containers as user enterprise-logs(uid=10001)

enterprise.tokengen.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the tokengen pods

enterprise.tokengen.priorityClassName📜

Type: string

Default value
""

Description: The name of the PriorityClass for tokengen Pods

enterprise.provisioner📜

Type: object

Default value
additionalTenants: []
annotations: {}
enabled: false
env: []
extraVolumeMounts: []
image:
  digest: null
  pullPolicy: IfNotPresent
  registry: docker.io
  repository: grafana/enterprise-logs-provisioner
  tag: null
labels: {}
priorityClassName: null
provisionedSecretPrefix: null
securityContext:
  fsGroup: 10001
  runAsGroup: 10001
  runAsNonRoot: true
  runAsUser: 10001

Description: Configuration for provisioner target

enterprise.provisioner.enabled📜

Type: bool

Default value
false

Description: Whether the job should be part of the deployment

enterprise.provisioner.provisionedSecretPrefix📜

Type: string

Default value
nil

Description: Name of the secret to store provisioned tokens in

enterprise.provisioner.additionalTenants📜

Type: list

Default value
[]

Description: Additional tenants to be created. Each tenant will get a read and write policy and associated token. Tenant must have a name and a namespace for the secret containting the token to be created in. For example additionalTenants: - name: loki secretNamespace: grafana

enterprise.provisioner.env📜

Type: list

Default value
[]

Description: Additional Kubernetes environment

enterprise.provisioner.labels📜

Type: object

Default value
{}

Description: Additional labels for the provisioner Job

enterprise.provisioner.annotations📜

Type: object

Default value
{}

Description: Additional annotations for the provisioner Job

enterprise.provisioner.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for provisioner Job

enterprise.provisioner.securityContext📜

Type: object

Default value
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001

Description: Run containers as user enterprise-logs(uid=10001)

enterprise.provisioner.image📜

Type: object

Default value
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/enterprise-logs-provisioner
tag: null

Description: Provisioner image to Utilize

enterprise.provisioner.image.registry📜

Type: string

Default value
"docker.io"

Description: The Docker registry

enterprise.provisioner.image.repository📜

Type: string

Default value
"grafana/enterprise-logs-provisioner"

Description: Docker image repository

enterprise.provisioner.image.tag📜

Type: string

Default value
nil

Description: Overrides the image tag whose default is the chart’s appVersion

enterprise.provisioner.image.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

enterprise.provisioner.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

enterprise.provisioner.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the provisioner pods

migrate📜

Type: object

Default value
fromDistributed:
  enabled: false
  memberlistService: ''

Description: Options that may be necessary when performing a migration from another helm chart

migrate.fromDistributed📜

Type: object

Default value
enabled: false
memberlistService: ''

Description: When migrating from a distributed chart like loki-distributed or enterprise-logs

migrate.fromDistributed.enabled📜

Type: bool

Default value
false

Description: Set to true if migrating from a distributed helm chart

migrate.fromDistributed.memberlistService📜

Type: string

Default value
""

Description: If migrating from a distributed service, provide the distributed deployment’s memberlist service DNS so the new deployment can join its ring.

serviceAccount.create📜

Type: bool

Default value
true

Description: Specifies whether a ServiceAccount should be created

serviceAccount.name📜

Type: string

Default value
nil

Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template

serviceAccount.imagePullSecrets📜

Type: list

Default value
[]

Description: Image pull secrets for the service account

serviceAccount.annotations📜

Type: object

Default value
{}

Description: Annotations for the service account

serviceAccount.labels📜

Type: object

Default value
{}

Description: Labels for the service account

serviceAccount.automountServiceAccountToken📜

Type: bool

Default value
false

Description: Set this toggle to false to opt out of automounting API credentials for the service account

rbac.pspEnabled📜

Type: bool

Default value
false

Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.

rbac.sccEnabled📜

Type: bool

Default value
false

Description: For OpenShift set pspEnabled to ‘false’ and sccEnabled to ‘true’ to use the SecurityContextConstraints.

rbac.pspAnnotations📜

Type: object

Default value
{}

Description: Specify PSP annotations Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations

rbac.namespaced📜

Type: bool

Default value
false

Description: Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.

test📜

Type: object

Default value
annotations: {}
enabled: false
image:
  digest: null
  pullPolicy: IfNotPresent
  registry: docker.io
  repository: grafana/loki-helm-test
  tag: null
labels: {}
prometheusAddress: http://prometheus:9090
timeout: 1m

Description: Section for configuring optional Helm test

test.prometheusAddress📜

Type: string

Default value
"http://prometheus:9090"

Description: Address of the prometheus server to query for the test

test.timeout📜

Type: string

Default value
"1m"

Description: Number of times to retry the test before failing

test.labels📜

Type: object

Default value
{}

Description: Additional labels for the test pods

test.annotations📜

Type: object

Default value
{}

Description: Additional annotations for test pods

test.image📜

Type: object

Default value
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-helm-test
tag: null

Description: Image to use for loki canary

test.image.registry📜

Type: string

Default value
"docker.io"

Description: The Docker registry

test.image.repository📜

Type: string

Default value
"grafana/loki-helm-test"

Description: Docker image repository

test.image.tag📜

Type: string

Default value
nil

Description: Overrides the image tag whose default is the chart’s appVersion

test.image.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

test.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

fluentbit.enabled📜

Type: bool

Default value
false

promtail.enabled📜

Type: bool

Default value
false

monitoring.enabled📜

Type: bool

Default value
false

Description: Enable BigBang integration of Monitoring components

monitoring.dashboards.enabled📜

Type: bool

Default value
false

Description: If enabled, create configmap with dashboards for monitoring Loki

monitoring.dashboards.namespace📜

Type: string

Default value
nil

Description: Alternative namespace to create dashboards ConfigMap in

monitoring.dashboards.annotations📜

Type: object

Default value
{}

Description: Additional annotations for the dashboards ConfigMap

monitoring.dashboards.labels📜

Type: object

Default value
grafana_dashboard: '1'

Description: Labels for the dashboards ConfigMap

monitoring.rules.enabled📜

Type: bool

Default value
false

Description: If enabled, create PrometheusRule resource with Loki recording rules

monitoring.rules.alerting📜

Type: bool

Default value
true

Description: Include alerting rules

monitoring.rules.disabled📜

Type: object

Default value
{}

Description: If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.

monitoring.rules.namespace📜

Type: string

Default value
nil

Description: Alternative namespace to create PrometheusRule resources in

monitoring.rules.annotations📜

Type: object

Default value
{}

Description: Additional annotations for the rules PrometheusRule resource

monitoring.rules.labels📜

Type: object

Default value
{}

Description: Additional labels for the rules PrometheusRule resource

monitoring.rules.additionalRuleLabels📜

Type: object

Default value
{}

Description: Additional labels for PrometheusRule alerts

monitoring.rules.additionalGroups📜

Type: list

Default value
[]

Description: Additional groups to add to the rules file

monitoring.serviceMonitor.enabled📜

Type: bool

Default value
false

Description: If enabled, ServiceMonitor resources for Prometheus Operator are created

monitoring.serviceMonitor.namespace📜

Type: string

Default value
nil

Description: Alternative namespace for ServiceMonitor resources

monitoring.serviceMonitor.namespaceSelector📜

Type: object

Default value
{}

Description: Namespace selector for ServiceMonitor resources

monitoring.serviceMonitor.annotations📜

Type: object

Default value
{}

Description: ServiceMonitor annotations

monitoring.serviceMonitor.labels📜

Type: object

Default value
{}

Description: Additional ServiceMonitor labels

monitoring.serviceMonitor.interval📜

Type: string

Default value
"15s"

Description: ServiceMonitor scrape interval Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at least 1/4 rate interval.

monitoring.serviceMonitor.scrapeTimeout📜

Type: string

Default value
nil

Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)

monitoring.serviceMonitor.relabelings📜

Type: list

Default value
[]

Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

monitoring.serviceMonitor.metricRelabelings📜

Type: list

Default value
[]

Description: ServiceMonitor metric relabel configs to apply to samples before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint

monitoring.serviceMonitor.scheme📜

Type: string

Default value
"http"

Description: ServiceMonitor will use http by default, but you can pick https as well

monitoring.serviceMonitor.tlsConfig📜

Type: string

Default value
nil

Description: ServiceMonitor will use these tlsConfig settings to make the health check requests

monitoring.serviceMonitor.metricsInstance📜

Type: object

Default value
annotations: {}
enabled: false
labels: {}
remoteWrite: null

Description: If defined, will create a MetricsInstance for the Grafana Agent Operator.

monitoring.serviceMonitor.metricsInstance.enabled📜

Type: bool

Default value
false

Description: If enabled, MetricsInstance resources for Grafana Agent Operator are created

monitoring.serviceMonitor.metricsInstance.annotations📜

Type: object

Default value
{}

Description: MetricsInstance annotations

monitoring.serviceMonitor.metricsInstance.labels📜

Type: object

Default value
{}

Description: Additional MetricsInstance labels

monitoring.serviceMonitor.metricsInstance.remoteWrite📜

Type: string

Default value
nil

Description: If defined a MetricsInstance will be created to remote write metrics.

monitoring.selfMonitoring.enabled📜

Type: bool

Default value
false

monitoring.selfMonitoring.tenant📜

Type: object

Default value
name: self-monitoring
secretNamespace: '{{ .Release.Namespace }}'

Description: Tenant to use for self monitoring

monitoring.selfMonitoring.tenant.name📜

Type: string

Default value
"self-monitoring"

Description: Name of the tenant

monitoring.selfMonitoring.tenant.secretNamespace📜

Type: string

Default value
"{{ .Release.Namespace }}"

Description: Namespace to create additional tenant token secret in. Useful if your Grafana instance is in a separate namespace. Token will still be created in the canary namespace.

monitoring.selfMonitoring.grafanaAgent.installOperator📜

Type: bool

Default value
false

Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds

monitoring.selfMonitoring.grafanaAgent.namespace📜

Type: string

Default value
nil

Description: Alternative namespace for Grafana Agent resources

monitoring.selfMonitoring.grafanaAgent.annotations📜

Type: object

Default value
{}

Description: Grafana Agent annotations

monitoring.selfMonitoring.grafanaAgent.labels📜

Type: object

Default value
{}

Description: Additional Grafana Agent labels

monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPI📜

Type: bool

Default value
false

Description: Enable the config read api on port 8080 of the agent

monitoring.selfMonitoring.grafanaAgent.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for GrafanaAgent pods

monitoring.selfMonitoring.grafanaAgent.resources📜

Type: object

Default value
{}

Description: Resource requests and limits for the grafanaAgent pods

monitoring.selfMonitoring.grafanaAgent.tolerations📜

Type: list

Default value
[]

Description: Tolerations for GrafanaAgent pods

monitoring.selfMonitoring.podLogs.apiVersion📜

Type: string

Default value
"monitoring.grafana.com/v1alpha1"

Description: PodLogs version

monitoring.selfMonitoring.podLogs.annotations📜

Type: object

Default value
{}

Description: PodLogs annotations

monitoring.selfMonitoring.podLogs.labels📜

Type: object

Default value
{}

Description: Additional PodLogs labels

monitoring.selfMonitoring.podLogs.relabelings📜

Type: list

Default value
[]

Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig

monitoring.selfMonitoring.podLogs.additionalPipelineStages📜

Type: list

Default value
[]

Description: Additional pipeline stages to process logs after scraping https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca

monitoring.selfMonitoring.logsInstance.annotations📜

Type: object

Default value
{}

Description: LogsInstance annotations

monitoring.selfMonitoring.logsInstance.labels📜

Type: object

Default value
{}

Description: Additional LogsInstance labels

monitoring.selfMonitoring.logsInstance.clients📜

Type: string

Default value
nil

Description: Additional clients for remote write

monitoring.lokiCanary.enabled📜

Type: bool

Default value
false

monitoring.lokiCanary.annotations📜

Type: object

Default value
{}

Description: Additional annotations for the loki-canary Daemonset

monitoring.lokiCanary.podLabels📜

Type: object

Default value
{}

Description: Additional labels for each loki-canary pod

monitoring.lokiCanary.service.annotations📜

Type: object

Default value
{}

Description: Annotations for loki-canary Service

monitoring.lokiCanary.service.labels📜

Type: object

Default value
{}

Description: Additional labels for loki-canary Service

monitoring.lokiCanary.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI arguments for the `loki-canary’ command

monitoring.lokiCanary.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the canary pods

monitoring.lokiCanary.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the canary pods

monitoring.lokiCanary.resources📜

Type: object

Default value
{}

Description: Resource requests and limits for the canary

monitoring.lokiCanary.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for canary pods

monitoring.lokiCanary.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for canary pods

monitoring.lokiCanary.tolerations📜

Type: list

Default value
[]

Description: Tolerations for canary pods

monitoring.lokiCanary.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for loki-canary pods

monitoring.lokiCanary.image📜

Type: object

Default value
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-canary
tag: null

Description: Image to use for loki canary

monitoring.lokiCanary.image.registry📜

Type: string

Default value
"docker.io"

Description: The Docker registry

monitoring.lokiCanary.image.repository📜

Type: string

Default value
"grafana/loki-canary"

Description: Docker image repository

monitoring.lokiCanary.image.tag📜

Type: string

Default value
nil

Description: Overrides the image tag whose default is the chart’s appVersion

monitoring.lokiCanary.image.digest📜

Type: string

Default value
nil

Description: Overrides the image tag with an image digest

monitoring.lokiCanary.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

monitoring.lokiCanary.updateStrategy📜

Type: object

Default value
rollingUpdate:
  maxUnavailable: 1
type: RollingUpdate

Description: Update strategy for the loki-canary Daemonset pods

write.replicas📜

Type: int

Default value
3

Description: Number of replicas for the write

write.autoscaling.enabled📜

Type: bool

Default value
false

Description: Enable autoscaling for the write.

write.autoscaling.minReplicas📜

Type: int

Default value
2

Description: Minimum autoscaling replicas for the write.

write.autoscaling.maxReplicas📜

Type: int

Default value
6

Description: Maximum autoscaling replicas for the write.

write.autoscaling.targetCPUUtilizationPercentage📜

Type: int

Default value
60

Description: Target CPU utilisation percentage for the write.

write.autoscaling.targetMemoryUtilizationPercentage📜

Type: string

Default value
nil

Description: Target memory utilization percentage for the write.

write.autoscaling.behavior📜

Type: object

Default value
scaleDown:
  policies:
  - periodSeconds: 1800
    type: Pods
    value: 1
  stabilizationWindowSeconds: 3600
scaleUp:
  policies:
  - periodSeconds: 900
    type: Pods
    value: 1

Description: Behavior policies while scaling.

write.autoscaling.behavior.scaleUp📜

Type: object

Default value
policies:
- periodSeconds: 900
  type: Pods
  value: 1

Description: see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details

write.image.registry📜

Type: string

Default value
nil

Description: The Docker registry for the write image. Overrides loki.image.registry

write.image.repository📜

Type: string

Default value
nil

Description: Docker image repository for the write image. Overrides loki.image.repository

write.image.tag📜

Type: string

Default value
nil

Description: Docker image tag for the write image. Overrides loki.image.tag

write.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for write pods

write.annotations📜

Type: object

Default value
{}

Description: Annotations for write StatefulSet

write.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for write pods

write.podLabels📜

Type: object

Default value
{}

Description: Additional labels for each write pod

write.selectorLabels📜

Type: object

Default value
{}

Description: Additional selector labels for each write pod

write.service.annotations📜

Type: object

Default value
{}

Description: Annotations for write Service

write.service.labels📜

Type: object

Default value
{}

Description: Additional labels for write Service

write.targetModule📜

Type: string

Default value
"write"

Description: Comma-separated list of Loki modules to load for the write

write.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI args for the write

write.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the write pods

write.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the write pods

write.lifecycle📜

Type: object

Default value
{}

Description: Lifecycle for the write container

write.initContainers📜

Type: list

Default value
[]

Description: Init containers to add to the write pods

write.extraContainers📜

Type: list

Default value
[]

Description: Containers to add to the write pods

write.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the write pods

write.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the write pods

write.extraVolumeClaimTemplates📜

Type: list

Default value
[]

Description: volumeClaimTemplates to add to StatefulSet

write.resources📜

Type: object

Default value
limits:
  cpu: 300m
  memory: 2Gi
requests:
  cpu: 300m
  memory: 2Gi

Description: Resource requests and limits for the write

write.terminationGracePeriodSeconds📜

Type: int

Default value
300

Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.

write.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for write pods

write.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for write pods

write.topologySpreadConstraints📜

Type: list

Default value
[]

Description: Topology Spread Constraints for write pods

write.tolerations📜

Type: list

Default value
[]

Description: Tolerations for write pods

write.podManagementPolicy📜

Type: string

Default value
"Parallel"

Description: The default is to deploy all pods in parallel.

write.persistence.volumeClaimsEnabled📜

Type: bool

Default value
true

Description: Enable volume claims in pod spec

write.persistence.dataVolumeParameters📜

Type: object

Default value
emptyDir: {}

Description: Parameters used for the data volume when volumeClaimEnabled if false

write.persistence.enableStatefulSetAutoDeletePVC📜

Type: bool

Default value
false

Description: Enable StatefulSetAutoDeletePVC feature

write.persistence.size📜

Type: string

Default value
"10Gi"

Description: Size of persistent disk

write.persistence.storageClass📜

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

write.persistence.selector📜

Type: string

Default value
nil

Description: Selector for persistent disk

write.podDisruptionBudget.maxUnavailable📜

Type: string

Default value
"1"

Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable

tableManager.enabled📜

Type: bool

Default value
false

Description: Specifies whether the table-manager should be enabled

tableManager.image.registry📜

Type: string

Default value
nil

Description: The Docker registry for the table-manager image. Overrides loki.image.registry

tableManager.image.repository📜

Type: string

Default value
nil

Description: Docker image repository for the table-manager image. Overrides loki.image.repository

tableManager.image.tag📜

Type: string

Default value
nil

Description: Docker image tag for the table-manager image. Overrides loki.image.tag

tableManager.command📜

Type: string

Default value
nil

Description: Command to execute instead of defined in Docker image

tableManager.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for table-manager pods

tableManager.podLabels📜

Type: object

Default value
{}

Description: Labels for table-manager pods

tableManager.annotations📜

Type: object

Default value
{}

Description: Annotations for table-manager deployment

tableManager.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for table-manager pods

tableManager.service.annotations📜

Type: object

Default value
{}

Description: Annotations for table-manager Service

tableManager.service.labels📜

Type: object

Default value
{}

Description: Additional labels for table-manager Service

tableManager.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI args for the table-manager

tableManager.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the table-manager pods

tableManager.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the table-manager pods

tableManager.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the table-manager pods

tableManager.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the table-manager pods

tableManager.resources📜

Type: object

Default value
{}

Description: Resource requests and limits for the table-manager

tableManager.extraContainers📜

Type: list

Default value
[]

Description: Containers to add to the table-manager pods

tableManager.terminationGracePeriodSeconds📜

Type: int

Default value
30

Description: Grace period to allow the table-manager to shutdown before it is killed

tableManager.dnsConfig📜

Type: object

Default value
{}

Description: DNS config table-manager pods

tableManager.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for table-manager pods

tableManager.tolerations📜

Type: list

Default value
[]

Description: Tolerations for table-manager pods

tableManager.retention_deletes_enabled📜

Type: bool

Default value
false

Description: Enable deletes by retention

tableManager.retention_period📜

Type: int

Default value
0

Description: Set retention period

read.replicas📜

Type: int

Default value
3

Description: Number of replicas for the read

read.autoscaling.enabled📜

Type: bool

Default value
false

Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true

read.autoscaling.minReplicas📜

Type: int

Default value
2

Description: Minimum autoscaling replicas for the read

read.autoscaling.maxReplicas📜

Type: int

Default value
6

Description: Maximum autoscaling replicas for the read

read.autoscaling.targetCPUUtilizationPercentage📜

Type: int

Default value
60

Description: Target CPU utilisation percentage for the read

read.autoscaling.targetMemoryUtilizationPercentage📜

Type: string

Default value
nil

Description: Target memory utilisation percentage for the read

read.autoscaling.behavior📜

Type: object

Default value
{}

Description: Behavior policies while scaling.

read.image.registry📜

Type: string

Default value
nil

Description: The Docker registry for the read image. Overrides loki.image.registry

read.image.repository📜

Type: string

Default value
nil

Description: Docker image repository for the read image. Overrides loki.image.repository

read.image.tag📜

Type: string

Default value
nil

Description: Docker image tag for the read image. Overrides loki.image.tag

read.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for read pods

read.annotations📜

Type: object

Default value
{}

Description: Annotations for read deployment

read.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for read pods

read.podLabels📜

Type: object

Default value
{}

Description: Additional labels for each read pod

read.selectorLabels📜

Type: object

Default value
{}

Description: Additional selector labels for each read pod

read.service.annotations📜

Type: object

Default value
{}

Description: Annotations for read Service

read.service.labels📜

Type: object

Default value
{}

Description: Additional labels for read Service

read.targetModule📜

Type: string

Default value
"read"

Description: Comma-separated list of Loki modules to load for the read

read.legacyReadTarget📜

Type: bool

Default value
false

Description: Whether or not to use the 2 target type simple scalable mode (read, write) or the 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will run two targets, false will run 3 targets.

read.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI args for the read

read.extraContainers📜

Type: list

Default value
[]

Description: Containers to add to the read pods

read.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the read pods

read.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the read pods

read.lifecycle📜

Type: object

Default value
{}

Description: Lifecycle for the read container

read.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the read pods

read.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the read pods

read.resources📜

Type: object

Default value
limits:
  cpu: 300m
  memory: 2Gi
requests:
  cpu: 300m
  memory: 2Gi

Description: Resource requests and limits for the read

read.terminationGracePeriodSeconds📜

Type: int

Default value
30

Description: Grace period to allow the read to shutdown before it is killed

read.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for read pods

read.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for read pods

read.topologySpreadConstraints📜

Type: list

Default value
[]

Description: Topology Spread Constraints for read pods

read.tolerations📜

Type: list

Default value
[]

Description: Tolerations for read pods

read.podManagementPolicy📜

Type: string

Default value
"Parallel"

Description: The default is to deploy all pods in parallel.

read.persistence.enableStatefulSetAutoDeletePVC📜

Type: bool

Default value
true

Description: Enable StatefulSetAutoDeletePVC feature

read.persistence.size📜

Type: string

Default value
"10Gi"

Description: Size of persistent disk

read.persistence.storageClass📜

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

read.persistence.selector📜

Type: string

Default value
nil

Description: Selector for persistent disk

read.podDisruptionBudget.maxUnavailable📜

Type: string

Default value
"1"

Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable

backend.replicas📜

Type: int

Default value
3

Description: Number of replicas for the backend

backend.autoscaling.enabled📜

Type: bool

Default value
false

Description: Enable autoscaling for the backend.

backend.autoscaling.minReplicas📜

Type: int

Default value
2

Description: Minimum autoscaling replicas for the backend.

backend.autoscaling.maxReplicas📜

Type: int

Default value
6

Description: Maximum autoscaling replicas for the backend.

backend.autoscaling.targetCPUUtilizationPercentage📜

Type: int

Default value
60

Description: Target CPU utilization percentage for the backend.

backend.autoscaling.targetMemoryUtilizationPercentage📜

Type: string

Default value
nil

Description: Target memory utilization percentage for the backend.

backend.autoscaling.behavior📜

Type: object

Default value
{}

Description: Behavior policies while scaling.

backend.image.registry📜

Type: string

Default value
nil

Description: The Docker registry for the backend image. Overrides loki.image.registry

backend.image.repository📜

Type: string

Default value
nil

Description: Docker image repository for the backend image. Overrides loki.image.repository

backend.image.tag📜

Type: string

Default value
nil

Description: Docker image tag for the backend image. Overrides loki.image.tag

backend.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for backend pods

backend.annotations📜

Type: object

Default value
{}

Description: Annotations for backend StatefulSet

backend.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for backend pods

backend.podLabels📜

Type: object

Default value
{}

Description: Additional labels for each backend pod

backend.selectorLabels📜

Type: object

Default value
{}

Description: Additional selector labels for each backend pod

backend.service.annotations📜

Type: object

Default value
{}

Description: Annotations for backend Service

backend.service.labels📜

Type: object

Default value
{}

Description: Additional labels for backend Service

backend.targetModule📜

Type: string

Default value
"backend"

Description: Comma-separated list of Loki modules to load for the read

backend.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI args for the backend

backend.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the backend pods

backend.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the backend pods

backend.initContainers📜

Type: list

Default value
[]

Description: Init containers to add to the backend pods

backend.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the backend pods

backend.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the backend pods

backend.resources📜

Type: object

Default value
{}

Description: Resource requests and limits for the backend

backend.terminationGracePeriodSeconds📜

Type: int

Default value
300

Description: Grace period to allow the backend to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.

backend.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for backend pods

backend.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for backend pods

backend.topologySpreadConstraints📜

Type: list

Default value
[]

Description: Topology Spread Constraints for backend pods

backend.tolerations📜

Type: list

Default value
[]

Description: Tolerations for backend pods

backend.podManagementPolicy📜

Type: string

Default value
"Parallel"

Description: The default is to deploy all pods in parallel.

backend.persistence.volumeClaimsEnabled📜

Type: bool

Default value
true

Description: Enable volume claims in pod spec

backend.persistence.dataVolumeParameters📜

Type: object

Default value
emptyDir: {}

Description: Parameters used for the data volume when volumeClaimEnabled if false

backend.persistence.enableStatefulSetAutoDeletePVC📜

Type: bool

Default value
true

Description: Enable StatefulSetAutoDeletePVC feature

backend.persistence.size📜

Type: string

Default value
"10Gi"

Description: Size of persistent disk

backend.persistence.storageClass📜

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

backend.persistence.selector📜

Type: string

Default value
nil

Description: Selector for persistent disk

backend.podDisruptionBudget.maxUnavailable📜

Type: string

Default value
"1"

Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable

singleBinary.replicas📜

Type: int

Default value
1

Description: Number of replicas for the single binary

singleBinary.autoscaling.enabled📜

Type: bool

Default value
false

Description: Enable autoscaling

singleBinary.autoscaling.minReplicas📜

Type: int

Default value
1

Description: Minimum autoscaling replicas for the single binary

singleBinary.autoscaling.maxReplicas📜

Type: int

Default value
3

Description: Maximum autoscaling replicas for the single binary

singleBinary.autoscaling.targetCPUUtilizationPercentage📜

Type: int

Default value
60

Description: Target CPU utilisation percentage for the single binary

singleBinary.autoscaling.targetMemoryUtilizationPercentage📜

Type: string

Default value
nil

Description: Target memory utilisation percentage for the single binary

singleBinary.image.registry📜

Type: string

Default value
nil

Description: The Docker registry for the single binary image. Overrides loki.image.registry

singleBinary.image.repository📜

Type: string

Default value
nil

Description: Docker image repository for the single binary image. Overrides loki.image.repository

singleBinary.image.tag📜

Type: string

Default value
nil

Description: Docker image tag for the single binary image. Overrides loki.image.tag

singleBinary.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for single binary pods

singleBinary.annotations📜

Type: object

Default value
{}

Description: Annotations for single binary StatefulSet

singleBinary.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for single binary pods

singleBinary.podLabels📜

Type: object

Default value
{}

Description: Additional labels for each single binary pod

singleBinary.selectorLabels📜

Type: object

Default value
{}

Description: Additional selector labels for each single binary pod

singleBinary.service.annotations📜

Type: object

Default value
{}

Description: Annotations for single binary Service

singleBinary.service.labels📜

Type: object

Default value
{}

Description: Additional labels for single binary Service

singleBinary.targetModule📜

Type: string

Default value
"all"

Description: Comma-separated list of Loki modules to load for the single binary

singleBinary.extraArgs📜

Type: list

Default value
[]

Description: Labels for single binary service

singleBinary.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the single binary pods

singleBinary.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the single binary pods

singleBinary.extraContainers📜

Type: list

Default value
[]

Description: Extra containers to add to the single binary loki pod

singleBinary.initContainers📜

Type: list

Default value
[]

Description: Init containers to add to the single binary pods

singleBinary.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the single binary pods

singleBinary.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the single binary pods

singleBinary.resources📜

Type: object

Default value
limits:
  cpu: 100m
  memory: 256Mi
requests:
  cpu: 100m
  memory: 256Mi

Description: Resource requests and limits for the single binary

singleBinary.terminationGracePeriodSeconds📜

Type: int

Default value
30

Description: Grace period to allow the single binary to shutdown before it is killed

singleBinary.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for single binary pods

singleBinary.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for single binary pods

singleBinary.tolerations📜

Type: list

Default value
[]

Description: Tolerations for single binary pods

singleBinary.persistence.enableStatefulSetAutoDeletePVC📜

Type: bool

Default value
false

Description: Enable StatefulSetAutoDeletePVC feature

singleBinary.persistence.enabled📜

Type: bool

Default value
true

Description: Enable persistent disk

singleBinary.persistence.size📜

Type: string

Default value
"12Gi"

Description: Size of persistent disk

singleBinary.persistence.storageClass📜

Type: string

Default value
nil

Description: Storage class to be used. If defined, storageClassName: . If set to “-“, storageClassName: “”, which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).

singleBinary.persistence.selector📜

Type: string

Default value
nil

Description: Selector for persistent disk

ingress.enabled📜

Type: bool

Default value
false

ingress.ingressClassName📜

Type: string

Default value
""

ingress.annotations📜

Type: object

Default value
{}

ingress.labels📜

Type: object

Default value
{}

ingress.paths.write[0]📜

Type: string

Default value
"/api/prom/push"

ingress.paths.write[1]📜

Type: string

Default value
"/loki/api/v1/push"

ingress.paths.read[0]📜

Type: string

Default value
"/api/prom/tail"

ingress.paths.read[1]📜

Type: string

Default value
"/loki/api/v1/tail"

ingress.paths.read[2]📜

Type: string

Default value
"/loki/api"

ingress.paths.read[3]📜

Type: string

Default value
"/api/prom/rules"

ingress.paths.read[4]📜

Type: string

Default value
"/loki/api/v1/rules"

ingress.paths.read[5]📜

Type: string

Default value
"/prometheus/api/v1/rules"

ingress.paths.read[6]📜

Type: string

Default value
"/prometheus/api/v1/alerts"

ingress.paths.singleBinary[0]📜

Type: string

Default value
"/api/prom/push"

ingress.paths.singleBinary[1]📜

Type: string

Default value
"/loki/api/v1/push"

ingress.paths.singleBinary[2]📜

Type: string

Default value
"/api/prom/tail"

ingress.paths.singleBinary[3]📜

Type: string

Default value
"/loki/api/v1/tail"

ingress.paths.singleBinary[4]📜

Type: string

Default value
"/loki/api"

ingress.paths.singleBinary[5]📜

Type: string

Default value
"/api/prom/rules"

ingress.paths.singleBinary[6]📜

Type: string

Default value
"/loki/api/v1/rules"

ingress.paths.singleBinary[7]📜

Type: string

Default value
"/prometheus/api/v1/rules"

ingress.paths.singleBinary[8]📜

Type: string

Default value
"/prometheus/api/v1/alerts"

ingress.hosts📜

Type: list

Default value
- loki.example.com

Description: Hosts configuration for the ingress, passed through the tpl function to allow templating

ingress.tls📜

Type: list

Default value
[]

Description: TLS configuration for the ingress. Hosts passed through the tpl function to allow templating

memberlist.service.publishNotReadyAddresses📜

Type: bool

Default value
false

gateway.enabled📜

Type: bool

Default value
false

Description: Specifies whether the gateway should be enabled

gateway.replicas📜

Type: int

Default value
1

Description: Number of replicas for the gateway

gateway.verboseLogging📜

Type: bool

Default value
true

Description: Enable logging of 2xx and 3xx HTTP requests

gateway.autoscaling.enabled📜

Type: bool

Default value
false

Description: Enable autoscaling for the gateway

gateway.autoscaling.minReplicas📜

Type: int

Default value
1

Description: Minimum autoscaling replicas for the gateway

gateway.autoscaling.maxReplicas📜

Type: int

Default value
3

Description: Maximum autoscaling replicas for the gateway

gateway.autoscaling.targetCPUUtilizationPercentage📜

Type: int

Default value
60

Description: Target CPU utilisation percentage for the gateway

gateway.autoscaling.targetMemoryUtilizationPercentage📜

Type: string

Default value
nil

Description: Target memory utilisation percentage for the gateway

gateway.autoscaling.behavior📜

Type: object

Default value
{}

Description: Behavior policies while scaling.

gateway.deploymentStrategy.type📜

Type: string

Default value
"RollingUpdate"

gateway.image.registry📜

Type: string

Default value
"registry1.dso.mil"

Description: The Docker registry for the gateway image

gateway.image.repository📜

Type: string

Default value
"ironbank/opensource/nginx/nginx"

Description: The gateway image repository

gateway.image.tag📜

Type: string

Default value
"1.25.4"

Description: The gateway image tag

gateway.image.digest📜

Type: string

Default value
nil

Description: Overrides the gateway image tag with an image digest

gateway.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: The gateway image pull policy

gateway.priorityClassName📜

Type: string

Default value
nil

Description: The name of the PriorityClass for gateway pods

gateway.annotations📜

Type: object

Default value
{}

Description: Annotations for gateway deployment

gateway.podAnnotations📜

Type: object

Default value
{}

Description: Annotations for gateway pods

gateway.podLabels📜

Type: object

Default value
{}

Description: Additional labels for gateway pods

gateway.extraArgs📜

Type: list

Default value
[]

Description: Additional CLI args for the gateway

gateway.extraEnv📜

Type: list

Default value
[]

Description: Environment variables to add to the gateway pods

gateway.extraEnvFrom📜

Type: list

Default value
[]

Description: Environment variables from secrets or configmaps to add to the gateway pods

gateway.lifecycle📜

Type: object

Default value
{}

Description: Lifecycle for the gateway container

gateway.extraVolumes📜

Type: list

Default value
[]

Description: Volumes to add to the gateway pods

gateway.extraVolumeMounts📜

Type: list

Default value
[]

Description: Volume mounts to add to the gateway pods

gateway.podSecurityContext📜

Type: object

Default value
fsGroup: 101
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101

Description: The SecurityContext for gateway containers

gateway.containerSecurityContext📜

Type: object

Default value
allowPrivilegeEscalation: false
capabilities:
  drop:
  - ALL
readOnlyRootFilesystem: true

Description: The SecurityContext for gateway containers

gateway.resources📜

Type: object

Default value
{}

Description: Resource requests and limits for the gateway

gateway.extraContainers📜

Type: list

Default value
[]

Description: Containers to add to the gateway pods

gateway.terminationGracePeriodSeconds📜

Type: int

Default value
30

Description: Grace period to allow the gateway to shutdown before it is killed

gateway.dnsConfig📜

Type: object

Default value
{}

Description: DNS config for gateway pods

gateway.nodeSelector📜

Type: object

Default value
{}

Description: Node selector for gateway pods

gateway.topologySpreadConstraints📜

Type: list

Default value
[]

Description: Topology Spread Constraints for gateway pods

gateway.tolerations📜

Type: list

Default value
[]

Description: Tolerations for gateway pods

gateway.service.port📜

Type: int

Default value
80

Description: Port of the gateway service

gateway.service.type📜

Type: string

Default value
"ClusterIP"

Description: Type of the gateway service

gateway.service.clusterIP📜

Type: string

Default value
nil

Description: ClusterIP of the gateway service

gateway.service.nodePort📜

Type: int

Default value
nil

Description: Node port if service type is NodePort

gateway.service.loadBalancerIP📜

Type: string

Default value
nil

Description: Load balancer IPO address if service type is LoadBalancer

gateway.service.annotations📜

Type: object

Default value
{}

Description: Annotations for the gateway service

gateway.service.labels📜

Type: object

Default value
{}

Description: Labels for gateway service

gateway.ingress.enabled📜

Type: bool

Default value
false

Description: Specifies whether an ingress for the gateway should be created

gateway.ingress.ingressClassName📜

Type: string

Default value
""

Description: Ingress Class Name. MAY be required for Kubernetes versions >= 1.18

gateway.ingress.annotations📜

Type: object

Default value
{}

Description: Annotations for the gateway ingress

gateway.ingress.labels📜

Type: object

Default value
{}

Description: Labels for the gateway ingress

gateway.ingress.hosts📜

Type: list

Default value
- host: gateway.loki.example.com
  paths:
  - path: /

Description: Hosts configuration for the gateway ingress, passed through the tpl function to allow templating

gateway.ingress.tls📜

Type: list

Default value
- hosts:
  - gateway.loki.example.com
  secretName: loki-gateway-tls

Description: TLS configuration for the gateway ingress. Hosts passed through the tpl function to allow templating

gateway.basicAuth.enabled📜

Type: bool

Default value
false

Description: Enables basic authentication for the gateway

gateway.basicAuth.username📜

Type: string

Default value
nil

Description: The basic auth username for the gateway

gateway.basicAuth.password📜

Type: string

Default value
nil

Description: The basic auth password for the gateway

gateway.basicAuth.htpasswd📜

Type: string

Default value
"{{ if .Values.loki.tenants }}\n\n  {{- range $t := .Values.loki.tenants }}\n{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}\n\n  {{- end }}\n{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}"

Description: Uses the specified users from the loki.tenants list to create the htpasswd file if loki.tenants is not set, the gateway.basicAuth.username and gateway.basicAuth.password are used The value is templated using tpl. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.

gateway.basicAuth.existingSecret📜

Type: string

Default value
nil

Description: Existing basic auth secret to use. Must contain ‘.htpasswd’

gateway.readinessProbe.httpGet.path📜

Type: string

Default value
"/"

gateway.readinessProbe.httpGet.port📜

Type: string

Default value
"http"

gateway.readinessProbe.initialDelaySeconds📜

Type: int

Default value
15

gateway.readinessProbe.timeoutSeconds📜

Type: int

Default value
1

gateway.nginxConfig.enableIPv6📜

Type: bool

Default value
true

Description: Enable listener for IPv6, disable on IPv4-only systems

gateway.nginxConfig.logFormat📜

Type: string

Default value
"main '$remote_addr - $remote_user [$time_local]  $status '\n        '\"$request\" $body_bytes_sent \"$http_referer\" '\n        '\"$http_user_agent\" \"$http_x_forwarded_for\"';"

Description: NGINX log format

gateway.nginxConfig.serverSnippet📜

Type: string

Default value
""

Description: Allows appending custom configuration to the server block

gateway.nginxConfig.httpSnippet📜

Type: string

Default value
"{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}"

Description: Allows appending custom configuration to the http block, passed through the tpl function to allow templating

gateway.nginxConfig.customReadUrl📜

Type: string

Default value
nil

Description: Override Read URL

gateway.nginxConfig.customWriteUrl📜

Type: string

Default value
nil

Description: Override Write URL

gateway.nginxConfig.customBackendUrl📜

Type: string

Default value
nil

Description: Override Backend URL

gateway.nginxConfig.resolver📜

Type: string

Default value
""

Description: Allows overriding the DNS resolver address nginx will use.

gateway.podDisruptionBudget.maxUnavailable📜

Type: string

Default value
"1"

Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable

networkPolicy.enabled📜

Type: bool

Default value
false

Description: Specifies whether Network Policies should be created

networkPolicy.flavor📜

Type: string

Default value
"kubernetes"

Description: Specifies whether the policies created will be standard Network Policies (flavor: kubernetes) or Cilium Network Policies (flavor: cilium)

networkPolicy.metrics.podSelector📜

Type: object

Default value
{}

Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.metrics.namespaceSelector📜

Type: object

Default value
{}

Description: Specifies the namespaces which are allowed to access the metrics port

networkPolicy.metrics.cidrs📜

Type: list

Default value
[]

Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.

networkPolicy.ingress.podSelector📜

Type: object

Default value
{}

Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.ingress.namespaceSelector📜

Type: object

Default value
{}

Description: Specifies the namespaces which are allowed to access the http port

networkPolicy.alertmanager.port📜

Type: int

Default value
9093

Description: Specify the alertmanager port used for alerting

networkPolicy.alertmanager.podSelector📜

Type: object

Default value
{}

Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.alertmanager.namespaceSelector📜

Type: object

Default value
{}

Description: Specifies the namespace the alertmanager is running in

networkPolicy.externalStorage.ports📜

Type: list

Default value
[]

Description: Specify the port used for external storage, e.g. AWS S3

networkPolicy.externalStorage.cidrs📜

Type: list

Default value
[]

Description: Specifies specific network CIDRs you want to limit access to

networkPolicy.discovery.port📜

Type: int

Default value
nil

Description: Specify the port used for discovery

networkPolicy.discovery.podSelector📜

Type: object

Default value
{}

Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.

networkPolicy.discovery.namespaceSelector📜

Type: object

Default value
{}

Description: Specifies the namespace the discovery Pods are running in

networkPolicy.egressWorld.enabled📜

Type: bool

Default value
false

Description: Enable additional cilium egress rules to external world for write, read and backend.

networkPolicy.egressKubeApiserver.enabled📜

Type: bool

Default value
false

Description: Enable additional cilium egress rules to kube-apiserver for backend.

minio📜

Type: object

Default value
enabled: false
secrets:
  accessKey: minio
  name: loki-objstore-creds
  secretKey: minio123
service:
  nameOverride: minio.logging.svc.cluster.local
tenant:
  buckets:
  - name: loki
  - name: loki-admin
  defaultUserCredentials:
    password: ''
    username: minio-user
  metrics:
    enabled: false
    memory: 128M
    port: 9000
  pools:
  - containerSecurityContext:
      capabilities:
        drop:
        - ALL
    securityContext:
      fsGroup: 1001
      runAsGroup: 1001
      runAsUser: 1001
    servers: 1
    size: 750Mi
    volumesPerServer: 4
  users:
  - name: minio-user

Description: -----------------------------------

minio.enabled📜

Type: bool

Default value
false

Description: Enable minio instance support, must have minio-operator installed

minio.secrets📜

Type: object

Default value
accessKey: minio
name: loki-objstore-creds
secretKey: minio123

Description: Minio root credentials

minio.tenant.buckets📜

Type: list

Default value
- name: loki
- name: loki-admin

Description: Buckets to be provisioned to for tenant

minio.tenant.users📜

Type: list

Default value
- name: minio-user

Description: Users to to be provisioned to for tenant

minio.tenant.defaultUserCredentials📜

Type: object

Default value
password: ''
username: minio-user

Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki

domain📜

Type: string

Default value
"bigbang.dev"

istio.enabled📜

Type: bool

Default value
false

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.monitoring.enabled📜

Type: bool

Default value
true

istio.hardened.monitoring.namespaces[0]📜

Type: string

Default value
"monitoring"

istio.hardened.monitoring.principals[0]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.monitoring.principals[1]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.monitoring.principals[2]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.monitoring.principals[3]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.monitoring.principals[4]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.monitoring.principals[5]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.hardened.promtail.enabled📜

Type: bool

Default value
true

istio.hardened.promtail.namespaces[0]📜

Type: string

Default value
"promtail"

istio.hardened.promtail.principals[0]📜

Type: string

Default value
"cluster.local/ns/promtail/sa/promtail-promtail"

istio.hardened.fluentbit.enabled📜

Type: bool

Default value
true

istio.hardened.fluentbit.namespaces[0]📜

Type: string

Default value
"fluentbit"

istio.hardened.fluentbit.principals[0]📜

Type: string

Default value
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"

istio.hardened.minioOperator.enabled📜

Type: bool

Default value
true

istio.hardened.minioOperator.namespaces[0]📜

Type: string

Default value
"minio-operator"

istio.hardened.minioOperator.principals[0]📜

Type: string

Default value
"cluster.local/ns/minio-operator/sa/minio-operator"

istio.loki.enabled📜

Type: bool

Default value
false

istio.loki.annotations📜

Type: object

Default value
{}

istio.loki.labels📜

Type: object

Default value
{}

istio.loki.gateways[0]📜

Type: string

Default value
"istio-system/public"

istio.loki.hosts[0]📜

Type: string

Default value
"loki.{{ .Values.domain }}"

istio.loki.service📜

Type: string

Default value
""

istio.loki.port📜

Type: string

Default value
""

istio.loki.exposeReadyEndpoint📜

Type: bool

Default value
false

istio.mtls.mode📜

Type: string

Default value
"STRICT"

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.controlPlaneCidr📜

Type: string

Default value
"0.0.0.0/0"

Description: Control Plane CIDR to allow init job communication to the Kubernetes API. Use kubectl get endpoints kubernetes to get the CIDR range needed for your cluster

networkPolicies.ingressLabels.app📜

Type: string

Default value
"public-ingressgateway"

networkPolicies.ingressLabels.istio📜

Type: string

Default value
"ingressgateway"

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_check_datasource📜

Type: string

Default value
"false"

bbtests.cypress.envs.cypress_grafana_url📜

Type: string

Default value
"http://monitoring-grafana.monitoring.svc.cluster.local"

bbtests.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"

bbtests.scripts.envs.LOKI_URL📜

Type: string

Default value
"http://{{ .Values.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"

bbtests.scripts.envs.LOKI_VERSION📜

Type: string

Default value
"{{ .Values.loki.image.tag }}"

sidecar.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar"

sidecar.image.tag📜

Type: string

Default value
"1.26.1"

sidecar.image.sha📜

Type: string

Default value
""

sidecar.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Docker image pull policy

sidecar.resources.limits.cpu📜

Type: string

Default value
"100m"

sidecar.resources.limits.memory📜

Type: string

Default value
"100Mi"

sidecar.resources.requests.cpu📜

Type: string

Default value
"100m"

sidecar.resources.requests.memory📜

Type: string

Default value
"100Mi"

sidecar.securityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

sidecar.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

sidecar.securityContext.seccompProfile.type📜

Type: string

Default value
"RuntimeDefault"

sidecar.skipTlsVerify📜

Type: bool

Default value
false

Description: Set to true to skip tls verification for kube api calls.

sidecar.enableUniqueFilenames📜

Type: bool

Default value
false

Description: Ensure that rule files aren’t conflicting and being overwritten by prefixing their name with the namespace they are defined in.

sidecar.readinessProbe📜

Type: object

Default value
{}

Description: Readiness probe definition. Probe is disabled on the sidecar by default.

sidecar.livenessProbe📜

Type: object

Default value
{}

Description: Liveness probe definition. Probe is disabled on the sidecar by default.

sidecar.rules.enabled📜

Type: bool

Default value
false

Description: Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.

sidecar.rules.label📜

Type: string

Default value
"loki_rule"

Description: Label that the configmaps/secrets with rules will be marked with.

sidecar.rules.labelValue📜

Type: string

Default value
""

Description: Label value that the configmaps/secrets with rules will be set to.

sidecar.rules.folder📜

Type: string

Default value
"/rules"

Description: Folder into which the rules will be placed.

sidecar.rules.searchNamespace📜

Type: string

Default value
nil

Description: Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It’s also possible to specify ‘ALL’ to search in all namespaces.

sidecar.rules.watchMethod📜

Type: string

Default value
"WATCH"

Description: Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.

sidecar.rules.resource📜

Type: string

Default value
"both"

Description: Search in configmap, secret, or both.

sidecar.rules.script📜

Type: string

Default value
nil

Description: Absolute path to the shell script to execute after a configmap or secret has been reloaded.

sidecar.rules.watchServerTimeout📜

Type: int

Default value
60

Description: WatchServerTimeout: request to the server, asking it to cleanly close the connection after that. defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.

sidecar.rules.watchClientTimeout📜

Type: int

Default value
60

Description: WatchClientTimeout: is a client-side timeout, configuring your local socket. If you have a network outage dropping all packets with no RST/FIN, this is how long your client waits before realizing & dropping the connection. Defaults to 66sec.

sidecar.rules.logLevel📜

Type: string

Default value
"INFO"

Description: Log level of the sidecar container.