loki values.yaml
📜
global.image.registry📜
Type: string
nil
Description: Overrides the Docker registry globally for all images
global.priorityClassName📜
Type: string
nil
Description: Overrides the priorityClassName for all pods
global.clusterDomain📜
Type: string
"cluster.local"
Description: configures cluster domain (“cluster.local” by default)
global.dnsService📜
Type: string
"kube-dns"
Description: configures DNS service name
global.dnsNamespace📜
Type: string
"kube-system"
Description: configures DNS service namespace
nameOverride📜
Type: string
"logging-loki"
Description: Overrides the chart’s name
openshift📜
Type: bool
false
fullnameOverride📜
Type: string
"logging-loki"
Description: Overrides the chart’s computed fullname
clusterLabelOverride📜
Type: string
nil
Description: Overrides the chart’s cluster label
imagePullSecrets📜
Type: list
- name: private-registry
Description: Image pull secrets for Docker images
kubectlImage.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry
kubectlImage.repository📜
Type: string
"ironbank/opensource/kubernetes/kubectl"
Description: Docker image repository
kubectlImage.tag📜
Type: string
"v1.28.8"
Description: Overrides the image tag whose default is the chart’s appVersion
kubectlImage.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
kubectlImage.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.readinessProbe.httpGet.path📜
Type: string
"/ready"
loki.readinessProbe.httpGet.port📜
Type: string
"http-metrics"
loki.readinessProbe.initialDelaySeconds📜
Type: int
30
loki.readinessProbe.timeoutSeconds📜
Type: int
1
loki.image.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry
loki.image.repository📜
Type: string
"ironbank/opensource/grafana/loki"
Description: Docker image repository
loki.image.tag📜
Type: string
"2.9.6"
Description: Overrides the image tag whose default is the chart’s appVersion
loki.image.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
loki.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
loki.annotations📜
Type: object
{}
Description: Common annotations for all deployments/StatefulSets
loki.podAnnotations📜
Type: object
{}
Description: Common annotations for all pods
loki.podLabels📜
Type: object
{}
Description: Common labels for all pods
loki.serviceAnnotations📜
Type: object
{}
Description: Common annotations for all services
loki.serviceLabels📜
Type: object
{}
Description: Common labels for all services
loki.revisionHistoryLimit📜
Type: int
10
Description: The number of old ReplicaSets to retain to allow rollback
loki.podSecurityContext📜
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: The SecurityContext for Loki pods
loki.containerSecurityContext📜
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
Description: The SecurityContext for Loki containers
loki.enableServiceLinks📜
Type: bool
true
Description: Should enableServiceLinks be enabled. Default to enable
loki.existingSecretForConfig📜
Type: string
""
Description: Specify an existing secret containing loki configuration. If non-empty, overrides loki.config
loki.configStorageType📜
Type: string
"ConfigMap"
Description: Defines what kind of object stores the configuration, a ConfigMap or a Secret. In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use environment variables in the configuration. Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see Secrets.
loki.externalConfigSecretName📜
Type: string
"{{ include \"loki.name\" . }}"
Description: Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).
loki.auth_enabled📜
Type: bool
false
loki.memberlistConfig📜
Type: object
{}
Description: memberlist configuration (overrides embedded default)
loki.extraMemberlistConfig📜
Type: object
{}
Description: Extra memberlist configuration
loki.tenants📜
Type: list
[]
Description: Tenants list to be created on nginx htpasswd file, with name and password keys
loki.server📜
Type: object
grpc_listen_port: 9095
http_listen_port: 3100
Description: Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.
loki.limits_config📜
Type: object
max_cache_freshness_per_query: 10m
reject_old_samples: true
reject_old_samples_max_age: 168h
split_queries_by_interval: 15m
Description: Limits config
loki.runtimeConfig📜
Type: object
{}
Description: Provides a reloadable runtime configuration file for some specific configuration
loki.commonConfig📜
Type: object
compactor_address: '{{ include "loki.compactorAddress" . }}'
path_prefix: /var/loki
replication_factor: 1
Description: Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration
loki.storage📜
Type: object
azure:
accountKey: null
accountName: null
connectionString: null
endpointSuffix: null
requestTimeout: null
useFederatedToken: false
useManagedIdentity: false
userAssignedId: null
bucketNames:
admin: loki-admin
chunks: loki
ruler: loki
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
gcs:
chunkBufferSize: 0
enableHttp2: true
requestTimeout: 0s
s3:
accessKeyId: null
backoff_config: {}
endpoint: null
http_config: {}
insecure: false
region: null
s3: null
s3ForcePathStyle: false
secretAccessKey: null
signatureVersion: null
swift:
auth_url: null
auth_version: null
connect_timeout: null
container_name: null
domain_id: null
domain_name: null
internal: null
max_retries: null
password: null
project_domain_id: null
project_domain_name: null
project_id: null
project_name: null
region_name: null
request_timeout: null
user_domain_id: null
user_domain_name: null
user_id: null
username: null
type: s3
Description: Storage config. Providing this will automatically populate all necessary storage configs in the templated config.
loki.storage.s3.backoff_config📜
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configure/#s3_storage_config for more info on how to provide a backoff_config
loki.memcached📜
Type: object
chunk_cache:
batch_size: 256
enabled: false
host: ''
parallelism: 10
service: memcached-client
results_cache:
default_validity: 12h
enabled: false
host: ''
service: memcached-client
timeout: 500ms
Description: Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.
loki.schemaConfig📜
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas
loki.rulerConfig📜
Type: object
{}
Description: Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler
loki.structuredConfig📜
Type: object
{}
Description: Structured loki configuration, takes precedence over loki.config
, loki.schemaConfig
, loki.storageConfig
loki.query_scheduler📜
Type: object
{}
Description: Additional query scheduler config
loki.storage_config📜
Type: object
boltdb_shipper:
active_index_directory: /var/loki/boltdb-shipper-active
cache_location: /var/loki/boltdb-shipper-cache
cache_ttl: 24h
hedging:
at: 250ms
max_per_second: 20
up_to: 3
tsdb_shipper:
active_index_directory: /var/loki/tsdb-index
cache_location: /var/loki/tsdb-cache
cache_ttl: 24h
Description: Additional storage config
loki.compactor📜
Type: object
{}
Description: Optional compactor configuration
loki.analytics📜
Type: object
reporting_enabled: false
Description: Optional analytics configuration
loki.analytics.reporting_enabled📜
Type: bool
false
Description: Disable anonymous usage statistics
loki.querier📜
Type: object
{}
Description: Optional querier configuration
loki.ingester📜
Type: object
autoforget_unhealthy: true
chunk_target_size: 196608
flush_check_period: 5s
flush_op_timeout: 100m
lifecycler:
ring:
kvstore:
store: memberlist
Description: Optional ingester configuration
loki.index_gateway📜
Type: object
mode: ring
Description: Optional index gateway configuration
loki.frontend.scheduler_address📜
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.frontend_worker.scheduler_address📜
Type: string
"{{ include \"loki.querySchedulerAddress\" . }}"
loki.distributor📜
Type: object
{}
Description: Optional distributor configuration
loki.tracing📜
Type: object
enabled: false
Description: Enable tracing
enterprise.enabled📜
Type: bool
false
enterprise.version📜
Type: string
"v1.8.6"
enterprise.cluster_name📜
Type: string
nil
Description: Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license
enterprise.license📜
Type: object
contents: NOTAVALIDLICENSE
Description: Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag --set-file 'enterprise.license.contents=./license.jwt'
enterprise.useExternalLicense📜
Type: bool
false
Description: Set to true when providing an external license
enterprise.externalLicenseName📜
Type: string
nil
Description: Name of external license secret to use
enterprise.externalConfigName📜
Type: string
""
Description: Name of the external config secret to use
enterprise.adminApi📜
Type: object
enabled: true
Description: If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to type: trust
, or that auth_enabled
is set to false
.
enterprise.config📜
Type: string
"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}\nadmin_client:\n storage:\n s3:\n bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n path: /etc/loki/license/license.jwt\n"
enterprise.image.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry
enterprise.image.repository📜
Type: string
"ironbank/grafana/grafana-enterprise-logs"
Description: Docker image repository
enterprise.image.tag📜
Type: string
"v1.7.1"
Description: Overrides the image tag whose default is the chart’s appVersion
enterprise.image.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.adminToken.secret📜
Type: string
nil
Description: Alternative name for admin token secret, needed by tokengen and provisioner jobs
enterprise.adminToken.additionalNamespaces📜
Type: list
[]
Description: Additional namespace to also create the token in. Useful if your Grafana instance is in a different namespace
enterprise.canarySecret📜
Type: string
nil
Description: Alternative name of the secret to store token for the canary
enterprise.tokengen📜
Type: object
annotations:
sidecar.istio.io/inject: 'false'
enabled: true
env: []
extraArgs: []
extraEnvFrom: []
extraVolumeMounts: []
extraVolumes: []
labels: {}
priorityClassName: ''
securityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
targetModule: tokengen
tolerations: []
Description: Configuration for tokengen
target
enterprise.tokengen.enabled📜
Type: bool
true
Description: Whether the job should be part of the deployment
enterprise.tokengen.targetModule📜
Type: string
"tokengen"
Description: Comma-separated list of Loki modules to load for tokengen
enterprise.tokengen.extraArgs📜
Type: list
[]
Description: Additional CLI arguments for the tokengen
target
enterprise.tokengen.env📜
Type: list
[]
Description: Additional Kubernetes environment
enterprise.tokengen.labels📜
Type: object
{}
Description: Additional labels for the tokengen
Job
enterprise.tokengen.annotations📜
Type: object
sidecar.istio.io/inject: 'false'
Description: Additional annotations for the tokengen
Job
enterprise.tokengen.tolerations📜
Type: list
[]
Description: Tolerations for tokengen Job
enterprise.tokengen.extraVolumes📜
Type: list
[]
Description: Additional volumes for Pods
enterprise.tokengen.extraVolumeMounts📜
Type: list
[]
Description: Additional volume mounts for Pods
enterprise.tokengen.securityContext📜
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.tokengen.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the tokengen pods
enterprise.tokengen.priorityClassName📜
Type: string
""
Description: The name of the PriorityClass for tokengen Pods
enterprise.provisioner📜
Type: object
additionalTenants: []
annotations: {}
enabled: false
env: []
extraVolumeMounts: []
image:
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/enterprise-logs-provisioner
tag: null
labels: {}
priorityClassName: null
provisionedSecretPrefix: null
securityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Configuration for provisioner
target
enterprise.provisioner.enabled📜
Type: bool
false
Description: Whether the job should be part of the deployment
enterprise.provisioner.provisionedSecretPrefix📜
Type: string
nil
Description: Name of the secret to store provisioned tokens in
enterprise.provisioner.additionalTenants📜
Type: list
[]
Description: Additional tenants to be created. Each tenant will get a read and write policy and associated token. Tenant must have a name and a namespace for the secret containting the token to be created in. For example additionalTenants: - name: loki secretNamespace: grafana
enterprise.provisioner.env📜
Type: list
[]
Description: Additional Kubernetes environment
enterprise.provisioner.labels📜
Type: object
{}
Description: Additional labels for the provisioner
Job
enterprise.provisioner.annotations📜
Type: object
{}
Description: Additional annotations for the provisioner
Job
enterprise.provisioner.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for provisioner Job
enterprise.provisioner.securityContext📜
Type: object
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
Description: Run containers as user enterprise-logs(uid=10001)
enterprise.provisioner.image📜
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/enterprise-logs-provisioner
tag: null
Description: Provisioner image to Utilize
enterprise.provisioner.image.registry📜
Type: string
"docker.io"
Description: The Docker registry
enterprise.provisioner.image.repository📜
Type: string
"grafana/enterprise-logs-provisioner"
Description: Docker image repository
enterprise.provisioner.image.tag📜
Type: string
nil
Description: Overrides the image tag whose default is the chart’s appVersion
enterprise.provisioner.image.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
enterprise.provisioner.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
enterprise.provisioner.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the provisioner pods
migrate📜
Type: object
fromDistributed:
enabled: false
memberlistService: ''
Description: Options that may be necessary when performing a migration from another helm chart
migrate.fromDistributed📜
Type: object
enabled: false
memberlistService: ''
Description: When migrating from a distributed chart like loki-distributed or enterprise-logs
migrate.fromDistributed.enabled📜
Type: bool
false
Description: Set to true if migrating from a distributed helm chart
migrate.fromDistributed.memberlistService📜
Type: string
""
Description: If migrating from a distributed service, provide the distributed deployment’s memberlist service DNS so the new deployment can join its ring.
serviceAccount.create📜
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.name📜
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
serviceAccount.imagePullSecrets📜
Type: list
[]
Description: Image pull secrets for the service account
serviceAccount.annotations📜
Type: object
{}
Description: Annotations for the service account
serviceAccount.labels📜
Type: object
{}
Description: Labels for the service account
serviceAccount.automountServiceAccountToken📜
Type: bool
false
Description: Set this toggle to false to opt out of automounting API credentials for the service account
rbac.pspEnabled📜
Type: bool
false
Description: If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.
rbac.sccEnabled📜
Type: bool
false
Description: For OpenShift set pspEnabled to ‘false’ and sccEnabled to ‘true’ to use the SecurityContextConstraints.
rbac.pspAnnotations📜
Type: object
{}
Description: Specify PSP annotations Ref: https://kubernetes.io/docs/reference/access-authn-authz/psp-to-pod-security-standards/#podsecuritypolicy-annotations
rbac.namespaced📜
Type: bool
false
Description: Whether to install RBAC in the namespace only or cluster-wide. Useful if you want to watch ConfigMap globally.
test📜
Type: object
annotations: {}
enabled: false
image:
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-helm-test
tag: null
labels: {}
prometheusAddress: http://prometheus:9090
timeout: 1m
Description: Section for configuring optional Helm test
test.prometheusAddress📜
Type: string
"http://prometheus:9090"
Description: Address of the prometheus server to query for the test
test.timeout📜
Type: string
"1m"
Description: Number of times to retry the test before failing
test.labels📜
Type: object
{}
Description: Additional labels for the test pods
test.annotations📜
Type: object
{}
Description: Additional annotations for test pods
test.image📜
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-helm-test
tag: null
Description: Image to use for loki canary
test.image.registry📜
Type: string
"docker.io"
Description: The Docker registry
test.image.repository📜
Type: string
"grafana/loki-helm-test"
Description: Docker image repository
test.image.tag📜
Type: string
nil
Description: Overrides the image tag whose default is the chart’s appVersion
test.image.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
test.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
fluentbit.enabled📜
Type: bool
false
promtail.enabled📜
Type: bool
false
monitoring.enabled📜
Type: bool
false
Description: Enable BigBang integration of Monitoring components
monitoring.dashboards.enabled📜
Type: bool
false
Description: If enabled, create configmap with dashboards for monitoring Loki
monitoring.dashboards.namespace📜
Type: string
nil
Description: Alternative namespace to create dashboards ConfigMap in
monitoring.dashboards.annotations📜
Type: object
{}
Description: Additional annotations for the dashboards ConfigMap
monitoring.dashboards.labels📜
Type: object
grafana_dashboard: '1'
Description: Labels for the dashboards ConfigMap
monitoring.rules.enabled📜
Type: bool
false
Description: If enabled, create PrometheusRule resource with Loki recording rules
monitoring.rules.alerting📜
Type: bool
true
Description: Include alerting rules
monitoring.rules.disabled📜
Type: object
{}
Description: If you disable all the alerts and keep .monitoring.rules.alerting set to true, the chart will fail to render.
monitoring.rules.namespace📜
Type: string
nil
Description: Alternative namespace to create PrometheusRule resources in
monitoring.rules.annotations📜
Type: object
{}
Description: Additional annotations for the rules PrometheusRule resource
monitoring.rules.labels📜
Type: object
{}
Description: Additional labels for the rules PrometheusRule resource
monitoring.rules.additionalRuleLabels📜
Type: object
{}
Description: Additional labels for PrometheusRule alerts
monitoring.rules.additionalGroups📜
Type: list
[]
Description: Additional groups to add to the rules file
monitoring.serviceMonitor.enabled📜
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
monitoring.serviceMonitor.namespace📜
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
monitoring.serviceMonitor.namespaceSelector📜
Type: object
{}
Description: Namespace selector for ServiceMonitor resources
monitoring.serviceMonitor.annotations📜
Type: object
{}
Description: ServiceMonitor annotations
monitoring.serviceMonitor.labels📜
Type: object
{}
Description: Additional ServiceMonitor labels
monitoring.serviceMonitor.interval📜
Type: string
"15s"
Description: ServiceMonitor scrape interval Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at least 1/4 rate interval.
monitoring.serviceMonitor.scrapeTimeout📜
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
monitoring.serviceMonitor.relabelings📜
Type: list
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.serviceMonitor.metricRelabelings📜
Type: list
[]
Description: ServiceMonitor metric relabel configs to apply to samples before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
monitoring.serviceMonitor.scheme📜
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
monitoring.serviceMonitor.tlsConfig📜
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
monitoring.serviceMonitor.metricsInstance📜
Type: object
annotations: {}
enabled: false
labels: {}
remoteWrite: null
Description: If defined, will create a MetricsInstance for the Grafana Agent Operator.
monitoring.serviceMonitor.metricsInstance.enabled📜
Type: bool
false
Description: If enabled, MetricsInstance resources for Grafana Agent Operator are created
monitoring.serviceMonitor.metricsInstance.annotations📜
Type: object
{}
Description: MetricsInstance annotations
monitoring.serviceMonitor.metricsInstance.labels📜
Type: object
{}
Description: Additional MetricsInstance labels
monitoring.serviceMonitor.metricsInstance.remoteWrite📜
Type: string
nil
Description: If defined a MetricsInstance will be created to remote write metrics.
monitoring.selfMonitoring.enabled📜
Type: bool
false
monitoring.selfMonitoring.tenant📜
Type: object
name: self-monitoring
secretNamespace: '{{ .Release.Namespace }}'
Description: Tenant to use for self monitoring
monitoring.selfMonitoring.tenant.name📜
Type: string
"self-monitoring"
Description: Name of the tenant
monitoring.selfMonitoring.tenant.secretNamespace📜
Type: string
"{{ .Release.Namespace }}"
Description: Namespace to create additional tenant token secret in. Useful if your Grafana instance is in a separate namespace. Token will still be created in the canary namespace.
monitoring.selfMonitoring.grafanaAgent.installOperator📜
Type: bool
false
Description: Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds
monitoring.selfMonitoring.grafanaAgent.namespace📜
Type: string
nil
Description: Alternative namespace for Grafana Agent resources
monitoring.selfMonitoring.grafanaAgent.annotations📜
Type: object
{}
Description: Grafana Agent annotations
monitoring.selfMonitoring.grafanaAgent.labels📜
Type: object
{}
Description: Additional Grafana Agent labels
monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPI📜
Type: bool
false
Description: Enable the config read api on port 8080 of the agent
monitoring.selfMonitoring.grafanaAgent.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for GrafanaAgent pods
monitoring.selfMonitoring.grafanaAgent.resources📜
Type: object
{}
Description: Resource requests and limits for the grafanaAgent pods
monitoring.selfMonitoring.grafanaAgent.tolerations📜
Type: list
[]
Description: Tolerations for GrafanaAgent pods
monitoring.selfMonitoring.podLogs.apiVersion📜
Type: string
"monitoring.grafana.com/v1alpha1"
Description: PodLogs version
monitoring.selfMonitoring.podLogs.annotations📜
Type: object
{}
Description: PodLogs annotations
monitoring.selfMonitoring.podLogs.labels📜
Type: object
{}
Description: Additional PodLogs labels
monitoring.selfMonitoring.podLogs.relabelings📜
Type: list
[]
Description: PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
monitoring.selfMonitoring.podLogs.additionalPipelineStages📜
Type: list
[]
Description: Additional pipeline stages to process logs after scraping https://grafana.com/docs/agent/latest/operator/api/#pipelinestagespec-a-namemonitoringgrafanacomv1alpha1pipelinestagespeca
monitoring.selfMonitoring.logsInstance.annotations📜
Type: object
{}
Description: LogsInstance annotations
monitoring.selfMonitoring.logsInstance.labels📜
Type: object
{}
Description: Additional LogsInstance labels
monitoring.selfMonitoring.logsInstance.clients📜
Type: string
nil
Description: Additional clients for remote write
monitoring.lokiCanary.enabled📜
Type: bool
false
monitoring.lokiCanary.annotations📜
Type: object
{}
Description: Additional annotations for the loki-canary
Daemonset
monitoring.lokiCanary.podLabels📜
Type: object
{}
Description: Additional labels for each loki-canary
pod
monitoring.lokiCanary.service.annotations📜
Type: object
{}
Description: Annotations for loki-canary Service
monitoring.lokiCanary.service.labels📜
Type: object
{}
Description: Additional labels for loki-canary Service
monitoring.lokiCanary.extraArgs📜
Type: list
[]
Description: Additional CLI arguments for the `loki-canary’ command
monitoring.lokiCanary.extraEnv📜
Type: list
[]
Description: Environment variables to add to the canary pods
monitoring.lokiCanary.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the canary pods
monitoring.lokiCanary.resources📜
Type: object
{}
Description: Resource requests and limits for the canary
monitoring.lokiCanary.dnsConfig📜
Type: object
{}
Description: DNS config for canary pods
monitoring.lokiCanary.nodeSelector📜
Type: object
{}
Description: Node selector for canary pods
monitoring.lokiCanary.tolerations📜
Type: list
[]
Description: Tolerations for canary pods
monitoring.lokiCanary.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for loki-canary pods
monitoring.lokiCanary.image📜
Type: object
digest: null
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/loki-canary
tag: null
Description: Image to use for loki canary
monitoring.lokiCanary.image.registry📜
Type: string
"docker.io"
Description: The Docker registry
monitoring.lokiCanary.image.repository📜
Type: string
"grafana/loki-canary"
Description: Docker image repository
monitoring.lokiCanary.image.tag📜
Type: string
nil
Description: Overrides the image tag whose default is the chart’s appVersion
monitoring.lokiCanary.image.digest📜
Type: string
nil
Description: Overrides the image tag with an image digest
monitoring.lokiCanary.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
monitoring.lokiCanary.updateStrategy📜
Type: object
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
Description: Update strategy for the loki-canary
Daemonset pods
write.replicas📜
Type: int
3
Description: Number of replicas for the write
write.autoscaling.enabled📜
Type: bool
false
Description: Enable autoscaling for the write.
write.autoscaling.minReplicas📜
Type: int
2
Description: Minimum autoscaling replicas for the write.
write.autoscaling.maxReplicas📜
Type: int
6
Description: Maximum autoscaling replicas for the write.
write.autoscaling.targetCPUUtilizationPercentage📜
Type: int
60
Description: Target CPU utilisation percentage for the write.
write.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
Description: Target memory utilization percentage for the write.
write.autoscaling.behavior📜
Type: object
scaleDown:
policies:
- periodSeconds: 1800
type: Pods
value: 1
stabilizationWindowSeconds: 3600
scaleUp:
policies:
- periodSeconds: 900
type: Pods
value: 1
Description: Behavior policies while scaling.
write.autoscaling.behavior.scaleUp📜
Type: object
policies:
- periodSeconds: 900
type: Pods
value: 1
Description: see https://github.com/grafana/loki/blob/main/docs/sources/operations/storage/wal.md#how-to-scale-updown for scaledown details
write.image.registry📜
Type: string
nil
Description: The Docker registry for the write image. Overrides loki.image.registry
write.image.repository📜
Type: string
nil
Description: Docker image repository for the write image. Overrides loki.image.repository
write.image.tag📜
Type: string
nil
Description: Docker image tag for the write image. Overrides loki.image.tag
write.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for write pods
write.annotations📜
Type: object
{}
Description: Annotations for write StatefulSet
write.podAnnotations📜
Type: object
{}
Description: Annotations for write pods
write.podLabels📜
Type: object
{}
Description: Additional labels for each write
pod
write.selectorLabels📜
Type: object
{}
Description: Additional selector labels for each write
pod
write.service.annotations📜
Type: object
{}
Description: Annotations for write Service
write.service.labels📜
Type: object
{}
Description: Additional labels for write Service
write.targetModule📜
Type: string
"write"
Description: Comma-separated list of Loki modules to load for the write
write.extraArgs📜
Type: list
[]
Description: Additional CLI args for the write
write.extraEnv📜
Type: list
[]
Description: Environment variables to add to the write pods
write.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the write pods
write.lifecycle📜
Type: object
{}
Description: Lifecycle for the write container
write.initContainers📜
Type: list
[]
Description: Init containers to add to the write pods
write.extraContainers📜
Type: list
[]
Description: Containers to add to the write pods
write.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the write pods
write.extraVolumes📜
Type: list
[]
Description: Volumes to add to the write pods
write.extraVolumeClaimTemplates📜
Type: list
[]
Description: volumeClaimTemplates to add to StatefulSet
write.resources📜
Type: object
limits:
cpu: 300m
memory: 2Gi
requests:
cpu: 300m
memory: 2Gi
Description: Resource requests and limits for the write
write.terminationGracePeriodSeconds📜
Type: int
300
Description: Grace period to allow the write to shutdown before it is killed. Especially for the ingestor, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
write.dnsConfig📜
Type: object
{}
Description: DNS config for write pods
write.nodeSelector📜
Type: object
{}
Description: Node selector for write pods
write.topologySpreadConstraints📜
Type: list
[]
Description: Topology Spread Constraints for write pods
write.tolerations📜
Type: list
[]
Description: Tolerations for write pods
write.podManagementPolicy📜
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
write.persistence.volumeClaimsEnabled📜
Type: bool
true
Description: Enable volume claims in pod spec
write.persistence.dataVolumeParameters📜
Type: object
emptyDir: {}
Description: Parameters used for the data
volume when volumeClaimEnabled if false
write.persistence.enableStatefulSetAutoDeletePVC📜
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
write.persistence.size📜
Type: string
"10Gi"
Description: Size of persistent disk
write.persistence.storageClass📜
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
write.persistence.selector📜
Type: string
nil
Description: Selector for persistent disk
write.podDisruptionBudget.maxUnavailable📜
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
tableManager.enabled📜
Type: bool
false
Description: Specifies whether the table-manager should be enabled
tableManager.image.registry📜
Type: string
nil
Description: The Docker registry for the table-manager image. Overrides loki.image.registry
tableManager.image.repository📜
Type: string
nil
Description: Docker image repository for the table-manager image. Overrides loki.image.repository
tableManager.image.tag📜
Type: string
nil
Description: Docker image tag for the table-manager image. Overrides loki.image.tag
tableManager.command📜
Type: string
nil
Description: Command to execute instead of defined in Docker image
tableManager.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for table-manager pods
tableManager.podLabels📜
Type: object
{}
Description: Labels for table-manager pods
tableManager.annotations📜
Type: object
{}
Description: Annotations for table-manager deployment
tableManager.podAnnotations📜
Type: object
{}
Description: Annotations for table-manager pods
tableManager.service.annotations📜
Type: object
{}
Description: Annotations for table-manager Service
tableManager.service.labels📜
Type: object
{}
Description: Additional labels for table-manager Service
tableManager.extraArgs📜
Type: list
[]
Description: Additional CLI args for the table-manager
tableManager.extraEnv📜
Type: list
[]
Description: Environment variables to add to the table-manager pods
tableManager.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the table-manager pods
tableManager.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the table-manager pods
tableManager.extraVolumes📜
Type: list
[]
Description: Volumes to add to the table-manager pods
tableManager.resources📜
Type: object
{}
Description: Resource requests and limits for the table-manager
tableManager.extraContainers📜
Type: list
[]
Description: Containers to add to the table-manager pods
tableManager.terminationGracePeriodSeconds📜
Type: int
30
Description: Grace period to allow the table-manager to shutdown before it is killed
tableManager.dnsConfig📜
Type: object
{}
Description: DNS config table-manager pods
tableManager.nodeSelector📜
Type: object
{}
Description: Node selector for table-manager pods
tableManager.tolerations📜
Type: list
[]
Description: Tolerations for table-manager pods
tableManager.retention_deletes_enabled📜
Type: bool
false
Description: Enable deletes by retention
tableManager.retention_period📜
Type: int
0
Description: Set retention period
read.replicas📜
Type: int
3
Description: Number of replicas for the read
read.autoscaling.enabled📜
Type: bool
false
Description: Enable autoscaling for the read, this is only used if queryIndex.enabled: true
read.autoscaling.minReplicas📜
Type: int
2
Description: Minimum autoscaling replicas for the read
read.autoscaling.maxReplicas📜
Type: int
6
Description: Maximum autoscaling replicas for the read
read.autoscaling.targetCPUUtilizationPercentage📜
Type: int
60
Description: Target CPU utilisation percentage for the read
read.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
Description: Target memory utilisation percentage for the read
read.autoscaling.behavior📜
Type: object
{}
Description: Behavior policies while scaling.
read.image.registry📜
Type: string
nil
Description: The Docker registry for the read image. Overrides loki.image.registry
read.image.repository📜
Type: string
nil
Description: Docker image repository for the read image. Overrides loki.image.repository
read.image.tag📜
Type: string
nil
Description: Docker image tag for the read image. Overrides loki.image.tag
read.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for read pods
read.annotations📜
Type: object
{}
Description: Annotations for read deployment
read.podAnnotations📜
Type: object
{}
Description: Annotations for read pods
read.podLabels📜
Type: object
{}
Description: Additional labels for each read
pod
read.selectorLabels📜
Type: object
{}
Description: Additional selector labels for each read
pod
read.service.annotations📜
Type: object
{}
Description: Annotations for read Service
read.service.labels📜
Type: object
{}
Description: Additional labels for read Service
read.targetModule📜
Type: string
"read"
Description: Comma-separated list of Loki modules to load for the read
read.legacyReadTarget📜
Type: bool
false
Description: Whether or not to use the 2 target type simple scalable mode (read, write) or the 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will run two targets, false will run 3 targets.
read.extraArgs📜
Type: list
[]
Description: Additional CLI args for the read
read.extraContainers📜
Type: list
[]
Description: Containers to add to the read pods
read.extraEnv📜
Type: list
[]
Description: Environment variables to add to the read pods
read.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the read pods
read.lifecycle📜
Type: object
{}
Description: Lifecycle for the read container
read.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the read pods
read.extraVolumes📜
Type: list
[]
Description: Volumes to add to the read pods
read.resources📜
Type: object
limits:
cpu: 300m
memory: 2Gi
requests:
cpu: 300m
memory: 2Gi
Description: Resource requests and limits for the read
read.terminationGracePeriodSeconds📜
Type: int
30
Description: Grace period to allow the read to shutdown before it is killed
read.dnsConfig📜
Type: object
{}
Description: DNS config for read pods
read.nodeSelector📜
Type: object
{}
Description: Node selector for read pods
read.topologySpreadConstraints📜
Type: list
[]
Description: Topology Spread Constraints for read pods
read.tolerations📜
Type: list
[]
Description: Tolerations for read pods
read.podManagementPolicy📜
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
read.persistence.enableStatefulSetAutoDeletePVC📜
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
read.persistence.size📜
Type: string
"10Gi"
Description: Size of persistent disk
read.persistence.storageClass📜
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
read.persistence.selector📜
Type: string
nil
Description: Selector for persistent disk
read.podDisruptionBudget.maxUnavailable📜
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
backend.replicas📜
Type: int
3
Description: Number of replicas for the backend
backend.autoscaling.enabled📜
Type: bool
false
Description: Enable autoscaling for the backend.
backend.autoscaling.minReplicas📜
Type: int
2
Description: Minimum autoscaling replicas for the backend.
backend.autoscaling.maxReplicas📜
Type: int
6
Description: Maximum autoscaling replicas for the backend.
backend.autoscaling.targetCPUUtilizationPercentage📜
Type: int
60
Description: Target CPU utilization percentage for the backend.
backend.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
Description: Target memory utilization percentage for the backend.
backend.autoscaling.behavior📜
Type: object
{}
Description: Behavior policies while scaling.
backend.image.registry📜
Type: string
nil
Description: The Docker registry for the backend image. Overrides loki.image.registry
backend.image.repository📜
Type: string
nil
Description: Docker image repository for the backend image. Overrides loki.image.repository
backend.image.tag📜
Type: string
nil
Description: Docker image tag for the backend image. Overrides loki.image.tag
backend.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for backend pods
backend.annotations📜
Type: object
{}
Description: Annotations for backend StatefulSet
backend.podAnnotations📜
Type: object
{}
Description: Annotations for backend pods
backend.podLabels📜
Type: object
{}
Description: Additional labels for each backend
pod
backend.selectorLabels📜
Type: object
{}
Description: Additional selector labels for each backend
pod
backend.service.annotations📜
Type: object
{}
Description: Annotations for backend Service
backend.service.labels📜
Type: object
{}
Description: Additional labels for backend Service
backend.targetModule📜
Type: string
"backend"
Description: Comma-separated list of Loki modules to load for the read
backend.extraArgs📜
Type: list
[]
Description: Additional CLI args for the backend
backend.extraEnv📜
Type: list
[]
Description: Environment variables to add to the backend pods
backend.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the backend pods
backend.initContainers📜
Type: list
[]
Description: Init containers to add to the backend pods
backend.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the backend pods
backend.extraVolumes📜
Type: list
[]
Description: Volumes to add to the backend pods
backend.resources📜
Type: object
{}
Description: Resource requests and limits for the backend
backend.terminationGracePeriodSeconds📜
Type: int
300
Description: Grace period to allow the backend to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.
backend.dnsConfig📜
Type: object
{}
Description: DNS config for backend pods
backend.nodeSelector📜
Type: object
{}
Description: Node selector for backend pods
backend.topologySpreadConstraints📜
Type: list
[]
Description: Topology Spread Constraints for backend pods
backend.tolerations📜
Type: list
[]
Description: Tolerations for backend pods
backend.podManagementPolicy📜
Type: string
"Parallel"
Description: The default is to deploy all pods in parallel.
backend.persistence.volumeClaimsEnabled📜
Type: bool
true
Description: Enable volume claims in pod spec
backend.persistence.dataVolumeParameters📜
Type: object
emptyDir: {}
Description: Parameters used for the data
volume when volumeClaimEnabled if false
backend.persistence.enableStatefulSetAutoDeletePVC📜
Type: bool
true
Description: Enable StatefulSetAutoDeletePVC feature
backend.persistence.size📜
Type: string
"10Gi"
Description: Size of persistent disk
backend.persistence.storageClass📜
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
backend.persistence.selector📜
Type: string
nil
Description: Selector for persistent disk
backend.podDisruptionBudget.maxUnavailable📜
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
singleBinary.replicas📜
Type: int
1
Description: Number of replicas for the single binary
singleBinary.autoscaling.enabled📜
Type: bool
false
Description: Enable autoscaling
singleBinary.autoscaling.minReplicas📜
Type: int
1
Description: Minimum autoscaling replicas for the single binary
singleBinary.autoscaling.maxReplicas📜
Type: int
3
Description: Maximum autoscaling replicas for the single binary
singleBinary.autoscaling.targetCPUUtilizationPercentage📜
Type: int
60
Description: Target CPU utilisation percentage for the single binary
singleBinary.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
Description: Target memory utilisation percentage for the single binary
singleBinary.image.registry📜
Type: string
nil
Description: The Docker registry for the single binary image. Overrides loki.image.registry
singleBinary.image.repository📜
Type: string
nil
Description: Docker image repository for the single binary image. Overrides loki.image.repository
singleBinary.image.tag📜
Type: string
nil
Description: Docker image tag for the single binary image. Overrides loki.image.tag
singleBinary.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for single binary pods
singleBinary.annotations📜
Type: object
{}
Description: Annotations for single binary StatefulSet
singleBinary.podAnnotations📜
Type: object
{}
Description: Annotations for single binary pods
singleBinary.podLabels📜
Type: object
{}
Description: Additional labels for each single binary
pod
singleBinary.selectorLabels📜
Type: object
{}
Description: Additional selector labels for each single binary
pod
singleBinary.service.annotations📜
Type: object
{}
Description: Annotations for single binary Service
singleBinary.service.labels📜
Type: object
{}
Description: Additional labels for single binary Service
singleBinary.targetModule📜
Type: string
"all"
Description: Comma-separated list of Loki modules to load for the single binary
singleBinary.extraArgs📜
Type: list
[]
Description: Labels for single binary service
singleBinary.extraEnv📜
Type: list
[]
Description: Environment variables to add to the single binary pods
singleBinary.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the single binary pods
singleBinary.extraContainers📜
Type: list
[]
Description: Extra containers to add to the single binary loki pod
singleBinary.initContainers📜
Type: list
[]
Description: Init containers to add to the single binary pods
singleBinary.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the single binary pods
singleBinary.extraVolumes📜
Type: list
[]
Description: Volumes to add to the single binary pods
singleBinary.resources📜
Type: object
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
Description: Resource requests and limits for the single binary
singleBinary.terminationGracePeriodSeconds📜
Type: int
30
Description: Grace period to allow the single binary to shutdown before it is killed
singleBinary.dnsConfig📜
Type: object
{}
Description: DNS config for single binary pods
singleBinary.nodeSelector📜
Type: object
{}
Description: Node selector for single binary pods
singleBinary.tolerations📜
Type: list
[]
Description: Tolerations for single binary pods
singleBinary.persistence.enableStatefulSetAutoDeletePVC📜
Type: bool
false
Description: Enable StatefulSetAutoDeletePVC feature
singleBinary.persistence.enabled📜
Type: bool
true
Description: Enable persistent disk
singleBinary.persistence.size📜
Type: string
"12Gi"
Description: Size of persistent disk
singleBinary.persistence.storageClass📜
Type: string
nil
Description: Storage class to be used. If defined, storageClassName:
singleBinary.persistence.selector📜
Type: string
nil
Description: Selector for persistent disk
ingress.enabled📜
Type: bool
false
ingress.ingressClassName📜
Type: string
""
ingress.annotations📜
Type: object
{}
ingress.labels📜
Type: object
{}
ingress.paths.write[0]📜
Type: string
"/api/prom/push"
ingress.paths.write[1]📜
Type: string
"/loki/api/v1/push"
ingress.paths.read[0]📜
Type: string
"/api/prom/tail"
ingress.paths.read[1]📜
Type: string
"/loki/api/v1/tail"
ingress.paths.read[2]📜
Type: string
"/loki/api"
ingress.paths.read[3]📜
Type: string
"/api/prom/rules"
ingress.paths.read[4]📜
Type: string
"/loki/api/v1/rules"
ingress.paths.read[5]📜
Type: string
"/prometheus/api/v1/rules"
ingress.paths.read[6]📜
Type: string
"/prometheus/api/v1/alerts"
ingress.paths.singleBinary[0]📜
Type: string
"/api/prom/push"
ingress.paths.singleBinary[1]📜
Type: string
"/loki/api/v1/push"
ingress.paths.singleBinary[2]📜
Type: string
"/api/prom/tail"
ingress.paths.singleBinary[3]📜
Type: string
"/loki/api/v1/tail"
ingress.paths.singleBinary[4]📜
Type: string
"/loki/api"
ingress.paths.singleBinary[5]📜
Type: string
"/api/prom/rules"
ingress.paths.singleBinary[6]📜
Type: string
"/loki/api/v1/rules"
ingress.paths.singleBinary[7]📜
Type: string
"/prometheus/api/v1/rules"
ingress.paths.singleBinary[8]📜
Type: string
"/prometheus/api/v1/alerts"
ingress.hosts📜
Type: list
- loki.example.com
Description: Hosts configuration for the ingress, passed through the tpl
function to allow templating
ingress.tls📜
Type: list
[]
Description: TLS configuration for the ingress. Hosts passed through the tpl
function to allow templating
memberlist.service.publishNotReadyAddresses📜
Type: bool
false
gateway.enabled📜
Type: bool
false
Description: Specifies whether the gateway should be enabled
gateway.replicas📜
Type: int
1
Description: Number of replicas for the gateway
gateway.verboseLogging📜
Type: bool
true
Description: Enable logging of 2xx and 3xx HTTP requests
gateway.autoscaling.enabled📜
Type: bool
false
Description: Enable autoscaling for the gateway
gateway.autoscaling.minReplicas📜
Type: int
1
Description: Minimum autoscaling replicas for the gateway
gateway.autoscaling.maxReplicas📜
Type: int
3
Description: Maximum autoscaling replicas for the gateway
gateway.autoscaling.targetCPUUtilizationPercentage📜
Type: int
60
Description: Target CPU utilisation percentage for the gateway
gateway.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
Description: Target memory utilisation percentage for the gateway
gateway.autoscaling.behavior📜
Type: object
{}
Description: Behavior policies while scaling.
gateway.deploymentStrategy.type📜
Type: string
"RollingUpdate"
gateway.image.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry for the gateway image
gateway.image.repository📜
Type: string
"ironbank/opensource/nginx/nginx"
Description: The gateway image repository
gateway.image.tag📜
Type: string
"1.25.4"
Description: The gateway image tag
gateway.image.digest📜
Type: string
nil
Description: Overrides the gateway image tag with an image digest
gateway.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: The gateway image pull policy
gateway.priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass for gateway pods
gateway.annotations📜
Type: object
{}
Description: Annotations for gateway deployment
gateway.podAnnotations📜
Type: object
{}
Description: Annotations for gateway pods
gateway.podLabels📜
Type: object
{}
Description: Additional labels for gateway pods
gateway.extraArgs📜
Type: list
[]
Description: Additional CLI args for the gateway
gateway.extraEnv📜
Type: list
[]
Description: Environment variables to add to the gateway pods
gateway.extraEnvFrom📜
Type: list
[]
Description: Environment variables from secrets or configmaps to add to the gateway pods
gateway.lifecycle📜
Type: object
{}
Description: Lifecycle for the gateway container
gateway.extraVolumes📜
Type: list
[]
Description: Volumes to add to the gateway pods
gateway.extraVolumeMounts📜
Type: list
[]
Description: Volume mounts to add to the gateway pods
gateway.podSecurityContext📜
Type: object
fsGroup: 101
runAsGroup: 101
runAsNonRoot: true
runAsUser: 101
Description: The SecurityContext for gateway containers
gateway.containerSecurityContext📜
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
Description: The SecurityContext for gateway containers
gateway.resources📜
Type: object
{}
Description: Resource requests and limits for the gateway
gateway.extraContainers📜
Type: list
[]
Description: Containers to add to the gateway pods
gateway.terminationGracePeriodSeconds📜
Type: int
30
Description: Grace period to allow the gateway to shutdown before it is killed
gateway.dnsConfig📜
Type: object
{}
Description: DNS config for gateway pods
gateway.nodeSelector📜
Type: object
{}
Description: Node selector for gateway pods
gateway.topologySpreadConstraints📜
Type: list
[]
Description: Topology Spread Constraints for gateway pods
gateway.tolerations📜
Type: list
[]
Description: Tolerations for gateway pods
gateway.service.port📜
Type: int
80
Description: Port of the gateway service
gateway.service.type📜
Type: string
"ClusterIP"
Description: Type of the gateway service
gateway.service.clusterIP📜
Type: string
nil
Description: ClusterIP of the gateway service
gateway.service.nodePort📜
Type: int
nil
Description: Node port if service type is NodePort
gateway.service.loadBalancerIP📜
Type: string
nil
Description: Load balancer IPO address if service type is LoadBalancer
gateway.service.annotations📜
Type: object
{}
Description: Annotations for the gateway service
gateway.service.labels📜
Type: object
{}
Description: Labels for gateway service
gateway.ingress.enabled📜
Type: bool
false
Description: Specifies whether an ingress for the gateway should be created
gateway.ingress.ingressClassName📜
Type: string
""
Description: Ingress Class Name. MAY be required for Kubernetes versions >= 1.18
gateway.ingress.annotations📜
Type: object
{}
Description: Annotations for the gateway ingress
gateway.ingress.labels📜
Type: object
{}
Description: Labels for the gateway ingress
gateway.ingress.hosts📜
Type: list
- host: gateway.loki.example.com
paths:
- path: /
Description: Hosts configuration for the gateway ingress, passed through the tpl
function to allow templating
gateway.ingress.tls📜
Type: list
- hosts:
- gateway.loki.example.com
secretName: loki-gateway-tls
Description: TLS configuration for the gateway ingress. Hosts passed through the tpl
function to allow templating
gateway.basicAuth.enabled📜
Type: bool
false
Description: Enables basic authentication for the gateway
gateway.basicAuth.username📜
Type: string
nil
Description: The basic auth username for the gateway
gateway.basicAuth.password📜
Type: string
nil
Description: The basic auth password for the gateway
gateway.basicAuth.htpasswd📜
Type: string
"{{ if .Values.loki.tenants }}\n\n {{- range $t := .Values.loki.tenants }}\n{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}\n\n {{- end }}\n{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}"
Description: Uses the specified users from the loki.tenants
list to create the htpasswd file if loki.tenants
is not set, the gateway.basicAuth.username
and gateway.basicAuth.password
are used The value is templated using tpl
. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.
gateway.basicAuth.existingSecret📜
Type: string
nil
Description: Existing basic auth secret to use. Must contain ‘.htpasswd’
gateway.readinessProbe.httpGet.path📜
Type: string
"/"
gateway.readinessProbe.httpGet.port📜
Type: string
"http"
gateway.readinessProbe.initialDelaySeconds📜
Type: int
15
gateway.readinessProbe.timeoutSeconds📜
Type: int
1
gateway.nginxConfig.enableIPv6📜
Type: bool
true
Description: Enable listener for IPv6, disable on IPv4-only systems
gateway.nginxConfig.logFormat📜
Type: string
"main '$remote_addr - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
Description: NGINX log format
gateway.nginxConfig.serverSnippet📜
Type: string
""
Description: Allows appending custom configuration to the server block
gateway.nginxConfig.httpSnippet📜
Type: string
"{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}"
Description: Allows appending custom configuration to the http block, passed through the tpl
function to allow templating
gateway.nginxConfig.customReadUrl📜
Type: string
nil
Description: Override Read URL
gateway.nginxConfig.customWriteUrl📜
Type: string
nil
Description: Override Write URL
gateway.nginxConfig.customBackendUrl📜
Type: string
nil
Description: Override Backend URL
gateway.nginxConfig.resolver📜
Type: string
""
Description: Allows overriding the DNS resolver address nginx will use.
gateway.podDisruptionBudget.maxUnavailable📜
Type: string
"1"
Description: Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
networkPolicy.enabled📜
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.flavor📜
Type: string
"kubernetes"
Description: Specifies whether the policies created will be standard Network Policies (flavor: kubernetes) or Cilium Network Policies (flavor: cilium)
networkPolicy.metrics.podSelector📜
Type: object
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.metrics.namespaceSelector📜
Type: object
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrs📜
Type: list
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.ingress.podSelector📜
Type: object
{}
Description: Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.ingress.namespaceSelector📜
Type: object
{}
Description: Specifies the namespaces which are allowed to access the http port
networkPolicy.alertmanager.port📜
Type: int
9093
Description: Specify the alertmanager port used for alerting
networkPolicy.alertmanager.podSelector📜
Type: object
{}
Description: Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.alertmanager.namespaceSelector📜
Type: object
{}
Description: Specifies the namespace the alertmanager is running in
networkPolicy.externalStorage.ports📜
Type: list
[]
Description: Specify the port used for external storage, e.g. AWS S3
networkPolicy.externalStorage.cidrs📜
Type: list
[]
Description: Specifies specific network CIDRs you want to limit access to
networkPolicy.discovery.port📜
Type: int
nil
Description: Specify the port used for discovery
networkPolicy.discovery.podSelector📜
Type: object
{}
Description: Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.
networkPolicy.discovery.namespaceSelector📜
Type: object
{}
Description: Specifies the namespace the discovery Pods are running in
networkPolicy.egressWorld.enabled📜
Type: bool
false
Description: Enable additional cilium egress rules to external world for write, read and backend.
networkPolicy.egressKubeApiserver.enabled📜
Type: bool
false
Description: Enable additional cilium egress rules to kube-apiserver for backend.
minio📜
Type: object
enabled: false
secrets:
accessKey: minio
name: loki-objstore-creds
secretKey: minio123
service:
nameOverride: minio.logging.svc.cluster.local
tenant:
buckets:
- name: loki
- name: loki-admin
defaultUserCredentials:
password: ''
username: minio-user
metrics:
enabled: false
memory: 128M
port: 9000
pools:
- containerSecurityContext:
capabilities:
drop:
- ALL
securityContext:
fsGroup: 1001
runAsGroup: 1001
runAsUser: 1001
servers: 1
size: 750Mi
volumesPerServer: 4
users:
- name: minio-user
Description: -----------------------------------
minio.enabled📜
Type: bool
false
Description: Enable minio instance support, must have minio-operator installed
minio.secrets📜
Type: object
accessKey: minio
name: loki-objstore-creds
secretKey: minio123
Description: Minio root credentials
minio.tenant.buckets📜
Type: list
- name: loki
- name: loki-admin
Description: Buckets to be provisioned to for tenant
minio.tenant.users📜
Type: list
- name: minio-user
Description: Users to to be provisioned to for tenant
minio.tenant.defaultUserCredentials📜
Type: object
password: ''
username: minio-user
Description: User credentials to create for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with Loki
domain📜
Type: string
"bigbang.dev"
istio.enabled📜
Type: bool
false
istio.hardened.enabled📜
Type: bool
false
istio.hardened.outboundTrafficPolicyMode📜
Type: string
"REGISTRY_ONLY"
istio.hardened.customServiceEntries📜
Type: list
[]
istio.hardened.customAuthorizationPolicies📜
Type: list
[]
istio.hardened.monitoring.enabled📜
Type: bool
true
istio.hardened.monitoring.namespaces[0]📜
Type: string
"monitoring"
istio.hardened.monitoring.principals[0]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.monitoring.principals[1]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.monitoring.principals[2]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.monitoring.principals[3]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.monitoring.principals[4]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.monitoring.principals[5]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.promtail.enabled📜
Type: bool
true
istio.hardened.promtail.namespaces[0]📜
Type: string
"promtail"
istio.hardened.promtail.principals[0]📜
Type: string
"cluster.local/ns/promtail/sa/promtail-promtail"
istio.hardened.fluentbit.enabled📜
Type: bool
true
istio.hardened.fluentbit.namespaces[0]📜
Type: string
"fluentbit"
istio.hardened.fluentbit.principals[0]📜
Type: string
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"
istio.hardened.minioOperator.enabled📜
Type: bool
true
istio.hardened.minioOperator.namespaces[0]📜
Type: string
"minio-operator"
istio.hardened.minioOperator.principals[0]📜
Type: string
"cluster.local/ns/minio-operator/sa/minio-operator"
istio.loki.enabled📜
Type: bool
false
istio.loki.annotations📜
Type: object
{}
istio.loki.labels📜
Type: object
{}
istio.loki.gateways[0]📜
Type: string
"istio-system/public"
istio.loki.hosts[0]📜
Type: string
"loki.{{ .Values.domain }}"
istio.loki.service📜
Type: string
""
istio.loki.port📜
Type: string
""
istio.loki.exposeReadyEndpoint📜
Type: bool
false
istio.mtls.mode📜
Type: string
"STRICT"
networkPolicies.enabled📜
Type: bool
false
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR to allow init job communication to the Kubernetes API. Use kubectl get endpoints kubernetes
to get the CIDR range needed for your cluster
networkPolicies.ingressLabels.app📜
Type: string
"public-ingressgateway"
networkPolicies.ingressLabels.istio📜
Type: string
"ingressgateway"
networkPolicies.additionalPolicies📜
Type: list
[]
bbtests.enabled📜
Type: bool
false
bbtests.cypress.artifacts📜
Type: bool
true
bbtests.cypress.envs.cypress_check_datasource📜
Type: string
"false"
bbtests.cypress.envs.cypress_grafana_url📜
Type: string
"http://monitoring-grafana.monitoring.svc.cluster.local"
bbtests.scripts.image📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"
bbtests.scripts.envs.LOKI_URL📜
Type: string
"http://{{ .Values.fullnameOverride }}.{{ .Release.Namespace }}.svc:3100"
bbtests.scripts.envs.LOKI_VERSION📜
Type: string
"{{ .Values.loki.image.tag }}"
sidecar.image.repository📜
Type: string
"registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar"
sidecar.image.tag📜
Type: string
"1.26.1"
sidecar.image.sha📜
Type: string
""
sidecar.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
sidecar.resources.limits.cpu📜
Type: string
"100m"
sidecar.resources.limits.memory📜
Type: string
"100Mi"
sidecar.resources.requests.cpu📜
Type: string
"100m"
sidecar.resources.requests.memory📜
Type: string
"100Mi"
sidecar.securityContext.allowPrivilegeEscalation📜
Type: bool
false
sidecar.securityContext.capabilities.drop[0]📜
Type: string
"ALL"
sidecar.securityContext.seccompProfile.type📜
Type: string
"RuntimeDefault"
sidecar.skipTlsVerify📜
Type: bool
false
Description: Set to true to skip tls verification for kube api calls.
sidecar.enableUniqueFilenames📜
Type: bool
false
Description: Ensure that rule files aren’t conflicting and being overwritten by prefixing their name with the namespace they are defined in.
sidecar.readinessProbe📜
Type: object
{}
Description: Readiness probe definition. Probe is disabled on the sidecar by default.
sidecar.livenessProbe📜
Type: object
{}
Description: Liveness probe definition. Probe is disabled on the sidecar by default.
sidecar.rules.enabled📜
Type: bool
false
Description: Whether or not to create a sidecar to ingest rule from specific ConfigMaps and/or Secrets.
sidecar.rules.label📜
Type: string
"loki_rule"
Description: Label that the configmaps/secrets with rules will be marked with.
sidecar.rules.labelValue📜
Type: string
""
Description: Label value that the configmaps/secrets with rules will be set to.
sidecar.rules.folder📜
Type: string
"/rules"
Description: Folder into which the rules will be placed.
sidecar.rules.searchNamespace📜
Type: string
nil
Description: Comma separated list of namespaces. If specified, the sidecar will search for config-maps/secrets inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It’s also possible to specify ‘ALL’ to search in all namespaces.
sidecar.rules.watchMethod📜
Type: string
"WATCH"
Description: Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH request, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
sidecar.rules.resource📜
Type: string
"both"
Description: Search in configmap, secret, or both.
sidecar.rules.script📜
Type: string
nil
Description: Absolute path to the shell script to execute after a configmap or secret has been reloaded.
sidecar.rules.watchServerTimeout📜
Type: int
60
Description: WatchServerTimeout: request to the server, asking it to cleanly close the connection after that. defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S.
sidecar.rules.watchClientTimeout📜
Type: int
60
Description: WatchClientTimeout: is a client-side timeout, configuring your local socket. If you have a network outage dropping all packets with no RST/FIN, this is how long your client waits before realizing & dropping the connection. Defaults to 66sec.
sidecar.rules.logLevel📜
Type: string
"INFO"
Description: Log level of the sidecar container.