promtail values.yaml📜
nameOverride📜
Type: string
nil
Description: Overrides the chart’s name
fullnameOverride📜
Type: string
nil
Description: Overrides the chart’s computed fullname
vpa📜
Type: object
annotations: {}
controlledResources: []
enabled: false
kind: DaemonSet
maxAllowed: {}
minAllowed: {}
updatePolicy:
updateMode: Auto
Description: config for VerticalPodAutoscaler
daemonset.enabled📜
Type: bool
true
Description: Deploys Promtail as a DaemonSet
daemonset.autoscaling.enabled📜
Type: bool
false
Description: Creates a VerticalPodAutoscaler for the daemonset
daemonset.autoscaling.controlledResources📜
Type: list
[]
Description: List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
daemonset.autoscaling.maxAllowed📜
Type: object
{}
Description: Defines the max allowed resources for the pod
daemonset.autoscaling.minAllowed📜
Type: object
{}
Description: Defines the min allowed resources for the pod
deployment.enabled📜
Type: bool
false
Description: Deploys Promtail as a Deployment
deployment.replicaCount📜
Type: int
1
deployment.autoscaling.enabled📜
Type: bool
false
Description: Creates a HorizontalPodAutoscaler for the deployment
deployment.autoscaling.minReplicas📜
Type: int
1
deployment.autoscaling.maxReplicas📜
Type: int
10
deployment.autoscaling.targetCPUUtilizationPercentage📜
Type: int
80
deployment.autoscaling.targetMemoryUtilizationPercentage📜
Type: string
nil
deployment.autoscaling.strategy📜
Type: object
type: RollingUpdate
Description: Set deployment object update strategy
secret.labels📜
Type: object
{}
Description: Labels for the Secret
secret.annotations📜
Type: object
{}
Description: Annotations for the Secret
configmap.enabled📜
Type: bool
false
Description: If enabled, promtail config will be created as a ConfigMap instead of a secret
initContainer📜
Type: list
[]
image.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry
image.repository📜
Type: string
"ironbank/opensource/grafana/promtail"
Description: Docker image repository
image.tag📜
Type: string
"v2.9.4"
Description: Overrides the image tag whose default is the chart’s appVersion
image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy
imagePullSecrets📜
Type: list
- name: private-registry
Description: Image pull secrets for Docker images
hostAliases📜
Type: list
[]
Description: hostAliases to add
hostNetwork📜
Type: string
nil
Description: Controls whether the pod has the hostNetwork flag set.
annotations📜
Type: object
{}
Description: Annotations for the DaemonSet
updateStrategy📜
Type: object
{}
Description: The update strategy for the DaemonSet
podLabels📜
Type: object
{}
Description: Pod labels
podAnnotations📜
Type: object
{}
Description: Pod annotations
priorityClassName📜
Type: string
nil
Description: The name of the PriorityClass
livenessProbe📜
Type: object
{}
Description: Liveness probe
resources📜
Type: object
limits:
cpu: 200m
memory: 128Mi
requests:
cpu: 200m
memory: 128Mi
Description: Resource requests and limits
podSecurityContext📜
Type: object
runAsGroup: 0
runAsUser: 0
Description: The security context for pods
containerSecurityContext📜
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsUser: 0
seLinuxOptions:
type: spc_t
Description: The security context for containers
rbac.create📜
Type: bool
true
Description: Specifies whether RBAC resources are to be created
rbac.pspEnabled📜
Type: bool
false
Description: Specifies whether a PodSecurityPolicy is to be created
namespace📜
Type: string
nil
Description: The name of the Namespace to deploy If not set, .Release.Namespace is used
serviceAccount.create📜
Type: bool
true
Description: Specifies whether a ServiceAccount should be created
serviceAccount.name📜
Type: string
nil
Description: The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
serviceAccount.imagePullSecrets📜
Type: list
[]
Description: Image pull secrets for the service account
serviceAccount.annotations📜
Type: object
{}
Description: Annotations for the service account
nodeSelector📜
Type: object
{}
Description: Node selector for pods
affinity📜
Type: object
{}
Description: Affinity configuration for pods
tolerations📜
Type: list
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
Description: Tolerations for pods. By default, pods will be scheduled on master/control-plane nodes.
extraVolumes[0].name📜
Type: string
"varlog"
extraVolumes[0].hostPath.path📜
Type: string
"/var/log"
extraVolumeMounts[0].name📜
Type: string
"varlog"
extraVolumeMounts[0].mountPath📜
Type: string
"/var/log"
extraVolumeMounts[0].readOnly📜
Type: bool
true
extraArgs📜
Type: list
- -config.expand-env=true
Description: - -client.external-labels=hostname=$(HOSTNAME)
extraEnv📜
Type: list
- name: NODE_HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
Description: Extra environment variables
extraEnvFrom📜
Type: list
[]
Description: Extra environment variables from secrets or configmaps
enableServiceLinks📜
Type: bool
true
Description: Configure enableServiceLinks in pod
serviceMonitor.enabled📜
Type: bool
false
Description: If enabled, ServiceMonitor resources for Prometheus Operator are created
serviceMonitor.namespace📜
Type: string
nil
Description: Alternative namespace for ServiceMonitor resources
serviceMonitor.namespaceSelector📜
Type: object
{}
Description: Namespace selector for ServiceMonitor resources
serviceMonitor.annotations📜
Type: object
{}
Description: ServiceMonitor annotations
serviceMonitor.labels📜
Type: object
{}
Description: Additional ServiceMonitor labels
serviceMonitor.interval📜
Type: string
nil
Description: ServiceMonitor scrape interval
serviceMonitor.scrapeTimeout📜
Type: string
nil
Description: ServiceMonitor scrape timeout in Go duration format (e.g. 15s)
serviceMonitor.relabelings📜
Type: list
[]
Description: ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig (defines relabel_configs)
serviceMonitor.metricRelabelings📜
Type: list
[]
Description: ServiceMonitor relabel configs to apply to samples as the last step before ingestion https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig (defines metric_relabel_configs)
serviceMonitor.targetLabels📜
Type: list
[]
Description: ServiceMonitor will add labels from the service to the Prometheus metric https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec
serviceMonitor.scheme📜
Type: string
"http"
Description: ServiceMonitor will use http by default, but you can pick https as well
serviceMonitor.tlsConfig📜
Type: string
nil
Description: ServiceMonitor will use these tlsConfig settings to make the health check requests
serviceMonitor.prometheusRule📜
Type: object
additionalLabels: {}
enabled: false
rules: []
Description: Prometheus rules will be deployed for alerting purposes
extraContainers📜
Type: object
{}
extraPorts📜
Type: object
{}
Description: Configure additional ports and services. For each configured port, a corresponding service is created. See values.yaml for details
config.enabled📜
Type: bool
true
Description: Enable Promtail config from Helm chart Set configmap.enabled: true and this to false to manage your own Promtail config See default config in values.yaml
config.logLevel📜
Type: string
"info"
Description: The log level of the Promtail server Must be reference in config.file to configure server.log_level See default config in values.yaml
config.logFormat📜
Type: string
"logfmt"
Description: The log format of the Promtail server Must be reference in config.file to configure server.log_format Valid formats: logfmt, json See default config in values.yaml
config.serverPort📜
Type: int
3101
Description: The port of the Promtail server Must be reference in config.file to configure server.http_listen_port See default config in values.yaml
config.positions📜
Type: object
filename: /run/promtail/positions.yaml
Description: Configures where Promtail will save it’s positions file, to resume reading after restarts. Must be referenced in config.file to configure positions
config.enableTracing📜
Type: bool
false
Description: The config to enable tracing
config.snippets.extraRelabelConfigs📜
Type: list
[]
Description: You can put here any additional relabel_configs to “kubernetes-pods” job
networkPolicy.enabled📜
Type: bool
false
Description: Specifies whether Network Policies should be created
networkPolicy.metrics.podSelector📜
Type: object
{}
Description: Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also neeed the namespaceSelector.
networkPolicy.metrics.namespaceSelector📜
Type: object
{}
Description: Specifies the namespaces which are allowed to access the metrics port
networkPolicy.metrics.cidrs📜
Type: list
[]
Description: Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.
networkPolicy.k8sApi.port📜
Type: int
8443
Description: Specify the k8s API endpoint port
networkPolicy.k8sApi.cidrs📜
Type: list
[]
Description: Specifies specific network CIDRs you want to limit access to
httpPathPrefix📜
Type: string
""
Description: Base path to server all API routes fro
sidecar.configReloader.enabled📜
Type: bool
false
sidecar.configReloader.image.registry📜
Type: string
"registry1.dso.mil"
Description: The Docker registry for sidecar config-reloader
sidecar.configReloader.image.repository📜
Type: string
"ironbank/opensource/jimmidyson/configmap-reload"
Description: Docker image repository for sidecar config-reloader
sidecar.configReloader.image.tag📜
Type: string
"v0.12.0"
Description: Docker image tag for sidecar config-reloader
sidecar.configReloader.image.pullPolicy📜
Type: string
"IfNotPresent"
Description: Docker image pull policy for sidecar config-reloader
sidecar.configReloader.extraArgs📜
Type: list
[]
sidecar.configReloader.extraEnv📜
Type: list
[]
Description: Extra environment variables for sidecar config-reloader
sidecar.configReloader.extraEnvFrom📜
Type: list
[]
Description: Extra environment variables from secrets or configmaps for sidecar config-reloader
sidecar.configReloader.containerSecurityContext📜
Type: object
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
Description: The security context for containers for sidecar config-reloader
sidecar.configReloader.readinessProbe📜
Type: object
{}
Description: Readiness probe for sidecar config-reloader
sidecar.configReloader.livenessProbe📜
Type: object
{}
Description: Liveness probe for sidecar config-reloader
sidecar.configReloader.resources📜
Type: object
{}
Description: Resource requests and limits for sidecar config-reloader
sidecar.configReloader.config.serverPort📜
Type: int
9533
Description: The port of the config-reloader server
sidecar.configReloader.serviceMonitor.enabled📜
Type: bool
true
extraObjects📜
Type: list
[]
Description: Extra K8s manifests to deploy
istio.enabled📜
Type: bool
false
Description: Toggle interaction with Istio
istio.hardened.enabled📜
Type: bool
false
istio.hardened.outboundTrafficPolicyMode📜
Type: string
"REGISTRY_ONLY"
istio.hardened.customServiceEntries📜
Type: list
[]
istio.hardened.customAuthorizationPolicies📜
Type: list
[]
istio.hardened.prometheus.enabled📜
Type: bool
true
istio.hardened.prometheus.namespaces[0]📜
Type: string
"monitoring"
istio.hardened.prometheus.principals[0]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.prometheus.principals[1]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.prometheus.principals[2]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.prometheus.principals[3]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.prometheus.principals[4]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.prometheus.principals[5]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.mtls.mode📜
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic PERMISSIVE = Allow both plain text and mutual TLS traffic
networkPolicies.enabled📜
Type: bool
false
Description: Toggle networkPolicies
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR, defaults to 0.0.0.0/0, use kubectl get endpoints -n default kubernetes to get the CIDR range needed for your cluster Must be an IP CIDR range (x.x.x.x/x - ideally with /32 for the specific IP of a single endpoint, broader range for multiple masters/endpoints) Used by package NetworkPolicies to allow Kube API access
networkPolicies.additionalPolicies📜
Type: list
[]
openshift📜
Type: bool
false
Description: Toggle or openshift specific config
loki📜
Type: object
enabled: false
Description: Toggle Loki network policy enabling