alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Activity

chore: Update manifests after change

Browse Source
This commit is contained in:
gitea-bot
2025-12-28 00:25:52 +00:00
parent b803b67ec6
commit 7f071fee31
13 changed files with 447 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
clusters/cl01tl/manifests/loki/ClusterRole-loki-alloy.yaml Normal file
View File

@@ -0,0 +1,112 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: loki-alloy
labels:
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: rbac
rules:
- apiGroups:
- ""
- discovery.k8s.io
- networking.k8s.io
resources:
- endpoints
- endpointslices
- ingresses
- pods
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- pods/log
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.grafana.com
resources:
- podlogs
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- prometheusrules
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- alertmanagerconfigs
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- podmonitors
- servicemonitors
- probes
- scrapeconfigs
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- apps
- extensions
resources:
- replicasets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
verbs:
- get
- list
- watch
- nonResourceURLs:
- /metrics
verbs:
- get

23
clusters/cl01tl/manifests/loki/ClusterRole-loki-promtail.yaml
View File

@@ -1,23 +0,0 @@
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: loki-promtail
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs:
- get
- watch
- list

22
clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-promtail.yaml → clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-alloy.yaml
View File

@@ -1,18 +1,20 @@
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: loki-promtail
name: loki-alloy
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: rbac
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: loki-alloy
subjects:
- kind: ServiceAccount
name: loki-promtail
name: loki-alloy
namespace: loki
roleRef:
kind: ClusterRole
name: loki-promtail
apiGroup: rbac.authorization.k8s.io

43
clusters/cl01tl/manifests/loki/ConfigMap-loki-alloy.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: loki-alloy
namespace: loki
labels:
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: config
data:
config.alloy: |-
logging {
level = "info"
format = "logfmt"
}
discovery.kubernetes "pods" {
role = "pod"
}
discovery.kubernetes "nodes" {
role = "node"
}
discovery.kubernetes "services" {
role = "service"
}
discovery.kubernetes "endpoints" {
role = "endpoints"
}
discovery.kubernetes "endpointslices" {
role = "endpointslice"
}
discovery.kubernetes "ingresses" {
role = "ingress"
}

155
clusters/cl01tl/manifests/loki/CustomResourceDefinition-podlogs.monitoring.grafana.com.yaml Normal file
View File

@@ -0,0 +1,155 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
name: podlogs.monitoring.grafana.com
spec:
group: monitoring.grafana.com
names:
categories:
- grafana-alloy
- alloy
kind: PodLogs
listKind: PodLogsList
plural: podlogs
singular: podlogs
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: PodLogs defines how to collect logs for a Pod.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: PodLogsSpec defines how to collect logs for a Pod.
properties:
namespaceSelector:
description: Selector to select which namespaces the Pod objects are discovered from.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
relabelings:
description: RelabelConfigs to apply to logs before delivering.
items:
description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
properties:
action:
default: replace
description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
type: string
modulus:
description: Modulus to take of the hash of the source label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted value is matched. Default is '(.*)'
type: string
replacement:
description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
type: string
separator:
description: Separator placed between concatenated source label values. default is ';'.
type: string
sourceLabels:
description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
items:
description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
type: string
type: object
type: array
selector:
description: Selector to select Pod objects. Required.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
required:
- selector
type: object
type: object
served: true
storage: true

75
clusters/cl01tl/manifests/loki/DaemonSet-loki-alloy.yaml Normal file
View File

@@ -0,0 +1,75 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-alloy
namespace: loki
labels:
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
spec:
minReadySeconds: 10
selector:
matchLabels:
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: alloy
labels:
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
spec:
serviceAccountName: loki-alloy
containers:
- name: alloy
image: docker.io/grafana/alloy:v1.12.1
imagePullPolicy: IfNotPresent
args:
- run
- /etc/alloy/config.alloy
- --storage.path=/tmp/alloy
- --server.http.listen-addr=0.0.0.0:12345
- --server.http.ui-path-prefix=/
- --stability.level=generally-available
env:
- name: ALLOY_DEPLOY_MODE
value: "helm"
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
ports:
- containerPort: 12345
name: http-metrics
readinessProbe:
httpGet:
path: /-/ready
port: 12345
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/alloy
- name: config-reloader
image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0
args:
- --watched-dir=/etc/alloy
- --reload-url=http://localhost:12345/-/reload
volumeMounts:
- name: config
mountPath: /etc/alloy
resources:
requests:
cpu: 10m
memory: 50Mi
dnsPolicy: ClusterFirst
volumes:
- name: config
configMap:
name: loki-alloy

92
clusters/cl01tl/manifests/loki/DaemonSet-loki-promtail.yaml
View File

@@ -1,92 +0,0 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-promtail
namespace: loki
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
updateStrategy: {}
template:
metadata:
labels:
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
annotations:
checksum/config: c63810d2a03283062a5987b913985abc93a7e5cb90fde608a9f3ef77cb4e3412
spec:
serviceAccountName: loki-promtail
automountServiceAccountToken: true
enableServiceLinks: true
securityContext:
runAsGroup: 0
runAsUser: 0
containers:
- name: promtail
image: "docker.io/grafana/promtail:3.5.1"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: config
mountPath: /etc/promtail
- mountPath: /run/promtail
name: run
- mountPath: /var/lib/docker/containers
name: containers
readOnly: true
- mountPath: /var/log/pods
name: pods
readOnly: true
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
ports:
- name: http-metrics
containerPort: 3101
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 5
httpGet:
path: '/ready'
port: http-metrics
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
volumes:
- name: config
secret:
secretName: loki-promtail
- hostPath:
path: /run/promtail
name: run
- hostPath:
path: /var/lib/docker/containers
name: containers
- hostPath:
path: /var/log/pods
name: pods

13
clusters/cl01tl/manifests/loki/Secret-loki-promtail.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: loki-promtail
namespace: loki
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/managed-by: Helm
stringData:
promtail.yaml: "server:\n log_level: info\n log_format: logfmt\n http_listen_port: 3101\n \n\nclients:\n - tenant_id: 1\n url: http://loki-gateway.loki.svc.cluster.local:80/loki/api/v1/push\n\npositions:\n filename: /run/promtail/positions.yaml\n\nscrape_configs:\n # See also https://github.com/grafana/loki/blob/master/production/ksonnet/promtail/scrape_config.libsonnet for reference\n - job_name: kubernetes-pods\n pipeline_stages:\n - cri: {}\n kubernetes_sd_configs:\n - role: pod\n relabel_configs:\n - source_labels:\n - __meta_kubernetes_pod_controller_name\n regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?\n action: replace\n target_label: __tmp_controller_name\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_name\n - __meta_kubernetes_pod_label_app\n - __tmp_controller_name\n - __meta_kubernetes_pod_name\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: app\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_instance\n - __meta_kubernetes_pod_label_instance\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: instance\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_component\n - __meta_kubernetes_pod_label_component\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: component\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_node_name\n target_label: node_name\n - action: replace\n source_labels:\n - __meta_kubernetes_namespace\n target_label: namespace\n - action: replace\n replacement: $1\n separator: /\n source_labels:\n - namespace\n - app\n target_label: job\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_name\n target_label: pod\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_container_name\n target_label: container\n - action: replace\n replacement: /var/log/pods/*$1/*.log\n separator: /\n source_labels:\n - __meta_kubernetes_pod_uid\n - __meta_kubernetes_pod_container_name\n target_label: __path__\n - action: replace\n regex: true/(.*)\n replacement: /var/log/pods/*$1/*.log\n separator: /\n source_labels:\n - __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash\n - __meta_kubernetes_pod_annotation_kubernetes_io_config_hash\n - __meta_kubernetes_pod_container_name\n target_label: __path__\n \n \n\nlimits_config:\n \n\ntracing:\n enabled: false\n"

24
clusters/cl01tl/manifests/loki/Service-loki-alloy.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
name: loki-alloy
namespace: loki
labels:
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: networking
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
internalTrafficPolicy: Cluster
ports:
- name: http-metrics
port: 12345
targetPort: 12345
protocol: "TCP"

22
clusters/cl01tl/manifests/loki/Service-loki-promtail-metrics.yaml
View File

@@ -1,22 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: loki-promtail-metrics
namespace: loki
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/managed-by: Helm
promtail: 3.0.0
spec:
clusterIP: None
ports:
- name: http-metrics
port: 3101
targetPort: http-metrics
protocol: TCP
selector:
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki

14
clusters/cl01tl/manifests/loki/ServiceAccount-loki-alloy.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: loki-alloy
namespace: loki
labels:
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: rbac

12
clusters/cl01tl/manifests/loki/ServiceAccount-loki-promtail.yaml
View File

@@ -1,12 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: loki-promtail
namespace: loki
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/managed-by: Helm
automountServiceAccountToken: true

20
clusters/cl01tl/manifests/loki/ServiceMonitor-loki-promtail.yaml → clusters/cl01tl/manifests/loki/ServiceMonitor-loki-alloy.yaml
View File

@@ -1,18 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: loki-promtail
name: loki-alloy
namespace: loki
labels:
helm.sh/chart: promtail-6.17.1
app.kubernetes.io/name: promtail
helm.sh/chart: alloy-1.5.1
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.5.1"
app.kubernetes.io/version: "v1.12.1"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: alloy
app.kubernetes.io/component: metrics
spec:
selector:
matchLabels:
app.kubernetes.io/name: promtail
app.kubernetes.io/instance: loki
endpoints:
- port: http-metrics
scheme: http
honorLabels: true
selector:
matchLabels:
app.kubernetes.io/name: alloy
app.kubernetes.io/instance: loki