diff --git a/clusters/cl01tl/manifests/loki/ClusterRole-loki-alloy.yaml b/clusters/cl01tl/manifests/loki/ClusterRole-loki-alloy.yaml new file mode 100644 index 000000000..c48e5637c --- /dev/null +++ b/clusters/cl01tl/manifests/loki/ClusterRole-loki-alloy.yaml @@ -0,0 +1,112 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: loki-alloy + labels: + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + app.kubernetes.io/version: "v1.12.1" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac +rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get diff --git a/clusters/cl01tl/manifests/loki/ClusterRole-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/ClusterRole-loki-promtail.yaml deleted file mode 100644 index 69bec6688..000000000 --- a/clusters/cl01tl/manifests/loki/ClusterRole-loki-promtail.yaml +++ /dev/null @@ -1,23 +0,0 @@ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: loki-promtail - labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" - app.kubernetes.io/managed-by: Helm -rules: - - apiGroups: - - "" - resources: - - nodes - - nodes/proxy - - services - - endpoints - - pods - verbs: - - get - - watch - - list diff --git a/clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-alloy.yaml similarity index 54% rename from clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-promtail.yaml rename to clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-alloy.yaml index a95510342..5c7be85f9 100644 --- a/clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-promtail.yaml +++ b/clusters/cl01tl/manifests/loki/ClusterRoleBinding-loki-alloy.yaml @@ -1,18 +1,20 @@ -kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding metadata: - name: loki-promtail + name: loki-alloy labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" + app.kubernetes.io/version: "v1.12.1" app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: loki-alloy subjects: - kind: ServiceAccount - name: loki-promtail + name: loki-alloy namespace: loki -roleRef: - kind: ClusterRole - name: loki-promtail - apiGroup: rbac.authorization.k8s.io diff --git a/clusters/cl01tl/manifests/loki/ConfigMap-loki-alloy.yaml b/clusters/cl01tl/manifests/loki/ConfigMap-loki-alloy.yaml new file mode 100644 index 000000000..d076d6833 --- /dev/null +++ b/clusters/cl01tl/manifests/loki/ConfigMap-loki-alloy.yaml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: loki-alloy + namespace: loki + labels: + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + app.kubernetes.io/version: "v1.12.1" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/clusters/cl01tl/manifests/loki/CustomResourceDefinition-podlogs.monitoring.grafana.com.yaml b/clusters/cl01tl/manifests/loki/CustomResourceDefinition-podlogs.monitoring.grafana.com.yaml new file mode 100644 index 000000000..d51b52803 --- /dev/null +++ b/clusters/cl01tl/manifests/loki/CustomResourceDefinition-podlogs.monitoring.grafana.com.yaml @@ -0,0 +1,155 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + name: podlogs.monitoring.grafana.com +spec: + group: monitoring.grafana.com + names: + categories: + - grafana-alloy + - alloy + kind: PodLogs + listKind: PodLogsList + plural: podlogs + singular: podlogs + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: PodLogs defines how to collect logs for a Pod. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PodLogsSpec defines how to collect logs for a Pod. + properties: + namespaceSelector: + description: Selector to select which namespaces the Pod objects are discovered from. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + relabelings: + description: RelabelConfigs to apply to logs before delivering. + items: + description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Selector to select Pod objects. Required. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - selector + type: object + type: object + served: true + storage: true diff --git a/clusters/cl01tl/manifests/loki/DaemonSet-loki-alloy.yaml b/clusters/cl01tl/manifests/loki/DaemonSet-loki-alloy.yaml new file mode 100644 index 000000000..a83b65d74 --- /dev/null +++ b/clusters/cl01tl/manifests/loki/DaemonSet-loki-alloy.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: loki-alloy + namespace: loki + labels: + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + app.kubernetes.io/version: "v1.12.1" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy +spec: + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + spec: + serviceAccountName: loki-alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.12.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + args: + - --watched-dir=/etc/alloy + - --reload-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 10m + memory: 50Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: loki-alloy diff --git a/clusters/cl01tl/manifests/loki/DaemonSet-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/DaemonSet-loki-promtail.yaml deleted file mode 100644 index e5e1778fb..000000000 --- a/clusters/cl01tl/manifests/loki/DaemonSet-loki-promtail.yaml +++ /dev/null @@ -1,92 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: loki-promtail - namespace: loki - labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" - app.kubernetes.io/managed-by: Helm -spec: - selector: - matchLabels: - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - updateStrategy: {} - template: - metadata: - labels: - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - annotations: - checksum/config: c63810d2a03283062a5987b913985abc93a7e5cb90fde608a9f3ef77cb4e3412 - spec: - serviceAccountName: loki-promtail - automountServiceAccountToken: true - enableServiceLinks: true - securityContext: - runAsGroup: 0 - runAsUser: 0 - containers: - - name: promtail - image: "docker.io/grafana/promtail:3.5.1" - imagePullPolicy: IfNotPresent - args: - - "-config.file=/etc/promtail/promtail.yaml" - volumeMounts: - - name: config - mountPath: /etc/promtail - - mountPath: /run/promtail - name: run - - mountPath: /var/lib/docker/containers - name: containers - readOnly: true - - mountPath: /var/log/pods - name: pods - readOnly: true - env: - - name: HOSTNAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - ports: - - name: http-metrics - containerPort: 3101 - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - readinessProbe: - failureThreshold: 5 - httpGet: - path: '/ready' - port: http-metrics - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: config - secret: - secretName: loki-promtail - - hostPath: - path: /run/promtail - name: run - - hostPath: - path: /var/lib/docker/containers - name: containers - - hostPath: - path: /var/log/pods - name: pods diff --git a/clusters/cl01tl/manifests/loki/Secret-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/Secret-loki-promtail.yaml deleted file mode 100644 index ea951c3bf..000000000 --- a/clusters/cl01tl/manifests/loki/Secret-loki-promtail.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: loki-promtail - namespace: loki - labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" - app.kubernetes.io/managed-by: Helm -stringData: - promtail.yaml: "server:\n log_level: info\n log_format: logfmt\n http_listen_port: 3101\n \n\nclients:\n - tenant_id: 1\n url: http://loki-gateway.loki.svc.cluster.local:80/loki/api/v1/push\n\npositions:\n filename: /run/promtail/positions.yaml\n\nscrape_configs:\n # See also https://github.com/grafana/loki/blob/master/production/ksonnet/promtail/scrape_config.libsonnet for reference\n - job_name: kubernetes-pods\n pipeline_stages:\n - cri: {}\n kubernetes_sd_configs:\n - role: pod\n relabel_configs:\n - source_labels:\n - __meta_kubernetes_pod_controller_name\n regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?\n action: replace\n target_label: __tmp_controller_name\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_name\n - __meta_kubernetes_pod_label_app\n - __tmp_controller_name\n - __meta_kubernetes_pod_name\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: app\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_instance\n - __meta_kubernetes_pod_label_instance\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: instance\n - source_labels:\n - __meta_kubernetes_pod_label_app_kubernetes_io_component\n - __meta_kubernetes_pod_label_component\n regex: ^;*([^;]+)(;.*)?$\n action: replace\n target_label: component\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_node_name\n target_label: node_name\n - action: replace\n source_labels:\n - __meta_kubernetes_namespace\n target_label: namespace\n - action: replace\n replacement: $1\n separator: /\n source_labels:\n - namespace\n - app\n target_label: job\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_name\n target_label: pod\n - action: replace\n source_labels:\n - __meta_kubernetes_pod_container_name\n target_label: container\n - action: replace\n replacement: /var/log/pods/*$1/*.log\n separator: /\n source_labels:\n - __meta_kubernetes_pod_uid\n - __meta_kubernetes_pod_container_name\n target_label: __path__\n - action: replace\n regex: true/(.*)\n replacement: /var/log/pods/*$1/*.log\n separator: /\n source_labels:\n - __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash\n - __meta_kubernetes_pod_annotation_kubernetes_io_config_hash\n - __meta_kubernetes_pod_container_name\n target_label: __path__\n \n \n\nlimits_config:\n \n\ntracing:\n enabled: false\n" diff --git a/clusters/cl01tl/manifests/loki/Service-loki-alloy.yaml b/clusters/cl01tl/manifests/loki/Service-loki-alloy.yaml new file mode 100644 index 000000000..12da58d5e --- /dev/null +++ b/clusters/cl01tl/manifests/loki/Service-loki-alloy.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: loki-alloy + namespace: loki + labels: + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + app.kubernetes.io/version: "v1.12.1" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/clusters/cl01tl/manifests/loki/Service-loki-promtail-metrics.yaml b/clusters/cl01tl/manifests/loki/Service-loki-promtail-metrics.yaml deleted file mode 100644 index 1fee016fa..000000000 --- a/clusters/cl01tl/manifests/loki/Service-loki-promtail-metrics.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: loki-promtail-metrics - namespace: loki - labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" - app.kubernetes.io/managed-by: Helm - promtail: 3.0.0 -spec: - clusterIP: None - ports: - - name: http-metrics - port: 3101 - targetPort: http-metrics - protocol: TCP - selector: - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki diff --git a/clusters/cl01tl/manifests/loki/ServiceAccount-loki-alloy.yaml b/clusters/cl01tl/manifests/loki/ServiceAccount-loki-alloy.yaml new file mode 100644 index 000000000..be3056f12 --- /dev/null +++ b/clusters/cl01tl/manifests/loki/ServiceAccount-loki-alloy.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: loki-alloy + namespace: loki + labels: + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki + app.kubernetes.io/version: "v1.12.1" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac diff --git a/clusters/cl01tl/manifests/loki/ServiceAccount-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/ServiceAccount-loki-promtail.yaml deleted file mode 100644 index a12322998..000000000 --- a/clusters/cl01tl/manifests/loki/ServiceAccount-loki-promtail.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: loki-promtail - namespace: loki - labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" - app.kubernetes.io/managed-by: Helm -automountServiceAccountToken: true diff --git a/clusters/cl01tl/manifests/loki/ServiceMonitor-loki-promtail.yaml b/clusters/cl01tl/manifests/loki/ServiceMonitor-loki-alloy.yaml similarity index 50% rename from clusters/cl01tl/manifests/loki/ServiceMonitor-loki-promtail.yaml rename to clusters/cl01tl/manifests/loki/ServiceMonitor-loki-alloy.yaml index f00e3b4dc..1f1365c2f 100644 --- a/clusters/cl01tl/manifests/loki/ServiceMonitor-loki-promtail.yaml +++ b/clusters/cl01tl/manifests/loki/ServiceMonitor-loki-alloy.yaml @@ -1,18 +1,22 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: loki-promtail + name: loki-alloy + namespace: loki labels: - helm.sh/chart: promtail-6.17.1 - app.kubernetes.io/name: promtail + helm.sh/chart: alloy-1.5.1 + app.kubernetes.io/name: alloy app.kubernetes.io/instance: loki - app.kubernetes.io/version: "3.5.1" + app.kubernetes.io/version: "v1.12.1" app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: metrics spec: - selector: - matchLabels: - app.kubernetes.io/name: promtail - app.kubernetes.io/instance: loki endpoints: - port: http-metrics scheme: http + honorLabels: true + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: loki