alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Activity
Files
e60c6bf240ea838898a1743ac442a240d1765220
infrastructure/clusters/cl01tl/manifests/loki/StatefulSet-loki.yaml

212 lines
6.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki
namespace: loki
labels:
helm.sh/chart: loki-13.5.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.7.1"
app.kubernetes.io/component: single-binary
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-headless
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/component: single-binary
template:
metadata:
annotations:
checksum/config: 19e0049d8578b5fadd19fbcef19075cf8df1c30f6a3e6fc48aeeeaae41e30e27
storage/size: 150Gi
kubectl.kubernetes.io/default-container: "loki"
labels:
helm.sh/chart: loki-13.5.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki
app.kubernetes.io/version: "3.7.1"
app.kubernetes.io/component: single-binary
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki
enableServiceLinks: true
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
seccompProfile:
type: RuntimeDefault
terminationGracePeriodSeconds: 30
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: single-binary
app.kubernetes.io/instance: 'loki'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: temp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: sc-rules-volume
emptyDir: {}
- name: sc-rules-temp
emptyDir: {}
containers:
- name: loki
image: docker.io/grafana/loki:3.7.1
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -config.expand-env=true
- -target=all
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
env:
- name: GOGC
value: "80"
- name: HASH_RING_INSTANCE_ADDR
valueFrom:
fieldRef:
fieldPath: status.podIP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
livenessProbe:
failureThreshold: 10
httpGet:
path: /loki/api/v1/status/buildinfo
port: http-metrics
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: storage
mountPath: /var/loki
- name: temp
mountPath: /tmp
- name: sc-rules-volume
mountPath: "/rules"
resources:
requests:
cpu: 100m
memory: 800Mi
- name: loki-sc-rules
image: docker.io/kiwigrid/k8s-sidecar:2.7.1
imagePullPolicy: IfNotPresent
ports:
- name: http-sidecar
containerPort: 8080
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: http-sidecar
initialDelaySeconds: 30
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: http-sidecar
initialDelaySeconds: 3
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
env:
- name: METHOD
value: WATCH
- name: LABEL
value: "loki_rule"
- name: FOLDER
value: "/rules"
- name: RESOURCE
value: "both"
- name: WATCH_SERVER_TIMEOUT
value: "60"
- name: WATCH_CLIENT_TIMEOUT
value: "60"
- name: LOG_LEVEL
value: "INFO"
- name: HEALTH_PORT
value: "8080"
volumeMounts:
- name: sc-rules-temp
mountPath: /tmp
- name: sc-rules-volume
mountPath: "/rules"
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: storage
spec:
accessModes:
- ReadWriteOnce
storageClassName: synology-iscsi-delete
resources:
requests:
storage: "150Gi"
Reference in New Issue View Git Blame Copy Permalink