diff --git a/kubernetes/apps/monitoring/loki/config-map.yaml b/kubernetes/apps/monitoring/loki/config-map.yaml index 22a9462f..7aab8298 100644 --- a/kubernetes/apps/monitoring/loki/config-map.yaml +++ b/kubernetes/apps/monitoring/loki/config-map.yaml @@ -4,33 +4,42 @@ metadata: name: loki-config namespace: monitoring data: - loki-config.yaml: |- - + loki.yaml: |- auth_enabled: false - server: http_listen_port: 3100 - ingester: lifecycler: address: 127.0.0.1 ring: - store: inmemory + kvstore: + store: inmemory replication_factor: 1 - + chunk_idle_period: 3m + chunk_retain_period: 1m + max_transfer_retries: 0 schema_config: configs: - - from: 0 - store: boltdb - object_store: filesystem - schema: v9 - index: - prefix: index_ - period: 168h - + - from: 2020-01-01 + store: boltdb-shipper + object_store: filesystem + schema: v11 + index: + prefix: index_ + period: 24h storage_config: - boltdb: - directory: /tmp/loki/index - + boltdb_shipper: + active_index_directory: /loki/index + cache_location: /loki/boltdb-cache + shared_store: filesystem filesystem: - directory: /tmp/loki/chunks + directory: /loki/chunks + limits_config: + enforce_metric_name: false + reject_old_samples: true + reject_old_samples_max_age: 168h + chunk_store_config: + max_look_back_period: 0s + table_manager: + retention_deletes_enabled: true + retention_period: 168h # Retain logs for 7 days diff --git a/kubernetes/apps/monitoring/loki/deployment.yaml b/kubernetes/apps/monitoring/loki/deployment.yaml index 09273778..ebfe7674 100644 --- a/kubernetes/apps/monitoring/loki/deployment.yaml +++ b/kubernetes/apps/monitoring/loki/deployment.yaml @@ -3,38 +3,32 @@ kind: Deployment metadata: name: loki namespace: monitoring - labels: - app: loki - group: grafana spec: replicas: 1 selector: matchLabels: app: loki - group: grafana template: metadata: labels: app: loki - group: grafana spec: - serviceAccountName: loki containers: - name: loki - image: grafana/loki:master - imagePullPolicy: Always - args: ["-config.file=/etc/loki/loki-config.yaml"] - resources: - requests: - memory: "64Mi" - cpu: "10m" - limits: - memory: "128Mi" - cpu: "500m" + image: grafana/loki:latest + args: + - -config.file=/etc/loki/loki.yaml volumeMounts: - - name: loki-config - mountPath: /etc/loki/ + - name: config-volume + mountPath: /etc/loki + readOnly: true + - name: loki-storage + mountPath: /loki + ports: + - containerPort: 3100 volumes: - - name: loki-config + - name: config-volume configMap: name: loki-config + - name: loki-storage + emptyDir: {} diff --git a/kubernetes/apps/monitoring/loki/service-account.yaml b/kubernetes/apps/monitoring/loki/service-account.yaml deleted file mode 100644 index c0775274..00000000 --- a/kubernetes/apps/monitoring/loki/service-account.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: loki - namespace: monitoring - labels: - app: loki - group: grafana \ No newline at end of file diff --git a/kubernetes/apps/monitoring/loki/service.yaml b/kubernetes/apps/monitoring/loki/service.yaml index 97ab7b14..23ee4ba5 100644 --- a/kubernetes/apps/monitoring/loki/service.yaml +++ b/kubernetes/apps/monitoring/loki/service.yaml @@ -3,15 +3,12 @@ kind: Service metadata: name: loki-svc namespace: monitoring - labels: - app: loki - group: grafana spec: - type: NodePort - ports: - - port: 3100 - targetPort: 3100 - protocol: TCP + type: LoadBalancer selector: app: loki - group: grafana + ports: + - name: http + protocol: TCP + port: 3100 + targetPort: 3100 diff --git a/kubernetes/apps/monitoring/promtail/cluster-role-binding.yaml b/kubernetes/apps/monitoring/promtail/cluster-role-binding.yaml index f2d66930..5c7b0041 100644 --- a/kubernetes/apps/monitoring/promtail/cluster-role-binding.yaml +++ b/kubernetes/apps/monitoring/promtail/cluster-role-binding.yaml @@ -2,14 +2,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: promtail - labels: - app: promtail - group: grafana +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: promtail subjects: - kind: ServiceAccount name: promtail namespace: monitoring -roleRef: - kind: ClusterRole - name: promtail - apiGroup: rbac.authorization.k8s.io diff --git a/kubernetes/apps/monitoring/promtail/cluster-role.yaml b/kubernetes/apps/monitoring/promtail/cluster-role.yaml index 7f7988d8..012c39ed 100644 --- a/kubernetes/apps/monitoring/promtail/cluster-role.yaml +++ b/kubernetes/apps/monitoring/promtail/cluster-role.yaml @@ -1,16 +1,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - labels: - app: promtail - group: grafana name: promtail rules: - apiGroups: [""] - resources: - - nodes - - nodes/proxy - - services - - endpoints - - pods - verbs: ["get", "watch", "list"] + resources: ["pods", "nodes", "endpoints"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] diff --git a/kubernetes/apps/monitoring/promtail/config-map.yaml b/kubernetes/apps/monitoring/promtail/config-map.yaml index cc234197..59c11996 100644 --- a/kubernetes/apps/monitoring/promtail/config-map.yaml +++ b/kubernetes/apps/monitoring/promtail/config-map.yaml @@ -4,81 +4,48 @@ metadata: name: promtail-config namespace: monitoring data: - promtail-config.yaml: |- + promtail.yaml: |- server: - http_listen_port: 0 + http_listen_port: 9080 grpc_listen_port: 0 - positions: filename: /tmp/positions.yaml - - client: - url: http://loki:3100/api/prom/push - + clients: + - url: http://loki:3100/loki/api/v1/push scrape_configs: - job_name: kubernetes-pods kubernetes_sd_configs: - - role: pod + - role: pod + pipeline_stages: + - cri: {} relabel_configs: - - source_labels: - - __meta_kubernetes_pod_node_name - target_label: __host__ - - action: drop - regex: ^$ - source_labels: - - __meta_kubernetes_pod_label_name - - action: replace - replacement: $1 - separator: / - source_labels: - - __meta_kubernetes_namespace - - __meta_kubernetes_pod_label_name - target_label: job - - action: replace - source_labels: - - __meta_kubernetes_namespace - target_label: namespace - - action: replace - source_labels: - - __meta_kubernetes_pod_name - target_label: instance - - replacement: /var/log/pods/$1 - separator: / - source_labels: - - __meta_kubernetes_pod_uid - - __meta_kubernetes_pod_container_name - target_label: __path__ - - job_name: kubernetes-pods-app + - source_labels: [__meta_kubernetes_pod_label_name] + target_label: job + - job_name: kubernetes-nodes kubernetes_sd_configs: - - role: pod + - role: node + pipeline_stages: + - cri: {} relabel_configs: - - source_labels: - - __meta_kubernetes_pod_node_name - target_label: __host__ - - action: drop - regex: ^$ - source_labels: - - __meta_kubernetes_pod_label_app - - action: replace - replacement: $1 - separator: / - source_labels: - - __meta_kubernetes_namespace - - __meta_kubernetes_pod_label_app - target_label: job - - action: replace - source_labels: - - __meta_kubernetes_namespace - target_label: namespace - - action: replace - source_labels: - - __meta_kubernetes_pod_name - target_label: instance - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - replacement: /var/log/pods/$1 - separator: / - source_labels: - - __meta_kubernetes_pod_uid - - __meta_kubernetes_pod_container_name - target_label: __path__ + - source_labels: [__meta_kubernetes_node_name] + target_label: node + - job_name: kubernetes-apiservers + kubernetes_sd_configs: + - role: endpoints + relabel_configs: + - source_labels: [__meta_kubernetes_service_name] + action: keep + regex: kubernetes + - job_name: kubernetes-kubelet + kubernetes_sd_configs: + - role: node + relabel_configs: + - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname] + target_label: instance + static_configs: + - targets: + - localhost:10250 # Kubelet API + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecure_skip_verify: true diff --git a/kubernetes/apps/monitoring/promtail/deployment.yaml b/kubernetes/apps/monitoring/promtail/deployment.yaml index 799d1a75..7281c15f 100644 --- a/kubernetes/apps/monitoring/promtail/deployment.yaml +++ b/kubernetes/apps/monitoring/promtail/deployment.yaml @@ -3,46 +3,27 @@ kind: Deployment metadata: name: promtail namespace: monitoring - labels: - app: promtail - group: grafana spec: replicas: 1 selector: matchLabels: app: promtail - group: grafana template: metadata: labels: app: promtail - group: grafana spec: + serviceAccountName: promtail # Ensure the service account has appropriate permissions containers: - name: promtail - image: grafana/promtail:make-images-static-26a87c9 - imagePullPolicy: Always - args: ["-config.file=/etc/promtail/promtail-config.yaml"] + image: grafana/promtail:latest + args: + - -config.file=/etc/promtail/promtail.yaml volumeMounts: - - name: promtail-config - mountPath: /etc/promtail/ - - name: varlog - mountPath: /var/log - - name: varlibdockercontainers - mountPath: /var/lib/docker/containers + - name: config-volume + mountPath: /etc/promtail readOnly: true - env: - - name: HOSTNAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName volumes: - - name: promtail-config + - name: config-volume configMap: name: promtail-config - - name: varlog - hostPath: - path: /var/log - - name: varlibdockercontainers - hostPath: - path: /var/lib/docker/containers diff --git a/kubernetes/apps/monitoring/promtail/service-account.yaml b/kubernetes/apps/monitoring/promtail/service-account.yaml index 73428eb6..bc9834ec 100644 --- a/kubernetes/apps/monitoring/promtail/service-account.yaml +++ b/kubernetes/apps/monitoring/promtail/service-account.yaml @@ -3,6 +3,3 @@ kind: ServiceAccount metadata: name: promtail namespace: monitoring - labels: - app: promtail - group: grafana