logs/loki/loki.yaml

---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: loki
  namespace: logs
spec:
  interval: 15m
  chart:
    spec:
      # renovate: registryUrl=https://grafana.github.io/helm-charts
      chart: loki
      version: 5.5.0
      sourceRef:
        kind: HelmRepository
        name: grafana-charts
        namespace: flux-system
  maxHistory: 3
  install:
    createNamespace: true
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
  uninstall:
    keepHistory: false
  values:
    loki:
      structuredConfig:
        auth_enabled: false

        server:
          log_level: info
          http_listen_port: 3100
          grpc_listen_port: 9095

        memberlist:
          join_members: ["loki-memberlist"]

        limits_config:
          retention_period: 60d
          enforce_metric_name: false
          reject_old_samples: true
          reject_old_samples_max_age: 168h
          max_cache_freshness_per_query: 10m
          split_queries_by_interval: 15m
          ingestion_rate_mb: 50
          ingestion_burst_size_mb: 1000
          per_stream_rate_limit: 5MB
          per_stream_rate_limit_burst: 20MB

          shard_streams:
            enabled: true

        schema_config:
          configs:
            - from: "2022-01-11"
              store: boltdb-shipper
              object_store: s3
              schema: v12
              index:
                prefix: loki_index_
                period: 24h

        common:
          path_prefix: /var/loki
          replication_factor: 3
          storage:
            s3:
              s3: null
              insecure: true
              s3forcepathstyle: true
          ring:
            kvstore:
              store: memberlist

        ruler:
          enable_api: true
          enable_alertmanager_v2: true
          alertmanager_url: http://kube-prometheus-stack-alertmanager:9093
          storage:
            type: local
            local:
              directory: /rules
          rule_path: /tmp/scratch
          ring:
            kvstore:
              store: memberlist

        distributor:
          ring:
            kvstore:
              store: memberlist

        compactor:
          working_directory: /var/loki/boltdb-shipper-compactor
          shared_store: s3
          compaction_interval: 10m
          retention_enabled: true
          retention_delete_delay: 2h
          retention_delete_worker_count: 150

        ingester:
          max_chunk_age: 1h
          lifecycler:
            ring:
              kvstore:
                store: memberlist

        analytics:
          reporting_enabled: false

    gateway:
      enabled: true
      replicas: 3
      affinity: |
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 1
              podAffinityTerm:
                labelSelector:
                  matchLabels:
                    {{- include "loki.gatewaySelectorLabels" . | nindent 12 }}
                topologyKey: kubernetes.io/hostname
      ingress:
        enabled: true
        ingressClassName: "nginx"
        hosts:
          - host: "loki.eviljungle.com"
            paths:
              - path: /
                pathType: Prefix
        tls:
          - hosts:
              - "loki.eviljungle.com"

    write:
      replicas: 3
      affinity: |
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 1
              podAffinityTerm:
                labelSelector:
                  matchLabels:
                    {{- include "loki.writeSelectorLabels" . | nindent 12 }}
                topologyKey: kubernetes.io/hostname
      persistence:
        size: 10Gi
        storageClass: rook-ceph-block
      tolerations:
      - key: "arm"
        operator: "Exists"

    read:
      replicas: 3
      affinity: |
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 1
              podAffinityTerm:
                labelSelector:
                  matchLabels:
                    {{- include "loki.readSelectorLabels" . | nindent 12 }}
                topologyKey: kubernetes.io/hostname
      persistence:
        size: 10Gi
        storageClass: rook-ceph-block
      extraVolumeMounts:
        - name: rules
          mountPath: /rules
      extraVolumes:
        - name: rules
          emptyDir: {}
      tolerations:
      - key: "arm"
        operator: "Exists"

    backend:
      replicas: 3
      persistence:
        storageClass: rook-ceph-block
      extraVolumeMounts:
        - name: rules
          mountPath: /rules/fake
        - name: scratch
          mountPath: /tmp/scratch
      extraVolumes:
        - name: rules
          # emptyDir: {}
          configMap:
            name: loki-alerting-rules
        - name: scratch
          emptyDir: {}

    monitoring:
      dashboards:
        enabled: true
        annotations:
          kustomize.toolkit.fluxcd.io/substitute: disabled
          grafana_folder: Loki
        labels:
          grafana_dashboard: "true"
      rules:
        enabled: false
      serviceMonitor:
        enabled: true
      selfMonitoring:
        enabled: false
        lokiCanary:
          enabled: false
        grafanaAgent:
          installOperator: false
    test:
      enabled: false

  valuesFrom:
  - targetPath: loki.structuredConfig.common.storage.s3.bucketnames
    kind: ConfigMap
    name: loki-bucket
    valuesKey: BUCKET_NAME
  - targetPath: loki.structuredConfig.common.storage.s3.endpoint
    kind: ConfigMap
    name: loki-bucket
    valuesKey: BUCKET_HOST
  - targetPath: loki.structuredConfig.common.storage.s3.access_key_id
    kind: Secret
    name: loki-bucket
    valuesKey: AWS_ACCESS_KEY_ID
  - targetPath: loki.structuredConfig.common.storage.s3.secret_access_key
    kind: Secret
    name: loki-bucket
    valuesKey: AWS_SECRET_ACCESS_KEY