Merge branch 'master' into debug-helm

mraboosk · Apr 28, 2019 · bf8ae27 · bf8ae27
2 parents 2f9aa5b + 2b5943d
commit bf8ae27
Show file tree

Hide file tree

Showing 8 changed files with 80 additions and 6 deletions.
diff --git a/production/helm/README.md b/production/helm/README.md
@@ -57,6 +57,44 @@ $ kubectl port-forward --namespace <YOUR-NAMESPACE> service/loki-grafana 3000:80
 Navigate to http://localhost:3000 and login with `admin` and the password output above.
 Then follow the [instructions for adding the loki datasource](/docs/usage.md), using the URL `http://loki:3100/`.
 
+## Run Loki behind https ingress
+
+If Loki and Promtail are deployed on different clusters you can add an Ingress in front of Loki.
+By adding a certificate you create an https endpoint. For extra security enable basic authentication on the Ingress.
+
+In promtail set the following values to communicate with https and basic auth
+
+```
+loki:
+  serviceScheme: https
+  user: user
+  password: pass
+```
+
+Sample helm template for ingress:
+```
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+annotations:
+    kubernetes.io/ingress.class: {{ .Values.ingress.class }}
+    ingress.kubernetes.io/auth-type: "basic"
+    ingress.kubernetes.io/auth-secret: {{ .Values.ingress.basic.secret }}
+name: loki
+spec:
+rules:
+- host: {{ .Values.ingress.host }}
+    http:
+    paths:
+    - backend:
+        serviceName: loki
+        servicePort: 3100
+tls:
+- secretName: {{ .Values.ingress.cert }}
+    hosts:
+    - {{ .Values.ingress.host }}
+```
+
 ## How to contribute
 
 If you want to add any feature to helm chart, you can follow as below:
@@ -73,4 +111,3 @@ For example, if you update the loki chart, you need to bump the version as follo
 ```bash
 $ # update version loki/Chart.yaml
 $ # update version loki-stack/Chart.yaml
-```
diff --git a/production/helm/loki-stack/Chart.yaml b/production/helm/loki-stack/Chart.yaml
@@ -1,5 +1,5 @@
 name: loki-stack
-version: 0.7.0
+version: 0.7.1
 appVersion: 0.0.1
 kubeVersion: "^1.10.0-0"
 description: "Loki: like Prometheus, but for logs."

diff --git a/production/helm/loki/Chart.yaml b/production/helm/loki/Chart.yaml
@@ -1,5 +1,5 @@
 name: loki
-version: 0.7.0
+version: 0.7.1
 appVersion: 0.0.1
 kubeVersion: "^1.10.0-0"
 description: "Loki: like Prometheus, but for logs."

diff --git a/production/helm/loki/templates/deployment.yaml b/production/helm/loki/templates/deployment.yaml
@@ -27,6 +27,9 @@ spec:
         app: {{ template "loki.name" . }}
         name: {{ template "loki.name" . }}
         release: {{ .Release.Name }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}  
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
         {{- with .Values.podAnnotations }}
@@ -45,6 +48,9 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           args:
             - "-config.file=/etc/loki/loki.yaml"
+          {{- range $key, $value := .Values.extraArgs }}
+            - "-{{ $key }}={{ $value }}"
+          {{- end }}            
           volumeMounts:
             - name: config
               mountPath: /etc/loki
@@ -63,6 +69,9 @@ spec:
             {{- toYaml .Values.resources | nindent 12 }}
           securityContext:
             readOnlyRootFilesystem: true
+          env:
+            - name: JAEGER_AGENT_HOST
+              value: "{{ .Values.tracing.jaegerAgentHost }}"
       nodeSelector:
         {{- toYaml .Values.nodeSelector | nindent 8 }}
       affinity:

diff --git a/production/helm/loki/values.yaml b/production/helm/loki/values.yaml
@@ -14,8 +14,13 @@ affinity: {}
 ## Deployment annotations
 annotations: {}
 
+# enable tracing for debug, need install jaeger and specify right jaeger_agent_host
+tracing:
+  jaegerAgentHost:
+
 config:
   auth_enabled: false
+
   ingester:
     chunk_idle_period: 15m
     lifecycler:
@@ -58,6 +63,10 @@ image:
   tag: latest
   pullPolicy: Always # Always pull while in BETA
 
+## Additional Loki container arguments, e.g. log level (debug, info, warn, error) 
+extraArgs: {}
+  # log.level: debug
+
 livenessProbe:
   httpGet:
     path: /ready
@@ -87,6 +96,9 @@ persistence:
   # subPath: ""
   # existingClaim:
 
+## Pod Labels
+podLabels: {}
+
 ## Pod Annotations
 podAnnotations: {}
 #  prometheus.io/scrape: "true"
@@ -123,7 +135,7 @@ securityContext:
 
 service:
   type: ClusterIP
-  nodePort: 
+  nodePort:
   port: 3100
   annotations: {}
   labels: {}

diff --git a/production/helm/promtail/Chart.yaml b/production/helm/promtail/Chart.yaml
@@ -1,5 +1,5 @@
 name: promtail
-version: 0.6.2
+version: 0.6.3
 appVersion: 0.0.1
 kubeVersion: "^1.10.0-0"
 description: "Responsible for gathering logs and sending them to Loki"

diff --git a/production/helm/promtail/templates/daemonset.yaml b/production/helm/promtail/templates/daemonset.yaml
@@ -24,6 +24,9 @@ spec:
       labels:
         app: {{ template "promtail.name" . }}
         release: {{ .Release.Name }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}          
       annotations:
         {{ toYaml .Values.podAnnotations | nindent 8 }}
     spec:
@@ -37,7 +40,11 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           args:
             - "-config.file=/etc/promtail/promtail.yaml"
-            - "-client.url=http://{{ include "loki.serviceName" . }}:{{ .Values.loki.servicePort }}/api/prom/push"
+            {{- if and .Values.loki.user .Values.loki.password }}
+            - "-client.url={{ .Values.loki.serviceScheme }}://{{ .Values.loki.user }}:{{ .Values.loki.password }}@{{ include "loki.serviceName" . }}:{{ .Values.loki.servicePort }}/api/prom/push"
+            {{- else }}
+            - "-client.url={{ .Values.loki.serviceScheme }}://{{ include "loki.serviceName" . }}:{{ .Values.loki.servicePort }}/api/prom/push"
+            {{- end }}
           volumeMounts:
             - name: config
               mountPath: /etc/promtail

diff --git a/production/helm/promtail/values.yaml b/production/helm/promtail/values.yaml
@@ -18,13 +18,19 @@ livenessProbe: {}
 loki:
   serviceName: "" # Defaults to "${RELEASE}-loki" if not set
   servicePort: 3100
+  serviceScheme: http
+  # user: user
+  # password: pass
 
 nameOverride: promtail
 
 ## Node labels for pod assignment
 ## ref: https://kubernetes.io/docs/user-guide/node-selection/
 nodeSelector: {}
 
+## Pod Labels
+podLabels: {}
+
 podAnnotations: {}
 #  prometheus.io/scrape: "true"
 #  prometheus.io/port: "http-metrics"
@@ -114,6 +120,9 @@ config:
     http_listen_port: 3101
   positions:
     filename: /run/promtail/positions.yaml
+  target_config:
+    # Period to resync directories being watched and files being tailed
+    sync_period: 10s
   scrape_configs:
   - entry_parser: '{{ .Values.entryParser }}'
     job_name: kubernetes-pods-name