Merge changes I1ba3967a,Id55095c3
* changes:
Describe infrastructure dependencies
Use object store to store chunks created by Loki
diff --git a/README.md b/README.md
index 25566c7..241f29d 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,8 @@
## Dependencies
+### Software
+
- Gerrit \
Gerrit requires the following plugin to be installed:
- [metrics-reporter-prometheus](https://gerrit.googlesource.com/plugins/metrics-reporter-prometheus/)
@@ -43,6 +45,20 @@
yq is a commandline processor for yaml-files. Installation instructions can be
found [here](https://mikefarah.gitbook.io/yq/).
+### Infrastructure
+
+- Kubernetes Cluster \
+A cluster with at least 3 free CPUs and 4 GB of free memory are required. In
+addition persistent storage of about 30 GB will be used.
+
+- Ingress Controller \
+The charts currently expect a Nginx ingress controller to be installed in the
+cluster.
+
+- Object store \
+Loki will store the data chunks in an object store. This store has to be callable
+via the S3 API.
+
## Add dashboards
To have dashboards deployed automatically during installation, export the dashboards
@@ -78,6 +94,12 @@
| `loki.host` | Loki ingress hostname |
| `loki.username` | Username for Loki |
| `loki.password` | Password for Loki |
+| `loki.s3.protocol` | Protocol used for communicating with S3 |
+| `loki.s3.host` | Hostname of the S3 object store |
+| `loki.s3.accessToken` | The EC2 accessToken used for authentication with S3 |
+| `loki.s3.secret` | The secret associated with the accessToken |
+| `loki.s3.bucket` | The name of the S3 bucket |
+| `loki.s3.region` | The region in which the S3 bucket is hosted |
| `loki.tls.cert` | TLS certificate |
| `loki.tls.key` | TLS key |
| `grafana.host` | Grafana ingress hostname |
diff --git a/charts/loki/loki.yaml b/charts/loki/loki.yaml
index e29b8e9..f3f63c5 100644
--- a/charts/loki/loki.yaml
+++ b/charts/loki/loki.yaml
@@ -73,7 +73,7 @@
configs:
- from: 2018-04-15
store: boltdb
- object_store: filesystem
+ object_store: s3
schema: v9
index:
prefix: index_
@@ -86,8 +86,9 @@
storage_config:
boltdb:
directory: /data/loki/index
- filesystem:
- directory: /data/loki/chunks
+ aws:
+ s3: #@ "{}://{}:{}@{}/{}".format(data.values.loki.s3.protocol, data.values.loki.s3.accessToken, data.values.loki.s3.secret, data.values.loki.s3.host, data.values.loki.s3.bucket)
+ s3forcepathstyle: true
chunk_store_config:
max_look_back_period: 0
table_manager:
@@ -240,4 +241,6 @@
# targetPort: http
# Extra env variables to pass to the loki container
-env: []
+env:
+- name: AWS_REGION
+ value: #@ data.values.loki.s3.region
diff --git a/config.yaml b/config.yaml
index 5f1c301..c7b9840 100644
--- a/config.yaml
+++ b/config.yaml
@@ -25,6 +25,13 @@
host: loki.example.com
username:
password:
+ s3:
+ protocol: https
+ host: s3.eu-de-1.example.com
+ accessToken: abcd
+ secret: "1234"
+ bucket: bucket
+ region: eu-de-1
tls:
cert:
key:
diff --git a/documentation/config-management.md b/documentation/config-management.md
index 037f9af..4a6c5e8 100644
--- a/documentation/config-management.md
+++ b/documentation/config-management.md
@@ -48,7 +48,7 @@
sops \
--encrypt \
--in-place \
- --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert)$' \
+ --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert|secret|accessToken)$' \
--pgp \
`gpg --fingerprint "$EMAIL" | \
grep pub -A 1 | \
diff --git a/encrypt.sh b/encrypt.sh
index 6b0172b..1ae94e4 100755
--- a/encrypt.sh
+++ b/encrypt.sh
@@ -53,6 +53,6 @@
sops \
--encrypt \
--in-place \
- --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert)$' \
+ --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert|secret|accessToken)$' \
--pgp $FINGERPRINT \
$CONFIG
