Use object store to store chunks created by Loki
The chunks created by Loki were stored in a persistent volume. This
does not scale well, since volumes cannot easily be resized in
Kubernetes. Also, at least the ext4-filesystem had issues, when large
numbers of logs were saved. These issues are due to the dir_index as
discussed in [1].
An object store provides a more scalable and cheaper solution. Loki
supports S3 as an object storage and also other object stores that
understand the S3 API like Ceph or OpenStack Swift.
[1] https://github.com/grafana/loki/issues/1502
Change-Id: Id55095c3b6659f40708712c1a494753dbcab7686
diff --git a/README.md b/README.md
index 25566c7..0dd14e9 100644
--- a/README.md
+++ b/README.md
@@ -78,6 +78,12 @@
| `loki.host` | Loki ingress hostname |
| `loki.username` | Username for Loki |
| `loki.password` | Password for Loki |
+| `loki.s3.protocol` | Protocol used for communicating with S3 |
+| `loki.s3.host` | Hostname of the S3 object store |
+| `loki.s3.accessToken` | The EC2 accessToken used for authentication with S3 |
+| `loki.s3.secret` | The secret associated with the accessToken |
+| `loki.s3.bucket` | The name of the S3 bucket |
+| `loki.s3.region` | The region in which the S3 bucket is hosted |
| `loki.tls.cert` | TLS certificate |
| `loki.tls.key` | TLS key |
| `grafana.host` | Grafana ingress hostname |
diff --git a/charts/loki/loki.yaml b/charts/loki/loki.yaml
index e29b8e9..f3f63c5 100644
--- a/charts/loki/loki.yaml
+++ b/charts/loki/loki.yaml
@@ -73,7 +73,7 @@
configs:
- from: 2018-04-15
store: boltdb
- object_store: filesystem
+ object_store: s3
schema: v9
index:
prefix: index_
@@ -86,8 +86,9 @@
storage_config:
boltdb:
directory: /data/loki/index
- filesystem:
- directory: /data/loki/chunks
+ aws:
+ s3: #@ "{}://{}:{}@{}/{}".format(data.values.loki.s3.protocol, data.values.loki.s3.accessToken, data.values.loki.s3.secret, data.values.loki.s3.host, data.values.loki.s3.bucket)
+ s3forcepathstyle: true
chunk_store_config:
max_look_back_period: 0
table_manager:
@@ -240,4 +241,6 @@
# targetPort: http
# Extra env variables to pass to the loki container
-env: []
+env:
+- name: AWS_REGION
+ value: #@ data.values.loki.s3.region
diff --git a/config.yaml b/config.yaml
index 5f1c301..c7b9840 100644
--- a/config.yaml
+++ b/config.yaml
@@ -25,6 +25,13 @@
host: loki.example.com
username:
password:
+ s3:
+ protocol: https
+ host: s3.eu-de-1.example.com
+ accessToken: abcd
+ secret: "1234"
+ bucket: bucket
+ region: eu-de-1
tls:
cert:
key:
diff --git a/documentation/config-management.md b/documentation/config-management.md
index 037f9af..4a6c5e8 100644
--- a/documentation/config-management.md
+++ b/documentation/config-management.md
@@ -48,7 +48,7 @@
sops \
--encrypt \
--in-place \
- --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert)$' \
+ --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert|secret|accessToken)$' \
--pgp \
`gpg --fingerprint "$EMAIL" | \
grep pub -A 1 | \
diff --git a/encrypt.sh b/encrypt.sh
index 6b0172b..1ae94e4 100755
--- a/encrypt.sh
+++ b/encrypt.sh
@@ -53,6 +53,6 @@
sops \
--encrypt \
--in-place \
- --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert)$' \
+ --encrypted-regex '(password|htpasswd|cert|key|apiUrl|caCert|secret|accessToken)$' \
--pgp $FINGERPRINT \
$CONFIG