manifests

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2024 License: AGPL-3.0 Imports: 38 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// EnvRelatedImageLoki is the environment variable to fetch the Loki image pullspec.
	EnvRelatedImageLoki = "RELATED_IMAGE_LOKI"
	// EnvRelatedImageGateway is the environment variable to fetch the Gateway image pullspec.
	EnvRelatedImageGateway = "RELATED_IMAGE_GATEWAY"

	// DefaultContainerImage declares the default fallback for loki image.
	DefaultContainerImage = "docker.io/grafana/loki:3.2.1"

	// DefaultLokiStackGatewayImage declares the default image for lokiStack-gateway.
	DefaultLokiStackGatewayImage = "quay.io/observatorium/api:latest"

	// PrometheusCAFile declares the path for prometheus CA file for service monitors.
	PrometheusCAFile string = "/etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt"
	// BearerTokenFile declares the path for bearer token file for service monitors.
	BearerTokenFile string = "/var/run/secrets/kubernetes.io/serviceaccount/token"

	// AnnotationCertRotationRequiredAt stores the point in time the last cert rotation happened
	AnnotationCertRotationRequiredAt string = "loki.grafana.com/certRotationRequiredAt"
	// AnnotationLokiConfigHash stores the last SHA1 hash of the loki configuration
	AnnotationLokiConfigHash string = "loki.grafana.com/config-hash"
	// AnnotationLokiObjectStoreHash stores the last SHA1 hash of the loki object storage credetials.
	AnnotationLokiObjectStoreHash string = "loki.grafana.com/object-store-hash"
	// AnnotationLokiTokenCCOAuthHash stores the SHA1 hash of the secret generated by the Cloud Credential Operator.
	AnnotationLokiTokenCCOAuthHash string = "loki.grafana.com/token-cco-auth-hash"

	// LabelCompactorComponent is the label value for the compactor component
	LabelCompactorComponent string = "compactor"
	// LabelDistributorComponent is the label value for the distributor component
	LabelDistributorComponent string = "distributor"
	// LabelIngesterComponent is the label value for the ingester component
	LabelIngesterComponent string = "ingester"
	// LabelQuerierComponent is the label value for the querier component
	LabelQuerierComponent string = "querier"
	// LabelQueryFrontendComponent is the label value for the query frontend component
	LabelQueryFrontendComponent string = "query-frontend"
	// LabelIndexGatewayComponent is the label value for the lokiStack-index-gateway component
	LabelIndexGatewayComponent string = "index-gateway"
	// LabelRulerComponent is the label value for the lokiStack-ruler component
	LabelRulerComponent string = "ruler"
	// LabelGatewayComponent is the label value for the lokiStack-gateway component
	LabelGatewayComponent string = "lokistack-gateway"
)
View Source 
const MaxConfigMapDataSizeBytes = (1 * 1024 * 1024) - 50_000

MaxConfigMapDataSizeBytes is the maximum data size in bytes that a single ConfigMap may contain. This is lower than 1MB in order to reserve space for metadata

Variables

This section is empty.

Functions

func ApplyDefaultSettings 

func ApplyDefaultSettings(opts *Options) error

ApplyDefaultSettings manipulates the options to conform to build specifications

func ApplyGatewayDefaultOptions 

func ApplyGatewayDefaultOptions(opts *Options) error

ApplyGatewayDefaultOptions applies defaults on the LokiStackSpec depending on selected tenant mode. Currently nothing is applied for modes static and dynamic. For modes openshift-logging and openshift-network the tenant spec is filled with defaults for authentication and authorization.

func ApplyTLSSettings 

func ApplyTLSSettings(opts *Options, profile *openshiftconfigv1.TLSSecurityProfile) error

ApplyTLSSettings manipulates the options to conform to the TLS profile specifications

func BuildAll 

func BuildAll(opts Options) ([]client.Object, error)

BuildAll builds all manifests required to run a Loki Stack

func BuildCompactor 

func BuildCompactor(opts Options) ([]client.Object, error)

BuildCompactor builds the k8s objects required to run Loki Compactor.

func BuildDistributor 

func BuildDistributor(opts Options) ([]client.Object, error)

BuildDistributor returns a list of k8s objects for Loki Distributor

func BuildGateway 

func BuildGateway(opts Options) ([]client.Object, error)

BuildGateway returns a list of k8s objects for Loki Stack Gateway

func BuildIndexGateway 

func BuildIndexGateway(opts Options) ([]client.Object, error)

BuildIndexGateway returns a list of k8s objects for Loki IndexGateway

func BuildIngester 

func BuildIngester(opts Options) ([]client.Object, error)

BuildIngester builds the k8s objects required to run Loki Ingester

func BuildLokiGossipRingService 

func BuildLokiGossipRingService(stackName string) *corev1.Service

BuildLokiGossipRingService creates a k8s service for the gossip/memberlist members of the cluster

func BuildPrometheusRule 

func BuildPrometheusRule(opts Options) ([]client.Object, error)

BuildPrometheusRule returns a list of k8s objects for Loki PrometheusRule

func BuildQuerier 

func BuildQuerier(opts Options) ([]client.Object, error)

BuildQuerier returns a list of k8s objects for Loki Querier

func BuildQueryFrontend 

func BuildQueryFrontend(opts Options) ([]client.Object, error)

BuildQueryFrontend returns a list of k8s objects for Loki QueryFrontend

func BuildRuler 

func BuildRuler(opts Options) ([]client.Object, error)

BuildRuler returns a list of k8s objects for Loki Stack Ruler

func BuildServiceAccount added in v0.6.0 

func BuildServiceAccount(opts Options) client.Object

BuildServiceAccount returns a k8s object for the LokiStack serviceaccount.

func BuildServiceMonitors 

func BuildServiceMonitors(opts Options) []client.Object

BuildServiceMonitors builds the service monitors

func CompactorName 

func CompactorName(stackName string) string

CompactorName is the name of the compactor statefulset

func ComponentLabels 

func ComponentLabels(component, stackName string) labels.Set

ComponentLabels is a list of all commonLabels including the app.kubernetes.io/component:<component> label

func ConfigOptions 

func ConfigOptions(opt Options) config.Options

ConfigOptions converts Options to config.Options

func ConfigureOptionsForMode 

func ConfigureOptionsForMode(cfg *config.Options, opt Options) error

ConfigureOptionsForMode applies configuration depending on the mode type.

func DefaultLokiStackSpec 

func DefaultLokiStackSpec(size lokiv1.LokiStackSizeType) *lokiv1.LokiStackSpec

DefaultLokiStackSpec returns the default configuration for a LokiStack of the specified size

func DistributorName 

func DistributorName(stackName string) string

DistributorName is the name of the distributor deployment

func GatewayName 

func GatewayName(stackName string) string

GatewayName is the name of the lokiStack-gateway statefulset

func GossipLabels 

func GossipLabels() map[string]string

GossipLabels is the list of labels that should be assigned to components using the gossip ring

func IndexGatewayName 

func IndexGatewayName(stackName string) string

IndexGatewayName is the name of the index-gateway statefulset

func IngesterName 

func IngesterName(stackName string) string

IngesterName is the name of the compactor statefulset

func LokiConfigMap 

func LokiConfigMap(opt Options) (*corev1.ConfigMap, string, error)

LokiConfigMap creates the single configmap containing the loki configuration for the whole cluster

func MutateFuncFor 

func MutateFuncFor(existing, desired client.Object, depAnnotations map[string]string) controllerutil.MutateFn

MutateFuncFor returns a mutate function based on the existing resource's concrete type. It currently supports the following types and will return an error for other types:

  • ConfigMap
  • Secret
  • Service
  • ServiceAccount
  • ClusterRole
  • ClusterRoleBinding
  • Role
  • RoleBinding
  • Deployment
  • StatefulSet
  • ServiceMonitor
  • Ingress
  • Route
  • PrometheusRule
  • PodDisruptionBudget

func NewCompactorGRPCService 

func NewCompactorGRPCService(opts Options) *corev1.Service

NewCompactorGRPCService creates a k8s service for the compactor GRPC endpoint

func NewCompactorHTTPService 

func NewCompactorHTTPService(opts Options) *corev1.Service

NewCompactorHTTPService creates a k8s service for the ingester HTTP endpoint

func NewCompactorServiceMonitor 

func NewCompactorServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewCompactorServiceMonitor creates a k8s service monitor for the compactor component

func NewCompactorStatefulSet 

func NewCompactorStatefulSet(opts Options) *appsv1.StatefulSet

NewCompactorStatefulSet creates a statefulset object for a compactor.

func NewDistributorDeployment 

func NewDistributorDeployment(opts Options) *appsv1.Deployment

NewDistributorDeployment creates a deployment object for a distributor

func NewDistributorGRPCService 

func NewDistributorGRPCService(opts Options) *corev1.Service

NewDistributorGRPCService creates a k8s service for the distributor GRPC endpoint

func NewDistributorHTTPService 

func NewDistributorHTTPService(opts Options) *corev1.Service

NewDistributorHTTPService creates a k8s service for the distributor HTTP endpoint

func NewDistributorServiceMonitor 

func NewDistributorServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewDistributorServiceMonitor creates a k8s service monitor for the distributor component

func NewGatewayDeployment 

func NewGatewayDeployment(opts Options, sha1C string) *appsv1.Deployment

NewGatewayDeployment creates a deployment object for a lokiStack-gateway

func NewGatewayHTTPService 

func NewGatewayHTTPService(opts Options) *corev1.Service

NewGatewayHTTPService creates a k8s service for the lokistack-gateway HTTP endpoint

func NewGatewayIngress 

func NewGatewayIngress(opts Options) (*networkingv1.Ingress, error)

NewGatewayIngress creates a k8s Ingress object for accessing the lokistack-gateway from public.

func NewGatewayPodDisruptionBudget 

func NewGatewayPodDisruptionBudget(opts Options) *policyv1.PodDisruptionBudget

NewGatewayPodDisruptionBudget returns a PodDisruptionBudget for the LokiStack Gateway pods.

func NewGatewayServiceMonitor 

func NewGatewayServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewGatewayServiceMonitor creates a k8s service monitor for the lokistack-gateway component

func NewIndexGatewayGRPCService 

func NewIndexGatewayGRPCService(opts Options) *corev1.Service

NewIndexGatewayGRPCService creates a k8s service for the index-gateway GRPC endpoint

func NewIndexGatewayHTTPService 

func NewIndexGatewayHTTPService(opts Options) *corev1.Service

NewIndexGatewayHTTPService creates a k8s service for the index-gateway HTTP endpoint

func NewIndexGatewayPodDisruptionBudget 

func NewIndexGatewayPodDisruptionBudget(opts Options) *policyv1.PodDisruptionBudget

NewIndexGatewayPodDisruptionBudget returns a PodDisruptionBudget for the LokiStack index-gateway pods.

func NewIndexGatewayServiceMonitor 

func NewIndexGatewayServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewIndexGatewayServiceMonitor creates a k8s service monitor for the index-gateway component

func NewIndexGatewayStatefulSet 

func NewIndexGatewayStatefulSet(opts Options) *appsv1.StatefulSet

NewIndexGatewayStatefulSet creates a statefulset object for an index-gateway

func NewIngesterGRPCService 

func NewIngesterGRPCService(opts Options) *corev1.Service

NewIngesterGRPCService creates a k8s service for the ingester GRPC endpoint

func NewIngesterHTTPService 

func NewIngesterHTTPService(opts Options) *corev1.Service

NewIngesterHTTPService creates a k8s service for the ingester HTTP endpoint

func NewIngesterServiceMonitor 

func NewIngesterServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewIngesterServiceMonitor creates a k8s service monitor for the ingester component

func NewIngesterStatefulSet 

func NewIngesterStatefulSet(opts Options) *appsv1.StatefulSet

NewIngesterStatefulSet creates a deployment object for an ingester

func NewPrometheusRule 

func NewPrometheusRule(opts Options) (*monitoringv1.PrometheusRule, error)

NewPrometheusRule creates a prometheus rule

func NewQuerierDeployment 

func NewQuerierDeployment(opts Options) *appsv1.Deployment

NewQuerierDeployment creates a deployment object for a querier

func NewQuerierGRPCService 

func NewQuerierGRPCService(opts Options) *corev1.Service

NewQuerierGRPCService creates a k8s service for the querier GRPC endpoint

func NewQuerierHTTPService 

func NewQuerierHTTPService(opts Options) *corev1.Service

NewQuerierHTTPService creates a k8s service for the querier HTTP endpoint

func NewQuerierPodDisruptionBudget 

func NewQuerierPodDisruptionBudget(opts Options) *policyv1.PodDisruptionBudget

NewQuerierPodDisruptionBudget returns a PodDisruptionBudget for the LokiStack querier pods.

func NewQuerierServiceMonitor 

func NewQuerierServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewQuerierServiceMonitor creates a k8s service monitor for the querier component

func NewQueryFrontendDeployment 

func NewQueryFrontendDeployment(opts Options) *appsv1.Deployment

NewQueryFrontendDeployment creates a deployment object for a query-frontend

func NewQueryFrontendGRPCService 

func NewQueryFrontendGRPCService(opts Options) *corev1.Service

NewQueryFrontendGRPCService creates a k8s service for the query-frontend GRPC endpoint

func NewQueryFrontendHTTPService 

func NewQueryFrontendHTTPService(opts Options) *corev1.Service

NewQueryFrontendHTTPService creates a k8s service for the query-frontend HTTP endpoint

func NewQueryFrontendPodDisruptionBudget 

func NewQueryFrontendPodDisruptionBudget(opts Options) *policyv1.PodDisruptionBudget

NewQueryFrontendPodDisruptionBudget returns a PodDisruptionBudget for the LokiStack query-frontend pods.

func NewQueryFrontendServiceMonitor 

func NewQueryFrontendServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewQueryFrontendServiceMonitor creates a k8s service monitor for the query-frontend component

func NewRulerGRPCService 

func NewRulerGRPCService(opts Options) *corev1.Service

NewRulerGRPCService creates a k8s service for the ruler GRPC endpoint

func NewRulerHTTPService 

func NewRulerHTTPService(opts Options) *corev1.Service

NewRulerHTTPService creates a k8s service for the ruler HTTP endpoint

func NewRulerPodDisruptionBudget 

func NewRulerPodDisruptionBudget(opts Options) *policyv1.PodDisruptionBudget

NewRulerPodDisruptionBudget returns a PodDisruptionBudget for the LokiStack ruler pods.

func NewRulerServiceMonitor 

func NewRulerServiceMonitor(opts Options) *monitoringv1.ServiceMonitor

NewRulerServiceMonitor creates a k8s service monitor for the ruler component

func NewRulerStatefulSet 

func NewRulerStatefulSet(opts Options) *appsv1.StatefulSet

NewRulerStatefulSet creates a StatefulSet object for a ruler

func NewServiceAccount 

func NewServiceAccount(opts Options) client.Object

NewServiceAccount returns a k8s object for the LokiStack Gateway serviceaccount.

func NewServiceAccountTokenSecret 

func NewServiceAccountTokenSecret(opts Options) client.Object

NewServiceAccountTokenSecret returns a k8s object for the LokiStack Gateway secret. This secret represents the ServiceAccountToken.

func PrometheusRuleName 

func PrometheusRuleName(stackName string) string

PrometheusRuleName is the name of the loki-prometheus-rule

func QuerierName 

func QuerierName(stackName string) string

QuerierName is the name of the querier deployment

func QueryFrontendName 

func QueryFrontendName(stackName string) string

QueryFrontendName is the name of the query-frontend statefulset

func RulerName 

func RulerName(stackName string) string

RulerName is the name of the ruler statefulset

func RulesConfigMapName 

func RulesConfigMapName(stackName string) string

RulesConfigMapName is the name of the alerting/recording rules configmap

func RulesConfigMapShards 

func RulesConfigMapShards(opts *Options) ([]*corev1.ConfigMap, error)

RulesConfigMapShards returns a ConfigMap resource that contains all loki alerting and recording rules as YAML data. If the size of the data is more than 1MB, the ConfigMap will be split into multiple shards, and this function will return the list of shards

func RulesStorageVolumeName 

func RulesStorageVolumeName() string

RulesStorageVolumeName is the name of the rules volume

func TenantCAPath 

func TenantCAPath(tennantName, key string) string

Types

type GatewayTimeoutConfig 

type GatewayTimeoutConfig struct {
	ReadTimeout          time.Duration
	WriteTimeout         time.Duration
	UpstreamWriteTimeout time.Duration
}

GatewayTimeoutConfig contains the http server configuration options for all Loki components.

type MTLSSecret 

type MTLSSecret struct {
	CAPath string
}

type OIDCSecret 

type OIDCSecret struct {
	ClientID     string
	ClientSecret string
	IssuerCAPath string
}

type Options 

type Options struct {
	Name                   string
	Namespace              string
	Image                  string
	GatewayImage           string
	GatewayBaseDomain      string
	ConfigSHA1             string
	CertRotationRequiredAt string

	Gates                configv1.FeatureGates
	Stack                lokiv1.LokiStackSpec
	ResourceRequirements internal.ComponentResources

	AlertingRules       []lokiv1.AlertingRule
	RecordingRules      []lokiv1.RecordingRule
	RulesConfigMapNames []string
	Ruler               Ruler

	ObjectStorage storage.Options

	OpenShiftOptions openshift.Options

	Timeouts TimeoutConfig

	Tenants Tenants

	TLSProfile TLSProfileSpec
}

Options is a set of configuration values to use when building manifests such as resource sizes, etc. Most of this should be provided - either directly or indirectly - by the user.

func (Options) TLSCipherSuites 

func (o Options) TLSCipherSuites() string

TLSCipherSuites transforms TLSProfileSpec.Ciphers from a slice to a string of elements joined with a comma.

type RuleName 

type RuleName struct {
	// contains filtered or unexported fields
}

type Ruler 

type Ruler struct {
	Spec   *lokiv1.RulerConfigSpec
	Secret *RulerSecret
}

Ruler configuration for manifests generation.

type RulerSecret 

type RulerSecret struct {
	// Username for basic authentication only.
	Username string
	// Password for basic authentication only.
	Password string
	// BearerToken contains the token used for bearer authentication.
	BearerToken string
}

RulerSecret defines the ruler secret for remote write client auth

type ShardedConfigMap 

type ShardedConfigMap struct {
	// contains filtered or unexported fields
}

ShardedConfigMap is the configmap data that is sharded across multiple configmaps in case MaxConfigMapDataSizeBytes is exceeded

func NewShardedConfigMap 

func NewShardedConfigMap(template *corev1.ConfigMap, namePrefix string) *ShardedConfigMap

NewShardedConfigMap takes a corev1.ConfigMap as template and a name prefix and returns a new ShardedConfigMap.

func (*ShardedConfigMap) Shard 

func (cm *ShardedConfigMap) Shard(opts *Options) []*corev1.ConfigMap

type TLSProfileSpec 

type TLSProfileSpec struct {
	// Ciphers is used to specify the cipher algorithms that are negotiated
	// during the TLS handshake.
	Ciphers []string
	// MinTLSVersion is used to specify the minimal version of the TLS protocol
	// that is negotiated during the TLS handshake.
	MinTLSVersion string
}

TLSProfileSpec is the desired behavior of a TLSProfileType.

type TenantConfig 

type TenantConfig struct {
	OIDC      *TenantOIDCSpec
	OPA       *TenantOPASpec
	OpenShift *TenantOpenShiftSpec
	RuleFiles []string
}

TenantConfig for tenant authorizationconfig

type TenantOIDCSpec 

type TenantOIDCSpec struct{}

TenantOIDCSpec stub config for OIDC configuration options (e.g. used in static or dynamic mode)

type TenantOPASpec 

type TenantOPASpec struct{}

TenantOPASpec stub config for OPA configuration options (e.g. used in dynamic mode)

type TenantOpenShiftSpec 

type TenantOpenShiftSpec struct {
	CookieSecret string
}

TenantOpenShiftSpec config for OpenShift authentication options (e.g. used in openshift-logging mode)

type TenantSecrets 

type TenantSecrets struct {
	TenantName string
	OIDCSecret *OIDCSecret
	MTLSSecret *MTLSSecret
}

TenantSecrets for tenant's authentication.

type Tenants 

type Tenants struct {
	Secrets []*TenantSecrets
	Configs map[string]TenantConfig
}

Tenants contains the configuration per tenant and secrets for authn/authz. Secrets are required only for modes static and dynamic to reconcile the OIDC provider. Configs are required only for all modes to reconcile rules and gateway configuration.

type TimeoutConfig 

type TimeoutConfig struct {
	Loki    config.HTTPTimeoutConfig
	Gateway GatewayTimeoutConfig
}

TimeoutConfig contains the server configuration options for all Loki components

func NewTimeoutConfig 

func NewTimeoutConfig(s *lokiv1.LimitsSpec) (TimeoutConfig, error)

NewTimeoutConfig creates a TimeoutConfig from the QueryTimeout values in the spec's limits.

Source Files

View all Source files

Directories

Path Synopsis
alerts
config
gateway
rules
internal/dashboards

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.