Skip to content

Commit

Permalink
overhaul how configmap is created and loaded.
Browse files Browse the repository at this point in the history 
Signed-off-by: Edward Welch <[email protected]>
  • Loading branch information
@slim-bean
slim-bean committed Mar 12, 2024
1 parent 64d4ab6 commit 994494d
Show file tree
Hide file tree
Showing 24 changed files with 48 additions and 132 deletions.
1 change: 1 addition & 0 deletions production/helm/loki/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ Entries should include a reference to the pull request that introduced the chang

- [CHANGE] the lokiCanary section was moved from under monitoring to be under the root of the file.
- [CHANGE] the definitions for topologySpreadConstraints and podAffinity were converted from string templates to objects. Also removed the soft constraint on zone.
- [CHANGE] the externalConfigSecretName was replaced with more generic configs

## 5.41.8

Expand Down
6 changes: 3 additions & 3 deletions production/helm/loki/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -464,10 +464,10 @@ The volume to mount for loki configuration
{{- define "loki.configVolume" -}}
{{- if eq .Values.loki.configStorageType "Secret" -}}
secret:
secretName: {{ tpl .Values.loki.externalConfigSecretName . }}
{{- else if eq .Values.loki.configStorageType "ConfigMap" -}}
secretName: {{ tpl .Values.loki.configObjectName . }}
{{- else -}}
configMap:
name: {{ tpl .Values.loki.externalConfigSecretName . }}
name: {{ tpl .Values.loki.configObjectName . }}
items:
- key: "config.yaml"
path: "config.yaml"
Expand Down
7 changes: 1 addition & 6 deletions production/helm/loki/templates/admin-api/deployment-admin-api.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,12 +135,7 @@ spec:
terminationGracePeriodSeconds: {{ .Values.adminApi.terminationGracePeriodSeconds }}
volumes:
- name: config
secret:
{{- if .Values.useExternalConfig }}
secretName: {{ .Values.externalConfigName }}
{{- else }}
secretName: enterprise-logs-config
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: license
secret:
{{- if .Values.useExternalLicense }}
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/backend/statefulset-backend.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,12 +231,7 @@ spec:
{{- toYaml .Values.backend.persistence.dataVolumeParameters | nindent 10 }}
{{- end}}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/compactor/statefulset-compactor.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,12 +146,7 @@ spec:
- name: temp
emptyDir: {}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
4 changes: 2 additions & 2 deletions production/helm/loki/templates/config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{{- if not .Values.loki.existingSecretForConfig -}}
{{- if .Values.loki.generatedConfigObjectName -}}
apiVersion: v1
{{- if eq .Values.loki.configStorageType "Secret" }}
kind: Secret
{{- else }}
kind: ConfigMap
{{- end }}
metadata:
name: {{ tpl .Values.loki.externalConfigSecretName . }}
name: {{ tpl .Values.loki.generatedConfigObjectName . }}
namespace: {{ $.Release.Namespace }}
labels:
{{- include "loki.labels" . | nindent 4 }}
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/distributor/deployment-distributor.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,12 +129,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
7 changes: 1 addition & 6 deletions production/helm/loki/templates/gateway/deployment-gateway-enterprise.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,12 +116,7 @@ spec:
terminationGracePeriodSeconds: {{ .Values.enterpriseGateway.terminationGracePeriodSeconds }}
volumes:
- name: config
secret:
{{- if .Values.useExternalConfig }}
secretName: {{ .Values.externalConfigName }}
{{- else }}
secretName: enterprise-logs-config
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: license
secret:
{{- if .Values.useExternalLicense }}
Expand Down
11 changes: 1 addition & 10 deletions production/helm/loki/templates/index-gateway/statefulset-index-gateway.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,16 +133,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else if .Values.loki.configAsSecret }}
secret:
secretName: {{ include "loki.fullname" . }}-config
{{- else }}
configMap:
name: {{ include "loki.fullname" . }}
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/ingester/statefulset-ingester-zone-a.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,12 +171,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/ingester/statefulset-ingester-zone-b.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,12 +171,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/ingester/statefulset-ingester-zone-c.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,12 +171,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
11 changes: 1 addition & 10 deletions production/helm/loki/templates/ingester/statefulset-ingester.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,16 +149,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else if .Values.loki.configAsSecret }}
secret:
secretName: {{ include "loki.fullname" . }}-config
{{- else }}
configMap:
name: {{ include "loki.fullname" . }}
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/querier/deployment-querier.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,12 +141,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
11 changes: 1 addition & 10 deletions production/helm/loki/templates/query-frontend/deployment-query-frontend.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,16 +119,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else if .Values.loki.configAsSecret }}
secret:
secretName: {{ include "loki.fullname" . }}-config
{{- else }}
configMap:
name: {{ include "loki.fullname" . }}
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/query-scheduler/deployment-query-scheduler.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,12 +117,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/read/deployment-read.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,12 +141,7 @@ spec:
- name: data
emptyDir: {}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/read/statefulset-read.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,12 +143,7 @@ spec:
- name: tmp
emptyDir: {}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
11 changes: 1 addition & 10 deletions production/helm/loki/templates/ruler/statefulset-ruler.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,16 +126,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else if .Values.loki.configAsSecret }}
secret:
secretName: {{ include "loki.fullname" . }}-config
{{- else }}
configMap:
name: {{ include "loki.fullname" . }}
{{- end }}
{{- include "loki.configVolume" . | nindent 10 }}
- name: runtime-config
configMap:
name: {{ template "loki.fullname" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/single-binary/statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,12 +153,7 @@ spec:
- name: tmp
emptyDir: {}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/table-manager/deployment-table-manager.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,12 +106,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
{{- with .Values.tableManager.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/tokengen/job-tokengen.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,12 +116,7 @@ spec:
{{- end }}
volumes:
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
5 changes: 0 additions & 5 deletions production/helm/loki/templates/write/statefulset-write.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,12 +167,7 @@ spec:
{{- toYaml .Values.write.persistence.dataVolumeParameters | nindent 10 }}
{{- end}}
- name: config
{{- if .Values.loki.existingSecretForConfig }}
secret:
secretName: {{ .Values.loki.existingSecretForConfig }}
{{- else }}
{{- include "loki.configVolume" . | nindent 10 }}
{{- end }}
- name: runtime-config
configMap:
name: {{ template "loki.name" . }}-runtime
Expand Down
41 changes: 36 additions & 5 deletions production/helm/loki/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@ deploymentMode: SimpleScalable

######################################################################################################################
#
# Base Loki Configs
# Base Loki Configs including kubernetes configurations and configurations for Loki itself,
# see below for more specifics on Loki's configuration.
#
######################################################################################################################
# -- Configuration for running Loki
Expand Down Expand Up @@ -84,14 +85,44 @@ loki:
allowPrivilegeEscalation: false
# -- Should enableServiceLinks be enabled. Default to enable
enableServiceLinks: true
# -- Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config`
existingSecretForConfig: ""
######################################################################################################################
#
# Loki Configuration
#
# There are several ways to pass configuration to Loki, listing them here in order of our preference for how
# you should use this chart.
# 1. Use the templated value of loki.config below and the corresponding override sections which follow.
# This allows us to set a lot of important Loki configurations and defaults and also allows us to maintain them
# over time as Loki changes and evolves.
# 2. Use the loki.structuredConfig section.
# This will completely override the templated value of loki.config, so you MUST provide the entire Loki config
# including any configuration that we set in loki.config unless you explicitly are trying to change one of those
# values and are not able to do so with the templated sections.
# If you choose this approach the burden is on you to maintain any changes we make to the templated config.
# 3. Use an existing secret or configmap to provide the configuration.
# This option is mostly provided for folks who have external processes which provide or modify the configuration.
# When using this option you can specify a different name for loki.generatedConfigObjectName and configObjectName
# if you have a process which takes the generated config and modifies it, or you can stop the chart from generating
# a config entirely by setting loki.generatedConfigObjectName to
#
######################################################################################################################

# -- Defines what kind of object stores the configuration, a ConfigMap or a Secret.
# In order to move sensitive information (such as credentials) from the ConfigMap/Secret to a more secure location (e.g. vault), it is possible to use [environment variables in the configuration](https://grafana.com/docs/loki/latest/configuration/#use-environment-variables-in-the-configuration).
# Such environment variables can be then stored in a separate Secret and injected via the global.extraEnvFrom value. For details about environment injection from a Secret please see [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/#use-case-as-container-environment-variables).
configStorageType: ConfigMap
# -- Name of the Secret or ConfigMap that contains the configuration (used for naming even if config is internal).
externalConfigSecretName: '{{ include "loki.name" . }}'

# -- The name of the object which Loki will mount as a volume containing the config.
# If the configStorageType is Secret, this will be the name of the Secret, if it is ConfigMap, this will be the name of the ConfigMap.
# The value will be passed through tpl.
configObjectName: '{{ include "loki.name" . }}'

# -- The name of the Secret or ConfigMap that will be created by this chart.
# If empty, no configmap or secret will be created.
# The value will be passed through tpl.
generatedConfigObjectName: '{{ include "loki.name" . }}'


# -- Config file contents for Loki
# @default -- See values.yaml
config: |
Expand Down

0 comments on commit 994494d

Please sign in to comment.