Helm/Loki
|
Helm » Repo » Manage |
|---|
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update && helm repo list
|
Helm » K8s » Config
|
Helm » K8s » Config | |
|---|---|
export KUBECONFIG=${HOME}/.kube/eks-kubeconfig.yaml
export KUBECONFIG=${HOME}/.kube/gke-kubeconfig.yaml
export KUBECONFIG=${HOME}/.kube/lke-kubeconfig.yaml
|
export KUBECONFIG=${HOME}/.kube/shahed-aa-kubeconfig.yaml
export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml
export KUBECONFIG=${HOME}/.kube/shahed-ac-kubeconfig.yaml
|
export KUBECONFIG=${HOME}/.kube/shahed-ae-kubeconfig.yaml
kubectl config get-contexts
kubectl config view
| |
Helm » K8s » MinIO
|
Helm » K8s » MinIO |
|---|
cat << EXE | bash
mc ready s3_minio_shahed_shahed_biz_admin
mc ping -c=3 s3_minio_shahed_shahed_biz_admin
mc admin info s3_minio_shahed_shahed_biz_admin
mc mb s3_minio_shahed_shahed_biz_admin/shahed-ae-loki-admin
mc mb s3_minio_shahed_shahed_biz_admin/shahed-ae-loki-ruler
mc mb s3_minio_shahed_shahed_biz_admin/shahed-ae-loki-chunks
mc ls s3_minio_shahed_shahed_biz_admin --json | jq -r '.key|sub("/$"; "")'
EXE
|
|
Helm » K8s » MinIO » Policy |
yq -o=json <<'YML'| \
mc admin policy create s3_minio_shahed_shahed_biz_admin shahed-ae-loki-rw /dev/stdin
---
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- s3:*
Resource:
- arn:aws:s3:::shahed-ae-loki-admin
- arn:aws:s3:::shahed-ae-loki-ruler
- arn:aws:s3:::shahed-ae-loki-chunks
YML
mc admin policy ls s3_minio_shahed_shahed_biz_admin --json|jq -r '.policy'
mc admin policy info s3_minio_shahed_shahed_biz_admin shahed-ae-loki-rw --json|jq -r
|
|
Helm » K8s » MinIO » Service Account |
mc admin policy info s3_minio_shahed_shahed_biz_admin shahed-ae-loki-rw --json|jq -r '.policyInfo.Policy'|\
mc admin user svcacct add s3_minio_shahed_shahed_biz_admin admin \
--description 'shahed-ae-loki-rw' \
--name shahed-ae-loki-rw \
--policy /dev/stdin
:'
Access Key: 9VJLMCIHU5AEUJESOCGZ
Expiration: no-expiry
'
mc admin policy info s3_minio_shahed_shahed_biz_admin shahed-ae-loki-rw --json|jq -r '.policyInfo.Policy'|\
mc admin user svcacct edit s3_minio_shahed_shahed_biz_admin/ '9VJLMCIHU5AEUJESOCGZ' \
--policy /dev/stdin
:'
Edited service account `9VJLMCIHU5AEUJESOCGZ` successfully.
'
mc admin user svcacct disable s3_minio_shahed_shahed_biz_admin '9VJLMCIHU5AEUJESOCGZ'
mc admin user svcacct enable s3_minio_shahed_shahed_biz_admin '9VJLMCIHU5AEUJESOCGZ'
mc admin user svcacct ls s3_minio_shahed_shahed_biz_admin admin
mc admin user svcacct ls s3_minio_shahed_shahed_biz_admin admin --json|jq -r '.accessKey'
|
|
Helm » K8s » MinIO » Service Account » Debug |
echo -n 'SecretKey: ';read -s MC_SECRET_KEY;export MC_SECRET_KEY;echo
# SecretKey: TkbFQXTXZjYquDhzfdFBUyguZF15s0W+OYrb3LXQ
mc alias set shahed_ae_loki_admin https://s3.minio.shahed.shahed.biz '9VJLMCIHU5AEUJESOCGZ' ${MC_SECRET_KEY}
mc ping shahed_ae_loki_admin -c=3
mc ls shahed_ae_loki_admin
mc alias rm shahed_ae_loki_admin
|
Helm » K8s » Storage
|
Helm » K8s » Storage | |
|---|---|
cat << EXE | sudo bash
mkdir -p /var/minikube/pvc/logging/data-loki-0/{compactor,tsdb-shipper-{active,cache},wal}
chown -R 10001:10001 /var/minikube/pvc/logging/data-loki-0/{compactor,tsdb-shipper-{active,cache},wal}
chmod -R 750 /var/minikube/pvc/logging/
EXE
| |
cat <<'YML'| kubectl apply -f -
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: logging-data-loki-0
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: hostpath
hostPath:
path: /var/hostpath_pv/logging/data-loki-0
type: DirectoryOrCreate
YML
|
|
Helm » Install
|
Helm » Install | |
|---|---|
helm show values grafana/loki --version=6.31.0 |less
helm show values grafana/loki --version=6.32.0|less
|
kubectl create ns logging
kubectl get ns|grep logging
|
cat << ENV | \
kubectl -n logging create secret generic loki-gateway --from-file=.htpasswd=/dev/stdin
$(htpasswd -nbB chorke 'sadaqah!')
$(htpasswd -nbB shahed 'sadaqah!')
$(htpasswd -nbB 'self-monitoring' 'sadaqah!')
ENV
cat << ENV | \
kubectl -n logging create secret generic loki-basic-auth --from-file=auth=/dev/stdin
$(htpasswd -nbB chorke 'sadaqah!')
$(htpasswd -nbB shahed 'sadaqah!')
ENV
| |
cat <<'YML'| kubectl apply -n logging -f -
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-loki-0
namespace: logging
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: loki
app.kubernetes.io/managed-by: kubectl
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: hostpath
volumeName: logging-data-loki-0
YML
|
Find More 👉 Storage » Class » Hostpath Find More 👉 Storage » Persistent Volume |
cat << YML | \
helm -n logging install loki grafana/loki --version=6.32.0 -f -
---
loki:
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
schemaConfig:
configs:
- from: "2025-01-01"
object_store: s3
store: tsdb
schema: v13
index:
prefix: loki_index_
period: 24h
limits_config:
allow_structured_metadata: true
volume_enabled: true
pattern_ingester:
enabled: true
ruler:
enable_api: true
ui:
enabled: true
gateway:
enabled: true
storage:
type: s3
bucketNames:
admin: shahed-ae-loki-admin
ruler: shahed-ae-loki-ruler
chunks: shahed-ae-loki-chunks
s3:
region: us-east-1
s3ForcePathStyle: true
accessKeyId: 9VJLMCIHU5AEUJESOCGZ
endpoint: s3.minio.shahed.shahed.biz
secretAccessKey: q7zUQ80sQ8C0+h8MpwIyhRkcNPP8FxK8X2eFmyvR
persistence:
enabled: false
existingClaim: data-loki-0
commonConfig:
replication_factor: 3
deploymentMode: SingleBinary
singleBinary:
replicas: 1
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 3
minio:
enabled: false
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
replicas: 1
drivesPerNode: 2
rootUser: admin
rootPassword: 'sadaqah!'
users:
- accessKey: loki
policy: readwrite
secretKey: 'sadaqah!'
lokiCanary:
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
gateway:
enabled: true
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
ingress:
enabled: true
ingressClassName: nginx
hosts:
- host: loki.shahed.shahed.biz
paths:
- path: /
pathType: Prefix
tls:
- secretName: loki-shahed-shahed-biz-tls
hosts:
- loki.shahed.shahed.biz
basicAuth:
enabled: true
existingSecret: loki-gateway
resultsCache:
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
chunksCache:
annotations:
kubernetes.io/change-cause: 'CKI-1| Initial Deployment'
batchSize: 2
parallelism: 2
maxItemMemory: 2
connectionLimit: 512
allocatedMemory: 128
writebackBuffer: 10000
writebackSizeLimit: 50MB
writebackParallelism: 1
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
monitoring:
selfMonitoring:
enabled: false
tenant:
name: self-monitoring
password: 'sadaqah!'
ingress:
enabled: false
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: loki-basic-auth
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
labels:
blackbox.monitoring.exclude: 'true'
hosts:
- loki.shahed.shahed.biz
backend:
replicas: 0
read:
replicas: 0
write:
replicas: 0
ingester:
replicas: 0
querier:
replicas: 0
queryFrontend:
replicas: 0
queryScheduler:
replicas: 0
distributor:
replicas: 0
compactor:
replicas: 0
indexGateway:
replicas: 0
bloomCompactor:
replicas: 0
bloomGateway:
replicas: 0
YML
kubectl -n logging annotate ds/loki-canary \
kubernetes.io/change-cause='CKI-1| Initial Deployment'
| |
Helm » K8s » Verify
|
Helm » K8s » Verify |
|---|
cat << YML | \
kubectl -n logging patch ingress loki-gateway --type merge --patch-file=/dev/stdin
---
spec:
tls: null
YML
kubectl -n logging get secrets loki-gateway -o yaml|yq -r '.data.".htpasswd"'|base64 -d;echo
kubectl -n logging get secrets loki-basic-auth -o yaml|yq -r '.data.auth' |base64 -d;echo
xdg-open https://www.cdn77.com/tls-test/result?domain=loki.shahed.shahed.biz
xdg-open https://loki.shahed.shahed.biz/ui/
kubectl -n logging exec -it svc/loki -c loki -- ash
kubectl -n logging exec -it svc/loki -c loki-sc-rules -- ash
kubectl -n logging exec -it svc/loki-memberlist -c loki -- ash
kubectl -n logging exec -it svc/loki-memberlist -c loki-sc-rules -- ash
kubectl -n logging exec -it svc/loki-canary -c loki-canary -- ash
kubectl -n logging exec -it svc/loki-canary -- ash
kubectl -n logging exec -it svc/loki-chunks-cache -c memcached -- ash
kubectl -n logging exec -it svc/loki-chunks-cache -c exporter -- ash
kubectl -n logging exec -it svc/loki-headless -c memcached -- ash
kubectl -n logging exec -it svc/loki-headless -c exporter -- ash
kubectl -n logging exec -it svc/loki-results-cache -c memcached -- ash
kubectl -n logging exec -it svc/loki-results-cache -c exporter -- ash
kubectl -n logging logs -f svc/loki -c loki-sc-rules
kubectl -n logging logs -f svc/loki-canary -c loki-canary
kubectl -n logging logs -f svc/loki -c loki
kubectl -n logging logs -f svc/loki-gateway
kubectl -n logging exec -it svc/loki-gateway -- sh
kubectl -n logging exec -it svc/loki -- sh
kubectl -n logging exec -it svc/loki -- id
---
Page: https://loki.shahed.shahed.biz
user: admin
pass: sadaqah!
|
Helm » Uninstall
|
Helm » Uninstall | |
|---|---|
helm uninstall loki -n logging
kubectl delete pvc --all -n logging
kubectl delete pv logging-data-loki-0
|
kubectl delete deploy --all -n logging
kubectl delete all --all -n logging
kubectl delete ns logging
|
Playground
|
Playground | |
|---|---|
helm -n logging install loki grafana/loki --version=6.31.0
helm -n logging upgrade -i loki grafana/loki --version=6.32.0
helm show values grafana/loki --version=6.32.0|less
kubectl -n logging get secrets loki-gateway -o yaml|yq -r '.data.".htpasswd"'|base64 -d;echo
kubectl -n logging get secrets loki-basic-auth -o yaml|yq -r '.data.auth' |base64 -d;echo
kubectl -n logging logs -f svc/loki -c loki-sc-rules
kubectl -n logging logs -f svc/loki-canary -c loki-canary
kubectl -n logging logs -f svc/loki -c loki
kubectl -n logging logs -f svc/loki-gateway
kubectl -n logging exec -it svc/loki-gateway -- sh
kubectl -n logging exec -it svc/loki -- sh
kubectl -n logging exec -it svc/loki -- id
| |
kubectl -n logging delete all --all
kubectl -n logging delete ing --all
kubectl -n logging delete sts --all
|
kubectl delete pv logging-data-loki-0
kubectl -n logging delete svc --all
kubectl -n logging delete pvc --all
|
kubectl -n logging rollout history deploy/loki-gateway
kubectl -n logging rollout restart deploy/loki-gateway
kubectl -n logging rollout status deploy/loki-gateway
kubectl -n logging logs -f svc/loki-gateway
kubectl -n logging logs -f svc/loki-canary
kubectl -n logging logs -f svc/loki
| |
References
|
References | ||
|---|---|---|