chore: release loki helm chart 6.47.0 #19985
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Helm Diff Output - SummaryDefault Values Scenario-diff-outputdefault, loki-backend, StatefulSet (apps) has changed:
# Source: loki/templates/backend/statefulset-backend.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-backend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-backend-headless
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: backend
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
kubectl.kubernetes.io/default-container: "loki"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=backend
- -legacy-read-mode=false
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
- name: sc-rules-volume
mountPath: "/rules"
resources:
{}
- name: loki-sc-rules
image: docker.io/kiwigrid/k8s-sidecar:1.30.10
imagePullPolicy: IfNotPresent
env:
- name: METHOD
value: WATCH
- name: LABEL
value: "loki_rule"
- name: FOLDER
value: "/rules"
- name: RESOURCE
value: "both"
- name: WATCH_SERVER_TIMEOUT
value: "60"
- name: WATCH_CLIENT_TIMEOUT
value: "60"
- name: LOG_LEVEL
value: "INFO"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- name: sc-rules-volume
mountPath: "/rules"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: backend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: sc-rules-volume
emptyDir: {}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
default, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-read, Deployment (apps) has changed:
# Source: loki/templates/read/deployment-read.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-read
namespace: default
labels:
app.kubernetes.io/part-of: memberlist
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: read
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
labels:
app.kubernetes.io/part-of: memberlist
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=read
- -legacy-read-mode=false
- -common.compactor-grpc-address=loki-backend.default.svc.cluster.local:9095
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: read
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: data
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-write, StatefulSet (apps) has changed:
# Source: loki/templates/write/statefulset-write.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-write
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: write
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-write-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: write
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: write
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
enableServiceLinks: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=write
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: write
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"Distributed Scenario-diff-outputdefault, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-release-compactor, StatefulSet (apps) has changed:
# Source: loki/templates/compactor/statefulset-compactor.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-compactor
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: compactor
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-release-compactor-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: compactor
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: compactor
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: compactor
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=compactor
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: temp
mountPath: /tmp
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: compactor
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: temp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-distributor, Deployment (apps) has changed:
# Source: loki/templates/distributor/deployment-distributor.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-distributor
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: distributor
app.kubernetes.io/part-of: memberlist
spec:
replicas: 3
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: distributor
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: distributor
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: distributor
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=distributor
- -distributor.zone-awareness-enabled=true
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: distributor
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-index-gateway, StatefulSet (apps) has changed:
# Source: loki/templates/index-gateway/statefulset-index-gateway.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-index-gateway
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: index-gateway
spec:
replicas: 2
updateStrategy:
type: RollingUpdate
serviceName: loki-release-index-gateway-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: index-gateway
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: index-gateway
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: index-gateway
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=index-gateway
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: index-gateway
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-a, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-a.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-a
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-a
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-a-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-a
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-a
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-a
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-a
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-b, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-b.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-b
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-b
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-b-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-b
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-b
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-b
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-b
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-c, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-c.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-c
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-c
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-c-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-c
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-c
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-c
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-c
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-querier, Deployment (apps) has changed:
# Source: loki/templates/querier/deployment-querier.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-querier
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: querier
app.kubernetes.io/part-of: memberlist
spec:
replicas: 3
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: querier
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: querier
app.kubernetes.io/part-of: memberlist
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: querier
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: querier
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=querier
- -distributor.zone-awareness-enabled=true
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: querier
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-query-frontend, Deployment (apps) has changed:
# Source: loki/templates/query-frontend/deployment-query-frontend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-query-frontend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-frontend
spec:
replicas: 2
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: query-frontend
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-frontend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: query-frontend
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=query-frontend
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-frontend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-query-scheduler, Deployment (apps) has changed:
# Source: loki/templates/query-scheduler/deployment-query-scheduler.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-query-scheduler
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-scheduler
spec:
replicas: 2
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: query-scheduler
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-scheduler
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: query-scheduler
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=query-scheduler
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-scheduler
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-ruler, StatefulSet (apps) has changed:
# Source: loki/templates/ruler/statefulset-ruler.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ruler
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ruler
app.kubernetes.io/part-of: memberlist
spec:
replicas: 0
revisionHistoryLimit: 10
serviceName: loki-release-ruler
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ruler
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
kubectl.kubernetes.io/default-container: "ruler"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ruler
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ruler
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=ruler
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
- name: tmp
mountPath: /tmp/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ruler
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: tmp
emptyDir: {}
- name: data
emptyDir: {}Ingress Values Scenario-diff-outputdefault, loki-backend, StatefulSet (apps) has changed:
# Source: loki/templates/backend/statefulset-backend.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-backend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-backend-headless
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: backend
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
prometheus.io/port: "3100"
prometheus.io/scrape: "true"
kubectl.kubernetes.io/default-container: "loki"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=backend
- -legacy-read-mode=false
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
- name: sc-rules-volume
mountPath: "/rules"
resources:
{}
- name: loki-sc-rules
image: docker.io/kiwigrid/k8s-sidecar:1.30.10
imagePullPolicy: IfNotPresent
env:
- name: METHOD
value: WATCH
- name: LABEL
value: "loki_rule"
- name: FOLDER
value: "/rules"
- name: RESOURCE
value: "both"
- name: WATCH_SERVER_TIMEOUT
value: "60"
- name: WATCH_CLIENT_TIMEOUT
value: "60"
- name: LOG_LEVEL
value: "INFO"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- name: sc-rules-volume
mountPath: "/rules"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: backend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: sc-rules-volume
emptyDir: {}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
default, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-read, Deployment (apps) has changed:
# Source: loki/templates/read/deployment-read.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-read
namespace: default
labels:
app.kubernetes.io/part-of: memberlist
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: read
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
prometheus.io/port: "3100"
prometheus.io/scrape: "true"
labels:
app.kubernetes.io/part-of: memberlist
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=read
- -legacy-read-mode=false
- -common.compactor-grpc-address=loki-backend.default.svc.cluster.local:9095
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
<!-- Sticky Pull Request CommentHelm Diff Output - Summary --> |
Contributor
|
💻 Deploy preview available (chore: release loki helm chart 6.47.0): |
enterprise-logs-app
bot
force-pushed
the
helm-chart-tagged-6.47.0
branch
from
f115771 to
81b451d
Compare
enterprise-logs-app
bot
force-pushed
the
helm-chart-tagged-6.47.0
branch
from
81b451d to
f13b9c8
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Automated PR created by helm-tagged-release-pr.yaml