image: repository: ghcr.io/truecharts/promtail tag: v2.6.1@sha256:e40671972c3ebdf7dc562b86c2f489418a03998daf44a72818e8243f9636f972 # controller: # # -- Set the controller type. # # Valid options are deployment, daemonset or statefulset # type: daemonset args: - "-config.file=/etc/promtail/promtail.yaml" secret: config: enabled: true data: promtail.yaml: | {{- tpl .Values.config.file . | nindent 4 }} env: HOSTNAME: fieldRef: fieldPath: spec.nodeName service: main: ports: main: targetPort: 3101 port: 3101 probes: liveness: path: "/ready" readiness: path: "/ready" startup: path: "/ready" # -- The security context for pods podSecurityContext: runAsUser: 0 runAsGroup: 0 # -- The security context for containers securityContext: readOnlyRootFilesystem: true capabilities: drop: - ALL allowPrivilegeEscalation: false runAsNonRoot: false persistence: containers: enabled: true type: hostPath mountPath: /mnt hostPath: /mnt readOnly: true pods: enabled: true type: hostPath mountPath: /var/log/pods hostPath: /var/log/pods readOnly: true run: enabled: true type: hostPath mountPath: /run/promtail hostPath: /run/promtail config: enabled: true type: secret objectName: '{{ include "tc.common.names.fullname" . }}-config' mountPath: /etc/promtail # -- Whether Role Based Access Control objects like roles and rolebindings should be created rbac: main: enabled: true rules: - apiGroups: - "" resources: - nodes - nodes/proxy - services - endpoints - pods verbs: - get - watch - list # -- The service account the pods will use to interact with the Kubernetes API serviceAccount: main: enabled: true # -- Tolerations for pods. By default, pods will be scheduled on master/control-plane nodes. tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node-role.kubernetes.io/control-plane operator: Exists effect: NoSchedule # ServiceMonitor configuration serviceMonitor: # -- If enabled, ServiceMonitor resources for Prometheus Operator are created enabled: false # -- Alternative namespace for ServiceMonitor resources namespace: null # -- Namespace selector for ServiceMonitor resources namespaceSelector: {} # -- ServiceMonitor annotations annotations: {} # -- Additional ServiceMonitor labels labels: {} # -- ServiceMonitor scrape interval interval: null # -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s) scrapeTimeout: null # -- Section for crafting Promtails config file. The only directly relevant value is `config.file` # which is a templated string that references the other values and snippets below this key. # @default -- See `values.yaml` config: # -- The log level of the Promtail server # Must be reference in `config.file` to configure `server.log_level` # See default config in `values.yaml` logLevel: info # -- The port of the Promtail server # Must be reference in `config.file` to configure `server.http_listen_port` # See default config in `values.yaml` serverPort: 3101 # -- The Loki address to post logs to. # Must be reference in `config.file` to configure `client.url`. # See default config in `values.yaml` lokiAddress: "" # -- A section of reusable snippets that can be reference in `config.file`. # Custom snippets may be added in order to reduce redundancy. # This is especially helpful when multiple `kubernetes_sd_configs` are use which usually have large parts in common. # @default -- See `values.yaml` snippets: pipelineStages: - cri: {} common: - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node_name - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace replacement: $1 separator: / source_labels: - namespace - app target_label: job - action: replace source_labels: - __meta_kubernetes_pod_name target_label: pod - action: replace source_labels: - __meta_kubernetes_pod_container_name target_label: container - action: replace replacement: /var/log/pods/*$1/*.log separator: / source_labels: - __meta_kubernetes_pod_uid - __meta_kubernetes_pod_container_name target_label: __path__ - action: replace replacement: /var/log/pods/*$1/*.log regex: true/(.*) separator: / source_labels: - __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash - __meta_kubernetes_pod_annotation_kubernetes_io_config_hash - __meta_kubernetes_pod_container_name target_label: __path__ # If set to true, adds an additional label for the scrape job. # This helps debug the Promtail config. addScrapeJobLabel: false # -- You can put here any keys that will be directly added to the config file's 'client' block. # @default -- empty extraClientConfigs: "" # -- You can put here any additional scrape configs you want to add to the config file. # @default -- empty extraScrapeConfigs: "" # -- You can put here any additional relabel_configs to "kubernetes-pods" job extraRelabelConfigs: [] scrapeConfigs: | # See also https://github.com/grafana/loki/blob/master/production/ksonnet/promtail/scrape_config.libsonnet for reference - job_name: kubernetes-pods pipeline_stages: {{- toYaml .Values.config.snippets.pipelineStages | nindent 4 }} kubernetes_sd_configs: - role: pod relabel_configs: - source_labels: - __meta_kubernetes_pod_controller_name regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})? action: replace target_label: __tmp_controller_name - source_labels: - __meta_kubernetes_pod_label_app_kubernetes_io_name - __meta_kubernetes_pod_label_app - __tmp_controller_name - __meta_kubernetes_pod_name regex: ^;*([^;]+)(;.*)?$ action: replace target_label: app - source_labels: - __meta_kubernetes_pod_label_app_kubernetes_io_component - __meta_kubernetes_pod_label_component regex: ^;*([^;]+)(;.*)?$ action: replace target_label: component {{- if .Values.config.snippets.addScrapeJobLabel }} - replacement: kubernetes-pods target_label: scrape_job {{- end }} {{- toYaml .Values.config.snippets.common | nindent 4 }} {{- with .Values.config.snippets.extraRelabelConfigs }} {{- toYaml . | nindent 4 }} {{- end }} # -- Config file contents for Promtail. # Must be configured as string. # It is templated so it can be assembled from reusable snippets in order to avoid redundancy. # @default -- See `values.yaml` file: | server: log_level: {{ .Values.config.logLevel }} http_listen_port: {{ .Values.config.serverPort }} client: url: {{ .Values.config.lokiAddress | default ( printf "http://%v.%v.svc.cluster.local:3100/loki/api/v1/push" .Release.Name .Release.Namespace ) }} {{- tpl .Values.config.snippets.extraClientConfigs . | nindent 2 }} positions: filename: /run/promtail/positions.yaml scrape_configs: {{- tpl .Values.config.snippets.scrapeConfigs . | nindent 2 }} {{- tpl .Values.config.snippets.extraScrapeConfigs . | nindent 2 }}