Newer
Older
{{- if .Values.loki.enabled }}
{{- include "values-secret" (dict "root" $ "package" .Values.loki "name" "loki" "defaults" (include "bigbang.defaults.loki" .)) }}
{{- end }}
{{- define "bigbang.defaults.loki" -}}
hostname: {{ .Values.hostname }}
clusterName: ""
openshift: {{ .Values.openshift }}
istio:
enabled: {{ .Values.istio.enabled }}
{{- if or
(dig "hardened" "enabled" false .Values.istio.values)
(dig "istio" "hardened" "enabled" false .Values.monitoring.values)
(dig "istio" "hardened" "enabled" false .Values.addons.authservice.values)
(dig "istio" "hardened" "enabled" false .Values.grafana.values)
(dig "istio" "hardened" "enabled" false .Values.loki.values)
(dig "istio" "hardened" "enabled" false .Values.eckOperator.values)
(dig "istio" "hardened" "enabled" false .Values.elasticsearchKibana.values)
}}
hardened:
enabled: true
monitoring:
enabled: {{ .Values.monitoring.enabled }}
promtail:
enabled: {{ .Values.promtail.enabled }}
fluentbit:
enabled: {{ .Values.fluentbit.enabled }}
minioOperator:
enabled: {{ .Values.addons.minioOperator.enabled }}
{{- end }}
imagePullSecrets:
- name: private-registry
image:
pullPolicy: {{ .Values.imagePullPolicy }}
enabled: {{ .Values.networkPolicies.enabled }}
controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
enabled: {{ .Values.monitoring.enabled }}
serviceMonitor:
enabled: {{ .Values.monitoring.enabled }}
# conditional passes only for default istio: enabled, mTLS: SCRICT
{{- if and .Values.istio.enabled (eq (dig "istio" "mtls" "mode" "STRICT" .Values.loki.values) "STRICT") }}
scheme: https
tlsConfig:
caFile: /etc/prom-certs/root-cert.pem
certFile: /etc/prom-certs/cert-chain.pem
keyFile: /etc/prom-certs/key.pem
insecureSkipVerify: true # Prometheus does not support Istio security naming, thus skip verifying target pod certificate
{{- end }}
{{- $disableDefaultFLB := dig "additionalOutputs" "disableDefault" false .Values.fluentbit.values }}
{{- if and .Values.fluentbit.enabled (not $disableDefaultFLB) }}
fluentbit:
enabled: true
{{- end }}
{{- if .Values.promtail.enabled }}
promtail:
enabled: true
{{- end }}
extraMemberlistConfig:
bind_addr:
- ${MY_POD_IP}
{{- if (and (eq .Values.loki.strategy "monolith") (not (dig "minio" "enabled" false .Values.loki.values))) }}
bucketNames:
{{- toYaml .Values.loki.objectStorage.bucketNames | nindent 6 }}
s3:
endpoint: {{ .Values.loki.objectStorage.endpoint }}
region: {{ .Values.loki.objectStorage.region }}
accessKeyId: {{ .Values.loki.objectStorage.accessKey }}
secretAccessKey: {{ .Values.loki.objectStorage.accessSecret }}
{{- if (and (eq .Values.loki.strategy "monolith") (not (dig "minio" "enabled" false .Values.loki.values))) }}
rulerConfig:
storage:
type: local
storage_config:
boltdb_shipper:
active_index_directory: /var/loki/boltdb-shipper-active
cache_location: /var/loki/boltdb-shipper-cache
cache_ttl: 24h
filesystem:
directory: /var/loki/chunks
{{- end }}
{{- if .Values.istio.enabled }}
podAnnotations:
{{ include "istioAnnotation" . }}
{{- end }}
{{- if (eq .Values.loki.strategy "monolith") }}
deploymentMode: SingleBinary
singleBinary:
replicas: 1
extraArgs:
- -config.expand-env=true
extraEnv:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
deploymentMode: SimpleScalable
read:
replicas: 3
extraArgs:
- -config.expand-env=true
extraEnv:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
write:
replicas: 3
extraArgs:
- -config.expand-env=true
extraEnv:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
backend:
replicas: 3
extraArgs:
- -config.expand-env=true
extraEnv:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
gateway:
enabled: true
service:
labels:
prometheus.io/service-monitor: "false"
extraArgs:
- -config.expand-env=true
extraEnv:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- with .Values.loki.objectStorage }}
{{- if and (eq $.Values.loki.strategy "scalable") (not (and .endpoint .region)) }}
# Allows users to deploy distributed mode but calls out that we do not support it
{{- if (eq .Values.loki.strategy "distributed") }}
deploymentMode: Distributed