chore(xcap): export captures as traces #19880
Draft
+5,332
−2,867
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Helm Diff Output - SummaryDefault Values Scenario-diff-outputdefault, loki-backend, StatefulSet (apps) has changed:
# Source: loki/templates/backend/statefulset-backend.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-backend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-backend-headless
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: backend
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
kubectl.kubernetes.io/default-container: "loki"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=backend
- -legacy-read-mode=false
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
- name: sc-rules-volume
mountPath: "/rules"
resources:
{}
- name: loki-sc-rules
image: docker.io/kiwigrid/k8s-sidecar:1.30.10
imagePullPolicy: IfNotPresent
env:
- name: METHOD
value: WATCH
- name: LABEL
value: "loki_rule"
- name: FOLDER
value: "/rules"
- name: RESOURCE
value: "both"
- name: WATCH_SERVER_TIMEOUT
value: "60"
- name: WATCH_CLIENT_TIMEOUT
value: "60"
- name: LOG_LEVEL
value: "INFO"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- name: sc-rules-volume
mountPath: "/rules"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: backend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: sc-rules-volume
emptyDir: {}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
default, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-read, Deployment (apps) has changed:
# Source: loki/templates/read/deployment-read.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-read
namespace: default
labels:
app.kubernetes.io/part-of: memberlist
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: read
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
labels:
app.kubernetes.io/part-of: memberlist
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=read
- -legacy-read-mode=false
- -common.compactor-grpc-address=loki-backend.default.svc.cluster.local:9095
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: read
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: data
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-write, StatefulSet (apps) has changed:
# Source: loki/templates/write/statefulset-write.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-write
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: write
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-write-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: write
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: write
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
enableServiceLinks: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=write
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: write
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"Distributed Scenario-diff-outputdefault, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-release-compactor, StatefulSet (apps) has changed:
# Source: loki/templates/compactor/statefulset-compactor.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-compactor
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: compactor
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-release-compactor-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: compactor
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: compactor
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: compactor
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=compactor
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: temp
mountPath: /tmp
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: compactor
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: temp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-distributor, Deployment (apps) has changed:
# Source: loki/templates/distributor/deployment-distributor.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-distributor
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: distributor
app.kubernetes.io/part-of: memberlist
spec:
replicas: 3
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: distributor
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: distributor
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: distributor
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=distributor
- -distributor.zone-awareness-enabled=true
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: distributor
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-index-gateway, StatefulSet (apps) has changed:
# Source: loki/templates/index-gateway/statefulset-index-gateway.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-index-gateway
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: index-gateway
spec:
replicas: 2
updateStrategy:
type: RollingUpdate
serviceName: loki-release-index-gateway-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: index-gateway
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: index-gateway
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: index-gateway
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=index-gateway
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: index-gateway
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-a, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-a.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-a
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-a
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-a-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-a
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-a
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-a
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-a
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-b, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-b.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-b
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-b
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-b-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-b
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-b
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-b
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-b
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-ingester-zone-c, StatefulSet (apps) has changed:
# Source: loki/templates/ingester/statefulset-ingester-zone-c.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ingester-zone-c
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-c
rollout-group: ingester
annotations:
rollout-max-unavailable: "1"
spec:
replicas: 1
podManagementPolicy: Parallel
serviceName: loki-release-ingester-zone-c-headless
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ingester
name: ingester-zone-c
rollout-group: ingester
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ingester
app.kubernetes.io/part-of: memberlist
name: ingester-zone-c
rollout-group: ingester
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ingester
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ingester
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -ingester.availability-zone=zone-c
- -ingester.unregister-on-shutdown=false
- -ingester.tokens-file-path=/var/loki/ring-tokens
- -target=ingester
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: rollout-group
operator: In
values:
- ingester
- key: name
operator: NotIn
values:
- ingester-zone-c
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-querier, Deployment (apps) has changed:
# Source: loki/templates/querier/deployment-querier.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-querier
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: querier
app.kubernetes.io/part-of: memberlist
spec:
replicas: 3
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: querier
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: querier
app.kubernetes.io/part-of: memberlist
spec:
topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/component: querier
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: querier
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=querier
- -distributor.zone-awareness-enabled=true
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: querier
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: data
emptyDir: {}
default, loki-release-query-frontend, Deployment (apps) has changed:
# Source: loki/templates/query-frontend/deployment-query-frontend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-query-frontend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-frontend
spec:
replicas: 2
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: query-frontend
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-frontend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: query-frontend
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=query-frontend
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-frontend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-query-scheduler, Deployment (apps) has changed:
# Source: loki/templates/query-scheduler/deployment-query-scheduler.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-release-query-scheduler
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-scheduler
spec:
replicas: 2
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: query-scheduler
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: query-scheduler
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: query-scheduler
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=query-scheduler
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: query-scheduler
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
default, loki-release-ruler, StatefulSet (apps) has changed:
# Source: loki/templates/ruler/statefulset-ruler.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-release-ruler
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ruler
app.kubernetes.io/part-of: memberlist
spec:
replicas: 0
revisionHistoryLimit: 10
serviceName: loki-release-ruler
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: ruler
template:
metadata:
annotations:
checksum/config: 86e9512dd6ee479f2e728da8e5a8552cc803d3c249103c2b9b3fce3204b22084
kubectl.kubernetes.io/default-container: "ruler"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: ruler
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: ruler
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=ruler
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: data
mountPath: /var/loki
- name: tmp
mountPath: /tmp/loki
resources:
{}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: ruler
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: tmp
emptyDir: {}
- name: data
emptyDir: {}Ingress Values Scenario-diff-outputdefault, loki-backend, StatefulSet (apps) has changed:
# Source: loki/templates/backend/statefulset-backend.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki-backend
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
replicas: 1
podManagementPolicy: Parallel
updateStrategy:
rollingUpdate:
partition: 0
serviceName: loki-backend-headless
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: backend
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
prometheus.io/port: "3100"
prometheus.io/scrape: "true"
kubectl.kubernetes.io/default-container: "loki"
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: backend
app.kubernetes.io/part-of: memberlist
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 300
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=backend
- -legacy-read-mode=false
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
containerPort: 9095
protocol: TCP
- name: http-memberlist
containerPort: 7946
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: runtime-config
mountPath: /etc/loki/runtime-config
- name: tmp
mountPath: /tmp
- name: data
mountPath: /var/loki
- name: sc-rules-volume
mountPath: "/rules"
resources:
{}
- name: loki-sc-rules
image: docker.io/kiwigrid/k8s-sidecar:1.30.10
imagePullPolicy: IfNotPresent
env:
- name: METHOD
value: WATCH
- name: LABEL
value: "loki_rule"
- name: FOLDER
value: "/rules"
- name: RESOURCE
value: "both"
- name: WATCH_SERVER_TIMEOUT
value: "60"
- name: WATCH_CLIENT_TIMEOUT
value: "60"
- name: LOG_LEVEL
value: "INFO"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- name: sc-rules-volume
mountPath: "/rules"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/component: backend
app.kubernetes.io/instance: 'loki-release'
app.kubernetes.io/name: 'loki'
topologyKey: kubernetes.io/hostname
volumes:
- name: tmp
emptyDir: {}
- name: config
configMap:
name: loki
items:
- key: "config.yaml"
path: "config.yaml"
- name: runtime-config
configMap:
name: loki-runtime
- name: sc-rules-volume
emptyDir: {}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
default, loki-canary, DaemonSet (apps) has changed:
# Source: loki/templates/loki-canary/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loki-canary
namespace: default
labels:
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: canary
spec:
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: canary
spec:
serviceAccountName: loki-canary
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki-canary
image: docker.io/grafana/loki-canary:3.5.7
imagePullPolicy: IfNotPresent
args:
- -addr=loki-release-gateway.default.svc.cluster.local.:80
- -labelname=pod
- -labelvalue=$(POD_NAME)
- -user=self-monitoring
- -tenant-id=self-monitoring
- -pass=
- -push=true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
ports:
- name: http-metrics
containerPort: 3500
protocol: TCP
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /metrics
port: http-metrics
initialDelaySeconds: 15
timeoutSeconds: 1
volumes:
default, loki-read, Deployment (apps) has changed:
# Source: loki/templates/read/deployment-read.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: loki-read
namespace: default
labels:
app.kubernetes.io/part-of: memberlist
helm.sh/chart: loki-6.46.0
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/version: "3.5.7"
app.kubernetes.io/component: read
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
template:
metadata:
annotations:
checksum/config: 6457764bbaed49d2a88ffc0b26082e5b83bf59c884c9bd0b327e36a23e468f89
prometheus.io/port: "3100"
prometheus.io/scrape: "true"
labels:
app.kubernetes.io/part-of: memberlist
app.kubernetes.io/name: loki
app.kubernetes.io/instance: loki-release
app.kubernetes.io/component: read
spec:
serviceAccountName: loki-release
automountServiceAccountToken: true
securityContext:
fsGroup: 10001
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
terminationGracePeriodSeconds: 30
containers:
- name: loki
image: docker.io/grafana/loki:3.5.7
imagePullPolicy: IfNotPresent
args:
- -config.file=/etc/loki/config/config.yaml
- -target=read
- -legacy-read-mode=false
- -common.compactor-grpc-address=loki-backend.default.svc.cluster.local:9095
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
- name: grpc
<!-- Sticky Pull Request CommentHelm Diff Output - Summary --> |
Contributor
|
💻 Deploy preview available (wip: introduce region ID): |
ashwanthgoli
force-pushed
the
xcap-traces
branch
from
55f948a to
3c65bab
Compare
ashwanthgoli
changed the title
ashwanthgoli
force-pushed
the
xcap-traces
branch
from
06ff010 to
73367e2
Compare
rfratto
reviewed
Nov 19, 2025
Comment on lines
+196
to
+202
| // Finally, close all sinks. | ||
| for _, sink := range job.Sinks { | ||
| err := sink.Close(ctx) | ||
| if err != nil { | ||
| level.Warn(logger).Log("msg", "failed to close sink", "err", err) | ||
| } | ||
| } |
Member
There was a problem hiding this comment.
I wonder if this should happen before we close the pipeline/capture just so the capture records timing information for how long it took to close the sinks (which would include sending messages back to the scheduler)
| "math/rand/v2" | ||
| ) | ||
|
|
||
| // identifier is a unique identifier for captures and regions. |
Member
There was a problem hiding this comment.
We should probably document these are intended to be compatible with the format of the OpenTelemetry Span IDs (I think that's what you had intended here?)
Member
There was a problem hiding this comment.
When I look through the package documentation via
go doc -http ./pkg/xcap
I the package API is harder to navigate now because how much the generated protobuf code pollutes the package API.
What do you think about this?
- We revert back to putting the protobuf in a
xcap/proto(or evenxcap/internal/proto) xcap.CaptureimplementsMarshalBinaryandUnmarshalBinaryto marshal to/from internal protobuf format.- Other proto packages don't import the protobuf directly; they just use
bytes captureas an opaque representation of what the capture payload is.
| // | ||
| // Each region in the capture becomes a span. Spans are linked using | ||
| // the parent-child relationships defined by the regions. | ||
| func ExportAsTrace(ctx context.Context, capture *Capture, logger log.Logger) error { |
Member
There was a problem hiding this comment.
naming nit: would the shorter ExportTrace still work?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Checklist
CONTRIBUTING.mdguide (required)featPRs are unlikely to be accepted unless a case can be made for the feature actually being a bug fix to existing behavior.docs/sources/setup/upgrade/_index.mddeprecated-config.yamlanddeleted-config.yamlfiles respectively in thetools/deprecated-config-checkerdirectory. Example PR