Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

promtail: client tls_config for helm chart #1297

Closed
mwennrich opened this issue Nov 20, 2019 · 5 comments
Closed

promtail: client tls_config for helm chart #1297

mwennrich opened this issue Nov 20, 2019 · 5 comments
Labels
component/agent help wanted We would love help on these issues. Please come help us! keepalive An issue or PR that will be kept alive and never marked as stale. type/enhancement Something existing could be improved

Comments

@mwennrich
Copy link

Currently the helm chart for promtail is missing an option for tls_config.

I would like to have an option to specifiy the promtail tls_config options also with the helm chart:

tls_config:
  [ca_file: <string>]
  [cert_file: <filename>]
  [key_file: <filename>]
  [server_name: <string>]
  [insecure_skip_verify: <boolean> | default = false]
@cyriltovena cyriltovena added component/agent help wanted We would love help on these issues. Please come help us! keepalive An issue or PR that will be kept alive and never marked as stale. type/enhancement Something existing could be improved labels Dec 6, 2019
@R-Studio
Copy link

R-Studio commented Apr 4, 2022

Any news?

@Jeroen0494
Copy link

You can use the following notation in your helm chart:

config:
  clients:
  - url: https://loki.cluster.local/loki/api/v1/push
    tls_config:
      insecure_skip_verify: true

@cstyan
Copy link
Contributor

cstyan commented Nov 8, 2023

@mwennrich is this still an issue? does the suggested config from Jeroen work for you?

@janosmiko
Copy link

I'm using it with these settings and it works:

config:
  clients:
    - url: https://loki.example.com:443/loki/api/v1/push
      tls_config:
        ca_file: /run/secrets/loki-client-tls/ca.crt
        cert_file: /run/secrets/loki-client-tls/tls.crt
        key_file: /run/secrets/loki-client-tls/tls.key
        server_name: loki.example.com
        insecure_skip_verify: false

extraVolumes:
  - name: loki-client-tls
    secret:
      secretName: loki-client-tls

extraVolumeMounts:
  - name: loki-client-tls
    mountPath: /run/secrets/loki-client-tls
    readOnly: true

extraArgs:
  - -client.external-labels=cluster=test-cluster

podSecurityContext:
  runAsUser: null
  runAsGroup: null
  seccompProfile:
    type: RuntimeDefault
  seLinuxOptions:
    type: spc_t

@cstyan
Copy link
Contributor

cstyan commented Apr 17, 2024

closing this as it seems tls config for the helm chart is supported now 👍 thanks @janosmiko and @Jeroen0494 for the updates

@cstyan cstyan closed this as completed Apr 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/agent help wanted We would love help on these issues. Please come help us! keepalive An issue or PR that will be kept alive and never marked as stale. type/enhancement Something existing could be improved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@janosmiko @cyriltovena @mwennrich @cstyan @R-Studio @Jeroen0494