From 57cff3b61df166f6ef5858d3241d9cd6e9ed352c Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Mon, 3 Nov 2025 20:22:05 +0100 Subject: [PATCH 1/6] chore(stack/observability): Update and remove TLS from internal components for now Also move from the loki exporter to the generic otlp exporter for shipping logs to Loki --- stacks/observability/grafana-loki.yaml | 84 +++++++++++-------- stacks/observability/grafana-tempo.yaml | 75 +++++++++-------- stacks/observability/grafana.yaml | 22 +++-- stacks/observability/jaeger.yaml | 3 + .../opentelemetry-collector-deployment.yaml | 53 ++++-------- .../opentelemetry-collector-sidecar.yaml | 54 ++++-------- .../observability/opentelemetry-operator.yaml | 3 +- 7 files changed, 143 insertions(+), 151 deletions(-) diff --git a/stacks/observability/grafana-loki.yaml b/stacks/observability/grafana-loki.yaml index 0ba6bbc5..bbc8fc26 100644 --- a/stacks/observability/grafana-loki.yaml +++ b/stacks/observability/grafana-loki.yaml @@ -5,21 +5,63 @@ name: loki repo: name: loki url: https://grafana.github.io/helm-charts -version: 6.44.0 # 3.5.7 +# To find the latest version: +# helm repo add grafana https://grafana.github.io/helm-charts --force-update +# helm search repo grafana/loki +version: 6.45.2 # 3.5.7 options: + deploymentMode: SingleBinary + singleBinary: + replicas: 1 + + # Zero out replica counts of other deployment modes + backend: + replicas: 0 + read: + replicas: 0 + write: + replicas: 0 + + ingester: + replicas: 0 + querier: + replicas: 0 + queryFrontend: + replicas: 0 + queryScheduler: + replicas: 0 + distributor: + replicas: 0 + compactor: + replicas: 0 + indexGateway: + replicas: 0 + bloomCompactor: + replicas: 0 + bloomGateway: + replicas: 0 + loki: auth_enabled: false commonConfig: replication_factor: 1 storage: type: 'filesystem' - server: - http_tls_config: - cert_file: /etc/loki/certs/tls.crt - key_file: /etc/loki/certs/tls.key - readinessProbe: - httpGet: - scheme: HTTPS + bucketNames: + # Buckets names from: https://github.com/grafana/loki/blob/015be223bcd2c29952db3f5cf0748414acf57fd3/production/helm/loki/values.yaml#L3677-L3686 + chunks: chunks + ruler: ruler + admin: admin + schemaConfig: + configs: + - from: "2024-04-01" + store: tsdb + object_store: filesystem + schema: v13 + index: + prefix: loki_index_ + period: 24h + monitoring: dashboards: enabled: false @@ -37,29 +79,3 @@ options: enabled: false gateway: enabled: false - singleBinary: - replicas: 1 - extraVolumeMounts: - # Mount the certificate generated by the secret-operator - - name: tls - mountPath: /etc/loki/certs/ - extraVolumes: - # Request a TLS certificate from the secret-operator - - name: tls - ephemeral: - volumeClaimTemplate: - metadata: - annotations: - secrets.stackable.tech/class: tls - # Add the service loki to the - # distinguished names because this service is used - # by opentelemetry-collector. - secrets.stackable.tech/scope: |- - service=loki - spec: - storageClassName: secrets.stackable.tech - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1 diff --git a/stacks/observability/grafana-tempo.yaml b/stacks/observability/grafana-tempo.yaml index 8258f6c9..51be09c1 100644 --- a/stacks/observability/grafana-tempo.yaml +++ b/stacks/observability/grafana-tempo.yaml @@ -6,49 +6,52 @@ repo: name: tempo url: https://grafana.github.io/helm-charts # Watch out for https://github.com/grafana/helm-charts/issues/3417 -# and https://github.com/grafana/helm-charts/pull/3503! +# Workaround at: https://github.com/grafana/helm-charts/issues/3660#issuecomment-3007113458 +# To find the latest version: +# helm repo add grafana https://grafana.github.io/helm-charts --force-update +# helm search repo grafana/tempo version: 1.24.0 # 2.9.0 options: tempo: - server: - http_tls_config: - cert_file: /etc/tempo/certs/tls.crt - key_file: /etc/tempo/certs/tls.key + # server: + # http_tls_config: + # cert_file: /etc/tempo/certs/tls.crt + # key_file: /etc/tempo/certs/tls.key receivers: otlp: protocols: grpc: endpoint: "0.0.0.0:4317" - tls: - cert_file: /etc/tempo/certs/tls.crt - key_file: /etc/tempo/certs/tls.key - extraVolumeMounts: - # Mount the certificate generated by the secret-operator - - name: tls - mountPath: /etc/tempo/certs/ + # tls: + # cert_file: /etc/tempo/certs/tls.crt + # key_file: /etc/tempo/certs/tls.key + # extraVolumeMounts: + # # Mount the certificate generated by the secret-operator + # - name: tls + # mountPath: /etc/tempo/certs/ tempoQuery: enabled: true - extraVolumeMounts: - # Mount the certificate generated by the secret-operator - - name: tls - mountPath: /etc/tempo/certs/ - extraVolumes: - # Request a TLS certificate from the secret-operator - - name: tls - ephemeral: - volumeClaimTemplate: - metadata: - annotations: - secrets.stackable.tech/class: tls - # Add the service loki to the - # distinguished names because this service is used - # by opentelemetry-collector. - secrets.stackable.tech/scope: |- - service=tempo - spec: - storageClassName: secrets.stackable.tech - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1 + # extraVolumeMounts: + # # Mount the certificate generated by the secret-operator + # - name: tls + # mountPath: /etc/tempo/certs/ + # extraVolumes: + # # Request a TLS certificate from the secret-operator + # - name: tls + # ephemeral: + # volumeClaimTemplate: + # metadata: + # annotations: + # secrets.stackable.tech/class: tls + # # Add the service loki to the + # # distinguished names because this service is used + # # by opentelemetry-collector. + # secrets.stackable.tech/scope: |- + # service=tempo + # spec: + # storageClassName: secrets.stackable.tech + # accessModes: + # - ReadWriteOnce + # resources: + # requests: + # storage: 1 diff --git a/stacks/observability/grafana.yaml b/stacks/observability/grafana.yaml index 7915dcd2..5edbe035 100644 --- a/stacks/observability/grafana.yaml +++ b/stacks/observability/grafana.yaml @@ -6,34 +6,38 @@ name: grafana repo: name: grafana url: https://grafana.github.io/helm-charts -version: 10.1.2 # 12.2.0 +# To find the latest version: +# helm repo add grafana https://grafana.github.io/helm-charts --force-update +# helm search repo grafana/grafana +version: 10.1.4 # 12.2.1 options: admin: existingSecret: grafana-admin-credentials service: type: NodePort + port: 443 datasources: datasources.yaml: apiVersion: 1 datasources: - name: Loki type: loki - url: https://loki.default.svc.cluster.local:3100 + url: http://loki:3100 access: proxy isDefault: false jsonData: - tlsAuthWithCACert: true - secureJsonData: - tlsCACert: $__file{/etc/grafana/certs/ca.crt} + tlsAuthWithCACert: false + # secureJsonData: + # tlsCACert: $__file{/etc/grafana/certs/ca.crt} - name: Tempo type: tempo - url: https://tempo.default.svc.cluster.local:3100 + url: http://tempo:3100 access: proxy isDefault: false jsonData: - tlsAuthWithCACert: true - secureJsonData: - tlsCACert: $__file{/etc/grafana/certs/ca.crt} + tlsAuthWithCACert: false + # secureJsonData: + # tlsCACert: $__file{/etc/grafana/certs/ca.crt} readinessProbe: httpGet: scheme: HTTPS diff --git a/stacks/observability/jaeger.yaml b/stacks/observability/jaeger.yaml index 85504ff8..107f15f7 100644 --- a/stacks/observability/jaeger.yaml +++ b/stacks/observability/jaeger.yaml @@ -6,6 +6,9 @@ name: jaeger repo: name: jaeger url: https://jaegertracing.github.io/helm-charts +# To find the latest version: +# helm repo add jaegertracing https://jaegertracing.github.io/helm-charts --force-update +# helm search repo jaegertracing/jaeger version: 3.4.1 # 1.53.0 options: # labels: diff --git a/stacks/observability/opentelemetry-collector-deployment.yaml b/stacks/observability/opentelemetry-collector-deployment.yaml index c7978492..ffb49b8d 100644 --- a/stacks/observability/opentelemetry-collector-deployment.yaml +++ b/stacks/observability/opentelemetry-collector-deployment.yaml @@ -9,10 +9,11 @@ metadata: spec: mode: deployment # See: https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector-contrib/versions?filters%5Bversion_type%5D=tagged + # See: https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector-contrib/550448680?tag=latest # Using the contrib image so we get all of the useful plugins - image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.97.0 + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.138.0 config: - # Configure the collector to receove via OTLP, and export to various "sinks". + # Configure the collector to receive via OTLP, and export to various "sinks". # For configuration structure, see: https://opentelemetry.io/docs/collector/configuration/ # # A receiver for logs/metrics/traces via OTLP @@ -20,7 +21,7 @@ spec: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/receiver # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver receivers: - otlp/insecure: + otlp: protocols: grpc: # In sidecar mode, we don't want, nor need the sidecar to be @@ -28,26 +29,26 @@ spec: # TLS on the receiver(s) because only containers in the same pod can # connect, and so network traffic will not leave the host. endpoint: 0.0.0.0:4317 - # Exporters to separate logs/metrics/taces + # Exporters to separate logs/metrics/traces # See all available exporters: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter exporters: # When added to a logs/metrics/traces pipeline, the collector will print to stdout. - debug: + debug: {} # verbosity: detailed - otlp/jaeger-insecure: + otlp/jaeger: endpoint: jaeger-collector:4317 tls: insecure: true otlp/tempo: - endpoint: tempo.default.svc.cluster.local:4317 + endpoint: tempo:4317 tls: - ca_file: /certs/ca.crt - loki: - endpoint: https://loki.default.svc.cluster.local:3100/loki/api/v1/push + insecure: true + otlp/loki: + endpoint: loki:9095 tls: - ca_file: /certs/ca.crt + insecure: true # auth: # authenticator: basicauth/loki # Processors to enrich logs/metrics/traces. For example, adding Kubernetes node/pod/deployment information @@ -98,7 +99,7 @@ spec: # See all available extensions: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/extension # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/extension - extensions: + extensions: {} # basicauth/loki: # client_auth: # username: loki @@ -108,16 +109,17 @@ spec: # extensions: [basicauth/loki] pipelines: traces: - receivers: [otlp/insecure] + receivers: [otlp] processors: - memory_limiter - batch/every-second - resourcedetection/env exporters: + # - otlp/jaeger - otlp/tempo # - debug logs: - receivers: [otlp/insecure] + receivers: [otlp] processors: - memory_limiter - batch/every-second @@ -125,11 +127,11 @@ spec: - resource/logs - attributes/logs exporters: - - loki + - otlp/loki # - debug # Set the log level of the opentelemetry-collector application. # You can also expose the collector metrcics (separate from the metrics receivers/exporters). - telemetry: + telemetry: {} # logs: # level: DEBUG # metrics: @@ -142,22 +144,3 @@ spec: requests: cpu: 250m memory: 64Mi - volumeMounts: - # We mount a certificate from the secret-operator so that we have the CA - # cert for exporters to trust what they connect to. - - name: tls - mountPath: /certs - volumes: - - name: tls - ephemeral: - volumeClaimTemplate: - metadata: - annotations: - secrets.stackable.tech/class: tls - spec: - storageClassName: secrets.stackable.tech - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1 diff --git a/stacks/observability/opentelemetry-collector-sidecar.yaml b/stacks/observability/opentelemetry-collector-sidecar.yaml index 07c5b964..6cc3a4c1 100644 --- a/stacks/observability/opentelemetry-collector-sidecar.yaml +++ b/stacks/observability/opentelemetry-collector-sidecar.yaml @@ -7,10 +7,11 @@ metadata: spec: mode: sidecar # See: https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector-contrib/versions?filters%5Bversion_type%5D=tagged + # See: https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector-contrib/550448680?tag=latest # Using the contrib image so we get all of the useful plugins - image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.97.0 + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.138.0 config: - # Configure the collector to receove via OTLP, and export to various "sinks". + # Configure the collector to receive via OTLP, and export to various "sinks". # For configuration structure, see: https://opentelemetry.io/docs/collector/configuration/ # # A receiver for logs/metrics/traces via OTLP @@ -18,7 +19,7 @@ spec: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/receiver # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver receivers: - otlp/insecure: + otlp: protocols: grpc: # In sidecar mode, we don't want, nor need the sidecar to be @@ -26,26 +27,26 @@ spec: # TLS on the receiver(s) because only containers in the same pod can # connect, and so network traffic will not leave the host. endpoint: 127.0.0.1:4317 - # Exporters to separate logs/metrics/taces + # Exporters to separate logs/metrics/traces # See all available exporters: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter exporters: # When added to a logs/metrics/traces pipeline, the collector will print to stdout. - debug: + debug: {} # verbosity: detailed - otlp/jaeger-insecure: + otlp: endpoint: jaeger-collector:4317 tls: insecure: true otlp/tempo: - endpoint: tempo.default.svc.cluster.local:4317 + endpoint: tempo:4317 tls: - ca_file: /certs/ca.crt - loki: - endpoint: https://loki.default.svc.cluster.local:3100/loki/api/v1/push + insecure: true + otlp/loki: + endpoint: loki:9095 tls: - ca_file: /certs/ca.crt + insecure: true # auth: # authenticator: basicauth/loki # Processors to enrich logs/metrics/traces. For example, adding Kubernetes node/pod/deployment information @@ -96,7 +97,7 @@ spec: # See all available extensions: # - https://github.com/open-telemetry/opentelemetry-collector/tree/main/extension # - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/extension - extensions: + extensions: {} # basicauth/loki: # client_auth: # username: loki @@ -106,17 +107,17 @@ spec: # extensions: [basicauth/loki] pipelines: traces: - receivers: [otlp/insecure] + receivers: [otlp] processors: - memory_limiter - batch/every-second - resourcedetection/env exporters: - - otlp/jaeger-insecure + - otlp/jaeger - otlp/tempo # - debug logs: - receivers: [otlp/insecure] + receivers: [otlp] processors: - memory_limiter - batch/every-second @@ -124,11 +125,11 @@ spec: - resource/logs - attributes/logs exporters: - - loki + - otlp/loki # - debug # Set the log level of the opentelemetry-collector application. # You can also expose the collector metrcics (separate from the metrics receivers/exporters). - telemetry: + telemetry: {} # logs: # level: DEBUG # metrics: @@ -141,22 +142,3 @@ spec: requests: cpu: 250m memory: 64Mi - volumeMounts: - # We mount a certificate from the secret-operator so that we have the CA - # cert for exporters to trust what they connect to. - - name: tls - mountPath: /certs - volumes: - - name: tls - ephemeral: - volumeClaimTemplate: - metadata: - annotations: - secrets.stackable.tech/class: tls - spec: - storageClassName: secrets.stackable.tech - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1 diff --git a/stacks/observability/opentelemetry-operator.yaml b/stacks/observability/opentelemetry-operator.yaml index d4118ddd..1ddb7a1a 100644 --- a/stacks/observability/opentelemetry-operator.yaml +++ b/stacks/observability/opentelemetry-operator.yaml @@ -5,7 +5,8 @@ name: opentelemetry-operator repo: name: opentelemetry-operator url: https://open-telemetry.github.io/opentelemetry-helm-charts -version: 0.98.0 # 0.137.0 +# Find the newest chart at https://github.com/open-telemetry/opentelemetry-helm-charts/releases +version: 0.99.0 # 0.138.0 options: admissionWebhooks: certManager: From f0fe194840000440370db173073cbe3b22cb56b6 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Tue, 4 Nov 2025 10:11:35 +0100 Subject: [PATCH 2/6] fix(stack/observability): Fix name of exporter --- stacks/observability/opentelemetry-collector-sidecar.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stacks/observability/opentelemetry-collector-sidecar.yaml b/stacks/observability/opentelemetry-collector-sidecar.yaml index 6cc3a4c1..d54cf65f 100644 --- a/stacks/observability/opentelemetry-collector-sidecar.yaml +++ b/stacks/observability/opentelemetry-collector-sidecar.yaml @@ -35,7 +35,7 @@ spec: # When added to a logs/metrics/traces pipeline, the collector will print to stdout. debug: {} # verbosity: detailed - otlp: + otlp/jaeger: endpoint: jaeger-collector:4317 tls: insecure: true From acaaa07cdffacb5f5589a3deccf69951203cb402 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Tue, 4 Nov 2025 13:46:15 +0100 Subject: [PATCH 3/6] chore(stack/observability): Move Loki OTLP exporter from gRPC to HTTP Loki doesn't support gRPC ingestion. --- .../observability/opentelemetry-collector-deployment.yaml | 6 +++--- stacks/observability/opentelemetry-collector-sidecar.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stacks/observability/opentelemetry-collector-deployment.yaml b/stacks/observability/opentelemetry-collector-deployment.yaml index ffb49b8d..f7c6ce2c 100644 --- a/stacks/observability/opentelemetry-collector-deployment.yaml +++ b/stacks/observability/opentelemetry-collector-deployment.yaml @@ -45,8 +45,8 @@ spec: endpoint: tempo:4317 tls: insecure: true - otlp/loki: - endpoint: loki:9095 + otlphttp/loki: + endpoint: http://loki:3100/otlp tls: insecure: true # auth: @@ -127,7 +127,7 @@ spec: - resource/logs - attributes/logs exporters: - - otlp/loki + - otlphttp/loki # - debug # Set the log level of the opentelemetry-collector application. # You can also expose the collector metrcics (separate from the metrics receivers/exporters). diff --git a/stacks/observability/opentelemetry-collector-sidecar.yaml b/stacks/observability/opentelemetry-collector-sidecar.yaml index d54cf65f..80be1944 100644 --- a/stacks/observability/opentelemetry-collector-sidecar.yaml +++ b/stacks/observability/opentelemetry-collector-sidecar.yaml @@ -43,8 +43,8 @@ spec: endpoint: tempo:4317 tls: insecure: true - otlp/loki: - endpoint: loki:9095 + otlphttp/loki: + endpoint: http://loki:3100/otlp tls: insecure: true # auth: @@ -125,7 +125,7 @@ spec: - resource/logs - attributes/logs exporters: - - otlp/loki + - otlphttp/loki # - debug # Set the log level of the opentelemetry-collector application. # You can also expose the collector metrcics (separate from the metrics receivers/exporters). From 1f5980b214b079be463f0b23155529b9e9365e36 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Tue, 4 Nov 2025 13:46:53 +0100 Subject: [PATCH 4/6] chore(stack/observability): Disable Loki Canery It only generates noise which is not needed for the demo. --- stacks/observability/grafana-loki.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/stacks/observability/grafana-loki.yaml b/stacks/observability/grafana-loki.yaml index bbc8fc26..df3f3d49 100644 --- a/stacks/observability/grafana-loki.yaml +++ b/stacks/observability/grafana-loki.yaml @@ -77,5 +77,7 @@ options: installOperator: false test: enabled: false + lokiCanary: + enabled: false gateway: enabled: false From 8c9c54c4aa069c83a0f56239afdf3edabc7d9f50 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Tue, 4 Nov 2025 13:57:20 +0100 Subject: [PATCH 5/6] chore(stack/obsevability): Remove commented out config for TLS --- stacks/observability/grafana-tempo.yaml | 35 ------------------------- stacks/observability/grafana.yaml | 17 ------------ 2 files changed, 52 deletions(-) diff --git a/stacks/observability/grafana-tempo.yaml b/stacks/observability/grafana-tempo.yaml index 51be09c1..4f5e27da 100644 --- a/stacks/observability/grafana-tempo.yaml +++ b/stacks/observability/grafana-tempo.yaml @@ -13,45 +13,10 @@ repo: version: 1.24.0 # 2.9.0 options: tempo: - # server: - # http_tls_config: - # cert_file: /etc/tempo/certs/tls.crt - # key_file: /etc/tempo/certs/tls.key receivers: otlp: protocols: grpc: endpoint: "0.0.0.0:4317" - # tls: - # cert_file: /etc/tempo/certs/tls.crt - # key_file: /etc/tempo/certs/tls.key - # extraVolumeMounts: - # # Mount the certificate generated by the secret-operator - # - name: tls - # mountPath: /etc/tempo/certs/ tempoQuery: enabled: true - # extraVolumeMounts: - # # Mount the certificate generated by the secret-operator - # - name: tls - # mountPath: /etc/tempo/certs/ - # extraVolumes: - # # Request a TLS certificate from the secret-operator - # - name: tls - # ephemeral: - # volumeClaimTemplate: - # metadata: - # annotations: - # secrets.stackable.tech/class: tls - # # Add the service loki to the - # # distinguished names because this service is used - # # by opentelemetry-collector. - # secrets.stackable.tech/scope: |- - # service=tempo - # spec: - # storageClassName: secrets.stackable.tech - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1 diff --git a/stacks/observability/grafana.yaml b/stacks/observability/grafana.yaml index 5edbe035..399f4f0a 100644 --- a/stacks/observability/grafana.yaml +++ b/stacks/observability/grafana.yaml @@ -27,8 +27,6 @@ options: isDefault: false jsonData: tlsAuthWithCACert: false - # secureJsonData: - # tlsCACert: $__file{/etc/grafana/certs/ca.crt} - name: Tempo type: tempo url: http://tempo:3100 @@ -36,8 +34,6 @@ options: isDefault: false jsonData: tlsAuthWithCACert: false - # secureJsonData: - # tlsCACert: $__file{/etc/grafana/certs/ca.crt} readinessProbe: httpGet: scheme: HTTPS @@ -78,16 +74,3 @@ options: volumeAttributes: secrets.stackable.tech/class: tls secrets.stackable.tech/scope: node,pod,service=grafana - # ephemeral: - # volumeClaimTemplate: - # metadata: - # annotations: - # secrets.stackable.tech/class: tls - # secrets.stackable.tech/scope: pod #,service=grafana - # spec: - # storageClassName: secrets.stackable.tech - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1 From ff93ac426474566b72443039f3b1cc6405f96fe4 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Tue, 4 Nov 2025 13:58:55 +0100 Subject: [PATCH 6/6] chore(stack/obsevability): Add link for Loki schemaConfig --- stacks/observability/grafana-loki.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/stacks/observability/grafana-loki.yaml b/stacks/observability/grafana-loki.yaml index df3f3d49..e046a22c 100644 --- a/stacks/observability/grafana-loki.yaml +++ b/stacks/observability/grafana-loki.yaml @@ -53,6 +53,7 @@ options: ruler: ruler admin: admin schemaConfig: + # See: https://grafana.com/docs/loki/latest/operations/storage/schema/ configs: - from: "2024-04-01" store: tsdb