Fix the alloy config

Signed-off-by: Michel Hollands <michel.hollands@gmail.com>
Merge pull request #101 from grafana/fix_minio_secret_name
2024-05-07 16:35:00 +01:00 · 2024-05-07 14:40:52 +01:00 · 2024-05-07 14:39:20 +01:00 · 2024-05-07 12:37:07 +01:00 · 2024-05-06 16:29:33 +01:00 · 2024-05-06 16:18:44 +01:00
5 changed files with 91 additions and 36 deletions
--- a/charts/meta-monitoring/templates/agent/_helpers-agent.tpl
+++ b/charts/meta-monitoring/templates/agent/_helpers-agent.tpl
@@ -48,7 +48,7 @@
 {{- define "agent.tempo_write_targets" -}}
 {{- $list := list }}
 {{- if .Values.local.traces.enabled }}
-{{- $list = append $list ("otelcol.exporter.otlp.local.input") }}
+{{- $list = append $list ("otelcol.exporter.otlphttp.local.input") }}
 {{- end }}
 {{- if .Values.cloud.traces.enabled }}
 {{- $list = append $list ("otelcol.exporter.otlphttp.cloud.input") }}
--- a/charts/meta-monitoring/templates/agent/config.yaml
+++ b/charts/meta-monitoring/templates/agent/config.yaml
@@ -294,9 +294,7 @@ data:
      // We don't technically need this, but it shows how to change listen address and incoming port.
      // In this case, the Agent is listening on all available bindable addresses on port 4317 (which is the
      // default OTLP gRPC port) for the OTLP protocol.
-      grpc {
-        endpoint = "0.0.0.0:4317"
-      }
+      grpc {}

      // We define where to send the output of all ingested traces. In this case, to the OpenTelemetry batch processor
      // named 'default'.
@@ -345,6 +343,14 @@ data:
    }
    {{- end }}

+    {{- if .Values.local.traces.enabled }}
+    otelcol.exporter.otlphttp "local" {
+        client {
+            endpoint = "http://{{- .Release.Name -}}-tempo-distributor.svc:4318"
+        }
+    }
+    {{- end }}
+
    {{- if .Values.cloud.logs.enabled }}
    loki.write "cloud" {
      endpoint {
--- a/charts/meta-monitoring/templates/ruler/ruler.yaml
+++ b/charts/meta-monitoring/templates/ruler/ruler.yaml
@@ -49,6 +49,9 @@ spec:
            - containerPort: 7946
              name: memberlist
              protocol: TCP
+          envFrom:
+          - secretRef:
+             name: minio
          readinessProbe:
            failureThreshold: 3
            httpGet:
--- a/charts/meta-monitoring/values.yaml
+++ b/charts/meta-monitoring/values.yaml
@@ -180,7 +180,7 @@ metrics:
  # Additional metrics to retain
  extraMetrics: []

-# Set enabled = true to add the default logs/metrics/traces dashboards to the local Grafana
+# Set enabled = true to add the default logs dashboards to the local Grafana
 dashboards:
  logs:
    enabled: true
@@ -189,11 +189,6 @@ dashboards:
  traces:
    enabled: true

-global:
-  minio:
-    rootUser: "rootuser"
-    rootPassword: "rootpassword"
-
 kubeStateMetrics:
  # Scrape https://github.com/kubernetes/kube-state-metrics by default
  enabled: true
@@ -229,9 +224,9 @@ loki:
      common:
        storage:
          s3:
-            access_key_id: "{{ .Values.global.minio.rootUser }}"
+            access_key_id: "${rootUser}"
            endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
-            secret_access_key: "{{ .Values.global.minio.rootPassword }}"
+            secret_access_key: "${rootPassword}"
      compactor:
        retention_enabled: true
        delete_request_store: s3
@@ -254,8 +249,24 @@ loki:
        installOperator: false
    lokiCanary:
      enabled: false
-  test:
-    enabled: false
+  write:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  read:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  backend:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"

 alloy:
  alloy:
@@ -292,30 +303,31 @@ alloy:
 mimir-distributed:
  minio:
    enabled: false
+  global:
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
  mimir:
    structuredConfig:
      alertmanager_storage:
        s3:
          bucket_name: mimir-ruler
-          access_key_id: "{{ .Values.global.minio.rootUser }}"
-          endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
-          secret_access_key: "{{ .Values.global.minio.rootPassword }}"
-          insecure: true
      blocks_storage:
        backend: s3
        s3:
          bucket_name: mimir-tsdb
-          access_key_id: "{{ .Values.global.minio.rootUser }}"
-          endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
-          secret_access_key: "{{ .Values.global.minio.rootPassword }}"
-          insecure: true
      ruler_storage:
        s3:
          bucket_name: mimir-ruler
-          access_key_id: "{{ .Values.global.minio.rootUser }}"
-          endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
-          secret_access_key: "{{ .Values.global.minio.rootPassword }}"
-          insecure: true
+      common:
+        storage:
+          backend: s3
+          s3:
+            bucket_name: mimir-ruler
+            access_key_id: "${rootUser}"
+            endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
+            secret_access_key: "${rootPassword}"
+            insecure: true
      limits:
        compactor_blocks_retention_period: 30d

@@ -328,12 +340,39 @@ tempo-distributed:
          s3:
            bucket: tempo
            endpoint: "{{ .Release.Name }}-minio.{{ .Release.Namespace }}.svc:9000"
-            access_key: "{{ .Values.global.minio.rootUser }}"
-            secret_key: "{{ .Values.global.minio.rootPassword }}"
+            access_key: "${rootUser}"
+            secret_key: "${rootPassword}"
            insecure: true
-      compactor:
-        compaction:
-          block_retention: 30d
+  distributor:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  ingester:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  compactor:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  querier:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
+  queryFrontend:
+    extraArgs:
+    - "-config.expand-env=true"
+    extraEnvFrom:
+    - secretRef:
+        name: "minio"
  traces:
    otlp:
      http:
@@ -342,8 +381,7 @@ tempo-distributed:
        enabled: true

 minio:
-  rootUser: rootuser
-  rootPassword: rootpassword
+  existingSecret: "minio"
  buckets:
    - name: loki-chunks
      policy: none
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -25,17 +25,17 @@
   ```
   kubectl create secret generic logs -n meta \
    --from-literal=username=<logs username> \
-    --from-literal=password=<token>
+    --from-literal=password=<token> \
    --from-literal=endpoint='https://logs-prod-us-central1.grafana.net/loki/api/v1/push'

   kubectl create secret generic metrics -n meta \
    --from-literal=username=<metrics username> \
-    --from-literal=password=<token>
+    --from-literal=password=<token> \
    --from-literal=endpoint='https://prometheus-us-central1.grafana.net/api/prom/push'

   kubectl create secret generic traces -n meta \
    --from-literal=username=<OTLP instance ID> \
-    --from-literal=password=<token>
+    --from-literal=password=<token> \
    --from-literal=endpoint='https://otlp-gateway-prod-us-east-0.grafana.net/otlp'
   ```

@@ -67,6 +67,14 @@
   kubectl create namespace meta
   ```

+1. Create a secret named `minio` with the user and password for the local Minio:
+
+   ```
+   kubectl create secret generic minio -n meta \
+    --from-literal=rootPassword=<password> \
+    --from-literal=rootUser=<user>
+   ```
+
 1. Create a values.yaml file based on the [default one](../charts/meta-monitoring/values.yaml). An example minimal values.yaml looks like this:

   ```
Author	SHA1	Message	Date
Michel Hollands	32272298d7	Fix the alloy config Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-07 16:35:00 +01:00
Michel Hollands	3879207e05	Merge pull request #101 from grafana/fix_minio_secret_name Fix secret name	2024-05-07 14:40:52 +01:00
Michel Hollands	cd42da2197	Fix secret name Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-07 14:39:20 +01:00
Michel Hollands	56cab04af8	Merge pull request #92 from grafana/use_secret_for_minio Use a secret for the Minio access	2024-05-07 12:37:07 +01:00
Michel Hollands	ab42a96949	Update installation instructions Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-06 16:29:33 +01:00
Michel Hollands	386ff25fca	Use the secret in the ruler for the dashboards Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-06 16:18:44 +01:00
Michel Hollands	c6889131a7	Use structuredConfig correctly Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-06 16:12:48 +01:00
Michel Hollands	2739bae0c0	Use correct variables Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-03 15:40:36 +01:00
Michel Hollands	cea8076b75	Start using a secret Signed-off-by: Michel Hollands <michel.hollands@gmail.com>	2024-05-03 15:38:07 +01:00