feat(loki): switch to single binary deployment mode #3318
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
--- kubernetes/talos-flux/apps/observability/loki/app Kustomization: flux-system/apps-loki HelmRelease: observability/loki
+++ kubernetes/talos-flux/apps/observability/loki/app Kustomization: flux-system/apps-loki HelmRelease: observability/loki
@@ -29,30 +29,18 @@
cleanupOnFail: true
remediation:
remediateLastFailure: true
retries: 3
values:
backend:
- extraVolumes:
- - configMap:
- name: loki-alerting-rules
- name: loki-rules
- persistence:
- size: 20Gi
- storageClass: openebs-hostpath
- replicas: 2
- deploymentMode: SimpleScalable
+ replicas: 0
+ chunksCache:
+ enabled: false
+ deploymentMode: SingleBinary
gateway:
- image:
- registry: ghcr.io
- ingress:
- enabled: false
- replicas: 2
- service:
- labels:
- prometheus.io/service-monitor: 'false'
+ enabled: false
loki:
analytics:
reporting_enabled: false
auth_enabled: false
compactor:
delete_request_store: s3
@@ -100,30 +88,38 @@
enabled: true
labels:
grafana_dashboard: 'true'
serviceMonitor:
enabled: true
metricsInstance:
- enabled: false
+ enabled: true
read:
+ replicas: 0
+ resultsCache:
+ enabled: false
+ sidecar:
+ rules:
+ folder: /rules/fake
+ searchNamespace: ALL
+ singleBinary:
extraVolumes:
- configMap:
name: loki-alerting-rules
name: loki-rules
- replicas: 2
- sidecar:
- rules:
- folder: /rules/fake
- searchNamespace: ALL
- test:
- enabled: false
- write:
persistence:
size: 20Gi
storageClass: openebs-hostpath
replicas: 2
+ resources:
+ requests:
+ cpu: 10m
+ memory: 100Mi
+ test:
+ enabled: false
+ write:
+ replicas: 0
valuesFrom:
- kind: Secret
name: loki-s3
targetPath: loki.storage.bucketNames.chunks
valuesKey: S3_BUCKET_NAME
- kind: Secret
--- kubernetes/talos-flux/apps/observability/grafana/app Kustomization: flux-system/apps-grafana ConfigMap: observability/grafana-datasources
+++ kubernetes/talos-flux/apps/observability/grafana/app Kustomization: flux-system/apps-grafana ConfigMap: observability/grafana-datasources
@@ -19,13 +19,13 @@
access: proxy
url: http://prometheus-prometheus:9090/
isDefault: true
- name: Loki
type: loki
access: proxy
- url: http://loki-gateway:80/
+ url: http://loki:3100/
- name: GitHub
type: grafana-github-datasource
jsonData:
owner: tyriis
repository: home-ops
secureJsonData:
--- kubernetes/talos-flux/apps/observability/promtail/app Kustomization: flux-system/apps-promtail HelmRelease: observability/promtail
+++ kubernetes/talos-flux/apps/observability/promtail/app Kustomization: flux-system/apps-promtail HelmRelease: observability/promtail
@@ -17,13 +17,13 @@
namespace: flux-system
version: 6.16.6
interval: 30m
values:
config:
clients:
- - url: http://loki-gateway/loki/api/v1/push
+ - url: http://loki/loki/api/v1/push
- url: https://..PLACEHOLDER..:[email protected]/loki/api/v1/push
extraArgs:
- -client.external-labels=hostname=$(HOSTNAME),cluster=talos-flux
- -config.expand-env
serviceMonitor:
enabled: true |
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-backend
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-backend
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-chunks-cache
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-chunks-cache
@@ -1,18 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-memcached-chunks-cache
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-gateway
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-gateway
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: gateway
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-read
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-read
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-results-cache
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-memcached-results-cache
@@ -1,18 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-memcached-results-cache
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- maxUnavailable: 1
-
--- HelmRelease: observability/loki PodDisruptionBudget: observability/loki-write
+++ HelmRelease: observability/loki PodDisruptionBudget: observability/loki-write
@@ -1,19 +0,0 @@
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- maxUnavailable: 1
-
--- HelmRelease: observability/loki ConfigMap: observability/loki
+++ HelmRelease: observability/loki ConfigMap: observability/loki
@@ -13,35 +13,20 @@
analytics:
reporting_enabled: false
auth_enabled: false
bloom_build:
builder:
- planner_address: loki-backend-headless.observability.svc.cluster.local:9095
+ planner_address: ""
enabled: false
bloom_gateway:
client:
- addresses: dnssrvnoa+_grpc._tcp.loki-backend-headless.observability.svc.cluster.local
+ addresses: ""
enabled: false
- chunk_store_config:
- chunk_cache_config:
- background:
- writeback_buffer: 500000
- writeback_goroutines: 1
- writeback_size_limit: 500MB
- default_validity: 0s
- memcached:
- batch_size: 4
- parallelism: 5
- memcached_client:
- addresses: dnssrvnoa+_memcached-client._tcp.loki-chunks-cache.observability.svc
- consistent_hash: true
- max_idle_conns: 72
- timeout: 2000ms
common:
- compactor_address: 'http://loki-backend:3100'
+ compactor_address: 'http://loki:3100'
path_prefix: /var/loki
replication_factor: 3
storage:
s3:
access_key_id: ..PLACEHOLDER..
bucketnames: ..PLACEHOLDER..
@@ -77,25 +62,12 @@
join_members:
- loki-memberlist
pattern_ingester:
enabled: false
query_range:
align_queries_with_step: true
- cache_results: true
- results_cache:
- cache:
- background:
- writeback_buffer: 500000
- writeback_goroutines: 1
- writeback_size_limit: 500MB
- default_validity: 12h
- memcached_client:
- addresses: dnssrvnoa+_memcached-client._tcp.loki-results-cache.observability.svc
- consistent_hash: true
- timeout: 500ms
- update_interval: 1m
ruler:
alertmanager_url: http://prometheus-alertmanager.observability.svc.cluster.local:9093
enable_alertmanager_v2: true
enable_api: true
rule_path: /rules/fake
storage:
@@ -119,17 +91,17 @@
log_level: info
storage_config:
bloom_shipper:
working_directory: /var/loki/data/bloomshipper
boltdb_shipper:
index_gateway_client:
- server_address: dns+loki-backend-headless.observability.svc.cluster.local:9095
+ server_address: ""
hedging:
at: 250ms
max_per_second: 20
up_to: 3
tsdb_shipper:
index_gateway_client:
- server_address: dns+loki-backend-headless.observability.svc.cluster.local:9095
+ server_address: ""
tracing:
enabled: false
--- HelmRelease: observability/loki ConfigMap: observability/loki-gateway
+++ HelmRelease: observability/loki ConfigMap: observability/loki-gateway
@@ -1,66 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
-data:
- nginx.conf: "worker_processes 5; ## Default: 1\nerror_log /dev/stderr;\npid \
- \ /tmp/nginx.pid;\nworker_rlimit_nofile 8192;\n\nevents {\n worker_connections\
- \ 4096; ## Default: 1024\n}\n\nhttp {\n client_body_temp_path /tmp/client_temp;\n\
- \ proxy_temp_path /tmp/proxy_temp_path;\n fastcgi_temp_path /tmp/fastcgi_temp;\n\
- \ uwsgi_temp_path /tmp/uwsgi_temp;\n scgi_temp_path /tmp/scgi_temp;\n\
- \n client_max_body_size 4M;\n\n proxy_read_timeout 600; ## 10 minutes\n\
- \ proxy_send_timeout 600;\n proxy_connect_timeout 600;\n\n proxy_http_version\
- \ 1.1;\n\n default_type application/octet-stream;\n log_format main '$remote_addr\
- \ - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent\
- \ \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"\
- ';\n access_log /dev/stderr main;\n\n sendfile on;\n tcp_nopush on;\n\
- \ resolver kube-dns.kube-system.svc.cluster.local.;\n \n\n server {\n listen\
- \ 8080;\n listen [::]:8080;\n\n location = / {\n\
- \ return 200 'OK';\n auth_basic off;\n }\n\n ########################################################\n\
- \ # Configure backend targets# Distributor\n location = /api/prom/push {\n\
- \ proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/push {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /distributor/ring {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /otlp/v1/logs {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # Ingester\n location = /flush {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /ingester/ {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /ingester {\n internal; # to suppress 301\n\
- \ }\n\n # Ring\n location = /ring {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # MemberListKV\n location = /memberlist {\n proxy_pass \
- \ http://loki-write.observability.svc.cluster.local:3100$request_uri;\n \
- \ }\n\n # Ruler\n location = /ruler/ring {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /api/prom/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /api/prom/rules/ {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location ^~ /loki/api/v1/rules/ {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /prometheus/api/v1/alerts {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /prometheus/api/v1/rules {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # Compactor\n location = /compactor/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/delete {\n proxy_pass http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1/cache/generation_numbers {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # IndexGateway\n location = /indexgateway/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # QueryScheduler\n location = /scheduler/ring {\n proxy_pass\
- \ http://loki-backend.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n # Config\n location = /config {\n proxy_pass http://loki-write.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n\n\n # QueryFrontend, Querier\n location = /api/prom/tail {\n \
- \ proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
- \ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection\
- \ \"upgrade\";\n }\n location = /loki/api/v1/tail {\n proxy_pass \
- \ http://loki-read.observability.svc.cluster.local:3100$request_uri;\n \
- \ proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection\
- \ \"upgrade\";\n }\n location ^~ /api/prom/ {\n proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /api/prom {\n internal; # to suppress 301\n\
- \ }\n location ^~ /loki/api/v1/ {\n proxy_pass http://loki-read.observability.svc.cluster.local:3100$request_uri;\n\
- \ }\n location = /loki/api/v1 {\n internal; # to suppress 301\n\
- \ }\n }\n}\n"
-
--- HelmRelease: observability/loki Service: observability/loki-query-scheduler-discovery
+++ HelmRelease: observability/loki Service: observability/loki-query-scheduler-discovery
@@ -1,29 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-query-scheduler-discovery
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- publishNotReadyAddresses: true
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-backend-headless
+++ HelmRelease: observability/loki Service: observability/loki-backend-headless
@@ -1,29 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-backend-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-backend
+++ HelmRelease: observability/loki Service: observability/loki-backend
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
-
--- HelmRelease: observability/loki Service: observability/loki-chunks-cache
+++ HelmRelease: observability/loki Service: observability/loki-chunks-cache
@@ -1,26 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-chunks-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-chunks-cache
- namespace: observability
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: memcached-client
- port: 11211
- targetPort: 11211
- - name: http-metrics
- port: 9150
- targetPort: 9150
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
-
--- HelmRelease: observability/loki Service: observability/loki-gateway
+++ HelmRelease: observability/loki Service: observability/loki-gateway
@@ -1,24 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 80
- targetPort: http-metrics
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: gateway
-
--- HelmRelease: observability/loki Service: observability/loki-read-headless
+++ HelmRelease: observability/loki Service: observability/loki-read-headless
@@ -1,30 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-read-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- appProtocol: tcp
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
-
--- HelmRelease: observability/loki Service: observability/loki-read
+++ HelmRelease: observability/loki Service: observability/loki-read
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
-
--- HelmRelease: observability/loki Service: observability/loki-results-cache
+++ HelmRelease: observability/loki Service: observability/loki-results-cache
@@ -1,26 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-results-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-results-cache
- namespace: observability
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: memcached-client
- port: 11211
- targetPort: 11211
- - name: http-metrics
- port: 9150
- targetPort: 9150
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
-
--- HelmRelease: observability/loki Service: observability/loki-write-headless
+++ HelmRelease: observability/loki Service: observability/loki-write-headless
@@ -1,30 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-write-headless
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- variant: headless
- prometheus.io/service-monitor: 'false'
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- appProtocol: tcp
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
-
--- HelmRelease: observability/loki Service: observability/loki-write
+++ HelmRelease: observability/loki Service: observability/loki-write
@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
-spec:
- type: ClusterIP
- ports:
- - name: http-metrics
- port: 3100
- targetPort: http-metrics
- protocol: TCP
- - name: grpc
- port: 9095
- targetPort: grpc
- protocol: TCP
- selector:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
-
--- HelmRelease: observability/loki Deployment: observability/loki-gateway
+++ HelmRelease: observability/loki Deployment: observability/loki-gateway
@@ -1,82 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: loki-gateway
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: gateway
-spec:
- replicas: 2
- strategy:
- type: RollingUpdate
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: gateway
- template:
- metadata:
- annotations:
- secret.reloader.stakater.com/reload: loki-s3
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: gateway
- spec:
- serviceAccountName: loki
- enableServiceLinks: true
- securityContext:
- fsGroup: 101
- runAsGroup: 101
- runAsNonRoot: true
- runAsUser: 101
- terminationGracePeriodSeconds: 30
- containers:
- - name: nginx
- image: ghcr.io/nginxinc/nginx-unprivileged:1.27-alpine
- imagePullPolicy: IfNotPresent
- ports:
- - name: http-metrics
- containerPort: 8080
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /
- port: http-metrics
- initialDelaySeconds: 15
- timeoutSeconds: 1
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- volumeMounts:
- - name: config
- mountPath: /etc/nginx
- - name: tmp
- mountPath: /tmp
- - name: docker-entrypoint-d-override
- mountPath: /docker-entrypoint.d
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: gateway
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: config
- configMap:
- name: loki-gateway
- - name: tmp
- emptyDir: {}
- - name: docker-entrypoint-d-override
- emptyDir: {}
-
--- HelmRelease: observability/loki Deployment: observability/loki-read
+++ HelmRelease: observability/loki Deployment: observability/loki-read
@@ -1,108 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: loki-read
- namespace: observability
- labels:
- app.kubernetes.io/part-of: memberlist
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: read
-spec:
- replicas: 2
- strategy:
- rollingUpdate:
- maxSurge: 0
- maxUnavailable: 1
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- template:
- metadata:
- annotations:
- secret.reloader.stakater.com/reload: loki-s3
- labels:
- app.kubernetes.io/part-of: memberlist
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: read
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 30
- containers:
- - name: loki
- image: docker.io/grafana/loki:3.1.1
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=read
- - -legacy-read-mode=false
- - -common.compactor-grpc-address=loki-backend.observability.svc.cluster.local:9095
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: tmp
- mountPath: /tmp
- - name: data
- mountPath: /var/loki
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: read
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: tmp
- emptyDir: {}
- - name: data
- emptyDir: {}
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
- - configMap:
- name: loki-alerting-rules
- name: loki-rules
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-backend
+++ HelmRelease: observability/loki StatefulSet: observability/loki-backend
@@ -1,148 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-backend
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: backend
- app.kubernetes.io/part-of: memberlist
-spec:
- replicas: 2
- podManagementPolicy: Parallel
- updateStrategy:
- rollingUpdate:
- partition: 0
- serviceName: loki-backend-headless
- revisionHistoryLimit: 10
- persistentVolumeClaimRetentionPolicy:
- whenDeleted: Delete
- whenScaled: Delete
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- template:
- metadata:
- annotations:
- secret.reloader.stakater.com/reload: loki-s3
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: backend
- app.kubernetes.io/part-of: memberlist
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 300
- containers:
- - name: loki-sc-rules
- image: kiwigrid/k8s-sidecar:1.27.5
- imagePullPolicy: IfNotPresent
- env:
- - name: METHOD
- value: WATCH
- - name: LABEL
- value: loki_rule
- - name: FOLDER
- value: /rules/fake
- - name: RESOURCE
- value: both
- - name: NAMESPACE
- value: ALL
- - name: WATCH_SERVER_TIMEOUT
- value: '60'
- - name: WATCH_CLIENT_TIMEOUT
- value: '60'
- - name: LOG_LEVEL
- value: INFO
- volumeMounts:
- - name: sc-rules-volume
- mountPath: /rules/fake
- - name: loki
- image: docker.io/grafana/loki:3.1.1
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=backend
- - -legacy-read-mode=false
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: tmp
- mountPath: /tmp
- - name: data
- mountPath: /var/loki
- - name: sc-rules-volume
- mountPath: /rules/fake
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: backend
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: tmp
- emptyDir: {}
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
- - name: sc-rules-volume
- emptyDir: {}
- - configMap:
- name: loki-alerting-rules
- name: loki-rules
- volumeClaimTemplates:
- - apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: data
- spec:
- accessModes:
- - ReadWriteOnce
- storageClassName: openebs-hostpath
- resources:
- requests:
- storage: 20Gi
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-chunks-cache
+++ HelmRelease: observability/loki StatefulSet: observability/loki-chunks-cache
@@ -1,92 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-chunks-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- namespace: observability
-spec:
- podManagementPolicy: Parallel
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- updateStrategy:
- type: RollingUpdate
- serviceName: loki-chunks-cache
- template:
- metadata:
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-chunks-cache
- name: memcached-chunks-cache
- annotations: null
- spec:
- serviceAccountName: loki
- securityContext:
- fsGroup: 11211
- runAsGroup: 11211
- runAsNonRoot: true
- runAsUser: 11211
- initContainers: []
- nodeSelector: {}
- affinity: {}
- topologySpreadConstraints: []
- tolerations: []
- terminationGracePeriodSeconds: 60
- containers:
- - name: memcached
- image: memcached:1.6.23-alpine
- imagePullPolicy: IfNotPresent
- resources:
- limits:
- memory: 9830Mi
- requests:
- cpu: 500m
- memory: 9830Mi
- ports:
- - containerPort: 11211
- name: client
- args:
- - -m 8192
- - --extended=modern,track_sizes
- - -I 5m
- - -c 16384
- - -v
- - -u 11211
- env: null
- envFrom: null
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- - name: exporter
- image: prom/memcached-exporter:v0.14.2
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9150
- name: http-metrics
- args:
- - --memcached.address=localhost:11211
- - --web.listen-address=0.0.0.0:9150
- resources:
- limits: {}
- requests: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-results-cache
+++ HelmRelease: observability/loki StatefulSet: observability/loki-results-cache
@@ -1,92 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-results-cache
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- namespace: observability
-spec:
- podManagementPolicy: Parallel
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- updateStrategy:
- type: RollingUpdate
- serviceName: loki-results-cache
- template:
- metadata:
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: memcached-results-cache
- name: memcached-results-cache
- annotations: null
- spec:
- serviceAccountName: loki
- securityContext:
- fsGroup: 11211
- runAsGroup: 11211
- runAsNonRoot: true
- runAsUser: 11211
- initContainers: []
- nodeSelector: {}
- affinity: {}
- topologySpreadConstraints: []
- tolerations: []
- terminationGracePeriodSeconds: 60
- containers:
- - name: memcached
- image: memcached:1.6.23-alpine
- imagePullPolicy: IfNotPresent
- resources:
- limits:
- memory: 1229Mi
- requests:
- cpu: 500m
- memory: 1229Mi
- ports:
- - containerPort: 11211
- name: client
- args:
- - -m 1024
- - --extended=modern,track_sizes
- - -I 5m
- - -c 16384
- - -v
- - -u 11211
- env: null
- envFrom: null
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- - name: exporter
- image: prom/memcached-exporter:v0.14.2
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9150
- name: http-metrics
- args:
- - --memcached.address=localhost:11211
- - --web.listen-address=0.0.0.0:9150
- resources:
- limits: {}
- requests: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
-
--- HelmRelease: observability/loki StatefulSet: observability/loki-write
+++ HelmRelease: observability/loki StatefulSet: observability/loki-write
@@ -1,111 +0,0 @@
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: loki-write
- namespace: observability
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: write
- app.kubernetes.io/part-of: memberlist
-spec:
- replicas: 2
- podManagementPolicy: Parallel
- updateStrategy:
- rollingUpdate:
- partition: 0
- serviceName: loki-write-headless
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- template:
- metadata:
- annotations:
- secret.reloader.stakater.com/reload: loki-s3
- labels:
- app.kubernetes.io/name: loki
- app.kubernetes.io/instance: loki
- app.kubernetes.io/component: write
- app.kubernetes.io/part-of: memberlist
- spec:
- serviceAccountName: loki
- automountServiceAccountToken: true
- enableServiceLinks: true
- securityContext:
- fsGroup: 10001
- runAsGroup: 10001
- runAsNonRoot: true
- runAsUser: 10001
- terminationGracePeriodSeconds: 300
- containers:
- - name: loki
- image: docker.io/grafana/loki:3.1.1
- imagePullPolicy: IfNotPresent
- args:
- - -config.file=/etc/loki/config/config.yaml
- - -target=write
- ports:
- - name: http-metrics
- containerPort: 3100
- protocol: TCP
- - name: grpc
- containerPort: 9095
- protocol: TCP
- - name: http-memberlist
- containerPort: 7946
- protocol: TCP
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- readinessProbe:
- httpGet:
- path: /ready
- port: http-metrics
- initialDelaySeconds: 30
- timeoutSeconds: 1
- volumeMounts:
- - name: config
- mountPath: /etc/loki/config
- - name: runtime-config
- mountPath: /etc/loki/runtime-config
- - name: data
- mountPath: /var/loki
- resources: {}
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels:
- app.kubernetes.io/component: write
- topologyKey: kubernetes.io/hostname
- volumes:
- - name: config
- configMap:
- name: loki
- items:
- - key: config.yaml
- path: config.yaml
- - name: runtime-config
- configMap:
- name: loki-runtime
- volumeClaimTemplates:
- - apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: data
- spec:
- accessModes:
- - ReadWriteOnce
- storageClassName: openebs-hostpath
- resources:
- requests:
- storage: 20Gi
-
--- HelmRelease: observability/loki Service: observability/loki-headless
+++ HelmRelease: observability/loki Service: observability/loki-headless
@@ -0,0 +1,23 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: loki-headless
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+ variant: headless
+ prometheus.io/service-monitor: 'false'
+spec:
+ clusterIP: None
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+
--- HelmRelease: observability/loki Service: observability/loki
+++ HelmRelease: observability/loki Service: observability/loki
@@ -0,0 +1,26 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: loki
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+spec:
+ type: ClusterIP
+ ports:
+ - name: http-metrics
+ port: 3100
+ targetPort: http-metrics
+ protocol: TCP
+ - name: grpc
+ port: 9095
+ targetPort: grpc
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+
--- HelmRelease: observability/loki StatefulSet: observability/loki
+++ HelmRelease: observability/loki StatefulSet: observability/loki
@@ -0,0 +1,151 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: loki
+ namespace: observability
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/component: single-binary
+ app.kubernetes.io/part-of: memberlist
+spec:
+ replicas: 2
+ podManagementPolicy: Parallel
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ serviceName: loki-headless
+ revisionHistoryLimit: 10
+ persistentVolumeClaimRetentionPolicy:
+ whenDeleted: Delete
+ whenScaled: Delete
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+ template:
+ metadata:
+ annotations:
+ secret.reloader.stakater.com/reload: loki-s3
+ labels:
+ app.kubernetes.io/name: loki
+ app.kubernetes.io/instance: loki
+ app.kubernetes.io/component: single-binary
+ app.kubernetes.io/part-of: memberlist
+ spec:
+ serviceAccountName: loki
+ automountServiceAccountToken: true
+ enableServiceLinks: true
+ securityContext:
+ fsGroup: 10001
+ runAsGroup: 10001
+ runAsNonRoot: true
+ runAsUser: 10001
+ terminationGracePeriodSeconds: 30
+ containers:
+ - name: loki-sc-rules
+ image: kiwigrid/k8s-sidecar:1.27.5
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: METHOD
+ value: WATCH
+ - name: LABEL
+ value: loki_rule
+ - name: FOLDER
+ value: /rules/fake
+ - name: RESOURCE
+ value: both
+ - name: NAMESPACE
+ value: ALL
+ - name: WATCH_SERVER_TIMEOUT
+ value: '60'
+ - name: WATCH_CLIENT_TIMEOUT
+ value: '60'
+ - name: LOG_LEVEL
+ value: INFO
+ volumeMounts:
+ - name: sc-rules-volume
+ mountPath: /rules/fake
+ - name: loki
+ image: docker.io/grafana/loki:3.1.1
+ imagePullPolicy: IfNotPresent
+ args:
+ - -config.file=/etc/loki/config/config.yaml
+ - -target=all
+ ports:
+ - name: http-metrics
+ containerPort: 3100
+ protocol: TCP
+ - name: grpc
+ containerPort: 9095
+ protocol: TCP
+ - name: http-memberlist
+ containerPort: 7946
+ protocol: TCP
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ readinessProbe:
+ httpGet:
+ path: /ready
+ port: http-metrics
+ initialDelaySeconds: 30
+ timeoutSeconds: 1
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: config
+ mountPath: /etc/loki/config
+ - name: runtime-config
+ mountPath: /etc/loki/runtime-config
+ - name: storage
+ mountPath: /var/loki
+ - name: sc-rules-volume
+ mountPath: /rules/fake
+ resources:
+ requests:
+ cpu: 10m
+ memory: 100Mi
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app.kubernetes.io/component: single-binary
+ topologyKey: kubernetes.io/hostname
+ volumes:
+ - name: tmp
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: loki
+ items:
+ - key: config.yaml
+ path: config.yaml
+ - name: runtime-config
+ configMap:
+ name: loki-runtime
+ - name: sc-rules-volume
+ emptyDir: {}
+ - configMap:
+ name: loki-alerting-rules
+ name: loki-rules
+ volumeClaimTemplates:
+ - apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: storage
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ storageClassName: openebs-hostpath
+ resources:
+ requests:
+ storage: 20Gi
+ |
|
🦙 MegaLinter status: ✅ SUCCESS
See detailed report in MegaLinter reports MegaLinter is graciously provided by OX Security |
|
FINALLY 🎉🎉🎉 |
tyriis
approved these changes
Oct 5, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
awaits grafana/loki#13572 to support ruler sidecar