From 56f8b92750b36fc9941bb3dd6b739232c258d858 Mon Sep 17 00:00:00 2001 From: michaeljguarino Date: Tue, 28 Mar 2023 13:09:32 -0400 Subject: [PATCH] Allow loki to have in-vpc ingress (#599) Allows for another auth mode for loki ingress --- loki/helm/loki/Chart.yaml | 2 +- loki/helm/loki/values.yaml | 3 --- loki/helm/loki/values.yaml.tpl | 18 ++++++++++++++++++ loki/plural/recipes/loki-aws.yaml | 5 +++++ loki/plural/recipes/loki-azure.yaml | 5 +++++ loki/plural/recipes/loki-gcp.yaml | 5 +++++ 6 files changed, 34 insertions(+), 4 deletions(-) diff --git a/loki/helm/loki/Chart.yaml b/loki/helm/loki/Chart.yaml index 3bda087d8..70620245a 100644 --- a/loki/helm/loki/Chart.yaml +++ b/loki/helm/loki/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: loki description: helm chart for loki type: application -version: 0.1.10 +version: 0.1.11 appVersion: "v2.6.1" dependencies: - name: loki-distributed diff --git a/loki/helm/loki/values.yaml b/loki/helm/loki/values.yaml index 30d1e5166..035ce7ec0 100644 --- a/loki/helm/loki/values.yaml +++ b/loki/helm/loki/values.yaml @@ -65,9 +65,6 @@ loki-distributed: kubernetes.io/tls-acme: "true" cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' - nginx.ingress.kubernetes.io/auth-type: basic - nginx.ingress.kubernetes.io/auth-secret: basic-auth - nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - foo' compactor: enabled: true extraArgs: diff --git a/loki/helm/loki/values.yaml.tpl b/loki/helm/loki/values.yaml.tpl index 282bdc0de..cd7334016 100644 --- a/loki/helm/loki/values.yaml.tpl +++ b/loki/helm/loki/values.yaml.tpl @@ -29,6 +29,24 @@ loki-distributed: gateway: ingress: enabled: true + annotations: + nginx.ingress.kubernetes.io/auth-type: basic + nginx.ingress.kubernetes.io/auth-secret: basic-auth + nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - foo' + hosts: + - host: {{ .Values.hostname | quote }} + paths: + - path: / + pathType: Prefix + tls: + - hosts: + - {{ .Values.hostname | quote }} + secretName: loki-tls + {{ else if .Values.hostname }} + gateway: + ingress: + enabled: true + ingressClassName: internal-nginx hosts: - host: {{ .Values.hostname | quote }} paths: diff --git a/loki/plural/recipes/loki-aws.yaml b/loki/plural/recipes/loki-aws.yaml index 6fa6ba73b..6fcbbfd15 100644 --- a/loki/plural/recipes/loki-aws.yaml +++ b/loki/plural/recipes/loki-aws.yaml @@ -14,6 +14,11 @@ sections: type: BUCKET default: loki documentation: bucket to store the logs in + - name: hostname + type: domain + default: loki + documentation: the hostname you'll deploy loki with (will only be available on a private network) + optional: true items: - type: TERRAFORM name: aws diff --git a/loki/plural/recipes/loki-azure.yaml b/loki/plural/recipes/loki-azure.yaml index 28eabd5d2..78ebead55 100644 --- a/loki/plural/recipes/loki-azure.yaml +++ b/loki/plural/recipes/loki-azure.yaml @@ -14,6 +14,11 @@ sections: type: BUCKET default: loki documentation: storage container to store the logs in + - name: hostname + type: domain + default: loki + documentation: the hostname you'll deploy loki with (will only be available on a private network) + optional: true items: - type: TERRAFORM name: azure diff --git a/loki/plural/recipes/loki-gcp.yaml b/loki/plural/recipes/loki-gcp.yaml index 442268273..4081eea98 100644 --- a/loki/plural/recipes/loki-gcp.yaml +++ b/loki/plural/recipes/loki-gcp.yaml @@ -14,6 +14,11 @@ sections: type: BUCKET default: loki documentation: bucket to store the logs in + - name: hostname + type: domain + default: loki + documentation: the hostname you'll deploy loki with (will only be available on a private network) + optional: true items: - type: TERRAFORM name: gcp