apitech
/
loki
mirror of https://github.com/grafana/loki
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #419 from granular-ryanbonham/fix_helm

Browse Source 
Fix helm
pull/423/head
David 6 years ago committed by GitHub
parent 31fc400032 4c5d6ea206
commit dc1854eeaa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 4 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      production/helm/templates/loki/deployment.yaml
  2. 5
      production/helm/templates/loki/podsecuritypolicy.yaml
  3. 4
      production/helm/templates/promtail/daemonset.yaml
  4. 6
      production/helm/values.yaml

4
production/helm/templates/loki/deployment.yaml
Unescape View File

@ -37,6 +37,8 @@ spec:
serviceAccountName: {{ template "loki.serviceAccountName" . }} serviceAccountName: {{ template "loki.serviceAccountName" . }}
{{- if .Values.loki.priorityClassName }} {{- if .Values.loki.priorityClassName }}
priorityClassName: {{ .Values.loki.priorityClassName }} priorityClassName: {{ .Values.loki.priorityClassName }}
securityContext:
{{- toYaml .Values.loki.securityContext | nindent 8 }}
{{- end }} {{- end }}
containers: containers:
- name: {{ .Chart.Name }} - name: {{ .Chart.Name }}
@ -61,7 +63,7 @@ spec:
resources: resources:
{{- toYaml .Values.loki.resources | nindent 12 }} {{- toYaml .Values.loki.resources | nindent 12 }}
securityContext: securityContext:
{{- toYaml .Values.loki.securityContext | nindent 12 }} readOnlyRootFilesystem: true
nodeSelector: nodeSelector:
{{- toYaml .Values.loki.nodeSelector | nindent 8 }} {{- toYaml .Values.loki.nodeSelector | nindent 8 }}
affinity: affinity:

5
production/helm/templates/loki/podsecuritypolicy.yaml
Unescape View File

@ -23,10 +23,7 @@ spec:
runAsUser: runAsUser:
rule: 'MustRunAsNonRoot' rule: 'MustRunAsNonRoot'
seLinux: seLinux:
rule: 'MustRunAs' rule: 'RunAsAny'
ranges:
- min: 1
max: 65535
supplementalGroups: supplementalGroups:
rule: 'MustRunAs' rule: 'MustRunAs'
ranges: ranges:

4
production/helm/templates/promtail/daemonset.yaml
Unescape View File

@ -57,10 +57,6 @@ spec:
name: http-metrics name: http-metrics
securityContext: securityContext:
{{- toYaml .Values.promtail.securityContext | nindent 12 }} {{- toYaml .Values.promtail.securityContext | nindent 12 }}
livenessProbe:
{{- toYaml .Values.promtail.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.promtail.readinessProbe | nindent 12 }}
resources: resources:
{{- toYaml .Values.promtail.resources | nindent 12 }} {{- toYaml .Values.promtail.resources | nindent 12 }}
nodeSelector: nodeSelector:

6
production/helm/values.yaml
Unescape View File

@ -52,7 +52,6 @@ loki:
securityContext: securityContext:
fsGroup: 10001 fsGroup: 10001
readOnlyRootFilesystem: true
runAsGroup: 10001 runAsGroup: 10001
runAsNonRoot: true runAsNonRoot: true
runAsUser: 10001 runAsUser: 10001
@ -159,10 +158,6 @@ promtail:
mountPath: /var/lib/docker/containers mountPath: /var/lib/docker/containers
readOnly: true readOnly: true
readinessProbe: null
livenessProbe: null
resources: {} resources: {}
# limits: # limits:
# cpu: 200m # cpu: 200m
@ -172,7 +167,6 @@ promtail:
# memory: 128Mi # memory: 128Mi
securityContext: securityContext:
fsGroup: 0
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsGroup: 0 runAsGroup: 0
runAsUser: 0 runAsUser: 0

Write Preview
Loading…
Cancel
Save