diff --git a/operator/CHANGELOG.md b/operator/CHANGELOG.md index 8c0c2c6b9e..87dd55fbef 100644 --- a/operator/CHANGELOG.md +++ b/operator/CHANGELOG.md @@ -1,5 +1,6 @@ ## Main +- [6551](https://github.com/grafana/loki/pull/6561) **periklis**: Add operator docs for object storage - [6549](https://github.com/grafana/loki/pull/6549) **periklis**: Refactor feature gates to use custom resource definition - [6514](https://github.com/grafana/loki/pull/6514) **Red-GV** Update all pods and containers to be compliant with restricted Pod Security Standard - [6531](https://github.com/grafana/loki/pull/6531) **periklis**: Use default interface_names for lokistack clusters (IPv6 Support) diff --git a/operator/docs/lokistack/object_storage.md b/operator/docs/lokistack/object_storage.md index 9b165b5627..cd99d4cd4c 100644 --- a/operator/docs/lokistack/object_storage.md +++ b/operator/docs/lokistack/object_storage.md @@ -17,23 +17,70 @@ Loki Operator supports [AWS S3](https://aws.amazon.com/), [Azure](https://azure. ## AWS S3 -Coming soon. - ### Requirements +* Create a [bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-bucket-overview.html) on AWS. + ### Installation -## Azure +* Deploy the Loki Operator to your cluster. + +* Create an Object Storage secret with keys as follows: + + ```console + kubectl create secret generic lokistack-dev-s3 \ + --from-literal=bucketname="" \ + --from-literal=endpoint="" \ + --from-literal=access_key_id="" \ + --from-literal=access_key_secret="" \ + --from-literal=region="" + ``` + + where `lokistack-dev-s3` is the secret name. + +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `s3`: + + ```yaml + spec: + storage: + secret: + name: lokistack-dev-s3 + type: s3 + ``` -Coming soon. +## Azure ### Requirements +* Create a [bucket](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction) on Azure. + ### Installation -## Google Cloud Storage +* Deploy the Loki Operator to your cluster. + +* Create an Object Storage secret with keys as follows: -Loki Operator supports [GCS](https://cloud.google.com/) for Loki storage. + ```console + kubectl create secret generic lokistack-dev-azure \ + --from-literal=container="" \ + --from-literal=environment="" \ + --from-literal=account_name="" \ + --from-literal=account_key="" + ``` + + where `lokistack-dev-azure` is the secret name. + +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `azure`: + + ```yaml + spec: + storage: + secret: + name: lokistack-dev-azure + type: azure + ``` + +## Google Cloud Storage ### Requirements @@ -43,51 +90,152 @@ Loki Operator supports [GCS](https://cloud.google.com/) for Loki storage. ### Installation -* Deploy the loki operator to your cluster. +* Deploy the Loki Operator to your cluster. * Copy the service account credentials received from GCP into a file name `key.json`. * Create an Object Storage secret with keys `bucketname` and `key.json` as follows: ```console - kubectl create secret generic test \ + kubectl create secret generic lokistack-dev-gcs \ --from-literal=bucketname="" \ --from-file=key.json="" ``` - where `test` is the secret name, `` is the name of bucket created in requirements step and `` is the file path where the `key.json` was copied to. + where `lokistack-dev-gcs` is the secret name, `` is the name of bucket created in requirements step and `` is the file path where the `key.json` was copied to. -* Create an instance of [lokistack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `gcs`: +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `gcs`: ```yaml spec: storage: secret: - name: test + name: lokistack-dev-gcs type: gcs ``` ## Minio -Coming soon. - ### Requirements +* Deploy Minio on your Cluster, e.g. using the [Minio Operator](https://operator.min.io/) + +* Create a [bucket](https://docs.min.io/docs/minio-client-complete-guide.html) on Minio via CLI. + ### Installation -## OpenShift Data Foundation +* Deploy the Loki Operator to your cluster. + +* Create an Object Storage secret with keys as follows: + + ```console + kubectl create secret generic lokistack-dev-minio \ + --from-literal=bucketname="" \ + --from-literal=endpoint="" \ + --from-literal=access_key_id="" \ + --from-literal=access_key_secret="" + ``` -Coming soon. + where `lokistack-dev-minio` is the secret name. + +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `s3`: + + ```yaml + spec: + storage: + secret: + name: lokistack-dev-minio + type: s3 + ``` + +## OpenShift Data Foundation ### Requirements +* Deploy the [OpenShift Data Foundation](https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.10) on your cluster. + +* Create a bucket via an ObjectBucketClaim. + + ### Installation -## Swift +* Deploy the Loki Operator to your cluster. + +* Create an Object Storage secret with keys as follows: + + ```console + kubectl create secret generic lokistack-dev-odf \ + --from-literal=bucketname="" \ + --from-literal=endpoint="https://s3.openshift-storage.svc" \ + --from-literal=access_key_id="" \ + --from-literal=access_key_secret="" + ``` + + where `lokistack-dev-odf` is the secret name. You can copy the values for `BUCKET_NAME`, `ACCESS_KEY_ID` and `ACCESS_KEY_SECRET` from your ObjectBucketClaim's accompanied secret. + +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `s3`: + + ```yaml + spec: + storage: + secret: + name: lokistack-dev-odf + type: s3 + ``` -Coming soon. +## Swift ### Requirements +* Create a [bucket](https://docs.openstack.org/newton/user-guide/cli-swift-create-containers.html) on Swift. + ### Installation +* Deploy the Loki Operator to your cluster. + +* Create an Object Storage secret with keys as follows: + + ```console + kubectl create secret generic lokistack-dev-swift \ + --from-literal=auth_url="" \ + --from-literal=username="" \ + --from-literal=user_domain_name="" \ + --from-literal=user_domain_id="" \ + --from-literal=user_id="" \ + --from-literal=password="" \ + --from-literal=domain_id="" \ + --from-literal=domain_name="" \ + --from-literal=container_name="" \ + ``` + + where `lokistack-dev-swift` is the secret name. + +* Optionally you can provide project specific data and/or a region as follows: + + ```console + kubectl create secret generic lokistack-dev-swift \ + --from-literal=auth_url="" \ + --from-literal=username="" \ + --from-literal=user_domain_name="" \ + --from-literal=user_domain_id="" \ + --from-literal=user_id="" \ + --from-literal=password="" \ + --from-literal=domain_id="" \ + --from-literal=domain_name="" \ + --from-literal=container_name="" \ + --from-literal=project_id="" \ + --from-literal=project_name="" \ + --from-literal=project_domain_id="" \ + --from-literal=project_domain_name="" \ + --from-literal=region="" \ + ``` + +* Create an instance of [LokiStack](../hack/lokistack_dev.yaml) by referencing the secret name and type as `swift`: + + ```yaml + spec: + storage: + secret: + name: lokistack-dev-swift + type: swift + ```