diff --git a/operations/helm/charts/alloy/CHANGELOG.md b/operations/helm/charts/alloy/CHANGELOG.md index 29f47c8eb3..fc66d83346 100644 --- a/operations/helm/charts/alloy/CHANGELOG.md +++ b/operations/helm/charts/alloy/CHANGELOG.md @@ -9,6 +9,8 @@ internal API changes are not present. Unreleased ---------- +### Enhancements +- Add support for adding hostAliases to the Helm chart. (@duncan485) 0.9.2 (2024-10-18) ------------------ diff --git a/operations/helm/charts/alloy/README.md b/operations/helm/charts/alloy/README.md index f5082841c1..e0bce43085 100644 --- a/operations/helm/charts/alloy/README.md +++ b/operations/helm/charts/alloy/README.md @@ -45,6 +45,7 @@ useful if just using the default DaemonSet isn't sufficient. | alloy.extraArgs | list | `[]` | Extra args to pass to `alloy run`: https://grafana.com/docs/alloy/latest/reference/cli/run/ | | alloy.extraEnv | list | `[]` | Extra environment variables to pass to the Alloy container. | | alloy.extraPorts | list | `[]` | Extra ports to expose on the Alloy container. | +| alloy.hostAliases | list | `[]` | Host aliases to add to the Alloy container. | | alloy.lifecycle | object | `{}` | Set lifecycle hooks for the Grafana Alloy container. | | alloy.listenAddr | string | `"0.0.0.0"` | Address to listen for traffic on. 0.0.0.0 exposes the UI to other containers. | | alloy.listenPort | int | `12345` | Port to listen for traffic on. | diff --git a/operations/helm/charts/alloy/ci/host-alias-values.yaml b/operations/helm/charts/alloy/ci/host-alias-values.yaml new file mode 100644 index 0000000000..1b7f5a9266 --- /dev/null +++ b/operations/helm/charts/alloy/ci/host-alias-values.yaml @@ -0,0 +1,5 @@ +alloy: + hostAliases: + - ip: "20.21.22.23" + hostnames: + - "grafana.company.net" diff --git a/operations/helm/charts/alloy/templates/controllers/_pod.yaml b/operations/helm/charts/alloy/templates/controllers/_pod.yaml index 1167671fd0..ce5677b301 100644 --- a/operations/helm/charts/alloy/templates/controllers/_pod.yaml +++ b/operations/helm/charts/alloy/templates/controllers/_pod.yaml @@ -83,4 +83,8 @@ spec: {{- if .Values.controller.volumes.extra }} {{- toYaml .Values.controller.volumes.extra | nindent 4 }} {{- end }} + {{- if $values.hostAliases }} + hostAliases: + {{- toYaml $values.hostAliases | nindent 4 }} + {{- end }} {{- end }} diff --git a/operations/helm/charts/alloy/values.yaml b/operations/helm/charts/alloy/values.yaml index a8f2a7e6c3..4aa892c7eb 100644 --- a/operations/helm/charts/alloy/values.yaml +++ b/operations/helm/charts/alloy/values.yaml @@ -89,6 +89,12 @@ alloy: # protocol: "TCP" # appProtocol: "h2c" + # -- Host aliases to add to the Alloy container. + hostAliases: [] + # - ip: "20.21.22.23" + # hostnames: + # - "company.grafana.net" + mounts: # -- Mount /var/log from the host into the container for log collection. varlog: false diff --git a/operations/helm/tests/host-alias/alloy/templates/configmap.yaml b/operations/helm/tests/host-alias/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml b/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml new file mode 100644 index 0000000000..af29f80c4d --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml @@ -0,0 +1,79 @@ +--- +# Source: alloy/templates/controllers/daemonset.yaml +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.4.3 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy + hostAliases: + - hostnames: + - grafana.company.net + ip: 20.21.22.23 diff --git a/operations/helm/tests/host-alias/alloy/templates/rbac.yaml b/operations/helm/tests/host-alias/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/host-alias/alloy/templates/service.yaml b/operations/helm/tests/host-alias/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml b/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac