环境信息
- Kubernetes:v1.20.6
- StorageClass:csi-udisk-rssd
- Helm:v3.5.2
- nginx-ingress: 0.47.0
本安装前准备工作
1. 申请域名证书
可以使用 https://keymanager.org/ 来申请 Let’s Encrypt 提供的免费泛域名证书
2. 创建域名证书 secret
kubectl create ns loki
kubectl create secret tls tls-loki-secret \
--cert=domain.crt \
--key=domain.key \
-n loki
3. 同步海外源镜像
在国内环境部署应用,经常因为获取国外源站容器镜像超时,导致部署失败,可以提前将容器镜像同步到本地镜像仓库中,以自有镜像仓库uhub.service.ucloud.cn/ucloud_pts 为例,login仓库,执行命令: docker login uhub.service.ucloud.cn/ucloud_pts
需要同步镜像列表如下:
grafana/loki:2.2.1
nginxinc/nginx-unprivileged:1.19-alpine
关于docker pull tag push 操作可以参考:
- https://docs.docker.com/engine/reference/commandline/pull/
- https://docs.docker.com/engine/reference/commandline/tag/
- https://docs.docker.com/engine/reference/commandline/push/
4. 创建 imagePullSecrets
创建容器集群访问仓库地址 uhub.service.ucloud.cn/ucloud_pts,拉取镜像需要的 secret
kubectl create namespace loki
kubectl create secret docker-registry registry-loki-secret \
--namespace=loki \
--docker-server=uhub.service.ucloud.cn/ucloud_pts \
--docker-username='xxxxxx' \
--docker-password='xxxxxx'
4. 添加 Helm仓库
这里选用prometheus-community提供的chart仓库
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
5. 定义配置,完成部署
cat > loki-values.yaml << EOF
global:
image:
registry: harbor.onwalk.net/pts
clusterDomain: "admin.local"
imagePullSecrets:
- name: harbor-secret
gateway:
enabled: true
replicas: 3
ingress:
enabled: true
ingressClassName: nginx
hosts:
- host: loki-gateway.onwalk.net
paths:
- path: /
pathType: Prefix
tls:
- secretName: tls-loki-gateway-secret
hosts:
- loki-gateway.onwalk.net
ingester:
replicas: 3
persistence:
enabled: true
size: 100Gi
storageClass: csi-udisk-rssd
distributor:
replicas: 3
querier:
replicas: 3
persistence:
enabled: true
size: 100Gi
storageClass: csi-udisk-rssd
EOF
helm upgrade --install loki grafana/loki-distributed -n loki -f loki-values.yaml
参考
https://github.com/CloudXiaobai/loki-cluster-deploy/tree/master/production/loki-system
