k8s-apps/loki/alloy.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: alloy
  namespace: loki
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: alloy
rules:
  - apiGroups: [""]
    resources:
      - pods
      - pods/log
      - nodes
      - namespaces
    verbs:
      - get
      - list
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: alloy
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: alloy
subjects:
- kind: ServiceAccount
  name: alloy
  namespace: loki
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: alloy-config
  namespace: loki
data:
  config.alloy: |
    discovery.kubernetes "pods" {
      role = "pod"
    }

    discovery.relabel "pods" {
      targets = discovery.kubernetes.pods.targets

      rule {
        target_label = "source"
        replacement  = "kubernetes"
      }

      rule {
        source_labels = ["__meta_kubernetes_namespace"]
        target_label  = "namespace"
      }

      rule {
        source_labels = ["__meta_kubernetes_pod_name"]
        target_label  = "pod"
      }

      rule {
        source_labels = ["__meta_kubernetes_pod_container_name"]
        target_label  = "container"
      }

      rule {
        source_labels = ["__meta_kubernetes_pod_node_name"]
        target_label  = "node"
      }

      rule {
        source_labels = ["__meta_kubernetes_pod_label_app"]
        target_label  = "app"
      }
    }

    loki.source.kubernetes "pods" {
      targets    = discovery.relabel.pods.output
      forward_to = [loki.write.default.receiver]
    }

    loki.write "default" {
      endpoint {
        url = "http://loki.loki.svc.k8s.undercloud.local:3100/loki/api/v1/push"
      }
    }
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: alloy
  namespace: loki
spec:
  selector:
    matchLabels:
      app: alloy
  template:
    metadata:
      labels:
        app: alloy
    spec:
      serviceAccountName: alloy
      tolerations:
        - key: "node-role.kubernetes.io/control-plane"
          operator: "Exists"
          effect: "NoSchedule"

      containers:
      - name: alloy
        image: grafana/alloy:latest
        args:
          - run
          - /etc/alloy/config.alloy

        ports:
        - containerPort: 12345
          name: http

        volumeMounts:
        - name: config
          mountPath: /etc/alloy

        - name: varlogpods
          mountPath: /var/log/pods
          readOnly: true

        - name: varlogcontainers
          mountPath: /var/log/containers
          readOnly: true

        - name: varlibdockercontainers
          mountPath: /var/lib/docker/containers
          readOnly: true

        securityContext:
          runAsUser: 0

      volumes:
      - name: config
        configMap:
          name: alloy-config

      - name: varlogpods
        hostPath:
          path: /var/log/pods

      - name: varlogcontainers
        hostPath:
          path: /var/log/containers

      - name: varlibdockercontainers
        hostPath:
          path: /var/lib/docker/containers