34.3.
34.3.1.
사전 요구 사항
- Linux Kernel 4.18+.
절차
apiVersion: v1 kind: Secret metadata: name: loki-s3 namespace: netobserv stringData: access_key_id: QUtJQUlPU0ZPRE5ON0VYQU1QTEUK access_key_secret: d0phbHJYVXRuRkVNSS9LN01ERU5HL2JQeFJmaUNZRVhBTVBMRUtFWQo= bucketnames: s3-bucket-name endpoint: https://s3.eu-central-1.amazonaws.com region: eu-central-1
34.3.1.1.
절차
apiVersion: loki.grafana.com/v1 kind: LokiStack metadata: name: loki namespace: netobserv spec: size: 1x.small storage: schemas: - version: v12 effectiveDate: '2022-06-01' secret: name: loki-s3 type: s3 storageClassName: gp3 1 tenants: mode: openshift-network중요
34.3.1.1.1.
표 34.1.
| 1x.extra-small | 1x.small | 1x.medium | |
|---|---|---|---|
|
|
|
| 2TB/day |
|
|
|
|
|
|
| 없음 | 2 | 3 |
|
|
|
|
|
|
| 7.5Gi | 63Gi | 139Gi |
|
| 150Gi | 300Gi | 450Gi |
34.3.1.2.
spec:
limits:
global:
ingestion:
ingestionBurstSize: 40
ingestionRate: 20
maxGlobalStreamsPerTenant: 25000
queries:
maxChunksPerQuery: 2000000
maxEntriesLimitPerQuery: 10000
maxQuerySeries: 3000
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: loki-alerts
namespace: openshift-operators-redhat
spec:
groups:
- name: LokiRateLimitAlerts
rules:
- alert: LokiTenantRateLimit
annotations:
message: |-
{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors.
summary: "At any number of requests are responded with the rate limit error code."
expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0
for: 10s
labels:
severity: warning34.3.2.
절차
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: loki-netobserv-tenant rules: - apiGroups: - 'loki.grafana.com' resources: - network resourceNames: - logs verbs: - 'get' - 'create' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: loki-netobserv-tenant roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: loki-netobserv-tenant subjects: - kind: ServiceAccount name: flowlogs-pipeline 1 namespace: netobserv
34.3.3.
34.3.4.
사전 요구 사항
절차
검증
추가 리소스
34.3.5.
절차
- 중요
