Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Documentation

Grafana Loki documentation

Installation

Install using Helm

Helm Chart Values

Open source

Helm Chart Values

This is the generated reference for the Loki Helm Chart values.

Note: This reference is for the Loki Helm chart version 3.0 or greater. If you are using the grafana/loki-stack Helm chart from the community repo, please refer to the values.yaml of the respective Github repository grafana/helm-charts.

Key	Type	Description	Default
backend.affinity	string	Affinity for backend pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
backend.extraArgs	list	Additional CLI args for the backend	[]
backend.extraEnv	list	Environment variables to add to the backend pods	[]
backend.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the backend pods	[]
backend.extraVolumeMounts	list	Volume mounts to add to the backend pods	[]
backend.extraVolumes	list	Volumes to add to the backend pods	[]
backend.image.registry	string	The Docker registry for the backend image. Overrides `loki.image.registry`	null
backend.image.repository	string	Docker image repository for the backend image. Overrides `loki.image.repository`	null
backend.image.tag	string	Docker image tag for the backend image. Overrides `loki.image.tag`	null
backend.initContainers	list	Init containers to add to the backend pods	[]
backend.nodeSelector	object	Node selector for backend pods	{}
backend.persistence.enableStatefulSetAutoDeletePVC	bool	Enable StatefulSetAutoDeletePVC feature	true
backend.persistence.selector	string	Selector for persistent disk	null
backend.persistence.size	string	Size of persistent disk	"10Gi"
backend.persistence.storageClass	string	Storage class to be used. If defined, storageClassName: . If set to "-", storageClassName: "", which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).	null
backend.podAnnotations	object	Annotations for backend pods	{}
backend.podLabels	object	Additional labels for each `backend` pod	{}
backend.priorityClassName	string	The name of the PriorityClass for backend pods	null
backend.replicas	int	Number of replicas for the backend	3
backend.resources	object	Resource requests and limits for the backend	{}
backend.selectorLabels	object	Additional selector labels for each `backend` pod	{}
backend.serviceLabels	object	Labels for ingester service	{}
backend.targetModule	string	Comma-separated list of Loki modules to load for the read	"backend"
backend.terminationGracePeriodSeconds	int	Grace period to allow the backend to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so backends can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.	300
backend.tolerations	list	Tolerations for backend pods	[]
enterprise.adminApi	object	If enabled, the correct admin_client storage will be configured. If disabled while running enterprise, make sure auth is set to `type: trust`, or that `auth_enabled` is set to `false`.	{ "enabled": true }
enterprise.adminToken.additionalNamespaces	list	Additional namespace to also create the token in. Useful if your Grafana instance is in a different namespace	[]
enterprise.adminToken.secret	string	Alternative name for admin token secret, needed by tokengen and provisioner jobs	null
enterprise.canarySecret	string	Alternative name of the secret to store token for the canary	null
enterprise.cluster_name	string	Optional name of the GEL cluster, otherwise will use .Release.Name The cluster name must match what is in your GEL license	null
enterprise.config	string		"{{- if .Values.enterprise.adminApi.enabled }}\n{{- if or .Values.minio.enabled (eq .Values.loki.storage.type \"s3\") (eq .Values.loki.storage.type \"gcs\") (eq .Values.loki.storage.type \"azure\") }}\nadmin_client:\n storage:\n s3:\n bucket_name: {{ .Values.loki.storage.bucketNames.admin }}\n{{- end }}\n{{- end }}\nauth:\n type: {{ .Values.enterprise.adminApi.enabled \| ternary \"enterprise\" \"trust\" }}\nauth_enabled: {{ .Values.loki.auth_enabled }}\ncluster_name: {{ include \"loki.clusterName\" . }}\nlicense:\n path: /etc/loki/license/license.jwt\n"
enterprise.enabled	bool		false
enterprise.externalConfigName	string	Name of the external config secret to use	""
enterprise.externalLicenseName	string	Name of external license secret to use	null
enterprise.image.pullPolicy	string	Docker image pull policy	"IfNotPresent"
enterprise.image.registry	string	The Docker registry	"docker.io"
enterprise.image.repository	string	Docker image repository	"grafana/enterprise-logs"
enterprise.image.tag	string	Docker image tag	null
enterprise.license	object	Grafana Enterprise Logs license In order to use Grafana Enterprise Logs features, you will need to provide the contents of your Grafana Enterprise Logs license, either by providing the contents of the license.jwt, or the name Kubernetes Secret that contains your license.jwt. To set the license contents, use the flag `--set-file 'license.contents=./license.jwt'`	{ "contents": "NOTAVALIDLICENSE" }
enterprise.provisioner	object	Configuration for `provisioner` target	{ "additionalTenants": [], "annotations": {}, "enabled": true, "env": [], "extraVolumeMounts": [], "image": { "pullPolicy": "IfNotPresent", "registry": "docker.io", "repository": "grafana/enterprise-logs-provisioner", "tag": null }, "labels": {}, "priorityClassName": null, "provisionedSecretPrefix": null, "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001 } }
enterprise.provisioner.additionalTenants	list	Additional tenants to be created. Each tenant will get a read and write policy and associated token. Tenant must have a name and a namespace for the secret containting the token to be created in. For example additionalTenants: - name: loki secretNamespace: grafana	[]
enterprise.provisioner.annotations	object	Additional annotations for the `provisioner` Job	{}
enterprise.provisioner.enabled	bool	Whether the job should be part of the deployment	true
enterprise.provisioner.env	list	Additional Kubernetes environment	[]
enterprise.provisioner.extraVolumeMounts	list	Volume mounts to add to the provisioner pods	[]
enterprise.provisioner.image	object	Provisioner image to Utilize	{ "pullPolicy": "IfNotPresent", "registry": "docker.io", "repository": "grafana/enterprise-logs-provisioner", "tag": null }
enterprise.provisioner.image.pullPolicy	string	Docker image pull policy	"IfNotPresent"
enterprise.provisioner.image.registry	string	The Docker registry	"docker.io"
enterprise.provisioner.image.repository	string	Docker image repository	"grafana/enterprise-logs-provisioner"
enterprise.provisioner.image.tag	string	Overrides the image tag whose default is the chart's appVersion	null
enterprise.provisioner.labels	object	Additional labels for the `provisioner` Job	{}
enterprise.provisioner.priorityClassName	string	The name of the PriorityClass for provisioner Job	null
enterprise.provisioner.provisionedSecretPrefix	string	Name of the secret to store provisioned tokens in	null
enterprise.provisioner.securityContext	object	Run containers as user `enterprise-logs(uid=10001)`	{ "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001 }
enterprise.tokengen	object	Configuration for `tokengen` target	{ "annotations": {}, "enabled": true, "env": [], "extraArgs": [], "extraEnvFrom": [], "extraVolumeMounts": [], "extraVolumes": [], "labels": {}, "priorityClassName": "", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001 }, "targetModule": "tokengen", "tolerations": [] }
enterprise.tokengen.annotations	object	Additional annotations for the `tokengen` Job	{}
enterprise.tokengen.enabled	bool	Whether the job should be part of the deployment	true
enterprise.tokengen.env	list	Additional Kubernetes environment	[]
enterprise.tokengen.extraArgs	list	Additional CLI arguments for the `tokengen` target	[]
enterprise.tokengen.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the tokengen pods	[]
enterprise.tokengen.extraVolumeMounts	list	Additional volume mounts for Pods	[]
enterprise.tokengen.extraVolumes	list	Additional volumes for Pods	[]
enterprise.tokengen.labels	object	Additional labels for the `tokengen` Job	{}
enterprise.tokengen.priorityClassName	string	The name of the PriorityClass for tokengen Pods	""
enterprise.tokengen.securityContext	object	Run containers as user `enterprise-logs(uid=10001)`	{ "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001 }
enterprise.tokengen.targetModule	string	Comma-separated list of Loki modules to load for tokengen	"tokengen"
enterprise.tokengen.tolerations	list	Tolerations for tokengen Job	[]
enterprise.useExternalLicense	bool	Set to true when providing an external license	false
enterprise.version	string		"v1.6.2"
extraObjects	list		[]
fullnameOverride	string	Overrides the chart's computed fullname	null
gateway.affinity	string	Affinity for gateway pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
gateway.autoscaling.enabled	bool	Enable autoscaling for the gateway	false
gateway.autoscaling.maxReplicas	int	Maximum autoscaling replicas for the gateway	3
gateway.autoscaling.minReplicas	int	Minimum autoscaling replicas for the gateway	1
gateway.autoscaling.targetCPUUtilizationPercentage	int	Target CPU utilisation percentage for the gateway	60
gateway.autoscaling.targetMemoryUtilizationPercentage	string	Target memory utilisation percentage for the gateway	null
gateway.basicAuth.enabled	bool	Enables basic authentication for the gateway	false
gateway.basicAuth.existingSecret	string	Existing basic auth secret to use. Must contain '.htpasswd'	null
gateway.basicAuth.htpasswd	string	Uses the specified users from the `loki.tenants` list to create the htpasswd file if `loki.tenants` is not set, the `gateway.basicAuth.username` and `gateway.basicAuth.password` are used The value is templated using `tpl`. Override this to use a custom htpasswd, e.g. in case the default causes high CPU load.	"{{ if .Values.loki.tenants }}\n\n {{- range $t := .Values.loki.tenants }}\n{{ htpasswd (required \"All tenants must have a 'name' set\" $t.name) (required \"All tenants must have a 'password' set\" $t.password) }}\n\n {{- end }}\n{{ else }} {{ htpasswd (required \"'gateway.basicAuth.username' is required\" .Values.gateway.basicAuth.username) (required \"'gateway.basicAuth.password' is required\" .Values.gateway.basicAuth.password) }} {{ end }}"
gateway.basicAuth.password	string	The basic auth password for the gateway	null
gateway.basicAuth.username	string	The basic auth username for the gateway	null
gateway.containerSecurityContext	object	The SecurityContext for gateway containers	{ "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] }, "readOnlyRootFilesystem": true }
gateway.deploymentStrategy	object	ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy	{ "type": "RollingUpdate" }
gateway.enabled	bool	Specifies whether the gateway should be enabled	true
gateway.extraArgs	list	Additional CLI args for the gateway	[]
gateway.extraEnv	list	Environment variables to add to the gateway pods	[]
gateway.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the gateway pods	[]
gateway.extraVolumeMounts	list	Volume mounts to add to the gateway pods	[]
gateway.extraVolumes	list	Volumes to add to the gateway pods	[]
gateway.image.pullPolicy	string	The gateway image pull policy	"IfNotPresent"
gateway.image.registry	string	The Docker registry for the gateway image	"docker.io"
gateway.image.repository	string	The gateway image repository	"nginxinc/nginx-unprivileged"
gateway.image.tag	string	The gateway image tag	"1.19-alpine"
gateway.ingress.annotations	object	Annotations for the gateway ingress	{}
gateway.ingress.enabled	bool	Specifies whether an ingress for the gateway should be created	false
gateway.ingress.hosts	list	Hosts configuration for the gateway ingress	[ { "host": "gateway.loki.example.com", "paths": [ { "path": "/" } ] } ]
gateway.ingress.ingressClassName	string	Ingress Class Name. MAY be required for Kubernetes versions >= 1.18	""
gateway.ingress.tls	list	TLS configuration for the gateway ingress	[ { "hosts": [ "gateway.loki.example.com" ], "secretName": "loki-gateway-tls" } ]
gateway.lifecycle	object	Lifecycle for the gateway container	{}
gateway.nginxConfig.customBackendUrl	string	Override Backend URL	null
gateway.nginxConfig.customReadUrl	string	Override Read URL	null
gateway.nginxConfig.customWriteUrl	string	Override Write URL	null
gateway.nginxConfig.file	string	Config file contents for Nginx. Passed through the `tpl` function to allow templating	See values.yaml
gateway.nginxConfig.httpSnippet	string	Allows appending custom configuration to the http block, passed through the `tpl` function to allow templating	"{{ if .Values.loki.tenants }}proxy_set_header X-Scope-OrgID $remote_user;{{ end }}"
gateway.nginxConfig.logFormat	string	NGINX log format	"main '$remote_addr - $remote_user [$time_local] $status '\n '\"$request\" $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';"
gateway.nginxConfig.serverSnippet	string	Allows appending custom configuration to the server block	""
gateway.nodeSelector	object	Node selector for gateway pods	{}
gateway.podAnnotations	object	Annotations for gateway pods	{}
gateway.podLabels	object	Additional labels for gateway pods	{}
gateway.podSecurityContext	object	The SecurityContext for gateway containers	{ "fsGroup": 101, "runAsGroup": 101, "runAsNonRoot": true, "runAsUser": 101 }
gateway.priorityClassName	string	The name of the PriorityClass for gateway pods	null
gateway.readinessProbe.httpGet.path	string		"/"
gateway.readinessProbe.httpGet.port	string		"http"
gateway.readinessProbe.initialDelaySeconds	int		15
gateway.readinessProbe.timeoutSeconds	int		1
gateway.replicas	int	Number of replicas for the gateway	1
gateway.resources	object	Resource requests and limits for the gateway	{}
gateway.service.annotations	object	Annotations for the gateway service	{}
gateway.service.clusterIP	string	ClusterIP of the gateway service	null
gateway.service.labels	object	Labels for gateway service	{}
gateway.service.loadBalancerIP	string	Load balancer IPO address if service type is LoadBalancer	null
gateway.service.nodePort	int	Node port if service type is NodePort	null
gateway.service.port	int	Port of the gateway service	80
gateway.service.type	string	Type of the gateway service	"ClusterIP"
gateway.terminationGracePeriodSeconds	int	Grace period to allow the gateway to shutdown before it is killed	30
gateway.tolerations	list	Tolerations for gateway pods	[]
gateway.verboseLogging	bool	Enable logging of 2xx and 3xx HTTP requests	true
global.clusterDomain	string	configures cluster domain ("cluster.local" by default)	"cluster.local"
global.dnsNamespace	string	configures DNS service namespace	"kube-system"
global.dnsService	string	configures DNS service name	"kube-dns"
global.image.registry	string	Overrides the Docker registry globally for all images	null
global.priorityClassName	string	Overrides the priorityClassName for all pods	null
imagePullSecrets	list	Image pull secrets for Docker images	[]
ingress.annotations	object		{}
ingress.enabled	bool		false
ingress.hosts[0]	string		"loki.example.com"
ingress.ingressClassName	string		""
ingress.paths.read[0]	string		"/api/prom/tail"
ingress.paths.read[1]	string		"/loki/api/v1/tail"
ingress.paths.read[2]	string		"/loki/api"
ingress.paths.read[3]	string		"/api/prom/rules"
ingress.paths.read[4]	string		"/loki/api/v1/rules"
ingress.paths.read[5]	string		"/prometheus/api/v1/rules"
ingress.paths.read[6]	string		"/prometheus/api/v1/alerts"
ingress.paths.singleBinary[0]	string		"/api/prom/push"
ingress.paths.singleBinary[1]	string		"/loki/api/v1/push"
ingress.paths.singleBinary[2]	string		"/api/prom/tail"
ingress.paths.singleBinary[3]	string		"/loki/api/v1/tail"
ingress.paths.singleBinary[4]	string		"/loki/api"
ingress.paths.singleBinary[5]	string		"/api/prom/rules"
ingress.paths.singleBinary[6]	string		"/loki/api/v1/rules"
ingress.paths.singleBinary[7]	string		"/prometheus/api/v1/rules"
ingress.paths.singleBinary[8]	string		"/prometheus/api/v1/alerts"
ingress.paths.write[0]	string		"/api/prom/push"
ingress.paths.write[1]	string		"/loki/api/v1/push"
ingress.tls	list		[]
kubectlImage.pullPolicy	string	Docker image pull policy	"IfNotPresent"
kubectlImage.registry	string	The Docker registry	"docker.io"
kubectlImage.repository	string	Docker image repository	"bitnami/kubectl"
kubectlImage.tag	string	Overrides the image tag whose default is the chart's appVersion	null
loki.analytics	object	Optional analytics configuration	{}
loki.auth_enabled	bool		true
loki.commonConfig	object	Check https://grafana.com/docs/loki/latest/configuration/#common_config for more info on how to provide a common configuration	{ "compactor_address": "{{ include \"loki.compactorAddress\" . }}", "path_prefix": "/var/loki", "replication_factor": 3 }
loki.compactor	object	Optional compactor configuration	{}
loki.config	string	Config file contents for Loki	See values.yaml
loki.containerSecurityContext	object	The SecurityContext for Loki containers	{ "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] }, "readOnlyRootFilesystem": true }
loki.enableServiceLinks	bool	Should enableServiceLinks be enabled. Default to enable	true
loki.existingSecretForConfig	string	Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config`	""
loki.image.pullPolicy	string	Docker image pull policy	"IfNotPresent"
loki.image.registry	string	The Docker registry	"docker.io"
loki.image.repository	string	Docker image repository	"grafana/loki"
loki.image.tag	string	Overrides the image tag whose default is the chart's appVersion TODO: needed for 3rd target backend functionality revert to null or latest once this behavior is relased	null
loki.ingester	object	Optional ingester configuration	{}
loki.limits_config	object	Limits config	{ "enforce_metric_name": false, "max_cache_freshness_per_query": "10m", "reject_old_samples": true, "reject_old_samples_max_age": "168h", "split_queries_by_interval": "15m" }
loki.memcached	object	Configure memcached as an external cache for chunk and results cache. Disabled by default must enable and specify a host for each cache you would like to use.	{ "chunk_cache": { "batch_size": 256, "enabled": false, "host": "", "parallelism": 10, "service": "memcached-client" }, "results_cache": { "default_validity": "12h", "enabled": false, "host": "", "service": "memcached-client", "timeout": "500ms" } }
loki.podAnnotations	object	Common annotations for all pods	{}
loki.podLabels	object	Common labels for all pods	{}
loki.podSecurityContext	object	The SecurityContext for Loki pods	{ "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001 }
loki.querier	object	Optional querier configuration	{}
loki.query_scheduler	object	Additional query scheduler config	{}
loki.readinessProbe.httpGet.path	string		"/ready"
loki.readinessProbe.httpGet.port	string		"http-metrics"
loki.readinessProbe.initialDelaySeconds	int		30
loki.readinessProbe.timeoutSeconds	int		1
loki.revisionHistoryLimit	int	The number of old ReplicaSets to retain to allow rollback	10
loki.rulerConfig	object	Check https://grafana.com/docs/loki/latest/configuration/#ruler for more info on configuring ruler	{}
loki.runtimeConfig	object	Provides a reloadable runtime configuration file for some specific configuration	{}
loki.schemaConfig	object	Check https://grafana.com/docs/loki/latest/configuration/#schema_config for more info on how to configure schemas	{}
loki.server	object	Check https://grafana.com/docs/loki/latest/configuration/#server for more info on the server configuration.	{ "grpc_listen_port": 9095, "http_listen_port": 3100 }
loki.storage	object	Storage config. Providing this will automatically populate all necessary storage configs in the templated config.	{ "azure": { "accountKey": null, "accountName": null, "requestTimeout": null, "useManagedIdentity": false, "userAssignedId": null }, "bucketNames": { "admin": "admin", "chunks": "chunks", "ruler": "ruler" }, "filesystem": { "chunks_directory": "/var/loki/chunks", "rules_directory": "/var/loki/rules" }, "gcs": { "chunkBufferSize": 0, "enableHttp2": true, "requestTimeout": "0s" }, "s3": { "accessKeyId": null, "endpoint": null, "http_config": {}, "insecure": false, "region": null, "s3": null, "s3ForcePathStyle": false, "secretAccessKey": null }, "type": "s3" }
loki.storage_config	object	Additional storage config	{ "hedging": { "at": "250ms", "max_per_second": 20, "up_to": 3 } }
loki.structuredConfig	object	Structured loki configuration, takes precedence over `loki.config`, `loki.schemaConfig`, `loki.storageConfig`	{}
loki.tenants	list	Tenants list to be created on nginx htpasswd file, with name and password keys	[]
memberlist.service.publishNotReadyAddresses	bool		false
migrate	object	Options that may be necessary when performing a migration from another helm chart	{ "fromDistributed": { "enabled": false, "memberlistService": "" } }
migrate.fromDistributed	object	When migrating from a distributed chart like loki-distributed or enterprise-logs	{ "enabled": false, "memberlistService": "" }
migrate.fromDistributed.enabled	bool	Set to true if migrating from a distributed helm chart	false
migrate.fromDistributed.memberlistService	string	If migrating from a distributed service, provide the distributed deployment's memberlist service DNS so the new deployment can join it's ring.	""
minio	object	-----------------------------------	{ "buckets": [ { "name": "chunks", "policy": "none", "purge": false }, { "name": "ruler", "policy": "none", "purge": false }, { "name": "admin", "policy": "none", "purge": false } ], "drivesPerNode": 2, "enabled": false, "persistence": { "size": "5Gi" }, "replicas": 1, "resources": { "requests": { "cpu": "100m", "memory": "128Mi" } }, "rootPassword": "supersecret", "rootUser": "enterprise-logs" }
monitoring.dashboards.annotations	object	Additional annotations for the dashboards ConfigMap	{}
monitoring.dashboards.enabled	bool	If enabled, create configmap with dashboards for monitoring Loki	true
monitoring.dashboards.labels	object	Labels for the dashboards ConfigMap	{ "grafana_dashboard": "1" }
monitoring.dashboards.namespace	string	Alternative namespace to create dashboards ConfigMap in	null
monitoring.lokiCanary.annotations	object	Additional annotations for the `loki-canary` Daemonset	{}
monitoring.lokiCanary.enabled	bool		true
monitoring.lokiCanary.extraArgs	list	Additional CLI arguments for the `loki-canary' command	[]
monitoring.lokiCanary.extraEnv	list	Environment variables to add to the canary pods	[]
monitoring.lokiCanary.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the canary pods	[]
monitoring.lokiCanary.image	object	Image to use for loki canary	{ "pullPolicy": "IfNotPresent", "registry": "docker.io", "repository": "grafana/loki-canary", "tag": null }
monitoring.lokiCanary.image.pullPolicy	string	Docker image pull policy	"IfNotPresent"
monitoring.lokiCanary.image.registry	string	The Docker registry	"docker.io"
monitoring.lokiCanary.image.repository	string	Docker image repository	"grafana/loki-canary"
monitoring.lokiCanary.image.tag	string	Overrides the image tag whose default is the chart's appVersion	null
monitoring.lokiCanary.nodeSelector	object	Node selector for canary pods	{}
monitoring.lokiCanary.resources	object	Resource requests and limits for the canary	{}
monitoring.lokiCanary.tolerations	list	Tolerations for canary pods	[]
monitoring.rules.additionalGroups	list	Additional groups to add to the rules file	[]
monitoring.rules.alerting	bool	Include alerting rules	true
monitoring.rules.annotations	object	Additional annotations for the rules PrometheusRule resource	{}
monitoring.rules.enabled	bool	If enabled, create PrometheusRule resource with Loki recording rules	true
monitoring.rules.labels	object	Additional labels for the rules PrometheusRule resource	{}
monitoring.rules.namespace	string	Alternative namespace to create PrometheusRule resources in	null
monitoring.selfMonitoring.enabled	bool		true
monitoring.selfMonitoring.grafanaAgent.annotations	object	Grafana Agent annotations	{}
monitoring.selfMonitoring.grafanaAgent.enableConfigReadAPI	bool	Enable the config read api on port 8080 of the agent	false
monitoring.selfMonitoring.grafanaAgent.installOperator	bool	Controls whether to install the Grafana Agent Operator and its CRDs. Note that helm will not install CRDs if this flag is enabled during an upgrade. In that case install the CRDs manually from https://github.com/grafana/agent/tree/main/production/operator/crds	true
monitoring.selfMonitoring.grafanaAgent.labels	object	Additional Grafana Agent labels	{}
monitoring.selfMonitoring.logsInstance.annotations	object	LogsInstance annotations	{}
monitoring.selfMonitoring.logsInstance.clients	string	Additional clients for remote write	null
monitoring.selfMonitoring.logsInstance.labels	object	Additional LogsInstance labels	{}
monitoring.selfMonitoring.podLogs.annotations	object	PodLogs annotations	{}
monitoring.selfMonitoring.podLogs.labels	object	Additional PodLogs labels	{}
monitoring.selfMonitoring.podLogs.relabelings	list	PodLogs relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig	[]
monitoring.selfMonitoring.tenant	object	Tenant to use for self monitoring	{ "name": "self-monitoring", "secretNamespace": "{{ .Release.Namespace }}" }
monitoring.selfMonitoring.tenant.name	string	Name of the tenant	"self-monitoring"
monitoring.selfMonitoring.tenant.secretNamespace	string	Namespace to create additional tenant token secret in. Useful if your Grafana instance is in a separate namespace. Token will still be created in the canary namespace.	"{{ .Release.Namespace }}"
monitoring.serviceMonitor.annotations	object	ServiceMonitor annotations	{}
monitoring.serviceMonitor.enabled	bool	If enabled, ServiceMonitor resources for Prometheus Operator are created	true
monitoring.serviceMonitor.interval	string	ServiceMonitor scrape interval Default is 15s because included recording rules use a 1m rate, and scrape interval needs to be at least 1/4 rate interval.	"15s"
monitoring.serviceMonitor.labels	object	Additional ServiceMonitor labels	{}
monitoring.serviceMonitor.metricsInstance	object	If defined, will create a MetricsInstance for the Grafana Agent Operator.	{ "annotations": {}, "enabled": true, "labels": {}, "remoteWrite": null }
monitoring.serviceMonitor.metricsInstance.annotations	object	MetricsInstance annotations	{}
monitoring.serviceMonitor.metricsInstance.enabled	bool	If enabled, MetricsInstance resources for Grafana Agent Operator are created	true
monitoring.serviceMonitor.metricsInstance.labels	object	Additional MetricsInstance labels	{}
monitoring.serviceMonitor.metricsInstance.remoteWrite	string	If defined a MetricsInstance will be created to remote write metrics.	null
monitoring.serviceMonitor.namespaceSelector	object	Namespace selector for ServiceMonitor resources	{}
monitoring.serviceMonitor.relabelings	list	ServiceMonitor relabel configs to apply to samples before scraping https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig	[]
monitoring.serviceMonitor.scheme	string	ServiceMonitor will use http by default, but you can pick https as well	"http"
monitoring.serviceMonitor.scrapeTimeout	string	ServiceMonitor scrape timeout in Go duration format (e.g. 15s)	null
monitoring.serviceMonitor.tlsConfig	string	ServiceMonitor will use these tlsConfig settings to make the health check requests	null
nameOverride	string	Overrides the chart's name	null
networkPolicy.alertmanager.namespaceSelector	object	Specifies the namespace the alertmanager is running in	{}
networkPolicy.alertmanager.podSelector	object	Specifies the alertmanager Pods. As this is cross-namespace communication, you also need the namespaceSelector.	{}
networkPolicy.alertmanager.port	int	Specify the alertmanager port used for alerting	9093
networkPolicy.discovery.namespaceSelector	object	Specifies the namespace the discovery Pods are running in	{}
networkPolicy.discovery.podSelector	object	Specifies the Pods labels used for discovery. As this is cross-namespace communication, you also need the namespaceSelector.	{}
networkPolicy.discovery.port	int	Specify the port used for discovery	null
networkPolicy.enabled	bool	Specifies whether Network Policies should be created	false
networkPolicy.externalStorage.cidrs	list	Specifies specific network CIDRs you want to limit access to	[]
networkPolicy.externalStorage.ports	list	Specify the port used for external storage, e.g. AWS S3	[]
networkPolicy.ingress.namespaceSelector	object	Specifies the namespaces which are allowed to access the http port	{}
networkPolicy.ingress.podSelector	object	Specifies the Pods which are allowed to access the http port. As this is cross-namespace communication, you also need the namespaceSelector.	{}
networkPolicy.metrics.cidrs	list	Specifies specific network CIDRs which are allowed to access the metrics port. In case you use namespaceSelector, you also have to specify your kubelet networks here. The metrics ports are also used for probes.	[]
networkPolicy.metrics.namespaceSelector	object	Specifies the namespaces which are allowed to access the metrics port	{}
networkPolicy.metrics.podSelector	object	Specifies the Pods which are allowed to access the metrics port. As this is cross-namespace communication, you also need the namespaceSelector.	{}
rbac.pspEnabled	bool	If pspEnabled true, a PodSecurityPolicy is created for K8s that use psp.	false
rbac.sccEnabled	bool	For OpenShift set pspEnabled to 'false' and sccEnabled to 'true' to use the SecurityContextConstraints.	false
read.affinity	string	Affinity for read pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
read.autoscaling.enabled	bool	Enable autoscaling for the read, this is only used if `queryIndex.enabled: true`	false
read.autoscaling.maxReplicas	int	Maximum autoscaling replicas for the read	3
read.autoscaling.minReplicas	int	Minimum autoscaling replicas for the read	1
read.autoscaling.targetCPUUtilizationPercentage	int	Target CPU utilisation percentage for the read	60
read.autoscaling.targetMemoryUtilizationPercentage	string	Target memory utilisation percentage for the read	null
read.extraArgs	list	Additional CLI args for the read	[]
read.extraEnv	list	Environment variables to add to the read pods	[]
read.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the read pods	[]
read.extraVolumeMounts	list	Volume mounts to add to the read pods	[]
read.extraVolumes	list	Volumes to add to the read pods	[]
read.image.registry	string	The Docker registry for the read image. Overrides `loki.image.registry`	null
read.image.repository	string	Docker image repository for the read image. Overrides `loki.image.repository`	null
read.image.tag	string	Docker image tag for the read image. Overrides `loki.image.tag`	null
read.legacyReadTarget	bool	Whether or not to use the 2 target type simple scalable mode (read, write) or the 3 target type (read, write, backend). Legacy refers to the 2 target type, so true will run two targets, false will run 3 targets.	true
read.lifecycle	object	Lifecycle for the read container	{}
read.nodeSelector	object	Node selector for read pods	{}
read.persistence.enableStatefulSetAutoDeletePVC	bool	Enable StatefulSetAutoDeletePVC feature	true
read.persistence.selector	string	Selector for persistent disk	null
read.persistence.size	string	Size of persistent disk	"10Gi"
read.persistence.storageClass	string	Storage class to be used. If defined, storageClassName: . If set to "-", storageClassName: "", which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).	null
read.podAnnotations	object	Annotations for read pods	{}
read.podLabels	object	Additional labels for each `read` pod	{}
read.priorityClassName	string	The name of the PriorityClass for read pods	null
read.replicas	int	Number of replicas for the read	3
read.resources	object	Resource requests and limits for the read	{}
read.selectorLabels	object	Additional selector labels for each `read` pod	{}
read.serviceLabels	object	Labels for read service	{}
read.targetModule	string	Comma-separated list of Loki modules to load for the read	"read"
read.terminationGracePeriodSeconds	int	Grace period to allow the read to shutdown before it is killed	30
read.tolerations	list	Tolerations for read pods	[]
serviceAccount.annotations	object	Annotations for the service account	{}
serviceAccount.automountServiceAccountToken	bool	Set this toggle to false to opt out of automounting API credentials for the service account	true
serviceAccount.create	bool	Specifies whether a ServiceAccount should be created	true
serviceAccount.imagePullSecrets	list	Image pull secrets for the service account	[]
serviceAccount.labels	object	Labels for the service account	{}
serviceAccount.name	string	The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template	null
singleBinary.affinity	string	Affinity for single binary pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
singleBinary.autoscaling.enabled	bool	Enable autoscaling, this is only used if `queryIndex.enabled: true`	false
singleBinary.autoscaling.maxReplicas	int	Maximum autoscaling replicas for the single binary	3
singleBinary.autoscaling.minReplicas	int	Minimum autoscaling replicas for the single binary	1
singleBinary.autoscaling.targetCPUUtilizationPercentage	int	Target CPU utilisation percentage for the single binary	60
singleBinary.autoscaling.targetMemoryUtilizationPercentage	string	Target memory utilisation percentage for the single binary	null
singleBinary.extraArgs	list	Labels for single binary service	[]
singleBinary.extraEnv	list	Environment variables to add to the single binary pods	[]
singleBinary.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the single binary pods	[]
singleBinary.extraVolumeMounts	list	Volume mounts to add to the single binary pods	[]
singleBinary.extraVolumes	list	Volumes to add to the single binary pods	[]
singleBinary.image.registry	string	The Docker registry for the single binary image. Overrides `loki.image.registry`	null
singleBinary.image.repository	string	Docker image repository for the single binary image. Overrides `loki.image.repository`	null
singleBinary.image.tag	string	Docker image tag for the single binary image. Overrides `loki.image.tag`	null
singleBinary.initContainers	list	Init containers to add to the single binary pods	[]
singleBinary.nodeSelector	object	Node selector for single binary pods	{}
singleBinary.persistence.enableStatefulSetAutoDeletePVC	bool	Enable StatefulSetAutoDeletePVC feature	true
singleBinary.persistence.enabled	bool	Enable persistent disk	true
singleBinary.persistence.selector	string	Selector for persistent disk	null
singleBinary.persistence.size	string	Size of persistent disk	"10Gi"
singleBinary.persistence.storageClass	string	Storage class to be used. If defined, storageClassName: . If set to "-", storageClassName: "", which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).	null
singleBinary.podAnnotations	object	Annotations for single binary pods	{}
singleBinary.podLabels	object	Additional labels for each `single binary` pod	{}
singleBinary.priorityClassName	string	The name of the PriorityClass for single binary pods	null
singleBinary.replicas	int	Number of replicas for the single binary	0
singleBinary.resources	object	Resource requests and limits for the single binary	{}
singleBinary.selectorLabels	object	Additional selector labels for each `single binary` pod	{}
singleBinary.targetModule	string	Comma-separated list of Loki modules to load for the single binary	"all"
singleBinary.terminationGracePeriodSeconds	int	Grace period to allow the single binary to shutdown before it is killed	30
singleBinary.tolerations	list	Tolerations for single binary pods	[]
tableManager.affinity	string	Affinity for table-manager pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
tableManager.command	string	Command to execute instead of defined in Docker image	null
tableManager.enabled	bool	Specifies whether the table-manager should be enabled	false
tableManager.extraArgs	list	Additional CLI args for the table-manager	[]
tableManager.extraContainers	list	Containers to add to the table-manager pods	[]
tableManager.extraEnv	list	Environment variables to add to the table-manager pods	[]
tableManager.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the table-manager pods	[]
tableManager.extraVolumeMounts	list	Volume mounts to add to the table-manager pods	[]
tableManager.extraVolumes	list	Volumes to add to the table-manager pods	[]
tableManager.image.registry	string	The Docker registry for the table-manager image. Overrides `loki.image.registry`	null
tableManager.image.repository	string	Docker image repository for the table-manager image. Overrides `loki.image.repository`	null
tableManager.image.tag	string	Docker image tag for the table-manager image. Overrides `loki.image.tag`	null
tableManager.nodeSelector	object	Node selector for table-manager pods	{}
tableManager.podAnnotations	object	Annotations for table-manager pods	{}
tableManager.podLabels	object	Labels for table-manager pods	{}
tableManager.priorityClassName	string	The name of the PriorityClass for table-manager pods	null
tableManager.resources	object	Resource requests and limits for the table-manager	{}
tableManager.serviceLabels	object	Labels for table-manager service	{}
tableManager.terminationGracePeriodSeconds	int	Grace period to allow the table-manager to shutdown before it is killed	30
tableManager.tolerations	list	Tolerations for table-manager pods	[]
test	object	Section for configuring optional Helm test	{ "annotations": {}, "enabled": true, "image": { "pullPolicy": "IfNotPresent", "registry": "docker.io", "repository": "grafana/loki-helm-test", "tag": null }, "labels": {}, "prometheusAddress": "http://prometheus:9090", "timeout": "1m" }
test.annotations	object	Additional annotations for test pods	{}
test.image	object	Image to use for loki canary	{ "pullPolicy": "IfNotPresent", "registry": "docker.io", "repository": "grafana/loki-helm-test", "tag": null }
test.image.pullPolicy	string	Docker image pull policy	"IfNotPresent"
test.image.registry	string	The Docker registry	"docker.io"
test.image.repository	string	Docker image repository	"grafana/loki-helm-test"
test.image.tag	string	Overrides the image tag whose default is the chart's appVersion	null
test.labels	object	Additional labels for the test pods	{}
test.prometheusAddress	string	Address of the prometheus server to query for the test	"http://prometheus:9090"
test.timeout	string	Number of times to retry the test before failing	"1m"
tracing.jaegerAgentHost	string		""
write.affinity	string	Affinity for write pods. Passed through `tpl` and, thus, to be configured as string	Hard node and soft zone anti-affinity
write.extraArgs	list	Additional CLI args for the write	[]
write.extraEnv	list	Environment variables to add to the write pods	[]
write.extraEnvFrom	list	Environment variables from secrets or configmaps to add to the write pods	[]
write.extraVolumeMounts	list	Volume mounts to add to the write pods	[]
write.extraVolumes	list	Volumes to add to the write pods	[]
write.image.registry	string	The Docker registry for the write image. Overrides `loki.image.registry`	null
write.image.repository	string	Docker image repository for the write image. Overrides `loki.image.repository`	null
write.image.tag	string	Docker image tag for the write image. Overrides `loki.image.tag`	null
write.initContainers	list	Init containers to add to the write pods	[]
write.lifecycle	object	Lifecycle for the write container	{}
write.nodeSelector	object	Node selector for write pods	{}
write.persistence.enableStatefulSetAutoDeletePVC	bool	Enable StatefulSetAutoDeletePVC feature	false
write.persistence.selector	string	Selector for persistent disk	null
write.persistence.size	string	Size of persistent disk	"10Gi"
write.persistence.storageClass	string	Storage class to be used. If defined, storageClassName: . If set to "-", storageClassName: "", which disables dynamic provisioning. If empty or set to null, no storageClassName spec is set, choosing the default provisioner (gp2 on AWS, standard on GKE, AWS, and OpenStack).	null
write.podAnnotations	object	Annotations for write pods	{}
write.podLabels	object	Additional labels for each `write` pod	{}
write.priorityClassName	string	The name of the PriorityClass for write pods	null
write.replicas	int	Number of replicas for the write	3
write.resources	object	Resource requests and limits for the write	{}
write.selectorLabels	object	Additional selector labels for each `write` pod	{}
write.serviceLabels	object	Labels for ingester service	{}
write.targetModule	string	Comma-separated list of Loki modules to load for the write	"write"
write.terminationGracePeriodSeconds	int	Grace period to allow the write to shutdown before it is killed. Especially for the ingester, this must be increased. It must be long enough so writes can be gracefully shutdown flushing/transferring all data and to successfully leave the member ring on shutdown.	300
write.tolerations	list	Tolerations for write pods	[]