mash-playbook/docs/services/grafana-loki.md
Slavi Pantaleev d2066525c9 Add support for Grafana Loki and Promtail
Most of the work on these roles and integration
was done by https://github.com/moan0s and https://github.com/sudo-Tiz
2024-02-04 18:08:28 +02:00

3.2 KiB

Grafana Loki

Grafana Loki is a set of components that can be composed into a fully featured logging stack. Installing it is powered by the mother-of-all-self-hosting/ansible-role-loki Ansible role.

Loki is just a log storage system. In order to make use of it, you'd need at least 2 other components

  • some agent (like Promtail) to send logs to Loki
  • some system (like Grafana) to read the logs out of Loki and display them nicely

Dependencies

This service requires the following other services:

  • (optionally) Traefik - a reverse-proxy server for exposing Loki publicly
  • (optionally) Promtail - an agent that can send logs to Loki
  • (optionally) Grafana - a web UI that can query the Loki datasource (connection) and display the logs

Configuration

To enable this service, add the following configuration to your vars.yml file and re-run the installation process:

########################################################################
#                                                                      #
# loki                                                                 #
#                                                                      #
########################################################################

loki_enabled: true

########################################################################
#                                                                      #
# /loki                                                                #
#                                                                      #
########################################################################

Exposing the web interface

By setting a hostname and optionally a path prefix, you can expose Loki publicly. You may wish to do this, if you'd like to be able to:

  • push logs from remote agents (e.g. Promtail installed on remote machines, etc.)
  • query logs from remote systems (e.g. Grafana installed elsewhere)

When exposing publicly, it's natural to set up HTTP Basic Authentication or anyone would be able to read your logs or push new ones.

loki_hostname: mash.example.com
loki_path_prefix: /loki

# If you are sure you wish to run without Basic Auth enabled,
# explicitly set the variable below to false.
loki_container_labels_middleware_basic_auth_enabled: true
# Use `htpasswd -nb USERNAME PASSSWORD` to generate the users below.
loki_container_labels_middleware_basic_auth_users: ''

Usage

After installing, refer to the official documentation to send logs to loki's API without an agent or set up one or more instances of the Promtail agent.

  • Grafana - a web-based tool for visualizing your Promtail logs (stored in Grafana Loki or elsewhere)
  • Promtail - an agent which ships the contents of local logs to a private Grafana Loki instance