I'd like to deploy Loki to collect Toolsbeta tool and infrastructure logs next. It will persist data in our object storage service.
This task is to figure out bucket provisioning, setting some initial per-bucket limits, and credentials for the Loki service (in K8s) to talk to the object storage service. Preferrably the bucket config would happen via Tofu.
upstream docs: https://grafana.com/docs/loki/latest/configure/storage/
| Title | Reference | Author | Source Branch | Dest Branch | |
|---|---|---|---|---|---|
| logging: Use separate app creds for separate projects | repos/cloud/toolforge/tofu-provisioning!52 | taavi | main-Ib3fcc96e3ede553ef003d9062513016b1b2511ed | main | |
| Revert "shared: Provision storage buckets for Loki" | repos/cloud/toolforge/tofu-provisioning!51 | taavi | main-I99a5f3cb7f00f65a9f10a03ee1e082fdc7cfafb8 | main | |
| Provision log storage buckets in a separate project | repos/cloud/toolforge/tofu-provisioning!50 | taavi | main-I1384635fe4afe95f8ba034f20fe8ce61efe1ff4b | main | |
| shared: Provision storage buckets for Loki | repos/cloud/toolforge/tofu-provisioning!49 | taavi | main-I2123be8109ae73e3e9944cb69fbd7a00f596f99b | main |
@Andrew do you happen to know if individual buckets can be configured to have a storage limit applied to them without having to go through the Rados admin CLI?
There is an API as well as a CLI:
https://docs.ceph.com/en/latest/radosgw/adminops/
So it should be possible, although I have never tried to use it.
I'm still a bit attached to the idea of mapping tools to keystone projects, at which point users could have a shared quota used for tool-specific objects or logs (and decide if they love their logs or their media more.) but that may be way out of scope for what you're planning.
taavi opened https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/49
shared: Provision storage buckets for Loki
taavi merged https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/49
shared: Provision storage buckets for Loki
taavi opened https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/50
Use separate project for log storage buckets
taavi opened https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/51
Revert "shared: Provision storage buckets for Loki"
taavi merged https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/51
Revert "shared: Provision storage buckets for Loki"
taavi merged https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/50
Provision log storage buckets in a separate project
taavi opened https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/52
logging: Use separate app creds for separate projects
taavi merged https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/52
logging: Use separate app creds for separate projects
taavi opened https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/821
logging: Add values to deploy to toolsbeta