admin/k3s-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upload files to "loki-ingress-argocd-setup"

Browse Source
This commit is contained in:
admin
2026-01-06 07:36:53 +00:00
parent dce0be1095
commit 3039f872aa
5 changed files with 1476 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

321
loki-ingress-argocd-setup/ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,321 @@
# Loki Architecture Diagram
## Архитектура решения
```mermaid
graph TB
subgraph "External Access"
Browser[🌐 Browser]
DNS[🔍 DNS: loki.thedevops.dev]
end
subgraph "Traefik Ingress Controller"
Traefik[⚡ Traefik<br/>Port 80/443]
LE[🔐 Let's Encrypt<br/>TLS Certificate]
end
subgraph "Loki Namespace"
Ingress[📥 Ingress<br/>loki.thedevops.dev]
Middleware[🔒 Basic Auth<br/>Middleware]
Secret[🗝️ Secret<br/>loki-basic-auth]
Service[🔌 Service<br/>loki:3100]
StatefulSet[💾 StatefulSet<br/>loki-0]
PVC[📀 PVC<br/>loki-data]
Promtail[📡 DaemonSet<br/>Promtail]
end
subgraph "Monitoring Namespace"
Grafana[📊 Grafana]
Prometheus[📈 Prometheus]
end
subgraph "ArgoCD"
ArgoCD[🔄 ArgoCD<br/>Auto-Sync]
GitRepo[📚 Gitea<br/>k3s-gitops]
end
subgraph "Storage"
Longhorn[💿 Longhorn<br/>Distributed Storage]
end
Browser -->|HTTPS| DNS
DNS -->|Resolve| Traefik
Traefik -->|TLS Termination| LE
Traefik -->|Route| Ingress
Ingress -->|Apply| Middleware
Middleware -->|Validate| Secret
Middleware -->|Forward| Service
Service -->|Load Balance| StatefulSet
StatefulSet -->|Store Logs| PVC
PVC -->|Backend| Longhorn
Promtail -.->|Push Logs| Service
Grafana -.->|Query LogQL| Service
Prometheus -.->|Scrape Metrics| StatefulSet
GitRepo -->|Watch| ArgoCD
ArgoCD -->|Deploy| Ingress
ArgoCD -->|Deploy| Middleware
ArgoCD -->|Deploy| Secret
ArgoCD -->|Deploy| StatefulSet
style Browser fill:#e1f5ff
style DNS fill:#e1f5ff
style Traefik fill:#ffe1e1
style LE fill:#ffe1e1
style Ingress fill:#fff4e1
style Middleware fill:#fff4e1
style Secret fill:#fff4e1
style Service fill:#e1ffe1
style StatefulSet fill:#e1ffe1
style PVC fill:#f0e1ff
style Promtail fill:#e1ffe1
style Grafana fill:#ffe1f5
style Prometheus fill:#ffe1f5
style ArgoCD fill:#e1f0ff
style GitRepo fill:#e1f0ff
style Longhorn fill:#f0e1ff
```
## Data Flow - Логи
```mermaid
sequenceDiagram
participant Apps as Kubernetes Pods
participant Promtail as Promtail DaemonSet
participant Loki as Loki StatefulSet
participant Storage as Longhorn PVC
participant Grafana as Grafana
Apps->>Promtail: Write logs to stdout/stderr
Note over Promtail: Parse & Label logs
Promtail->>Loki: HTTP POST /loki/api/v1/push
Note over Loki: Index labels<br/>Compress chunks
Loki->>Storage: Write compressed chunks
Grafana->>Loki: LogQL Query
Loki->>Storage: Read chunks
Loki->>Grafana: Return log lines
Note over Grafana: Display in UI
```
## Access Flow - External User
```mermaid
sequenceDiagram
participant User as Browser
participant DNS as DNS Server
participant Traefik as Traefik
participant Ingress as Ingress
participant Middleware as Middleware
participant Secret as Secret
participant Loki as Loki Service
User->>DNS: Resolve loki.thedevops.dev
DNS->>User: Return IPs
User->>Traefik: HTTPS Request
Note over Traefik: TLS Termination<br/>(Let's Encrypt)
Traefik->>Ingress: Route to loki namespace
Ingress->>Middleware: Apply loki-auth
Middleware->>Secret: Get credentials
Middleware->>Middleware: Validate Basic Auth
alt Valid Credentials
Middleware->>Loki: Forward request
Loki->>Middleware: Response
Middleware->>Traefik: Response
Traefik->>User: HTTPS Response
else Invalid Credentials
Middleware->>User: 401 Unauthorized
end
```
## ArgoCD GitOps Flow
```mermaid
graph LR
subgraph "Developer"
Dev[👨‍💻 Developer]
Local[💻 Local Git]
end
subgraph "Gitea"
Repo[📚 k3s-gitops<br/>Repository]
end
subgraph "ArgoCD"
Sync[🔄 ArgoCD<br/>Controller]
App[📦 Application<br/>loki]
end
subgraph "Kubernetes"
Resources[☸️ K8s Resources<br/>Ingress, Secret, etc]
end
Dev -->|1. Edit YAML| Local
Local -->|2. Git Push| Repo
Repo -->|3. Webhook/Poll| Sync
Sync -->|4. Detect Changes| App
App -->|5. kubectl apply| Resources
Resources -.->|6. Status| App
App -.->|7. Sync Status| Dev
style Dev fill:#e1f5ff
style Local fill:#e1f5ff
style Repo fill:#e1f0ff
style Sync fill:#e1ffe1
style App fill:#e1ffe1
style Resources fill:#ffe1e1
```
## Component Relationships
```mermaid
graph TB
subgraph "Core Components"
Loki[Loki StatefulSet<br/>Port 3100]
Promtail[Promtail DaemonSet<br/>Port 3101]
end
subgraph "Access Control"
Ingress[Ingress]
Middleware[Middleware]
Secret[Secret]
end
subgraph "Monitoring"
ServiceMonitor[ServiceMonitor]
Prometheus[Prometheus]
Grafana[Grafana]
end
subgraph "Storage"
PVC[PersistentVolumeClaim<br/>loki-data]
Longhorn[Longhorn]
end
subgraph "GitOps"
Git[Git Repository]
ArgoCD[ArgoCD]
end
Ingress --> Middleware
Middleware --> Secret
Middleware --> Loki
Promtail --> Loki
Loki --> PVC
PVC --> Longhorn
ServiceMonitor --> Loki
ServiceMonitor --> Prometheus
Grafana --> Loki
Git --> ArgoCD
ArgoCD --> Ingress
ArgoCD --> Middleware
ArgoCD --> Secret
ArgoCD --> Loki
ArgoCD --> Promtail
style Loki fill:#4CAF50
style Promtail fill:#8BC34A
style Ingress fill:#FFC107
style Middleware fill:#FF9800
style Secret fill:#FF5722
style Grafana fill:#E91E63
style Prometheus fill:#9C27B0
style ArgoCD fill:#2196F3
style Longhorn fill:#00BCD4
```
## Deployment States
```mermaid
stateDiagram-v2
[*] --> GitPush: Developer commits
GitPush --> ArgoCD_Detect: ArgoCD polls repo
ArgoCD_Detect --> Syncing: Changes detected
Syncing --> Deploying: Apply manifests
state Deploying {
[*] --> CreateSecret
CreateSecret --> CreateMiddleware
CreateMiddleware --> CreateIngress
CreateIngress --> RequestCert
RequestCert --> ValidateCert
ValidateCert --> [*]
}
Deploying --> Healthy: All resources ready
Healthy --> [*]: Deployment complete
Deploying --> Failed: Error occurred
Failed --> Syncing: Retry
Healthy --> GitPush: New changes
```
## Network Topology
```mermaid
graph TB
subgraph "Internet"
Client[Client Browser]
end
subgraph "Public IPs"
IP1[5.182.17.194]
IP2[62.169.30.194]
IP3[62.169.30.206]
end
subgraph "k3s Cluster"
subgraph "kube-system"
Traefik[Traefik LoadBalancer<br/>80/443]
end
subgraph "loki namespace"
Ingress[Ingress<br/>loki.thedevops.dev]
Service[ClusterIP Service<br/>10.43.x.x:3100]
Pod[Loki Pod<br/>10.42.x.x:3100]
end
subgraph "cert-manager"
CertManager[Cert Manager]
Certificate[Certificate<br/>loki-tls]
end
end
Client -->|DNS| IP1
Client -->|DNS| IP2
Client -->|DNS| IP3
IP1 --> Traefik
IP2 --> Traefik
IP3 --> Traefik
Traefik -->|Route by Host| Ingress
Ingress -->|ClusterIP| Service
Service -->|Pod IP| Pod
CertManager -.->|Provision| Certificate
Certificate -.->|Use| Ingress
style Client fill:#e1f5ff
style IP1 fill:#ffe1e1
style IP2 fill:#ffe1e1
style IP3 fill:#ffe1e1
style Traefik fill:#fff4e1
style Ingress fill:#e1ffe1
style Service fill:#e1f0ff
style Pod fill:#f0e1ff
```
---
## Legend
- 🌐 External Access Point
- ⚡ Load Balancer / Proxy
- 📥 Ingress / API Gateway
- 🔒 Authentication / Security
- 💾 Stateful Storage
- 📡 Log Collection
- 📊 Visualization
- 🔄 Automation / GitOps
- 💿 Persistent Storage
- ☸️ Kubernetes Resources