apiVersion: apps/v1 kind: StatefulSet metadata: name: loki namespace: loki labels: app.kubernetes.io/name: loki spec: replicas: 1 serviceName: loki-headless selector: matchLabels: app.kubernetes.io/name: loki template: metadata: labels: app.kubernetes.io/name: loki annotations: prometheus.io/scrape: "true" prometheus.io/port: "3100" prometheus.io/path: "/metrics" spec: securityContext: fsGroup: 10001 runAsGroup: 10001 runAsNonRoot: true runAsUser: 10001 containers: - name: loki image: grafana/loki:3.3.2 imagePullPolicy: IfNotPresent args: - -config.file=/etc/loki/loki.yaml ports: - name: http containerPort: 3100 protocol: TCP - name: grpc containerPort: 9096 protocol: TCP livenessProbe: httpGet: path: /ready port: http initialDelaySeconds: 45 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: httpGet: path: /ready port: http initialDelaySeconds: 45 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 resources: requests: cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true volumeMounts: - name: config mountPath: /etc/loki - name: data mountPath: /loki - name: tmp mountPath: /tmp volumes: - name: config configMap: name: loki-config - name: data persistentVolumeClaim: claimName: loki-data - name: tmp emptyDir: {}