# Loki Architecture Diagram

## Архитектура решения

```mermaid
graph TB
    subgraph "External Access"
        Browser[🌐 Browser]
        DNS[🔍 DNS: loki.thedevops.dev]
    end
    
    subgraph "Traefik Ingress Controller"
        Traefik[⚡ Traefik<br/>Port 80/443]
        LE[🔐 Let's Encrypt<br/>TLS Certificate]
    end
    
    subgraph "Loki Namespace"
        Ingress[📥 Ingress<br/>loki.thedevops.dev]
        Middleware[🔒 Basic Auth<br/>Middleware]
        Secret[🗝️ Secret<br/>loki-basic-auth]
        Service[🔌 Service<br/>loki:3100]
        StatefulSet[💾 StatefulSet<br/>loki-0]
        PVC[📀 PVC<br/>loki-data]
        Promtail[📡 DaemonSet<br/>Promtail]
    end
    
    subgraph "Monitoring Namespace"
        Grafana[📊 Grafana]
        Prometheus[📈 Prometheus]
    end
    
    subgraph "ArgoCD"
        ArgoCD[🔄 ArgoCD<br/>Auto-Sync]
        GitRepo[📚 Gitea<br/>k3s-gitops]
    end
    
    subgraph "Storage"
        Longhorn[💿 Longhorn<br/>Distributed Storage]
    end
    
    Browser -->|HTTPS| DNS
    DNS -->|Resolve| Traefik
    Traefik -->|TLS Termination| LE
    Traefik -->|Route| Ingress
    Ingress -->|Apply| Middleware
    Middleware -->|Validate| Secret
    Middleware -->|Forward| Service
    Service -->|Load Balance| StatefulSet
    StatefulSet -->|Store Logs| PVC
    PVC -->|Backend| Longhorn
    
    Promtail -.->|Push Logs| Service
    Grafana -.->|Query LogQL| Service
    Prometheus -.->|Scrape Metrics| StatefulSet
    
    GitRepo -->|Watch| ArgoCD
    ArgoCD -->|Deploy| Ingress
    ArgoCD -->|Deploy| Middleware
    ArgoCD -->|Deploy| Secret
    ArgoCD -->|Deploy| StatefulSet
    
    style Browser fill:#e1f5ff
    style DNS fill:#e1f5ff
    style Traefik fill:#ffe1e1
    style LE fill:#ffe1e1
    style Ingress fill:#fff4e1
    style Middleware fill:#fff4e1
    style Secret fill:#fff4e1
    style Service fill:#e1ffe1
    style StatefulSet fill:#e1ffe1
    style PVC fill:#f0e1ff
    style Promtail fill:#e1ffe1
    style Grafana fill:#ffe1f5
    style Prometheus fill:#ffe1f5
    style ArgoCD fill:#e1f0ff
    style GitRepo fill:#e1f0ff
    style Longhorn fill:#f0e1ff
```

## Data Flow - Логи

```mermaid
sequenceDiagram
    participant Apps as Kubernetes Pods
    participant Promtail as Promtail DaemonSet
    participant Loki as Loki StatefulSet
    participant Storage as Longhorn PVC
    participant Grafana as Grafana
    
    Apps->>Promtail: Write logs to stdout/stderr
    Note over Promtail: Parse & Label logs
    Promtail->>Loki: HTTP POST /loki/api/v1/push
    Note over Loki: Index labels<br/>Compress chunks
    Loki->>Storage: Write compressed chunks
    
    Grafana->>Loki: LogQL Query
    Loki->>Storage: Read chunks
    Loki->>Grafana: Return log lines
    Note over Grafana: Display in UI
```

## Access Flow - External User

```mermaid
sequenceDiagram
    participant User as Browser
    participant DNS as DNS Server
    participant Traefik as Traefik
    participant Ingress as Ingress
    participant Middleware as Middleware
    participant Secret as Secret
    participant Loki as Loki Service
    
    User->>DNS: Resolve loki.thedevops.dev
    DNS->>User: Return IPs
    User->>Traefik: HTTPS Request
    Note over Traefik: TLS Termination<br/>(Let's Encrypt)
    Traefik->>Ingress: Route to loki namespace
    Ingress->>Middleware: Apply loki-auth
    Middleware->>Secret: Get credentials
    Middleware->>Middleware: Validate Basic Auth
    alt Valid Credentials
        Middleware->>Loki: Forward request
        Loki->>Middleware: Response
        Middleware->>Traefik: Response
        Traefik->>User: HTTPS Response
    else Invalid Credentials
        Middleware->>User: 401 Unauthorized
    end
```

## ArgoCD GitOps Flow

```mermaid
graph LR
    subgraph "Developer"
        Dev[👨‍💻 Developer]
        Local[💻 Local Git]
    end
    
    subgraph "Gitea"
        Repo[📚 k3s-gitops<br/>Repository]
    end
    
    subgraph "ArgoCD"
        Sync[🔄 ArgoCD<br/>Controller]
        App[📦 Application<br/>loki]
    end
    
    subgraph "Kubernetes"
        Resources[☸️ K8s Resources<br/>Ingress, Secret, etc]
    end
    
    Dev -->|1. Edit YAML| Local
    Local -->|2. Git Push| Repo
    Repo -->|3. Webhook/Poll| Sync
    Sync -->|4. Detect Changes| App
    App -->|5. kubectl apply| Resources
    Resources -.->|6. Status| App
    App -.->|7. Sync Status| Dev
    
    style Dev fill:#e1f5ff
    style Local fill:#e1f5ff
    style Repo fill:#e1f0ff
    style Sync fill:#e1ffe1
    style App fill:#e1ffe1
    style Resources fill:#ffe1e1
```

## Component Relationships

```mermaid
graph TB
    subgraph "Core Components"
        Loki[Loki StatefulSet<br/>Port 3100]
        Promtail[Promtail DaemonSet<br/>Port 3101]
    end
    
    subgraph "Access Control"
        Ingress[Ingress]
        Middleware[Middleware]
        Secret[Secret]
    end
    
    subgraph "Monitoring"
        ServiceMonitor[ServiceMonitor]
        Prometheus[Prometheus]
        Grafana[Grafana]
    end
    
    subgraph "Storage"
        PVC[PersistentVolumeClaim<br/>loki-data]
        Longhorn[Longhorn]
    end
    
    subgraph "GitOps"
        Git[Git Repository]
        ArgoCD[ArgoCD]
    end
    
    Ingress --> Middleware
    Middleware --> Secret
    Middleware --> Loki
    Promtail --> Loki
    Loki --> PVC
    PVC --> Longhorn
    ServiceMonitor --> Loki
    ServiceMonitor --> Prometheus
    Grafana --> Loki
    Git --> ArgoCD
    ArgoCD --> Ingress
    ArgoCD --> Middleware
    ArgoCD --> Secret
    ArgoCD --> Loki
    ArgoCD --> Promtail
    
    style Loki fill:#4CAF50
    style Promtail fill:#8BC34A
    style Ingress fill:#FFC107
    style Middleware fill:#FF9800
    style Secret fill:#FF5722
    style Grafana fill:#E91E63
    style Prometheus fill:#9C27B0
    style ArgoCD fill:#2196F3
    style Longhorn fill:#00BCD4
```

## Deployment States

```mermaid
stateDiagram-v2
    [*] --> GitPush: Developer commits
    GitPush --> ArgoCD_Detect: ArgoCD polls repo
    ArgoCD_Detect --> Syncing: Changes detected
    Syncing --> Deploying: Apply manifests
    
    state Deploying {
        [*] --> CreateSecret
        CreateSecret --> CreateMiddleware
        CreateMiddleware --> CreateIngress
        CreateIngress --> RequestCert
        RequestCert --> ValidateCert
        ValidateCert --> [*]
    }
    
    Deploying --> Healthy: All resources ready
    Healthy --> [*]: Deployment complete
    
    Deploying --> Failed: Error occurred
    Failed --> Syncing: Retry
    
    Healthy --> GitPush: New changes
```

## Network Topology

```mermaid
graph TB
    subgraph "Internet"
        Client[Client Browser]
    end
    
    subgraph "Public IPs"
        IP1[5.182.17.194]
        IP2[62.169.30.194]
        IP3[62.169.30.206]
    end
    
    subgraph "k3s Cluster"
        subgraph "kube-system"
            Traefik[Traefik LoadBalancer<br/>80/443]
        end
        
        subgraph "loki namespace"
            Ingress[Ingress<br/>loki.thedevops.dev]
            Service[ClusterIP Service<br/>10.43.x.x:3100]
            Pod[Loki Pod<br/>10.42.x.x:3100]
        end
        
        subgraph "cert-manager"
            CertManager[Cert Manager]
            Certificate[Certificate<br/>loki-tls]
        end
    end
    
    Client -->|DNS| IP1
    Client -->|DNS| IP2
    Client -->|DNS| IP3
    IP1 --> Traefik
    IP2 --> Traefik
    IP3 --> Traefik
    Traefik -->|Route by Host| Ingress
    Ingress -->|ClusterIP| Service
    Service -->|Pod IP| Pod
    CertManager -.->|Provision| Certificate
    Certificate -.->|Use| Ingress
    
    style Client fill:#e1f5ff
    style IP1 fill:#ffe1e1
    style IP2 fill:#ffe1e1
    style IP3 fill:#ffe1e1
    style Traefik fill:#fff4e1
    style Ingress fill:#e1ffe1
    style Service fill:#e1f0ff
    style Pod fill:#f0e1ff
```

---

## Legend

- 🌐 External Access Point
- ⚡ Load Balancer / Proxy
- 📥 Ingress / API Gateway
- 🔒 Authentication / Security
- 💾 Stateful Storage
- 📡 Log Collection
- 📊 Visualization
- 🔄 Automation / GitOps
- 💿 Persistent Storage
- ☸️ Kubernetes Resources