New PVCs may get exposed to the container with root permissions despite
the UID of the container. Here we set the `securityContext.fsGroup` of
the statefulset which run the tempo container.
* Update Tempo image to run as non-root
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* Change ownership of /var/tempo
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* Breadcrumbs for ingester filesystem permissions
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* Create the directory we attempt to chown
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* Include initcontainer and adjust statefulset security for new UID
* Compile jsonnet
* Drop securityContext since the chown handles the permissions
* Adjust test path for ownership
* Update changelog to note breaking change
* Drop extra object and include additional hardcode
* Improve language for CHANGELOG
---------
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* microservices: use DNS lookup for memberlsit.join_members by default
Related: https://github.com/grafana/loki/pull/9723
In high instance environments, the current default configuration will result
in a connection to each member returned by a DNS entry and result in
more connections than is necessary.
Here we include the fix that Loki has for using a `dns+` lookup feature
of memberlist to ensure that only a few members of the DNS entry are
added.
* Compile jsonnet
* Remove forced volume mounts for generator deployment which prevents downstream jsonnet from changing them via $.tempo_metrics_generator_container, make volume mounts idential between deployment and statefulset
* Sort gitignore and add more paths
* Fix command and regen output
* changelog
* Add statefulset for metrics generator
* Use proper volume method
* Keep the data emptyDir on the generator deployment
* Fix config references
* Fix config default error
* Move readme file
* Zero replicas for the deployment
* Update changelog
* Update config example
* Compile jsonnet
* Update test config for microservices
* Include metrics-generator statefulset compiled manifest
* Drop termination grace grace period to rely on defaults
* Compile jsonnet
tempo-query was required for Grafana version <7.5 for compatibility with jaeger-ui. grafana version <7.5 didn't have Tempo datasource, and we used jaeger datasource to query tempo via tempo-query.
Grafana 7.5 was released on Mar 25, 2021, which was 2+ year ago.
It is already disabled by default in helm-chart: grafana/helm-charts#2387
* Reduce use of kausal to allow for api updates
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* [jsonnet-microservices] Update PodDisruptionBudget to policy/v1
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* Update minimum k8s version for jsonnet installation to 1.21
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
---------
Signed-off-by: Zach Leslie <zach.leslie@grafana.com>
* frontend
Signed-off-by: Joe Elliott <number101010@gmail.com>
* querier
Signed-off-by: Joe Elliott <number101010@gmail.com>
* compactor
Signed-off-by: Joe Elliott <number101010@gmail.com>
* ingester
Signed-off-by: Joe Elliott <number101010@gmail.com>
* storage v1
Signed-off-by: Joe Elliott <number101010@gmail.com>
* storage v2
Signed-off-by: Joe Elliott <number101010@gmail.com>
* Always use getOrCreateInstance
Signed-off-by: Joe Elliott <number101010@gmail.com>
* manifest
Signed-off-by: Joe Elliott <number101010@gmail.com>
* changelog
Signed-off-by: Joe Elliott <number101010@gmail.com>
* docs
Signed-off-by: Joe Elliott <number101010@gmail.com>
* lint
Signed-off-by: Joe Elliott <number101010@gmail.com>
* lengthen fake polling cycle to prevent test failures
Signed-off-by: Joe Elliott <number101010@gmail.com>
* Restore wal version and default to block version
Signed-off-by: Joe Elliott <number101010@gmail.com>
* Warn when v2 settings drift and v2 is not set
Signed-off-by: Joe Elliott <number101010@gmail.com>
* update examples
Signed-off-by: Joe Elliott <number101010@gmail.com>
* remove todo
Signed-off-by: Joe Elliott <number101010@gmail.com>
* recompiled jsonnet
Signed-off-by: Joe Elliott <number101010@gmail.com>
Signed-off-by: Joe Elliott <number101010@gmail.com>
* use snake case on azure storage
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
* run jsonnetfmt
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
* update CHANGELOG.md
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
* * add example on update CHANGELOG.md
* update azure docker-compose example
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
* compile jsonnet
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
Signed-off-by: Fausto David Suarez Rosario <faustodavid@hotmail.com>
