configuration added

template/stacks/monitoring/alloy/values.yaml

@@ -1,5 +1,4 @@
 alloy:
-  
   extraPorts:
     - name: "tcpsocket"
       port: 1514
@@ -80,6 +79,10 @@ alloy:
 
       }
 
+      loki.source.kubernetes "all_pod_logs" {
+        targets    = discovery.relabel.pod_logs.output
+        forward_to = [loki.write.local_loki.receiver]
+      }
 
       loki.source.syslog "tcp_socket" {
         listener {

template/stacks/ref-implementation/openbao-logging-setup.yaml

@@ -1,29 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: openbao-logging-setup
-  namespace: argocd
-  labels:
-    env: dev
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  project: default
-  source:
-    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
-    targetRevision: HEAD
-    path: "stacks/ref-implementation/openbao-logging"
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: openbao
-  syncPolicy:
-    syncOptions:
-      - CreateNamespace=true
-    automated:
-      selfHeal: true
-    retry:
-      limit: -1
-      backoff:
-        duration: 15s
-        factor: 1
-        maxDuration: 15s

template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml

@@ -1,37 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: openbao-logging-dir
-  namespace: openbao
-spec:
-  selector:
-    matchLabels:
-      app: openbao-logging-dir
-  template:
-    metadata:
-      labels:
-        app: openbao-logging-dir
-    spec:
-      initContainers:
-      - name: creator
-        image: busybox
-        command: ["/bin/sh", "-c"]
-        args:
-        - |
-          set -e
-          mkdir -p /var/log/openbao
-          chown 100:100 /var/log/openbao
-        securityContext:
-          runAsUser: 0 
-        volumeMounts:
-        - name: host-log
-          mountPath: /var/log
-      containers:
-      - name: running-container
-        image: busybox
-        command: ["sleep", "infinity"]
-      volumes:
-      - name: host-log
-        hostPath:
-          path: /var/log
-          type: Directory

template/stacks/ref-implementation/openbao-logging/logrotate.yaml

@@ -1,56 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: openbao-logrotate
-  namespace: openbao
-spec:
-  selector:
-    matchLabels:
-      app: openbao-logrotate
-  template:
-    metadata:
-      labels:
-        app: openbao-logrotate
-    spec:
-      containers:
-      - name: logrotate
-        image: alpine
-        command: ["/bin/sh", "-c"]
-        args:
-        - |
-          apk add --no-cache logrotate
-          while true; do logrotate -f /etc/logrotate.d/openbao; sleep 60; done
-        volumeMounts:
-        - name: logrotate-config
-          mountPath: /etc/logrotate.d/openbao
-          subPath: openbao
-        - name: host-log
-          mountPath: /var/log/openbao
-      volumes:
-      - name: logrotate-config
-        configMap:
-          name: openbao-logrotate-config
-      - name: host-log
-        hostPath:
-          path: /var/log
-          type: Directory
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: openbao-logrotate-config
-  namespace: openbao
-data:
-  openbao: |
-    /var/log/openbao/openbao/*.log {
-    size 5k
-    rotate 7
-    compress
-    missingok
-    notifempty
-    postrotate
-        mkdir pupa
-        kill -SIGHUP $(pidof bao)
-    endscript
-    }

template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml

@@ -1,26 +0,0 @@
-# apiVersion: v1
-# kind: ConfigMap
-# metadata:
-#   name: sidecar-container-alloy-config
-# data:
-#   config.alloy: |
-#     logging {
-#       level  = "info"
-#       format = "logfmt"
-#     }
-
-#     loki.write "local_loki" {
-#       endpoint {
-#           url = "http://loki-loki-distributed-gateway.monitoring.svc.cluster.local/loki/api/v1/push"
-#       }
-#     }
-
-#     local.file_match "applogs" {
-#       path_targets = [{"__path__" = "/openbao/logs/*"}]
-#       sync_period = "5s"
-#     }
-
-#     loki.source.file "openbao_logs" {
-#       targets    = local.file_match.applogs.targets
-#       forward_to = [loki.write.local_loki.receiver]
-#     }

template/stacks/ref-implementation/openbao/values.yaml

@@ -1,35 +1,4 @@
-server:
+server:    
-  # extraContainers:
-  #   - name: grafana-alloy
-  #     image: grafana/alloy:latest
-  #     ports:
-  #       - containerPort: 12345
-  #     securityContext:
-  #       runAsUser: 100
-  #     volumeMounts:
-  #           - name: alloy-data
-  #             mountPath: /var/lib/alloy
-  #           - name: config-volume
-  #             mountPath: /etc/alloy
-  #           - name: host-log-storage
-  #             mountPath: /openbao/logs
-    
-  volumes:
-    # - name: alloy-data
-    #   emptyDir: {}
-    # - name: config-volume
-    #   configMap: 
-    #     name: sidecar-container-alloy-config
-    - name: host-log-storage
-      hostPath:
-        path: /var/log
-        type: Directory
-
-  volumeMounts:
-    - mountPath: /openbao/logs
-      name: host-log-storage
-      readOnly: false
-
   postStart:
     - sh
     - -c
@@ -46,7 +15,6 @@ server:
       echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
       bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')
       rm /tmp/init.txt
-      bao audit enable -path="stdout" file file_path=stdout
+      bao audit enable socket address=alloy.monitoring.svc.cluster.local:1514 socket_type=tcp
-      bao audit enable -path="file" file file_path=/openbao/logs/openbao/openbao.log
 ui:
   enabled: true