Documentation
¶
Overview ¶
Package common provides shared utilities and components for Alloy agent configuration.
This package contains common functionality used across different Alloy agent types (metrics, logs, events) including:
- Secret template generation for agent credentials and configuration
- Shared label constants and utilities
- Common configuration patterns
The common package promotes code reuse and consistency across all agent types while maintaining a clear separation of concerns.
Index ¶
Constants ¶
View Source
const ( // PriorityClassName is the pod priority class for critical Alloy agent workloads PriorityClassName = "giantswarm-critical" // LokiBaseURLFormat is the base URL template for Loki write endpoints LokiBaseURLFormat = "https://write.loki.%s" // LokiPushURLFormat is the full URL template for Loki's push API LokiPushURLFormat = LokiBaseURLFormat + "/loki/api/v1/push" // Loki secret keys for authentication and endpoint configuration LokiURLKey = "logging-url" // URL for Loki push endpoint LokiTenantIDKey = "logging-tenant-id" // Tenant ID for multi-tenancy LokiUsernameKey = "logging-username" // Username for basic auth LokiPasswordKey = "logging-password" // Password for basic auth LokiRulerAPIURLKey = "logging-ruler-api-url" // URL for Loki ruler API // Loki OTLP configuration LokiOTLPBaseURLFormat = LokiBaseURLFormat + "/otlp" // Base URL for Loki OTLP — exporter appends /v1/logs LokiOTLPURLKey = "logging-otlp-url" // Secret key: base URL for Loki OTLP write (WC only) // Loki performance tuning parameters LokiMaxBackoffPeriod = "10m" // Maximum backoff period for retries LokiRemoteTimeout = "60s" // Timeout for remote write operations // Tempo secret keys for authentication and endpoint configuration TempoUsernameKey = "tracing-username" // Username for Tempo authentication TempoPasswordKey = "tracing-password" // Password for Tempo authentication TempoOTLPURLKey = "tracing-otlp-url" // gRPC endpoint in host:port format // TempoBaseURLFormat is the URL template for Tempo ingress TempoBaseURLFormat = "tempo.%s" // --- OTLP Batch Processor Configuration --- // Controls the otelcol.processor.batch block shared by all OTLP pipelines (traces, metrics, logs). // Tune here if an installation shows export latency or oversized payloads; do not expose via Helm // values since these are internal Alloy pipeline knobs, not user-facing behaviour toggles. // // Batch sizes set to 1024 to balance throughput with the gRPC server's default 4 MB decompressed // message limit (4,194,304 bytes). At observed average payload size of 1.6 KB/item: // 1024 items × 1.6 KB = 1.6 MB — 2.5× safety margin from 4 MB limit. // Maximum payload risk at 8 KB/item: 1024 × 8 KB = 8 MB would exceed limit, but mitigated by // timeout: items rarely reach 8 KB in practice, and timeout forces flush before saturation. // Increased timeout to 500ms to give exporters (Mimir, Loki, Tempo) adequate time to process // batches, reducing "sending queue is full" backpressure when export destinations are slow. // send_batch_max_size must be ≥ send_batch_size (otelcol validates this at startup). OTLPBatchSendBatchSize = 1024 // Flush when this many items queued (must be ≤ OTLPBatchMaxSize) OTLPBatchMaxSize = 1024 // Hard cap: prevents batches from exceeding 4 MB gRPC limit with safety margin OTLPBatchTimeout = "500ms" // Maximum wait before flushing an incomplete batch // Mimir default values and URL templates MimirRemoteWriteName = "mimir" // Default remote write name MimirBaseURLFormat = "https://mimir.%s" // Base URL template for Mimir MimirRemoteWriteEndpointURLFormat = MimirBaseURLFormat + "/api/v1/push" // Full remote write endpoint URL MimirQueryEndpointURLFormat = MimirBaseURLFormat + "/prometheus" // Prometheus-compatible query endpoint for KEDA MimirRemoteWriteTimeout = "60s" // Timeout for remote write operations // Mimir secret keys for remote write configuration and authentication. MimirQueryAPIURLKey = "metrics-query-url" // URL for Mimir query endpoint MimirRulerAPIURLKey = "metrics-ruler-url" // URL for Mimir ruler API MimirUsernameKey = "metrics-username" // Username for Mimir remote write and OTLP auth MimirPasswordKey = "metrics-password" // Password for Mimir remote write and OTLP auth MimirRemoteWriteAPIURLKey = "metrics-remote-write-url" // URL for remote write endpoint MimirRemoteWriteAPINameKey = "metrics-remote-write-name" // Name identifier for remote write MimirOTLPBaseURLFormat = MimirBaseURLFormat + "/otlp" // Base URL for Mimir OTLP — exporter appends /v1/metrics MimirOTLPURLKey = "metrics-otlp-url" // Secret key: base URL for Mimir OTLP write (WC only) // CABundleKey is the secret key for the PEM-encoded CA certificate used by Alloy to verify // TLS connections to Loki, Mimir, and Tempo on private-CA installations. // Absent on public-CA installations; Alloy falls back to the system trust store. CABundleKey = "ca-bundle" )
Variables ¶
This section is empty.
Functions ¶
func GenerateSecretData ¶
GenerateSecretData generates the secret data for an Alloy agent using the shared template. It takes a map of environment variable key-value pairs and an optional extraObjects YAML string to include as Helm extraObjects (e.g. KEDA resources). The extraObjects content will be indented under the alloy.extraObjects key in the output.
func ReadCABundle ¶ added in v0.67.1
func ReadCABundle(ctx context.Context, c client.Client, clusterCfg config.ClusterConfig) (string, error)
ReadCABundle reads the CA certificate PEM from the configured Secret. Returns an empty string on public-CA installations where CASecretName is empty, in which case Alloy uses the system trust store.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.