alloy
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# -- Overrides the chart's name. Used to change the infix in the resource names.
2
nameOverride: null
3
# -- Overrides the chart's namespace.
4
namespaceOverride: null
5
# -- Overrides the chart's computed fullname. Used to change the full prefix of
6
# resource names.
7
fullnameOverride: null
8
## Global properties for image pulling override the values defined under `image.registry` and `configReloader.image.registry`.
9
## If you want to override only one image registry, use the specific fields but if you want to override them all, use `global.image.registry`
10
global:
11
image:
12
# -- Global image registry to use if it needs to be overridden for some specific use cases (e.g local registries, custom images, ...)
13
registry: ""
14
# -- Optional set of global image pull secrets.
15
pullSecrets: []
16
# -- Global image pull policy to apply to all containers. Overrides `image.pullPolicy` and `configReloader.image.pullPolicy`.
17
pullPolicy: ""
18
# -- Security context to apply to the Grafana Alloy pod.
19
podSecurityContext: {}
20
crds:
21
# -- Whether to install CRDs for monitoring.
22
create: true
23
## Various Alloy settings. For backwards compatibility with the grafana-agent
24
## chart, this field may also be called "agent". Naming this field "agent" is
25
## deprecated and will be removed in a future release.
26
alloy:
27
configMap:
28
# -- Create a new ConfigMap for the config file.
29
create: true
30
# -- Content to assign to the new ConfigMap. This is passed into `tpl` allowing for templating from values.
31
content: ''
32
# -- Name of existing ConfigMap to use. Used when create is false.
33
name: null
34
# -- Key in ConfigMap to get config from.
35
key: null
36
clustering:
37
# -- Deploy Alloy in a cluster to allow for load distribution.
38
enabled: false
39
# -- Name for the Alloy cluster. Used for differentiating between clusters.
40
name: ""
41
# -- Name for the port used for clustering, useful if running inside an Istio Mesh
42
portName: http
43
# -- Minimum stability level of components and behavior to enable. Must be
44
# one of "experimental", "public-preview", or "generally-available".
45
stabilityLevel: "generally-available"
46
# -- Path to where Grafana Alloy stores data (for example, the Write-Ahead Log).
47
# By default, data is lost between reboots.
48
storagePath: /tmp/alloy
49
# -- Enables Grafana Alloy container's http server port.
50
enableHttpServerPort: true
51
# -- Address to listen for traffic on. 0.0.0.0 exposes the UI to other
52
# containers.
53
listenAddr: 0.0.0.0
54
# -- Port to listen for traffic on.
55
listenPort: 12345
56
# -- Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS"
57
listenScheme: HTTP
58
# -- Initial delay for readiness probe.
59
initialDelaySeconds: 10
60
# -- Timeout for readiness probe.
61
timeoutSeconds: 1
62
# -- Base path where the UI is exposed.
63
uiPathPrefix: /
64
# -- Enables sending Grafana Labs anonymous usage stats to help improve Grafana
65
# Alloy.
66
enableReporting: true
67
# -- Extra environment variables to pass to the Alloy container.
68
extraEnv: []
69
# -- Maps all the keys on a ConfigMap or Secret as environment variables. https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#envfromsource-v1-core
70
envFrom: []
71
# -- Extra args to pass to `alloy run`: https://grafana.com/docs/alloy/latest/reference/cli/run/
72
extraArgs: []
73
# -- Extra ports to expose on the Alloy container.
74
# If `service.type` is `NodePort`, each item may set `nodePort` to choose the Service NodePort for that port.
75
extraPorts: []
76
# - name: "faro"
77
# nodePort: 31129
78
# port: 12347
79
# targetPort: 12347
80
# protocol: "TCP"
81
# appProtocol: "h2c"
82
83
# -- Host aliases to add to the Alloy container.
84
hostAliases: []
85
# - ip: "20.21.22.23"
86
# hostnames:
87
# - "company.grafana.net"
88
89
mounts:
90
# -- Mount /var/log from the host into the container for log collection.
91
varlog: false
92
# -- Mount /var/lib/docker/containers from the host into the container for log
93
# collection.
94
dockercontainers: false
95
# -- Extra volume mounts to add into the Grafana Alloy container. Does not
96
# affect the watch container.
97
extra: []
98
# -- Security context to apply to the Grafana Alloy container.
99
securityContext: {}
100
# -- Resource requests and limits to apply to the Grafana Alloy container.
101
resources: {}
102
# -- Set lifecycle hooks for the Grafana Alloy container.
103
lifecycle: {}
104
# preStop:
105
# exec:
106
# command:
107
# - /bin/sleep
108
# - "10"
109
110
# -- Set livenessProbe for the Grafana Alloy container.
111
livenessProbe: {}
112
image:
113
# -- Grafana Alloy image registry (defaults to docker.io)
114
registry: cgr.dev
115
# -- Grafana Alloy image repository.
116
repository: chainguard-private/grafana-alloy
117
# -- (string) Grafana Alloy image tag. When empty, the Chart's appVersion is
118
# used.
119
tag: latest
120
# -- Grafana Alloy image's SHA256 digest (either in format "sha256:XYZ" or "XYZ"). When set, will override `image.tag`.
121
digest: sha256:e313a01d73a32262bbf77e4c45557214cf5e2d7647863526d6e6acddcade3288
122
# -- Grafana Alloy image pull policy.
123
pullPolicy: IfNotPresent
124
# -- Optional set of image pull secrets.
125
pullSecrets: []
126
rbac:
127
# -- Whether to create RBAC resources for Alloy.
128
create: true
129
# -- If set, only create Roles and RoleBindings in the given list of namespaces, rather than ClusterRoles and
130
# ClusterRoleBindings. If not using ClusterRoles, bear in mind that Alloy will not be able to discover cluster-scoped
131
# resources such as Nodes.
132
namespaces: []
133
# -- The rules to create for the ClusterRole or Role objects.
134
rules:
135
# -- Rules required for the `discovery.kubernetes` component.
136
- apiGroups: ["", "discovery.k8s.io", "networking.k8s.io"]
137
resources: ["endpoints", "endpointslices", "ingresses", "pods", "services"]
138
verbs: ["get", "list", "watch"]
139
# -- Rules required for the `loki.source.kubernetes` component.
140
- apiGroups: [""]
141
resources: ["pods", "pods/log", "namespaces"]
142
verbs: ["get", "list", "watch"]
143
# -- Rules required for the `loki.source.podlogs` component.
144
- apiGroups: ["monitoring.grafana.com"]
145
resources: ["podlogs"]
146
verbs: ["get", "list", "watch"]
147
# -- Rules required for the `mimir.rules.kubernetes` component.
148
- apiGroups: ["monitoring.coreos.com"]
149
resources: ["prometheusrules"]
150
verbs: ["get", "list", "watch"]
151
# -- Rules required for the `mimir.alerts.kubernetes` component.
152
- apiGroups: ["monitoring.coreos.com"]
153
resources: ["alertmanagerconfigs"]
154
verbs: ["get", "list", "watch"]
155
# -- Rules required for the `prometheus.operator.*` components.
156
- apiGroups: ["monitoring.coreos.com"]
157
resources: ["podmonitors", "servicemonitors", "probes", "scrapeconfigs"]
158
verbs: ["get", "list", "watch"]
159
# -- Rules required for the `loki.source.kubernetes_events` component.
160
- apiGroups: [""]
161
resources: ["events"]
162
verbs: ["get", "list", "watch"]
163
# -- Rules required for the `remote.kubernetes.*` components.
164
- apiGroups: [""]
165
resources: ["configmaps", "secrets"]
166
verbs: ["get", "list", "watch"]
167
# -- Rules required for the `otelcol.processor.k8sattributes` component.
168
- apiGroups: ["apps", "extensions"]
169
resources: ["replicasets"]
170
verbs: ["get", "list", "watch"]
171
# -- The rules to create for the ClusterRole objects.
172
clusterRules:
173
# -- Rules required for the Nodes role in the `discovery.kubernetes` component.
174
- apiGroups: [""]
175
resources: ["nodes"]
176
verbs: ["get", "list", "watch"]
177
# -- Rules required for the `discovery.kubelet` component.
178
- apiGroups: [""]
179
resources: ["nodes/pods"]
180
verbs: ["get", "list", "watch"]
181
# -- Rules required accessing metric endpoints on the Node (e.g. Kubelet, cAdvisor, etc...).
182
- apiGroups: [""]
183
resources: ["nodes/metrics"]
184
verbs: ["get", "list", "watch"]
185
# -- Rules required for accessing metrics endpoint.
186
- nonResourceURLs: ["/metrics"]
187
verbs: ["get"]
188
serviceAccount:
189
# -- Whether to create a service account for the Grafana Alloy deployment.
190
create: true
191
# -- Additional labels to add to the created service account.
192
additionalLabels: {}
193
# -- Annotations to add to the created service account.
194
annotations: {}
195
# -- The name of the existing service account to use when
196
# serviceAccount.create is false.
197
name: null
198
# Whether the Alloy pod should automatically mount the service account token.
199
automountServiceAccountToken: true
200
# Options for the extra controller used for config reloading.
201
configReloader:
202
# -- Enables automatically reloading when the Alloy config changes.
203
enabled: true
204
image:
205
# -- Config reloader image registry (defaults to docker.io)
206
registry: cgr.dev
207
# -- Repository to get config reloader image from.
208
repository: chainguard-private/prometheus-config-reloader
209
# -- Tag of image to use for config reloading.
210
tag: latest
211
# -- SHA256 digest of image to use for config reloading (either in format "sha256:XYZ" or "XYZ"). When set, will override `configReloader.image.tag`
212
digest: sha256:e577ca8ad74880486d549548ab42a7205d02f845baa177640d932d3728e0395e
213
# -- Config reloader image pull policy.
214
pullPolicy: IfNotPresent
215
# -- Override the args passed to the container.
216
customArgs: []
217
# -- Resource requests and limits to apply to the config reloader container.
218
resources:
219
requests:
220
cpu: "10m"
221
memory: "50Mi"
222
# -- Security context to apply to the Grafana configReloader container.
223
securityContext: {}
224
controller:
225
# -- Type of controller to use for deploying Grafana Alloy in the cluster.
226
# Must be one of 'daemonset', 'deployment', or 'statefulset'.
227
type: 'daemonset'
228
# -- Number of pods to deploy. Ignored when controller.type is 'daemonset'.
229
replicas: 1
230
# -- Extra labels to add to the controller.
231
extraLabels: {}
232
# -- Annotations to add to controller.
233
extraAnnotations: {}
234
# -- Whether to deploy pods in parallel. Only used when controller.type is
235
# 'statefulset'.
236
parallelRollout: true
237
# -- How many additional seconds to wait before considering a pod ready.
238
minReadySeconds: 10
239
# -- Configures Pods to use the host network. When set to true, the ports that will be used must be specified.
240
hostNetwork: false
241
# -- Configures Pods to use the host PID namespace.
242
hostPID: false
243
# -- Configures the DNS policy for the pod. https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
244
dnsPolicy: ClusterFirst
245
# -- Termination grace period in seconds for the Grafana Alloy pods.
246
# The default value used by Kubernetes if unspecifed is 30 seconds.
247
terminationGracePeriodSeconds: null
248
# -- The maximum number of revisions that will be maintained in the Controllers's revision history. The history consists of all revisions not represented by a currently applied reversion.
249
revisionHistoryLimit: 10
250
# -- Update strategy for updating deployed Pods.
251
updateStrategy: {}
252
# -- nodeSelector to apply to Grafana Alloy pods.
253
nodeSelector: {}
254
# -- Tolerations to apply to Grafana Alloy pods.
255
tolerations: []
256
# -- Topology Spread Constraints to apply to Grafana Alloy pods.
257
topologySpreadConstraints: []
258
# -- priorityClassName to apply to Grafana Alloy pods.
259
priorityClassName: ''
260
# -- Extra pod annotations to add.
261
podAnnotations: {}
262
# -- Extra pod labels to add.
263
podLabels: {}
264
# -- PodDisruptionBudget configuration.
265
podDisruptionBudget:
266
# -- Whether to create a PodDisruptionBudget for the controller.
267
enabled: false
268
# -- Minimum number of pods that must be available during a disruption.
269
# Note: Only one of minAvailable or maxUnavailable should be set.
270
minAvailable: null
271
# -- Maximum number of pods that can be unavailable during a disruption.
272
# Note: Only one of minAvailable or maxUnavailable should be set.
273
maxUnavailable: null
274
# -- Whether to enable automatic deletion of stale PVCs due to a scale down operation, when controller.type is 'statefulset'.
275
enableStatefulSetAutoDeletePVC: false
276
autoscaling:
277
# -- Creates a HorizontalPodAutoscaler for controller type deployment.
278
# Deprecated: Please use controller.autoscaling.horizontal instead
279
enabled: false
280
# -- The lower limit for the number of replicas to which the autoscaler can scale down.
281
minReplicas: 1
282
# -- The upper limit for the number of replicas to which the autoscaler can scale up.
283
maxReplicas: 5
284
# -- Average CPU utilization across all relevant pods, a percentage of the requested value of the resource for the pods. Setting `targetCPUUtilizationPercentage` to 0 will disable CPU scaling.
285
targetCPUUtilizationPercentage: 0
286
# -- Average Memory utilization across all relevant pods, a percentage of the requested value of the resource for the pods. Setting `targetMemoryUtilizationPercentage` to 0 will disable Memory scaling.
287
targetMemoryUtilizationPercentage: 80
288
scaleDown:
289
# -- List of policies to determine the scale-down behavior.
290
policies: []
291
# - type: Pods
292
# value: 4
293
# periodSeconds: 60
294
# -- Determines which of the provided scaling-down policies to apply if multiple are specified.
295
selectPolicy: Max
296
# -- The duration that the autoscaling mechanism should look back on to make decisions about scaling down.
297
stabilizationWindowSeconds: 300
298
scaleUp:
299
# -- List of policies to determine the scale-up behavior.
300
policies: []
301
# - type: Pods
302
# value: 4
303
# periodSeconds: 60
304
# -- Determines which of the provided scaling-up policies to apply if multiple are specified.
305
selectPolicy: Max
306
# -- The duration that the autoscaling mechanism should look back on to make decisions about scaling up.
307
stabilizationWindowSeconds: 0
308
# -- Configures the Horizontal Pod Autoscaler for the controller.
309
horizontal:
310
# -- Enables the Horizontal Pod Autoscaler for the controller.
311
enabled: false
312
# -- When true, the chart omits `spec.replicas` from the workload AND does NOT
313
# render its own HorizontalPodAutoscaler. Use this when an external controller
314
# (e.g. KEDA, a hand-written HPA, or another scaler) owns replicas for the Alloy
315
# workload. Mutually exclusive with `horizontal.enabled`. When set, all other
316
# `controller.autoscaling.horizontal.*` fields are ignored.
317
#
318
# Upgrade note: switching this from `false` to `true` on an existing release
319
# triggers a one-time single-cycle dip to 1 replica on the next `helm upgrade`
320
# (Helm removes the `replicas` field via `{"spec":{"replicas":null}}`, which
321
# Kubernetes interprets as "reset to default"). The external HPA corrects this
322
# within its next polling interval; users with `minReplicaCount > 1` are
323
# restored within ~30s under KEDA defaults. Plan upgrades accordingly.
324
externalHPA: false
325
# -- The lower limit for the number of replicas to which the autoscaler can scale down.
326
minReplicas: 1
327
# -- The upper limit for the number of replicas to which the autoscaler can scale up.
328
maxReplicas: 5
329
# -- Average CPU utilization across all relevant pods, a percentage of the requested value of the resource for the pods. Setting `targetCPUUtilizationPercentage` to 0 will disable CPU scaling.
330
targetCPUUtilizationPercentage: 0
331
# -- Average Memory utilization across all relevant pods, a percentage of the requested value of the resource for the pods. Setting `targetMemoryUtilizationPercentage` to 0 will disable Memory scaling.
332
targetMemoryUtilizationPercentage: 80
333
scaleDown:
334
# -- List of policies to determine the scale-down behavior.
335
policies: []
336
# - type: Pods
337
# value: 4
338
# periodSeconds: 60
339
# -- Determines which of the provided scaling-down policies to apply if multiple are specified.
340
selectPolicy: Max
341
# -- The duration that the autoscaling mechanism should look back on to make decisions about scaling down.
342
stabilizationWindowSeconds: 300
343
scaleUp:
344
# -- List of policies to determine the scale-up behavior.
345
policies: []
346
# - type: Pods
347
# value: 4
348
# periodSeconds: 60
349
# -- Determines which of the provided scaling-up policies to apply if multiple are specified.
350
selectPolicy: Max
351
# -- The duration that the autoscaling mechanism should look back on to make decisions about scaling up.
352
stabilizationWindowSeconds: 0
353
# -- Configures the Vertical Pod Autoscaler for the controller.
354
vertical:
355
# -- Enables the Vertical Pod Autoscaler for the controller.
356
enabled: false
357
# -- List of recommenders to use for the Vertical Pod Autoscaler.
358
# Recommenders are responsible for generating recommendation for the object.
359
# List should be empty (then the default recommender will generate the recommendation)
360
# or contain exactly one recommender.
361
recommenders: []
362
# recommenders:
363
# - name: custom-recommender-performance
364
365
# -- Configures the resource policy for the Vertical Pod Autoscaler.
366
resourcePolicy:
367
# -- Configures the container policies for the Vertical Pod Autoscaler.
368
containerPolicies:
369
- containerName: alloy
370
# -- The controlled resources for the Vertical Pod Autoscaler.
371
controlledResources:
372
- cpu
373
- memory
374
# -- The controlled values for the Vertical Pod Autoscaler. Needs to be either RequestsOnly or RequestsAndLimits.
375
controlledValues: "RequestsAndLimits"
376
# -- The maximum allowed values for the pods.
377
maxAllowed: {}
378
# cpu: 200m
379
# memory: 100Mi
380
# -- Defines the min allowed resources for the pod
381
minAllowed: {}
382
# cpu: 200m
383
# memory: 100Mi
384
# -- Configures the update policy for the Vertical Pod Autoscaler.
385
updatePolicy:
386
# -- Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
387
# minReplicas: 1
388
# -- Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
389
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
390
# updateMode: Auto
391
# -- Affinity configuration for pods.
392
affinity: {}
393
volumes:
394
# -- Extra volumes to add to the Grafana Alloy pod.
395
extra: []
396
# -- volumeClaimTemplates to add when controller.type is 'statefulset'.
397
volumeClaimTemplates: []
398
## -- Additional init containers to run.
399
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
400
##
401
initContainers: []
402
# -- Additional containers to run alongside the Alloy container and initContainers.
403
extraContainers: []
404
networkPolicy:
405
enabled: false
406
flavor: kubernetes
407
policyTypes:
408
- Ingress
409
- Egress
410
# Default allow all traffic because Alloy is so configurable
411
# It is recommended to change this before deploying to production
412
# To disable each policyType, set value to `null`
413
ingress:
414
- {}
415
egress:
416
- {}
417
service:
418
# -- Creates a Service for the controller's pods.
419
enabled: true
420
# -- Service type
421
type: ClusterIP
422
# -- NodePort port. Only takes effect when `service.type: NodePort`
423
nodePort: 31128
424
# -- Cluster IP, can be set to None, empty "" or an IP address
425
clusterIP: ''
426
# -- Value for internal traffic policy. 'Cluster' or 'Local'
427
internalTrafficPolicy: Cluster
428
# -- Value for external traffic policy. 'Cluster' or 'Local'
429
externalTrafficPolicy: Cluster
430
annotations: {}
431
# cloud.google.com/load-balancer-type: Internal
432
serviceMonitor:
433
enabled: false
434
# -- Additional labels for the service monitor.
435
additionalLabels: {}
436
# -- Scrape interval. If not set, the Prometheus default scrape interval is used.
437
interval: ""
438
# -- MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
439
# ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
440
metricRelabelings: []
441
# - action: keep
442
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
443
# sourceLabels: [__name__]
444
445
# -- Customize tls parameters for the service monitor
446
tlsConfig: {}
447
# -- RelabelConfigs to apply to samples before scraping
448
# ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
449
relabelings: []
450
# - sourceLabels: [__meta_kubernetes_pod_node_name]
451
# separator: ;
452
# regex: ^(.*)$
453
# targetLabel: nodename
454
# replacement: $1
455
# action: replace
456
ingress:
457
# -- Enables ingress for Alloy (Faro port)
458
enabled: false
459
# For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
460
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
461
# ingressClassName: nginx
462
# Values can be templated
463
annotations: {}
464
# kubernetes.io/ingress.class: nginx
465
# kubernetes.io/tls-acme: "true"
466
labels: {}
467
path: /
468
faroPort: 12347
469
# pathType is only for k8s >= 1.1=
470
pathType: Prefix
471
hosts:
472
- chart-example.local
473
## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
474
extraPaths: []
475
# - path: /*
476
# backend:
477
# serviceName: ssl-redirect
478
# servicePort: use-annotation
479
## Or for k8s > 1.19
480
# - path: /*
481
# pathType: Prefix
482
# backend:
483
# service:
484
# name: ssl-redirect
485
# port:
486
# name: use-annotation
487
488
tls: []
489
# - secretName: chart-example-tls
490
# hosts:
491
# - chart-example.local
492
# -- Extra k8s manifests to deploy
493
extraObjects: []
494
# - apiVersion: v1
495
# kind: Secret
496
# metadata:
497
# name: grafana-cloud
498
# stringData:
499
# PROMETHEUS_HOST: 'https://prometheus-us-central1.grafana.net/api/prom/push'
500
# PROMETHEUS_USERNAME: '123456'
501
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.