Skip to content

README.md

Latest commit

 

History

History
293 lines (224 loc) · 6.34 KB

README.md

File metadata and controls

293 lines (224 loc) · 6.34 KB

LogTide Logo

LogTide Helm Chart

Artifact Hub License Release

Official Helm chart for deploying LogTide on Kubernetes.

Overview

LogTide is an open-source log management and SIEM platform featuring:

  • High-performance log ingestion (10,000+ logs/sec)
  • Real-time log streaming via SSE
  • Advanced search and filtering
  • Sigma-based security detection
  • SIEM dashboard with incident management
  • MITRE ATT&CK mapping

Prerequisites

  • Kubernetes 1.25+
  • Helm 3.10+
  • PV provisioner support (for persistence)

Installation

Add the Helm repository

helm repo add logtide https://logtide-dev.github.io/logtide-helm-chart
helm repo update

Install the chart

# Create namespace
kubectl create namespace logtide

# Install with default values
helm install logtide logtide/logtide \
  --namespace logtide \
  --set timescaledb.auth.password=<your-db-password> \
  --set timescaledb.auth.postgresPassword=<your-postgres-password> \
  --set redis.auth.password=<your-redis-password>

Install from source

git clone https://github.com/logtide-dev/logtide-helm-chart.git
cd logtide-helm-chart

helm install logtide ./charts/logtide \
  --namespace logtide \
  --create-namespace \
  --set timescaledb.auth.password=<your-db-password> \
  --set timescaledb.auth.postgresPassword=<your-postgres-password> \
  --set redis.auth.password=<your-redis-password>

Configuration

See values.yaml for the full list of configurable parameters.

Key Parameters

Parameter Description Default
config.apiKeySecret API key encryption secret (32+ chars) Auto-generated
config.jwtSecret JWT authentication secret Auto-generated
config.sessionSecret Session encryption secret Auto-generated
backend.replicaCount Number of backend replicas 2
backend.autoscaling.enabled Enable HPA for backend true
frontend.replicaCount Number of frontend replicas 2
worker.replicaCount Number of worker replicas 2
timescaledb.enabled Deploy embedded TimescaleDB true
timescaledb.persistence.size Database storage size 50Gi
redis.enabled Deploy embedded Redis true
ingress.enabled Enable Ingress false

Using External Database

timescaledb:
  enabled: false

externalDatabase:
  host: my-timescaledb.example.com
  port: 5432
  database: logtide
  username: logtide
  password: secret
  # Or use existing secret:
  # existingSecret: my-db-secret
  # existingSecretPasswordKey: password

Using External Redis

redis:
  enabled: false

externalRedis:
  host: my-redis.example.com
  port: 6379
  password: secret

Enable Ingress

ingress:
  enabled: true
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
  hosts:
    - host: logtide.example.com
      paths:
        - path: /
          pathType: Prefix
          service: frontend
        - path: /api
          pathType: Prefix
          service: backend
        - path: /v1
          pathType: Prefix
          service: backend
  tls:
    - secretName: logtide-tls
      hosts:
        - logtide.example.com

Enable Prometheus Monitoring

metrics:
  enabled: true
  serviceMonitor:
    enabled: true
    interval: 30s

Cloud-Specific Examples

AWS EKS

global:
  storageClass: gp3

ingress:
  enabled: true
  className: alb
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:...

timescaledb:
  persistence:
    storageClass: gp3

redis:
  persistence:
    storageClass: gp3

GCP GKE

global:
  storageClass: standard-rwo

ingress:
  enabled: true
  className: gce
  annotations:
    kubernetes.io/ingress.global-static-ip-name: logtide-ip

timescaledb:
  persistence:
    storageClass: standard-rwo

Azure AKS

global:
  storageClass: managed-premium

ingress:
  enabled: true
  className: azure-application-gateway
  annotations:
    appgw.ingress.kubernetes.io/ssl-redirect: "true"

timescaledb:
  persistence:
    storageClass: managed-premium

Upgrading

helm repo update
helm upgrade logtide logtide/logtide --namespace logtide

From 0.x to 1.x

No breaking changes. Standard upgrade process applies.

Uninstalling

helm uninstall logtide --namespace logtide

# If you want to delete PVCs as well:
kubectl delete pvc -l app.kubernetes.io/instance=logtide -n logtide

Troubleshooting

Pods not starting

Check pod events:

kubectl describe pod -l app.kubernetes.io/instance=logtide -n logtide

Check logs:

kubectl logs -l app.kubernetes.io/instance=logtide -n logtide --all-containers

Database connection issues

Verify database secret:

kubectl get secret logtide-timescaledb -n logtide -o jsonpath="{.data.password}" | base64 -d

Test connection:

kubectl run pg-test --rm -it --image=postgres:15 --restart=Never -- \
  psql -h logtide-timescaledb -U logtide -d logtide

Ingress not working

Check Ingress status:

kubectl describe ingress logtide -n logtide

Verify services:

kubectl get svc -n logtide

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Run helm lint charts/logtide
  5. Submit a pull request

License

MIT License - see LICENSE for details.

Links