Skip to main content

Loki, the store

Loki runs as a single binary on its own VM, storing log streams on local disk with a generous retention window. It's reached over the private network on port 3100.

A deliberate simplification: Loki here runs with authentication disabled, because it's only ever reached from inside the trusted private network and isn't published through the edge proxy at all. That's a reasonable lab choice — the network boundary is the access control. (In a setup where Loki were reachable more widely, you'd absolutely put auth in front of it.)

Loki-Server (10.100.100.5)
  loki   :3100 (HTTP API)   - ingest + query
  storage: local disk, long retention
  auth: none  (private-network-only, never edge-exposed)

Querying is just an HTTP API, and Grafana is wired to it as a data source — so logs live in the same Grafana you use for metrics.

Why we use this: Loki's "index the labels, not the text" design is what lets it run happily in a small VM while still handling the whole fleet's logs. It's a good lesson in picking tools whose design tradeoffs fit your scale.

No comments to display

Back to top