BizFirst Observe
Deploying Loki
Loki can be deployed in single-process mode (all components in one binary) or microservices mode (separate binaries for each component). Single-process is right for most BizFirstGO deployments up to ~10GB logs/day.
Deployment Mode Comparison
| Mode | Best For | Scalability | Complexity |
|---|---|---|---|
| Single-process | Dev, small-to-medium production (<10GB/day) | Vertical only | Simple — one config file, one container |
| Simple scalable | Medium production (10–100GB/day) | Horizontal read/write separation | Medium — 3 components |
| Microservices | Large production (100GB+/day) | Full horizontal scaling per component | High — 6+ separate deployments |
Single-Process Loki Configuration
# loki-config.yaml — single-process mode (BizFirstGO default)
auth_enabled: false # Set to true for multi-tenant mode
server:
http_listen_port: 3100
grpc_listen_port: 9096
common:
path_prefix: /loki
storage:
filesystem:
chunks_directory: /loki/chunks
rules_directory: /loki/rules
replication_factor: 1
ring:
kvstore:
store: inmemory
schema_config:
configs:
- from: 2024-01-01
store: tsdb
object_store: filesystem
schema: v13
index:
prefix: index_
period: 24h
limits_config:
retention_period: 720h # 30 days
ingestion_rate_mb: 16 # MB/s per tenant
ingestion_burst_size_mb: 32
max_streams_per_user: 10000
max_label_names_per_series: 15
compactor:
working_directory: /loki/compactor
retention_enabled: true
retention_delete_delay: 2h
compaction_interval: 10mProduction Configuration with S3 Storage
# loki-config.yaml — production with S3 backend
auth_enabled: true # Enable multi-tenancy (X-Scope-OrgID header)
common:
path_prefix: /loki
storage:
s3:
endpoint: s3.us-east-1.amazonaws.com
region: us-east-1
bucketnames: my-bizfirst-loki-bucket
access_key_id: "${AWS_ACCESS_KEY_ID}"
secret_access_key: "${AWS_SECRET_ACCESS_KEY}"
replication_factor: 1
schema_config:
configs:
- from: 2024-01-01
store: tsdb
object_store: s3
schema: v13
index:
prefix: index_
period: 24h
limits_config:
retention_period: 720h
ingestion_rate_mb: 32
max_streams_per_user: 50000
compactor:
working_directory: /loki/compactor
retention_enabled: true
compaction_interval: 1hResource Requirements
| Log Volume | CPU | RAM | Local Disk (WAL) | Object Storage |
|---|---|---|---|---|
| <1 GB/day | 0.5 vCPU | 512 MB | 5 GB | 30 GB/month (30-day retention) |
| 1–10 GB/day | 1–2 vCPU | 2–4 GB | 20 GB | 300 GB/month |
| 10–100 GB/day | 4–8 vCPU | 8–16 GB | 100 GB SSD | 3 TB/month |
| 100+ GB/day | Microservices mode | Per-component sizing | Per-component | 30+ TB/month |
Enable auth_enabled for Multi-Tenant Deployments
If your BizFirstGO deployment serves multiple tenants, set auth_enabled: true. The OTel Collector must include the X-Scope-OrgID: {tenant_id} header when pushing logs to Loki. Without this header, all logs from all tenants are mixed in the default tenant — making it impossible to enforce tenant isolation in log queries.