Open source log aggregation system Loki recently hit the big 1.0, declaring the tool officially ready for use in production.
According to Grafana Labs, who is behind the project and also known for its metrics and visualisation tool Grafana, the company found Loki to be reliable and stable since version 0.2. “Internally at Grafana Labs we have been using Loki to monitor all of our infrastructure and ingest around 1.5TB/10 billion log lines a day” software engineer Edward Welch states in the project’s changelog. The new release is meant to signal the company’s level of confidence in the project to the outside world in a bid to get more people interested in it.
Loki was introduced to the wider community in December 2018 as a solution to counter the operational overhead other log aggregators seem to cause. Development however started as early as March 2018, when Grafana Labs’ VP product (and Prometheus maintainer) Tom Wilkie and the company’s director UX David Kaltschmidt layed down Loki’s design.
Loki consists of a main server, loki, that stores and processes queries, and a promtail agent to gather logs and send them there. It also uses Grafana for displaying logs and querying them.
During their planning, the Loki team kept cost efficiency and ease of use in mind, which is why the project doesn’t do full text indexing on logs. Instead, logs are stored in a compressed fashion and only metadata is indexed. Loki also uses the same labels for indexes and streams as Prometheus to facilitate switching between metrics and logs.
What’s new in v1.0
The last big release was version 0.4, which became available in October 2019. Since then, the project saw mostly minor changes to get everything stable enough for the 1.0 label. However, the team also worked on getting more data into the index to “improve label queries over large amounts of time and series”. A full list of changes can be found in the project’s repository.
While there are no plans to make any major changes to the HTTP API for now, users should be aware that the Go API might still change a lot. Given the young age of the project, that shouldn’t come as a big surprise. But since it also seems a tad unusual for something proclaimed to be stable, it’s good to keep that fact in mind, especially since the maintainers mention they might introduce breaking changes even in minor and bugfix releases.