// Grafana Alloy — the single OTLP ingress for the BlueLaminate fleet. // // Receives OTLP (gRPC :4317 / HTTP :4318) from the C2 and the Python workers, batches it, // then fans the three signals out to the local backends: // metrics -> Prometheus (remote-write) // logs -> Loki (push API) // traces -> Tempo (OTLP gRPC on :4319, a non-colliding port) // // OTLP is bound on 0.0.0.0 so apps on other LAN hosts can push to this LXC. Everything it // forwards to listens on localhost only (see each backend's config) — Alloy is the only // thing that talks to Loki/Prometheus/Tempo. See README "Hardening" to add a bearer token. otelcol.receiver.otlp "in" { grpc { endpoint = "0.0.0.0:4317" } http { endpoint = "0.0.0.0:4318" } output { metrics = [otelcol.processor.batch.default.input] logs = [otelcol.processor.batch.default.input] traces = [otelcol.processor.batch.default.input] } } otelcol.processor.batch "default" { output { metrics = [otelcol.exporter.prometheus.to_prom.input] logs = [otelcol.exporter.loki.to_loki.input] traces = [otelcol.exporter.otlp.to_tempo.input] } } // --- metrics -> Prometheus remote-write --------------------------------------------------- otelcol.exporter.prometheus "to_prom" { forward_to = [prometheus.remote_write.local.receiver] } prometheus.remote_write "local" { endpoint { url = "http://localhost:9090/api/v1/write" } } // --- logs -> Loki push -------------------------------------------------------------------- otelcol.exporter.loki "to_loki" { forward_to = [loki.write.local.receiver] } loki.write "local" { endpoint { url = "http://localhost:3100/loki/api/v1/push" } } // --- traces -> Tempo ---------------------------------------------------------------------- // Tempo's own OTLP receiver listens on :4319 so it doesn't collide with this Alloy receiver // on :4317/:4318. TLS off — it's a localhost hop. otelcol.exporter.otlp "to_tempo" { client { endpoint = "localhost:4319" tls { insecure = true } } }