I need to install Grafana Loki with Prometheus in my Kubernetes cluster. So I followed the below to install them. It basically uses Helm to install it. Below is the command which I executed to install it.

helm upgrade --install loki grafana/loki-stack  --set grafana.enabled=true,prometheus.enabled=true,prometheus.alertmanager.persistentVolume.enabled=false,prometheus.server.persistentVolume.enabled=false,loki.persistence.enabled=true,loki.persistence.storageClassName=standard,loki.persistence.size=5Gi -n monitoring --create-namespace

I followed the official Grafana website in this case. https://grafana.com/docs/loki/latest/installation/helm/

But when I execute the above helm command, I get the below error. In fact, I'm new to Helm.

Release "loki" does not exist. Installing it now.
W0307 16:54:55.764184 1474330 warnings.go:70] policy/v1beta1 PodSecurityPolicy is deprecated in v1.21 , unavailable in v1.25 
Error: rendered manifests contain a resource that already exists. Unable to continue with install: PodSecurityPolicy "loki-grafana" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; annotation validation error: key "meta.helm.sh/release-name" must equal "loki": current value is "loki-grafana"

I don't see any Grafana chart installed.

helm list -A
NAME            NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                   APP VERSION
cert-manager    cert-manager    1               2021-11-26 13:07:26.103036078  0000 UTC deployed        cert-manager-v0.16.1    v0.16.1
ingress-nginx   ingress-basic   1               2021-11-18 12:23:28.476712359  0000 UTC deployed        ingress-nginx-4.0.8     1.0.5

CodePudding user response：

Well, I was able to get through my issue. The issue was "PodSecurityPolicy". I deleted the existing Grafana PodSecurityPolicy and it worked.

CodePudding user response：

try this to get all releases in all namespaces, use --all-namespaces flag with helm ls.

CodePudding user response：

Problem is here:

rendered manifests contain a resource that already exists. Unable to continue with install: PodSecurityPolicy "loki-grafana" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; annotation validation error: key "meta.helm.sh/release-name" must equal "loki": current value is "loki-grafana"

Deleting PodSecurityPolicy could be a solution, but better you can change annotation key meta.helm.sh/release-name from loki-grafana to loki.

Additionally I can see you are using deprecated API:

policy/v1beta1 PodSecurityPolicy is deprecated in v1.21 , unavailable in v1.25 

To solve it look at this documentation:

The policy/v1beta1 API version of PodDisruptionBudget will no longer be served in v1.25.

• Migrate manifests and API clients to use the policy/v1 API version, available since v1.21.
• All existing persisted objects are accessible via the new API
• Notable changes in policy/v1: - an empty spec.selector ({}) written to a policy/v1 PodDisruptionBudget selects all pods in the namespace (in policy/v1beta1 an empty spec.selector selected no pods). An unset spec.selector selects no pods in either API version.

PodSecurityPolicy

PodSecurityPolicy in the policy/v1beta1 API version will no longer be served in v1.25, and the PodSecurityPolicy admission controller will be removed.

PodSecurityPolicy replacements are still under discussion, but current use can be migrated to 3rd-party admission webhooks now.

See also this documentation for more information about Dynamic Admission Control.