diff --git a/README.md b/README.md
index 22c9ad9..aa9db5b 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,5 @@
 # Kubernetes Logging with Fluent Bit
 
-
-
 [Fluent Bit](http://fluentbit.io) is a lightweight and extensible __Log Processor__ that comes with full support for Kubernetes:
 
 - Read Kubernetes/Docker log files from the file system or through systemd Journal
@@ -16,72 +14,36 @@ This repository contains a set of Yaml files to deploy Fluent Bit which consider
 
 ```
 $ kubectl create namespace logging
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-service-account.yaml
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-role.yaml
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-role-binding.yaml
+$ kubectl apply -k ./base
 ```
 
+(`./base` can be replaced with a URL if [#90](https://github.com/fluent/fluent-bit-kubernetes-logging/pull/90) gets merged)
+
 If you are deploying fluent-bit on openshift, you additionally need to run:
 
 ```
 $ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-openshift-security-context-constraints.yaml
 ```
 
-#### Fluent Bit to Elasticsearch
-
-The next step is to create a ConfigMap that will be used by our Fluent Bit DaemonSet:
-
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/elasticsearch/fluent-bit-configmap.yaml
-```
-
-If the cluster uses a CRI runtime, like containerd or CRI-O, change the `Parser` described in `input-kubernetes.conf` from docker to cri.
-
-Fluent Bit DaemonSet ready to be used with Elasticsearch on a normal Kubernetes Cluster:
-
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/elasticsearch/fluent-bit-ds.yaml
-```
-
-#### Fluent Bit to Elasticsearch on Minikube
-
-If you are using Minikube for testing purposes, use the following alternative DaemonSet manifest:
-
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/elasticsearch/fluent-bit-ds-minikube.yaml
-```
-
-#### Fluent Bit to Kafka
-
-Create a ConfigMap that will be used by our Fluent Bit DaemonSet:
-
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/kafka/fluent-bit-configmap.yaml
-```
-
-Fluent Bit DaemonSet ready to be used with Kafka on a normal Kubernetes Cluster:
+The base only configures [Stdout](https://docs.fluentbit.io/manual/pipeline/outputs/standard-output) output.
+Log records are found using `kubectl logs` on fluentbit pods.
+This is a good way to experiment with configuration.
+Switch to [Format](https://docs.fluentbit.io/manual/pipeline/outputs/standard-output#configuration-parameters) `msgpack` to also see the "tag" (helpful when developing your pipeline).
 
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/kafka/fluent-bit-ds.yaml
-```
+## Logs ingested to Loki
 
-#### Fluent Bit to Elasticsearch on Minikube
+This repository serves as example of Kubernetes yaml for a log processing stack,
+not as example of [how](https://docs.fluentbit.io/manual/concepts/data-pipeline) Fluent-bit can process, refine and forward log entries.
 
-If you are using Minikube for testing purposes, use the following alternative DaemonSet manifest:
-
-```
-$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/elasticsearch/fluent-bit-ds-minikube.yaml
-```
+Use the [loki](./loki) base to replace Stdout with forwarding to a standalone Loki instance. Loki can do some processing at [query time](https://grafana.com/docs/loki/latest/logql/) which helps keep this repo light on pipeline config.
 
-## Details
+The [loki-plugin](./loki-plugin) base uses an out-of-tree plugin with `DropSingleKey`
+so that the log records forwarded are the actual logged lines from pods,
+but still queryable on labels like `pod` and `container`.
 
-The default configuration of Fluent Bit makes sure of the following:
+See the [lokitest](./loki/test/lokitest-job.yaml) Job for some examples of how to consume logs through Loki.
 
-- Consume all containers logs from the running Node.
-- The [Tail input plugin](http://fluentbit.io/documentation/0.12/input/tail.html) will not append more than __5MB__  into the engine until they are flushed to the Elasticsearch backend. This limit aims to provide a workaround for [backpressure](http://fluentbit.io/documentation/0.13/configuration/backpressure.html) scenarios.
-- The Kubernetes filter will enrich the logs with Kubernetes metadata, specifically _labels_ and _annotations_. The filter only goes to the API Server when it cannot find the cached info, otherwise it uses the cache.
-- The default backend in the configuration is Elasticsearch set by the [Elasticsearch Output Plugin](http://fluentbit.io/documentation/0.13/output/elasticsearch.html). It uses the Logstash format to ingest the logs. If you need a different Index and Type, please refer to the plugin option and do your own adjustments.
-- There is an option called __Retry_Limit__ set to False that means if Fluent Bit cannot flush the records to Elasticsearch it will re-try indefinitely until it succeeds.
+The loki folders also serve as [example](./loki/kustomization.yaml) of how to use Kustomize to override selected parts of the `base`'s *.conf.
 
 ## Get in touch with us!
 
diff --git a/base/filter-kubernetes.conf b/base/filter-kubernetes.conf
new file mode 100644
index 0000000..642586d
--- /dev/null
+++ b/base/filter-kubernetes.conf
@@ -0,0 +1,11 @@
+
+[FILTER]
+    Name                kubernetes
+    Match               kube.*
+    Kube_Tag_Prefix     kube.
+    Regex_Parser        kube-tag
+    # Merge_Log           On
+    # Merge_Log_Key       log_processed
+    K8S-Logging.Parser  On
+    K8S-Logging.Exclude On
+    Annotations         Off
diff --git a/base/fluent-bit.conf b/base/fluent-bit.conf
new file mode 100644
index 0000000..2c536d6
--- /dev/null
+++ b/base/fluent-bit.conf
@@ -0,0 +1,13 @@
+[SERVICE]
+    Flush         1
+    Log_Level     ${LOG_LEVEL}
+    Daemon        off
+    Parsers_File  parser-cri.conf
+    Parsers_File  parsers.conf
+    HTTP_Server   On
+    HTTP_Listen   0.0.0.0
+    HTTP_Port     2020
+
+@INCLUDE input-kubernetes.conf
+@INCLUDE filter-kubernetes.conf
+@INCLUDE outputs.conf
diff --git a/base/fluentbit-daemonset.yaml b/base/fluentbit-daemonset.yaml
new file mode 100644
index 0000000..dabea98
--- /dev/null
+++ b/base/fluentbit-daemonset.yaml
@@ -0,0 +1,73 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: fluentbit
+  labels:
+    app.kubernetes.io/name: fluentbit
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: fluentbit
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: fluentbit
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "2020"
+        prometheus.io/path: /api/v1/metrics/prometheus
+    spec:
+      serviceAccountName: fluentbit
+      terminationGracePeriodSeconds: 25
+      tolerations:
+      - key: node-role.kubernetes.io/master
+        operator: Exists
+        effect: NoSchedule
+      containers:
+      - name: fluentbit
+        image: docker.io/fluent/fluent-bit
+        command:
+        - /fluent-bit/bin/fluent-bit
+        - -c
+        - /fluent-bit/etc/fluent-bit.conf
+        env:
+        - name: LOG_LEVEL
+          value: debug
+        - name: MEM_BUF_LIMIT
+          value: 5MB
+        ports:
+        - name: http
+          containerPort: 2020
+        livenessProbe:
+          httpGet:
+            path: /
+            port: http
+        readinessProbe:
+          httpGet:
+            path: /api/v1/health
+            port: http
+        volumeMounts:
+        - name: varlogpods
+          mountPath: /var/log/pods
+          readOnly: true
+        - name: db
+          mountPath: /var/run/fluentbit
+        - name: config
+          mountPath: /fluent-bit/etc
+        # - mountPath: /etc/machine-id
+        #   name: etcmachineid
+        #   readOnly: true
+      volumes:
+      - name: varlogpods
+        hostPath:
+          path: /var/log/pods
+      - name: db
+        hostPath:
+          path: /var/run/fluentbit
+      # - name: etcmachineid
+      #   hostPath:
+      #     path: /etc/machine-id
+      #     type: File
+      - name: config
+        configMap:
+          name: fluentbit
diff --git a/base/input-kubernetes.conf b/base/input-kubernetes.conf
new file mode 100644
index 0000000..d457ae3
--- /dev/null
+++ b/base/input-kubernetes.conf
@@ -0,0 +1,11 @@
+[INPUT]
+    Name              tail
+    DB                /var/run/fluentbit/tail-positions.db
+    Mem_Buf_Limit     ${MEM_BUF_LIMIT}
+    Skip_Long_Lines   On
+    DB.locking        true
+    Path              /var/log/pods/*/*/*.log
+    Exclude_Path      /var/log/pods/*/fluentbit/*.log
+    Parser            cri
+    Tag               kube.<pod_id>.<namespace_name>.<pod_name>.<container_name>
+    Tag_Regex         /var/log/pods/(?<namespace_name>[^_/]+)_(?<pod_name>[^_/]+)_(?<pod_id>[^_/]+)/(?<container_name>[^/]+)/.*
diff --git a/base/kustomization.yaml b/base/kustomization.yaml
new file mode 100644
index 0000000..89d2813
--- /dev/null
+++ b/base/kustomization.yaml
@@ -0,0 +1,25 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: logging
+
+images:
+- name: docker.io/fluent/fluent-bit
+  newTag: 1.8.3@sha256:10ea2709cef6e7059d980b4969d5f9d753ef97278a817c214cbe9120b1152082
+
+commonLabels:
+  app.kubernetes.io/name: fluentbit
+
+resources:
+- ../rbac
+- fluentbit-daemonset.yaml
+
+configMapGenerator:
+- name: fluentbit
+  files:
+  - fluent-bit.conf
+  - parser-cri.conf
+  - input-kubernetes.conf
+  - filter-kubernetes.conf
+  - parsers.conf
+  - outputs.conf
diff --git a/base/outputs.conf b/base/outputs.conf
new file mode 100644
index 0000000..fa4ac9e
--- /dev/null
+++ b/base/outputs.conf
@@ -0,0 +1,6 @@
+[OUTPUT]
+    Name             stdout
+    # Switch to format msgpack to see the tags
+    Format           json_lines
+    json_date_key    t
+    json_date_format iso8601
diff --git a/base/parser-cri.conf b/base/parser-cri.conf
new file mode 100644
index 0000000..635c71a
--- /dev/null
+++ b/base/parser-cri.conf
@@ -0,0 +1,12 @@
+
+[PARSER]
+    Name        cri
+    Format      regex
+    Regex       ^(?<time>[^ ]+) (?<stream>stdout|stderr) (?<logtag>[^ ]*) (?<log>.*)$
+    Time_Key    time
+    Time_Format %Y-%m-%dT%H:%M:%S.%L%z
+
+[PARSER]
+    Name        kube-tag
+    Format      regex
+    Regex       ^(?<pod_id>[^.]+)\.(?<namespace_name>[^.]+)\.(?<pod_name>[^.]+)\.(?<container_name>[^.]+)$
diff --git a/base/parsers.conf b/base/parsers.conf
new file mode 100644
index 0000000..e69de29
diff --git a/fluent-bit-config-kafka-rest.yml b/fluent-bit-config-kafka-rest.yml
deleted file mode 100644
index cfd3089..0000000
--- a/fluent-bit-config-kafka-rest.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-kind: ConfigMap
-metadata:
-  name: fluent-bit-config-kafka-rest
-  namespace: kube-system
-apiVersion: v1
-data:
-  fluent-bit.conf: |-
-    [SERVICE]
-        Flush          1
-        Daemon         Off
-        Log_Level      info
-        Parsers_File   parsers.conf
-
-    [INPUT]
-        Name           tail
-        Tag            kube.*
-        Path           /var/log/containers/*.log
-        Parser         docker
-        DB             /var/log/flb_kube.db
-        Mem_Buf_Limit  5MB
-
-    [FILTER]
-        Name           kubernetes
-        Match          kube.*
-        Kube_URL       https://kubernetes.default.svc:443
-        Merge_JSON_Log On
-
-    [OUTPUT]
-        Name            kafka-rest
-        Match           *
-        Host            ${KAFKA_REST_HOST}
-        Port            ${KAFKA_REST_PORT}
-        Time_Key        @timestamp
-        Tag_Key         _fluent-tag
-        Include_Tag_Key On
-        Tag_Key         My_Tag_Key
-        Topic           ${KAFKA_TOPIC}
-        # Partition     0
-        # Message_Key abc
-
-  parsers.conf: |-
-    [PARSER]
-        Name   apache
-        Format regex
-        Regex  ^(?<host>[^ ]*) [^ ]* (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")?$
-        Time_Key time
-        Time_Format %d/%b/%Y:%H:%M:%S %z
-
-    [PARSER]
-        Name   apache2
-        Format regex
-        Regex  ^(?<host>[^ ]*) [^ ]* (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^ ]*) +\S*)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")?$
-        Time_Key time
-        Time_Format %d/%b/%Y:%H:%M:%S %z
-
-    [PARSER]
-        Name   apache_error
-        Format regex
-        Regex  ^\[[^ ]* (?<time>[^\]]*)\] \[(?<level>[^\]]*)\](?: \[pid (?<pid>[^\]]*)\])?( \[client (?<client>[^\]]*)\])? (?<message>.*)$
-
-    [PARSER]
-        Name   nginx
-        Format regex
-        Regex ^(?<remote>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")?$
-        Time_Key time
-        Time_Format %d/%b/%Y:%H:%M:%S %z
-
-    [PARSER]
-        Name   json-test
-        Format json
-        Time_Key time
-        Time_Format %d/%b/%Y:%H:%M:%S %z
-
-    [PARSER]
-        Name        docker
-        Format      json
-        Time_Key    time
-        Time_Format %Y-%m-%dT%H:%M:%S.%L
-        Time_Keep   On
-
-    [PARSER]
-        Name        syslog
-        Format      regex
-        Regex       ^\<(?<pri>[0-9]+)\>(?<time>[^ ]* {1,2}[^ ]* [^ ]*) (?<host>[^ ]*) (?<ident>[a-zA-Z0-9_\/\.\-]*)(?:\[(?<pid>[0-9]+)\])?(?:[^\:]*\:)? *(?<message>.*)$
-        Time_Key    time
-        Time_Format %b %d %H:%M:%S
diff --git a/fluent-bit-daemonset-kafka-rest.yml b/fluent-bit-daemonset-kafka-rest.yml
deleted file mode 100644
index 0287496..0000000
--- a/fluent-bit-daemonset-kafka-rest.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: fluent-bit
-  namespace: kube-system
-  labels:
-    k8s-app: fluent-bit-logging
-    version: v1
-    kubernetes.io/cluster-service: "true"
-spec:
-  selector:
-    matchLabels:
-      k8s-app: fluent-bit-logging
-  template:
-    metadata:
-      labels:
-        k8s-app: fluent-bit-logging
-        version: v1
-        kubernetes.io/cluster-service: "true"
-    spec:
-      containers:
-      - name: fluent-bit
-        image: fluent/fluent-bit:0.12.19
-        env:
-          - name:  KAFKA_REST_HOST
-            value: rest.kafka.svc.cluster.local
-          - name:  KAFKA_REST_PORT
-            value: "80"
-          - name:  KAFKA_TOPIC
-            value: fluent-bit
-        command:
-          - /fluent-bit/bin/fluent-bit
-          - -c
-          - /fluent-bit/etc/fluent-bit.conf
-        resources:
-          limits:
-            memory: 100Mi
-          requests:
-            cpu: 100m
-            memory: 100Mi
-        volumeMounts:
-        - name: config
-          mountPath: /fluent-bit/etc
-        - name: varlog
-          mountPath: /var/log
-        - name: varlibdockercontainers
-          mountPath: /var/lib/docker/containers
-          readOnly: true
-        - name: minikube
-          mountPath: /mnt/sda1/var/lib/docker/containers
-          readOnly: true
-      terminationGracePeriodSeconds: 10
-      volumes:
-      - name: config
-        configMap:
-          name: fluent-bit-config-kafka-rest
-      - name: varlog
-        hostPath:
-          path: /var/log
-      - name: varlibdockercontainers
-        hostPath:
-          path: /var/lib/docker/containers
-      - name: minikube
-        hostPath:
-          path: /mnt/sda1/var/lib/docker/containers
diff --git a/fluent-bit-role-binding.yaml b/fluent-bit-role-binding.yaml
deleted file mode 100644
index ff6f258..0000000
--- a/fluent-bit-role-binding.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
-  name: fluent-bit-read
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: fluent-bit-read
-subjects:
-- kind: ServiceAccount
-  name: fluent-bit
-  namespace: logging
diff --git a/loki-plugin/fluentbit-loki-plugin.yaml b/loki-plugin/fluentbit-loki-plugin.yaml
new file mode 100644
index 0000000..77342e3
--- /dev/null
+++ b/loki-plugin/fluentbit-loki-plugin.yaml
@@ -0,0 +1,16 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: fluentbit
+spec:
+  template:
+    spec:
+      containers:
+      - name: fluentbit
+        image: docker.io/grafana/fluent-bit-plugin-loki
+        command:
+        - /fluent-bit/bin/fluent-bit
+        - -c
+        - /fluent-bit/etc/fluent-bit.conf
+        - -e
+        - /fluent-bit/bin/out_grafana_loki.so
diff --git a/loki-plugin/kustomization.yaml b/loki-plugin/kustomization.yaml
new file mode 100644
index 0000000..db19126
--- /dev/null
+++ b/loki-plugin/kustomization.yaml
@@ -0,0 +1,19 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- ../loki
+
+images:
+- name: docker.io/grafana/fluent-bit-plugin-loki
+  newTag: latest@sha256:c5b84f0a41359c6dabdc27e30797157c82e5f440001723e5a6ae0fa255b12811
+
+patchesStrategicMerge:
+- fluentbit-loki-plugin.yaml
+
+configMapGenerator:
+- name: fluentbit
+  behavior: merge
+  files:
+  - outputs.conf=outputs-loki-plugin.conf
+  - labelmap.json
diff --git a/loki-plugin/labelmap.json b/loki-plugin/labelmap.json
new file mode 100644
index 0000000..b616ee0
--- /dev/null
+++ b/loki-plugin/labelmap.json
@@ -0,0 +1,13 @@
+{
+  "kubernetes": {
+    "container_name": "container",
+    "host": "node",
+    "namespace_name": "namespace",
+    "pod_name": "pod",
+    "labels" : {
+      "app.kubernetes.io/name": "app",
+      "app": "app"
+    }
+  },
+  "stream": "stream"
+}
diff --git a/loki-plugin/outputs-loki-plugin.conf b/loki-plugin/outputs-loki-plugin.conf
new file mode 100644
index 0000000..a8997a4
--- /dev/null
+++ b/loki-plugin/outputs-loki-plugin.conf
@@ -0,0 +1,14 @@
+
+# https://grafana.com/docs/loki/latest/clients/fluentbit/#configuration-options
+[OUTPUT]
+    Name            grafana-loki
+    Match           *
+    LogLevel        ${LOG_LEVEL}
+    Url             http://loki-ingest:3100/loki/api/v1/push
+
+    DqueDir         /var/run/fluent-bit/loki-plugin
+
+    Labels          {job="fluentbit"}
+    LabelMapPath    /fluent-bit/etc/labelmap.json
+    DropSingleKey   true
+    RemoveKeys      logtag,stream,kubernetes
diff --git a/loki/kustomization.yaml b/loki/kustomization.yaml
new file mode 100644
index 0000000..0326f89
--- /dev/null
+++ b/loki/kustomization.yaml
@@ -0,0 +1,24 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+images:
+- name: docker.io/grafana/loki
+  newTag: 2.3.0@sha256:bbf6dbf3264af939a541b6f3c014cba21a2bdc8f22cb7962eee7e9048b41ea5e
+
+resources:
+- ../base
+- loki-ingest-service.yaml
+- loki-query-service.yaml
+- loki-headless-service.yaml
+- loki-statefulset.yaml
+
+secretGenerator:
+- name: loki
+  files:
+  - loki.yaml=standalone.config.yaml
+
+configMapGenerator:
+- name: fluentbit
+  behavior: merge
+  files:
+  - outputs.conf=outputs-loki.conf
diff --git a/loki/loki-headless-service.yaml b/loki/loki-headless-service.yaml
new file mode 100644
index 0000000..f228804
--- /dev/null
+++ b/loki/loki-headless-service.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: loki-headless
+  annotations:
+    service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+spec:
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+  - name: gossip
+    port: 7946
+    protocol: TCP
+    targetPort: gossip
+  - name: grpc
+    port: 9096
+    protocol: TCP
+    targetPort: grpc
+  selector:
+    app.kubernetes.io/name: loki
diff --git a/loki/loki-ingest-service.yaml b/loki/loki-ingest-service.yaml
new file mode 100644
index 0000000..9bcc6e8
--- /dev/null
+++ b/loki/loki-ingest-service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: loki-ingest
+  labels:
+    app.kubernetes.io/name: loki
+spec:
+  type: ClusterIP
+  ports:
+  - name: http
+    port: 3100
+    protocol: TCP
+    targetPort: http
+  selector:
+    app.kubernetes.io/name: loki
diff --git a/loki/loki-query-service.yaml b/loki/loki-query-service.yaml
new file mode 100644
index 0000000..99b5355
--- /dev/null
+++ b/loki/loki-query-service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: loki-query
+  labels:
+    app.kubernetes.io/name: loki
+spec:
+  type: ClusterIP
+  ports:
+  - name: http
+    port: 3100
+    protocol: TCP
+    targetPort: http
+  - name: grpc
+    port: 9096
+    protocol: TCP
+    targetPort: grpc
+  selector:
+    app.kubernetes.io/name: loki
diff --git a/loki/loki-statefulset.yaml b/loki/loki-statefulset.yaml
new file mode 100644
index 0000000..e01f6ab
--- /dev/null
+++ b/loki/loki-statefulset.yaml
@@ -0,0 +1,73 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: loki
+  labels:
+    app.kubernetes.io/name: loki
+spec:
+  replicas: 1
+  podManagementPolicy: Parallel
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: loki
+  serviceName: loki-headless
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: loki
+      annotations:
+        fluentbit.io/exclude: "true"
+    spec:
+      securityContext:
+        fsGroup: 10001
+        runAsGroup: 10001
+        runAsNonRoot: true
+        runAsUser: 10001
+      terminationGracePeriodSeconds: 25
+      containers:
+      - name: loki
+        image: docker.io/grafana/loki
+        securityContext:
+          readOnlyRootFilesystem: true
+        args:
+        - -config.file=/etc/loki/loki.yaml
+        - -config.expand-env=true
+        - -log.level=$(LOG_LEVEL)
+        env:
+        - name: LOG_LEVEL
+          value: info
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        ports:
+        - name: http
+          containerPort: 3100
+          protocol: TCP
+        - name: grpc
+          containerPort: 9096
+          protocol: TCP
+        - name: gossip
+          containerPort: 7946
+          protocol: TCP
+        readinessProbe:
+          httpGet:
+            path: /ready
+            port: http
+        volumeMounts:
+        - name: config
+          mountPath: /etc/loki
+        - name: data
+          mountPath: /loki
+      volumes:
+      - name: config
+        secret:
+          secretName: loki
+      - name: data
+        emptyDir: {}
diff --git a/loki/outputs-loki.conf b/loki/outputs-loki.conf
new file mode 100644
index 0000000..af11db8
--- /dev/null
+++ b/loki/outputs-loki.conf
@@ -0,0 +1,10 @@
+[OUTPUT]
+    Name        loki
+    Match       *
+    Host        loki-ingest
+    Port        3100
+    # https://github.com/fluent/fluent-bit/issues/3269
+    # https://github.com/grafana/loki/issues/1544
+    labels      job=fluentbit, namespace=$kubernetes['namespace_name'], pod=$kubernetes['pod_name'], container=$kubernetes['container_name']
+    remove_keys kubernetes,stream
+    log_level   ${LOG_LEVEL}
diff --git a/loki/standalone.config.yaml b/loki/standalone.config.yaml
new file mode 100644
index 0000000..d995e67
--- /dev/null
+++ b/loki/standalone.config.yaml
@@ -0,0 +1,56 @@
+# For more suggested overrides see https://github.com/grafana/loki/blob/v2.3.0/cmd/loki/loki-local-config.yaml
+# and of course https://github.com/grafana/loki/blob/v2.3.0/docs/sources/configuration/_index.md
+
+auth_enabled: false
+
+server:
+  http_listen_address: 0.0.0.0
+  http_listen_port: 3100
+  grpc_listen_port: 9096
+
+ingester:
+  lifecycler:
+    address: 0.0.0.0
+    ring:
+      kvstore:
+        store: inmemory
+      replication_factor: 1
+  wal:
+    enabled: true
+    dir: /loki/wal
+  max_transfer_retries: 0
+
+schema_config:
+  configs:
+  - from: 2021-08-13
+    store: boltdb-shipper
+    object_store: filesystem
+    schema: v11
+    index:
+      prefix: index_
+      period: 24h
+
+storage_config:
+  boltdb_shipper:
+    active_index_directory: /loki/boltdb-shipper-active
+    cache_location: /loki/boltdb-shipper-cache
+    shared_store: filesystem
+  filesystem:
+    directory: /loki/chunks
+
+compactor:
+  working_directory: /loki/boltdb-shipper-compactor
+  shared_store: filesystem
+
+limits_config:
+  reject_old_samples: true
+  reject_old_samples_max_age: 1h
+
+chunk_store_config:
+  max_look_back_period: 0s
+
+table_manager:
+  retention_deletes_enabled: false
+  retention_period: 0s
+
+# ruler:
diff --git a/loki/test/Kustomization b/loki/test/Kustomization
new file mode 100644
index 0000000..4436eb4
--- /dev/null
+++ b/loki/test/Kustomization
@@ -0,0 +1,3 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: ["lokitest-job.yaml"]
diff --git a/loki/test/lokitest-job.yaml b/loki/test/lokitest-job.yaml
new file mode 100644
index 0000000..7dc8d76
--- /dev/null
+++ b/loki/test/lokitest-job.yaml
@@ -0,0 +1,51 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: lokitest
+spec:
+  backoffLimit: 5
+  template:
+    spec:
+      containers:
+      - name: lokitest
+        # Use any image with curl and logcli, or use curlimages/curl and replace logcli use with REST api calls
+        image: yolean/toil:16986b1488a60eaf2d81a8ff8f8f54f3aeacad1a@sha256:4717a46e082ac5a14da9a3e6e2aa2cd012f94989b2ee3c41ce7d39fa463d9915
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        command:
+        - /bin/bash
+        - -cx
+        - |
+          alias curl='curl -f -s --retry-connrefused --retry 20'
+          curl http://loki-ingest:3100/ready
+          curl http://loki-ingest:3100/metrics | grep memberlist | grep _count | grep -v gauge
+          curl http://loki-ingest:3100/config
+          curl http://loki-query:3100/loki/api/v1/labels
+          curl http://loki-query:3100/loki/api/v1/label/pod/values
+          function stream1 {
+            set +x
+            log=$1; [ -n "$log" ] || log="Logged at $(date -Ins)"
+            echo '{"streams":[{"stream":{"job":"lokitest"},"values":[["'$(date +%s%N)'","'$log'"]]}]}'
+            set -x
+          }
+          stream1 | jq -c .
+          t=$(date +%F'T'%T.%N'Z')
+          curl -H "Content-Type: application/json" -XPOST -w "%{http_code}\n" "http://loki-ingest:3100/loki/api/v1/push" --data-raw "$(stream1)"
+          export LOKI_ADDR=http://loki-query:3100
+          logcli query '{job="lokitest"}' --from=$t
+          # Test distriuted Loki, where ingestion might work while distribution doesn't; check if results differ between pods
+          for POD_IP in $(getent hosts loki-headless | cut -d' ' -f1); do
+            echo "# Loki pod IP $POD_IP"
+            curl -H "Content-Type: application/json" -XPOST -w "%{http_code}\n" "http://$POD_IP:3100/loki/api/v1/push" --data-raw "$(stream1)"
+            logcli --addr=http://$POD_IP:3100 query '{job="lokitest"}' --from=$t
+          done
+          echo "Sleeping for experiments through: kubectl -n $POD_NAMESPACE exec $POD_NAME -ti -- bash"
+          sleep 3600
+      restartPolicy: Never
diff --git a/output/elasticsearch/fluent-bit-configmap.yaml b/output/elasticsearch/fluent-bit-configmap.yaml
index 207b4ac..5b8504d 100644
--- a/output/elasticsearch/fluent-bit-configmap.yaml
+++ b/output/elasticsearch/fluent-bit-configmap.yaml
@@ -4,7 +4,7 @@ metadata:
   name: fluent-bit-config
   namespace: logging
   labels:
-    k8s-app: fluent-bit
+    app.kubernetes.io/name: fluent-bit
 data:
   # Configuration files: server, input, filters and output
   # ======================================================
@@ -79,7 +79,7 @@ data:
     [PARSER]
         Name   nginx
         Format regex
-        Regex ^(?<remote>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")?$
+        Regex ^(?<remote>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")
         Time_Key time
         Time_Format %d/%b/%Y:%H:%M:%S %z
 
diff --git a/output/elasticsearch/fluent-bit-ds-minikube.yaml b/output/elasticsearch/fluent-bit-ds-minikube.yaml
index f8971e8..3a9cbe1 100644
--- a/output/elasticsearch/fluent-bit-ds-minikube.yaml
+++ b/output/elasticsearch/fluent-bit-ds-minikube.yaml
@@ -4,8 +4,8 @@ metadata:
   name: fluent-bit
   namespace: logging
   labels:
-    k8s-app: fluent-bit-logging
-    version: v1
+    app.kubernetes.io/name: fluent-bit-logging
+    app.kubernetes.io/version: v1
     kubernetes.io/cluster-service: "true"
 spec:
   selector:
@@ -14,8 +14,8 @@ spec:
   template:
     metadata:
       labels:
-        k8s-app: fluent-bit-logging
-        version: v1
+        app.kubernetes.io/name: fluent-bit-logging
+        app.kubernetes.io/version: v1
         kubernetes.io/cluster-service: "true"
       annotations:
         prometheus.io/scrape: "true"
diff --git a/output/elasticsearch/fluent-bit-ds.yaml b/output/elasticsearch/fluent-bit-ds.yaml
index 4e56125..66cfdcc 100644
--- a/output/elasticsearch/fluent-bit-ds.yaml
+++ b/output/elasticsearch/fluent-bit-ds.yaml
@@ -4,8 +4,8 @@ metadata:
   name: fluent-bit
   namespace: logging
   labels:
-    k8s-app: fluent-bit-logging
-    version: v1
+    app.kubernetes.io/name: fluent-bit-logging
+    app.kubernetes.io/version: v1
     kubernetes.io/cluster-service: "true"
 spec:
   selector:
@@ -14,8 +14,8 @@ spec:
   template:
     metadata:
       labels:
-        k8s-app: fluent-bit-logging
-        version: v1
+        app.kubernetes.io/name: fluent-bit-logging
+        app.kubernetes.io/version: v1
         kubernetes.io/cluster-service: "true"
       annotations:
         prometheus.io/scrape: "true"
diff --git a/output/kafka/fluent-bit-configmap.yaml b/output/kafka/fluent-bit-configmap.yaml
index bbfbfdc..a7f1829 100644
--- a/output/kafka/fluent-bit-configmap.yaml
+++ b/output/kafka/fluent-bit-configmap.yaml
@@ -4,7 +4,7 @@ metadata:
   name: fluent-bit-config
   namespace: logging
   labels:
-    k8s-app: fluent-bit
+    app.kubernetes.io/name: fluent-bit
 data:
   # Configuration files: server, input, filters and output
   # ======================================================
@@ -84,7 +84,7 @@ data:
     [PARSER]
         Name   nginx
         Format regex
-        Regex ^(?<remote>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")?$
+        Regex ^(?<remote>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^\"]*?)(?: +\S*)?)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")
         Time_Key time
         Time_Format %d/%b/%Y:%H:%M:%S %z
 
diff --git a/output/kafka/fluent-bit-ds-minikube.yaml b/output/kafka/fluent-bit-ds-minikube.yaml
index 34d9e7a..42b73a1 100644
--- a/output/kafka/fluent-bit-ds-minikube.yaml
+++ b/output/kafka/fluent-bit-ds-minikube.yaml
@@ -4,8 +4,8 @@ metadata:
   name: fluent-bit
   namespace: logging
   labels:
-    k8s-app: fluent-bit-logging
-    version: v1
+    app.kubernetes.io/name: fluent-bit-logging
+    app.kubernetes.io/version: v1
     kubernetes.io/cluster-service: "true"
 spec:
   updateStrategy:
@@ -16,8 +16,8 @@ spec:
   template:
     metadata:
       labels:
-        k8s-app: fluent-bit-logging
-        version: v1
+        app.kubernetes.io/name: fluent-bit-logging
+        app.kubernetes.io/version: v1
         kubernetes.io/cluster-service: "true"
       annotations:
         prometheus.io/scrape: "true"
diff --git a/output/kafka/fluent-bit-ds.yaml b/output/kafka/fluent-bit-ds.yaml
index 604587b..ec764b1 100644
--- a/output/kafka/fluent-bit-ds.yaml
+++ b/output/kafka/fluent-bit-ds.yaml
@@ -4,8 +4,8 @@ metadata:
   name: fluent-bit
   namespace: logging
   labels:
-    k8s-app: fluent-bit-logging
-    version: v1
+    app.kubernetes.io/name: fluent-bit-logging
+    app.kubernetes.io/version: v1
     kubernetes.io/cluster-service: "true"
 spec:
   updateStrategy:
@@ -13,11 +13,12 @@ spec:
   selector:
     matchLabels:
       k8s-app: fluent-bit-logging
+      version: v1
   template:
     metadata:
       labels:
-        k8s-app: fluent-bit-logging
-        version: v1
+        app.kubernetes.io/name: fluent-bit-logging
+        app.kubernetes.io/version: v1
         kubernetes.io/cluster-service: "true"
       annotations:
         prometheus.io/scrape: "true"
diff --git a/fluent-bit-role.yaml b/rbac/fluentbit-role.yaml
similarity index 63%
rename from fluent-bit-role.yaml
rename to rbac/fluentbit-role.yaml
index e55463a..1332b96 100644
--- a/fluent-bit-role.yaml
+++ b/rbac/fluentbit-role.yaml
@@ -1,7 +1,7 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: fluent-bit-read
+  name: fluentbit-read
 rules:
 - apiGroups: [""]
   resources:
diff --git a/rbac/fluentbit-rolebinding.yaml b/rbac/fluentbit-rolebinding.yaml
new file mode 100644
index 0000000..3a25a7f
--- /dev/null
+++ b/rbac/fluentbit-rolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fluentbit-read
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fluentbit-read
+subjects:
+- kind: ServiceAccount
+  name: fluentbit
+  # set by Kustomize: namespace:
diff --git a/fluent-bit-service-account.yaml b/rbac/fluentbit-serviceaccount.yaml
similarity index 53%
rename from fluent-bit-service-account.yaml
rename to rbac/fluentbit-serviceaccount.yaml
index c541d81..1036a0a 100644
--- a/fluent-bit-service-account.yaml
+++ b/rbac/fluentbit-serviceaccount.yaml
@@ -1,5 +1,4 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: fluent-bit
-  namespace: logging
+  name: fluentbit
diff --git a/rbac/kustomization.yaml b/rbac/kustomization.yaml
new file mode 100644
index 0000000..2ab92f7
--- /dev/null
+++ b/rbac/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- fluentbit-serviceaccount.yaml
+- fluentbit-role.yaml
+- fluentbit-rolebinding.yaml
diff --git a/testpod.yml b/testpod.yml
deleted file mode 100644
index 9ee3cd0..0000000
--- a/testpod.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: testpod-fluentbit-kafka
-  namespace: default
-spec:
-  containers:
-  - name: kafkacat
-    image: solsson/kafkacat@sha256:1266d140c52cb39bf314b6f22b6d7a01c4c9084781bc779fdfade51214a713a8
-    command:
-      - bash
-      - -ec
-      - >
-        cd /usr/local/bin;
-        echo '#!/bin/bash' > logs-cat;
-        chmod +x logs-cat;
-        echo "kafkacat -b kafka-0.broker.kafka.svc.cluster.local:9092 -C -t fluent-bit -o end" >> logs-cat;
-
-        echo "Won't cat logs to stdout because it would create an infinite loop of log aggregation.";
-        echo "Instead run something like:";
-        echo "kubectl -n default exec -ti testpod-fluentbit-kafka -- logs-cat";
-        tail -f /dev/null;