Deploy the prometheus-target helm chart on Rancher

Question

Pulumi · Accepted Answer

To deploy a Helm chart for Prometheus on a Rancher-managed Kubernetes cluster using Pulumi, you'll first need to set up a Pulumi project, if you haven't already. This project will contain the code that describes your deployment. Pulumi supports several programming languages; we'll use TypeScript in this example for its strong typing and popularity in cloud projects.

Here's how you might go about deploying the `prometheus-target` Helm chart:

1. **Create a new Pulumi project**: You can do this with the Pulumi CLI by running `pulumi new typescript`.
2. **Install necessary dependencies**: You'll need to add the Pulumi Rancher 2 provider to your project to interact with Rancher.
3. **Write your Pulumi code**: This involves instantiating the necessary resources that represent your Helm chart deployment.
4. **Deploy your stack**: Run `pulumi up` to execute your Pulumi program and create the resources.

Now let's walk through the code.

First, add the Pulumi Rancher 2 provider package to your project:

```shell
npm install @pulumi/rancher2
```

With the necessary package installed, here is the Pulumi TypeScript program that deploys the `prometheus-target` Helm chart:

```typescript
import * as rancher2 from "@pulumi/rancher2";
import * as pulumi from "@pulumi/pulumi";

// Create a new rancher2 provider instance to interact with your Rancher server
const rancherProvider = new rancher2.Provider("rancher", {
    api_url: "https://rancher.yourdomain.com/v3", // Replace with your Rancher server URL
    accessKey: "yourRancherAccessKey",            // Replace with your Rancher access key
    secretKey: "yourRancherSecretKey",            // Replace with your Rancher secret key
    // Important: Secret values like `accessKey` and `secretKey` should be managed with secrets handling in real scenarios (e.g., pulumi config)
});

// Assuming you have a project already set up in Rancher
const project = rancher2.getProject("projectName", { name: "default" }); // Replace 'default' with your project name or ID

// Deploy the prometheus-target Helm chart
const prometheusChart = new rancher2.AppV2("prometheus-target", {
    clusterId: pulumi.interpolate`${project.clusterId}`, // Reference the cluster ID from the project
    projectNamespaceId: "prometheus",                    // Replace with your desired namespace
    repoName: "helm",                                    // Replace with the Helm repo name where your chart exists
    chartName: "prometheus-target",                      // The chart name to deploy
    chartVersion: "x.x.x",                               // Specify the version of the chart
    targetNamespace: "monitoring",                       // Namespace where you want to install your chart
    values: pulumi.all([project.clusterId]).apply(([cid]) => {
        return `prometheus:
  service:
    type: ClusterIP
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: nginx
    paths:
      - /
    hosts:
      - prometheus.${cid}.yourdomain.com`
    }),
}, { provider: rancherProvider });

// Export the endpoint of Prometheus
export const prometheusEndpoint = pulumi.interpolate`http://prometheus.${project.clusterId}.yourdomain.com`;
```

In this code, we first create a new `rancher2.Provider` which is required to interact with your Rancher server. The provider configuration includes the API URL of your Rancher server and the access and secret keys for authentication.

Next, we retrieve a Rancher project using `rancher2.getProject`. The project encapsulates your Kubernetes cluster and namespace settings.

We then instantiate a `rancher2.AppV2` resource, which represents a Helm chart deployment in Rancher. The chart details like the repository, chart name, and version are specified, alongside the desired namespace for deployment. We also provide a `values` string in YAML format which can be customized as per your requirements. These should match the options available for the `prometheus-target` Helm chart.

Finally, we export an endpoint for the Prometheus service, interpolating the project's cluster ID into the URL, which you would replace with the actual domain configured in your environment.

Before running `pulumi up`, remember to replace placeholder values like the server URL, `accessKey`, `secretKey`, `projectName`, and other details with real values from your Rancher and Helm chart configuration. It's also good practice to manage sensitive configuration like access keys as secrets within Pulumi, which wasn’t done here for simplicity in illustration.