Deploy the openshift-logstash helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

Deploying an application using a Helm chart onto an Azure Managed OpenShift Service involves several steps. You'll need to first create an OpenShift Managed Cluster on Azure, then use Helm to deploy your application, such as the openshift-logstash chart, to the cluster.

Below I'll guide you through the entire process using Pulumi in TypeScript, starting from setting up the managed OpenShift cluster to deploying the Helm chart.

Prerequisites

Before running the Pulumi program, make sure you have the following prerequisites met:

Pulumi CLI installed and configured for use with Azure.
Azure CLI installed and you are logged in (az login).
Proper rights to create resources in your Azure subscription.
@pulumi/azure-native and @pulumi/kubernetes npm packages installed.

You can install necessary Pulumi packages via npm:

npm install @pulumi/azure-native @pulumi/kubernetes

1. Create a Managed OpenShift Cluster on Azure

We begin by creating an Azure Managed OpenShift Cluster using the azure-native.redhatopenshift.OpenShiftCluster resource.

2. Deploy the Helm Chart

Once the cluster is provisioned, we can deploy the openshift-logstash Helm chart using the Chart resource from the @pulumi/kubernetes library.

Pulumi Program to Deploy an OpenShift Cluster and Helm Chart

Below is the full Pulumi TypeScript program that accomplishes these tasks:

import * as pulumi from "@pulumi/pulumi";
import * as azureNative from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an Azure Managed OpenShift Cluster
const resourceGroupName = new azureNative.resources.ResourceGroup("resourceGroup", {
    resourceGroupName: "openshiftResourceGroup",
    location: "EastUS", // Update the location to your preferred Azure region
});

const cluster = new azureNative.redhatopenshift.OpenShiftCluster("cluster", {
    resourceName: "myOpenShiftCluster",
    resourceGroupName: resourceGroupName.name,
    location: resourceGroupName.location,
    tags: {
        environment: "production",
    },
    pullSecret: "<REDACTED>", // Replace with your pull secret which you can get from Red Hat OpenShift Cluster Manager
    clusterProfile: {
        domain: "example-domain", // Set a unique domain name for your cluster
        resourceGroupId: resourceGroupName.id,
    },
    networkProfile: {
        podCidr: "10.2.0.0/16",
        serviceCidr: "10.3.0.0/16",
    },
    masterProfile: {
        vmSize: "Standard_D4s_v3",
    },
    workerProfiles: [
        {
            name: "worker",
            vmSize: "Standard_D4s_v3",
            diskSizeGB: 128,
            count: 3,
        },
    ],
});

// Export the cluster's kubeconfig after the cluster is provisioned
const kubeconfig = pulumi.all([resourceGroupName.name, cluster.name]).apply(([resourceGroupName, clusterName]) => {
    return azureNative.redhatopenshift.getOpenShiftCluster({
        resourceGroupName,
        resourceName: clusterName,
    });
}).apply(cluster => cluster.kubeadminConfig?.config);

// Step 2: Deploy the Helm Chart to the OpenShift Cluster
const logstashChart = new k8s.helm.v3.Chart("openshift-logstash", {
    chart: "logstash",
    version: "7.10.2", // Specify the chart version you wish to deploy
    fetchOpts: {
        repo: "https://helm.elastic.co",
    },
    values: {
        // Customize logstash values according to your need or leave as default
    },
}, { provider: new k8s.Provider("k8sProvider", { kubeconfig })});

// Export the external IP to access the logstash instance after it's provisioned
export const logstashExternalIp = logstashChart.getResourceProperty("v1/Service", "logstash-logstash", "status").apply(status => status.loadBalancer.ingress[0].ip);

Explanation

A new resource group is created for the OpenShift cluster to reside in.
The OpenShiftCluster resource is created with necessary properties. Make sure you replace placeholders like <REDACTED> with actual values you get from Azure or OpenShift.
We then export the kubeconfig value of the cluster which will be used to configure the Kubernetes provider.
The Chart resource is initialized with the name and version of the logstash Helm chart; adjust the values and version as per your requirement.
Finally, we export an external IP address to access the Logstash instance. After running pulumi up, you can use this IP to interact with your Logstash application.

Make sure to review and customize the parameters such as the resource group location, domain, pull secret, and Helm chart values as per your requirements.

After writing this program, you can deploy the infrastructure by running pulumi up. The CLI output will show you a preview of the resources Pulumi plans to create. Confirm the prompt to start the deployment. Once the deployment is complete, you'll get the external IP as a stack output which you can use to access your logstash instance.

Note: This program assumes that OpenShift-compatible Helm charts are available in the specified repository, and that the OpenShift cluster is properly configured to run Helm charts. If further customization is needed, the values object in the logstashChart creation can be modified accordingly.