Deploy the jaeger-all-in-one-opentelemetry helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

To deploy the `jaeger-all-in-one-opentelemetry` Helm chart on Azure Red Hat OpenShift (ARO), we will need to perform several steps. I'll take you through the process and explain each step in detail.

1. **Create an Azure Red Hat OpenShift Cluster**: We’ll need to provision an ARO cluster where our applications and services can run. We do this by using the `azure-native.redhatopenshift.OpenShiftCluster` resource. This resource sets up the managed OpenShift cluster on Azure.

2. **Install Helm Chart on the OpenShift Cluster**: Once we have our ARO cluster up and running, we’ll deploy the `jaeger-all-in-one-opentelemetry` Helm chart. Pulumi allows us to deploy Helm charts directly using the `kubernetes.helm.v3.Chart` resource from the `kubernetes` package. This resource represents a Helm chart in a Pulumi program.

Here is a step-by-step Pulumi program written in TypeScript to achieve your goal:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";
import * as azuread from "@pulumi/azuread";
import * as azure_native from "@pulumi/azure-native";

// Create an Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("rg", {
    resourceGroupName: "aroResourceGroup",
    location: "eastus", // Choose an appropriate Azure region here
});

// Create an Azure AD App and Service Principal for our OpenShift cluster
const app = new azuread.Application("app", {
    displayName: "aroOpenshiftApp",
});

const servicePrincipal = new azuread.ServicePrincipal("service-principal", {
    applicationId: app.applicationId,
});

const servicePrincipalPassword = new azuread.ServicePrincipalPassword("service-principal-password", {
    servicePrincipalId: servicePrincipal.id,
    endDate: "2099-01-01T00:00:00Z",
});

// Create an Azure Red Hat OpenShift cluster
const openshiftCluster = new azure_native.redhatopenshift.OpenShiftCluster("openshiftCluster", {
    resourceGroupName: resourceGroup.name,
    resourceName: "myAROCluster",
    location: resourceGroup.location,
    clusterProfile: {
        pullSecret: "", // Provide the pull secret from Red Hat OpenShift
        domain: "example.com", // Set your domain
        version: "4.3.0", // Set your OpenShift version
    },
    masterProfile: {
        vmSize: "Standard_D8s_v3",
    },
    workerProfiles: [{
        name: "worker",
        count: 3,
        vmSize: "Standard_D4s_v3",
    }],
    servicePrincipalProfile: {
        clientId: app.applicationId,
        clientSecret: servicePrincipalPassword.value,
    },
    networkProfile: {
        podCidr: "10.128.0.0/14",
        serviceCidr: "172.30.0.0/16",
    },
});

// Get the generated kubeconfig from ARO cluster to interact with the Kubernetes cluster
const creds = pulumi.all([resourceGroup.name, openshiftCluster.name]).apply(([rgName, clusterName]) =>
    azure_native.redhatopenshift.listOpenShiftClusterCredentials({
        resourceGroupName: rgName,
        resourceName: clusterName,
    }));

// Set up a Kubernetes provider using the kubeconfig
const k8sProvider = new kubernetes.Provider("k8sProvider", {
    kubeconfig: creds.kubeconfig,
});

// Deploy the jaeger-all-in-one-opentelemetry Helm chart
const jaegerHelmChart = new kubernetes.helm.v3.Chart("jaeger-all-in-one-opentelemetry", {
    chart: "jaeger",
    version: "2.20.0", // Specify the version of the chart to deploy
    fetchOpts: {
        repo: "https://jaegertracing.github.io/helm-charts",
    },
}, { provider: k8sProvider });

// Export the public URL for the Jaeger UI
const jaegerUrl = jaegerHelmChart.getResourceProperty("v1/Service", "jaeger-operator-webhook", "status").apply(status => {
    const ingress = status.loadBalancer.ingress[0];
    if (ingress.ip) {
        return `http://${ingress.ip}`;
    } else {
        return pulumi.interpolate`http://${ingress.hostname}`;
    }
});

export const url = jaegerUrl;
```

In the code above, we started by creating a new `ResourceGroup` since all Azure resources need to live within a resource group. Then we set up a new Azure AD application and service principal which are required to authenticate the OpenShift cluster against other Azure services.

After we have the ARO cluster defined, we then retrieve the necessary credentials to interact with the ARO cluster. With the credentials, we define a Kubernetes provider which helps Pulumi understand how to interact with our Kubernetes cluster.

Finally, we deploy the Jaeger Helm chart to our Kubernetes cluster and export the URL for the Jaeger UI service so that it’s easy for us to navigate to the Jaeger interface.

Remember to replace placeholders like `pullSecret`, `domain`, and any other configuration options with values relevant to your deployment. Ensure that you have set your Azure credentials locally using `az login` or have configured your Pulumi program appropriately to use your Azure subscription credentials.

Once you've completed setting up this Pulumi program, you can deploy your infrastructure by running `pulumi up` from your command line in the directory where your `index.ts` (or equivalent TypeScript file) is located. This will run through the provisioning process based on the defined resources. After successful deployment, you can access the Jaeger UI using the exported URL.