-
Notifications
You must be signed in to change notification settings - Fork 3.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: Cloud Deployment Azure #15397
base: main
Are you sure you want to change the base?
docs: Cloud Deployment Azure #15397
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[Docs team] One thing I noticed, there's a lot of bolding in this PR. Try to use bold sparingly, because if you use it too much, it starts to lose its emphasis.
Co-authored-by: J Stickler <julie.stickler@grafana.com>
Hey @JStickler that is the changes in and ready for your review :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[docs team] Looking good!
- Manged Identity | ||
- Federated Token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Manged Identity | |
- Federated Token | |
- Manged identity | |
- Federated token |
## Considerations | ||
|
||
{{< admonition type="caution" >}} | ||
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/?product=popular) before creating your storage account and assigning roles. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need the text after a question mark in a URL.
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/?product=popular) before creating your storage account and assigning roles. | |
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/) before creating your storage account and assigning roles. |
## Configuring Azure Blob Storage | ||
|
||
{{< admonition type="tip" >}} | ||
Consider using unique bucket names rather than: `chunk`, `ruler` and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider using unique bucket names rather than: `chunk`, `ruler` and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets. | |
Consider using unique bucket names rather than: `chunk`, `ruler`, and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets. |
- Kubectl installed on your local machine. Refer to [Install and Set Up kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/). | ||
- Azure CLI installed on your local machine. Refer to [Installing the Azure CLI](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli). This is a requirement for following this guide as all resources will be created using the Azure CLI. | ||
|
||
### AKS Minimum Requirements |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
### AKS Minimum Requirements | |
### AKS minimum requirements |
|
||
With the storage account and containers created, you can now proceed to creating the Azure AD role and federated credentials. | ||
|
||
## Creating the Azure AD Role and Federated Credentials |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
## Creating the Azure AD Role and Federated Credentials | |
## Creating the Azure AD role and federated credentials |
loki-ruler-0 1/1 Running 0 10m | ||
``` | ||
|
||
### Find the Loki Gateway Service |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
### Find the Loki Gateway Service | |
### Find the Loki gateway service |
|
||
### Find the Loki Gateway Service | ||
|
||
The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway. | |
The Loki gateway service is a load balancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway. |
The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway. | ||
|
||
{{< admonition type="caution" >}} | ||
The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information. | |
The Loki gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information. |
The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information. | ||
{{< /admonition >}} | ||
|
||
To find the Loki Gateway service, run the following command: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To find the Loki Gateway service, run the following command: | |
To find the Loki gateway service, run the following command: |
```bash | ||
kubectl get svc -n loki | ||
``` | ||
You should see the Loki Gateway service with an external IP address. This is the address you will use to write to and query Loki. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should see the Loki Gateway service with an external IP address. This is the address you will use to write to and query Loki. | |
You should see the Loki gateway service with an external IP address. This is the address you will use to write to and query Loki. |
💻 Deploy preview available: https://deploy-preview-loki-15397-zb444pucvq-vp.a.run.app/docs/loki/latest/ |
What this PR does / why we need it:
Continuation of the cloud deployment guides. This teaches the user how to deploy Loki on Azure using the helm. Including:
I have also added some opinionated recommendations to the helm index page for review aswell.
Checklist
CONTRIBUTING.md
guide (required)feat
PRs are unlikely to be accepted unless a case can be made for the feature actually being a bug fix to existing behavior.docs/sources/setup/upgrade/_index.md
deprecated-config.yaml
anddeleted-config.yaml
files respectively in thetools/deprecated-config-checker
directory. Example PR