Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: Cloud Deployment Azure #15397

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Conversation

Jayclifford345
Copy link
Contributor

What this PR does / why we need it:
Continuation of the cloud deployment guides. This teaches the user how to deploy Loki on Azure using the helm. Including:

  • Azure Setup
  • Helm values config
  • Testing
    I have also added some opinionated recommendations to the helm index page for review aswell.

Checklist

  • Reviewed the CONTRIBUTING.md guide (required)
  • Documentation added
  • Tests updated
  • Title matches the required conventional commits format, see here
    • Note that Promtail is considered to be feature complete, and future development for logs collection will be in Grafana Alloy. As such, feat PRs are unlikely to be accepted unless a case can be made for the feature actually being a bug fix to existing behavior.
  • Changes that require user attention or interaction to upgrade are documented in docs/sources/setup/upgrade/_index.md
  • If the change is deprecating or removing a configuration option, update the deprecated-config.yaml and deleted-config.yaml files respectively in the tools/deprecated-config-checker directory. Example PR

@Jayclifford345 Jayclifford345 requested a review from a team as a code owner December 12, 2024 17:13
@github-actions github-actions bot added the type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories label Dec 12, 2024
Copy link
Contributor

@JStickler JStickler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[Docs team] One thing I noticed, there's a lot of bolding in this PR. Try to use bold sparingly, because if you use it too much, it starts to lose its emphasis.

docs/sources/setup/install/helm/_index.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
docs/sources/setup/install/helm/deployment-guides/azure.md Outdated Show resolved Hide resolved
@Jayclifford345
Copy link
Contributor Author

Hey @JStickler that is the changes in and ready for your review :)

Copy link
Contributor

@JStickler JStickler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[docs team] Looking good!

Comment on lines +19 to +20
- Manged Identity
- Federated Token
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Manged Identity
- Federated Token
- Manged identity
- Federated token

## Considerations

{{< admonition type="caution" >}}
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/?product=popular) before creating your storage account and assigning roles.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You don't need the text after a question mark in a URL.

Suggested change
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/?product=popular) before creating your storage account and assigning roles.
This guide was accurate at the time it was last updated on **11th of December, 2024**. As cloud providers frequently update their services and offerings, as a best practice, you should refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/) before creating your storage account and assigning roles.

## Configuring Azure Blob Storage

{{< admonition type="tip" >}}
Consider using unique bucket names rather than: `chunk`, `ruler` and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Consider using unique bucket names rather than: `chunk`, `ruler` and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets.
Consider using unique bucket names rather than: `chunk`, `ruler`, and `admin`. Although Azure Blog Storage is not directly affected by this [security update](https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/) it is a best practice to use unique container names for buckets.

- Kubectl installed on your local machine. Refer to [Install and Set Up kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
- Azure CLI installed on your local machine. Refer to [Installing the Azure CLI](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli). This is a requirement for following this guide as all resources will be created using the Azure CLI.

### AKS Minimum Requirements
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### AKS Minimum Requirements
### AKS minimum requirements


With the storage account and containers created, you can now proceed to creating the Azure AD role and federated credentials.

## Creating the Azure AD Role and Federated Credentials
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## Creating the Azure AD Role and Federated Credentials
## Creating the Azure AD role and federated credentials

loki-ruler-0 1/1 Running 0 10m
```

### Find the Loki Gateway Service
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Find the Loki Gateway Service
### Find the Loki gateway service


### Find the Loki Gateway Service

The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway.
The Loki gateway service is a load balancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway.

The Loki Gateway service is a LoadBalancer service that exposes the Loki gateway to the internet. This is where you will write logs to and query logs from. By default NGINX is used as the gateway.

{{< admonition type="caution" >}}
The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information.
The Loki gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information.

The Loki Gateway service is exposed to the internet. We provide basic authentication using a username and password in this tutorial. Refer to the [Authentication](https://grafana.com/docs/loki/<LOKI_VERSION>/operations/authentication/) documentation for more information.
{{< /admonition >}}

To find the Loki Gateway service, run the following command:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
To find the Loki Gateway service, run the following command:
To find the Loki gateway service, run the following command:

```bash
kubectl get svc -n loki
```
You should see the Loki Gateway service with an external IP address. This is the address you will use to write to and query Loki.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
You should see the Loki Gateway service with an external IP address. This is the address you will use to write to and query Loki.
You should see the Loki gateway service with an external IP address. This is the address you will use to write to and query Loki.

Copy link
Contributor

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
size/XL type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants