Chapter 8. Red Hat Developer Hub integration with Microsoft Azure Kubernetes Service (AKS)


You can integrate Developer Hub with Microsoft Azure Kubernetes Service (AKS), which provides a significant advancement in development, offering a streamlined environment for building, deploying, and managing your applications.

This integration requires the deployment of Developer Hub on AKS using one of the following methods:

  • The Helm chart
  • The Red Hat Developer Hub Operator

8.1. Monitoring and logging with Azure Kubernetes Services (AKS) in Red Hat Developer Hub

Monitoring and logging are integral aspects of managing and maintaining Azure Kubernetes Services (AKS) in Red Hat Developer Hub. With features like Managed Prometheus Monitoring and Azure Monitor integration, administrators can efficiently monitor resource utilization, diagnose issues, and ensure the reliability of their containerized workloads.

To enable Managed Prometheus Monitoring, use the -enable-azure-monitor-metrics option within either the az aks create or az aks update command, depending on whether you’re creating a new cluster or updating an existing one, such as:

az aks create/update --resource-group <your-ResourceGroup> --name <your-Cluster> --enable-azure-monitor-metrics

The previous command installs the metrics add-on, which gathers Prometheus metrics. Using the previous command, you can enable monitoring of Azure resources through both native Azure Monitor metrics and Prometheus metrics. You can also view the results in the portal under Monitoring Insights. For more information, see Monitor Azure resources with Azure Monitor.

Furthermore, metrics from both the Managed Prometheus service and Azure Monitor can be accessed through Azure Managed Grafana service. For more information, see Link a Grafana workspace section.

By default, Prometheus uses the minimum ingesting profile, which optimizes ingestion volume and sets default configurations for scrape frequency, targets, and metrics collected. The default settings can be customized through custom configuration. Azure offers various methods, including using different ConfigMaps, to provide scrape configuration and other metric add-on settings. For more information about default configuration, see Default Prometheus metrics configuration in Azure Monitor and Customize scraping of Prometheus metrics in Azure Monitor managed service for Prometheus documentation.

8.1.1. Viewing logs with Azure Kubernetes Services (AKS)

You can access live data logs generated by Kubernetes objects and collect log data in Container Insights within AKS.

Prerequisites

  • You have deployed Developer Hub on AKS.

For more information, see Installing Red Hat Developer Hub on Azure Kubernetes Service (AKS).

assembly-install-rhdh-aks.adoc

Procedure

View live logs from your Developer Hub instance
  1. Navigate to the Azure Portal.
  2. Search for the resource group <your-ResourceGroup> and locate your AKS cluster <your-Cluster>.
  3. Select Kubernetes resources Workloads from the menu.
  4. Select the <your-rhdh-cr>-developer-hub (in case of Helm Chart installation) or <your-rhdh-cr>-backstage (in case of Operator-backed installation) deployment.
  5. Click Live Logs in the left menu.
  6. Select the pod.

    Note

    There must be only single pod.

Live log data is collected and displayed.

View real-time log data from the Container Engine
  1. Navigate to the Azure Portal.
  2. Search for the resource group <your-ResourceGroup> and locate your AKS cluster <your-Cluster>.
  3. Select Monitoring Insights from the menu.
  4. Go to the Containers tab.
  5. Find the backend-backstage container and click it to view real-time log data as it’s generated by the Container Engine.

8.2. Using Microsoft Azure as an authentication provider in Red Hat Developer Hub

The core-plugin-api package in Developer Hub comes integrated with Microsoft Azure authentication provider, authenticating signing in using Azure OAuth.

Prerequisites

  • You have deployed Developer Hub on AKS.

For more information, see Installing Red Hat Developer Hub on Azure Kubernetes Service (AKS).

8.2.1. Using Microsoft Azure as an authentication provider in Helm deployment

You can use Microsoft Azure as an authentication provider in Red Hat Developer Hub, when installed using the Helm Chart.

For more information, see Deploying Developer Hub on AKS with the Helm chart.

Procedure

  1. After the application is registered, note down the following:

    • clientId: Application (client) ID, found under App Registration Overview.
    • clientSecret: Secret, found under *App Registration Certificates & secrets (create new if needed).
    • tenantId: Directory (tenant) ID, found under App Registration Overview.
  2. Ensure the following fragment is included in your Developer Hub ConfigMap:

    auth:
      environment: production
      providers:
        microsoft:
          production:
            clientId: ${AZURE_CLIENT_ID}
            clientSecret: ${AZURE_CLIENT_SECRET}
            tenantId: ${AZURE_TENANT_ID}
            domainHint: ${AZURE_TENANT_ID}
            additionalScopes:
              - Mail.Send

    You can either create a new file or add it to an existing one.

  3. Apply the ConfigMap to your Kubernetes cluster:

    kubectl -n <your_namespace> apply -f <app-config>.yaml
  4. Create or reuse an existing Secret containing Azure credentials and add the following fragment:

    stringData:
      AZURE_CLIENT_ID: <value-of-clientId>
      AZURE_CLIENT_SECRET: <value-of-clientSecret>
      AZURE_TENANT_ID: <value-of-tenantId>
  5. Apply the secret to your Kubernetes cluster:

    kubectl -n <your_namespace> apply -f <azure-secrets>.yaml
  6. Ensure your values.yaml file references the previously created ConfigMap and Secret:

    upstream:
      backstage:
      ...
        extraAppConfig:
          - filename: ...
            configMapRef: <app-config-containing-azure>
        extraEnvVarsSecrets:
          - <secret-containing-azure>
  7. Optional: If the Helm Chart is already installed, upgrade it:

    helm -n <your_namespace> upgrade -f <your-values.yaml> <your_deploy_name> redhat-developer/backstage --version 1.2.6
  8. Optional: If your rhdh.yaml file is not changed, for example, you only updated the ConfigMap and Secret referenced from it, refresh your Developer Hub deployment by removing the corresponding pods:

    kubectl -n <your_namespace> delete pods -l backstage.io/app=backstage-<your-rhdh-cr>

8.2.2. Using Microsoft Azure as an authentication provider in Operator-backed deployment

You can use Microsoft Azure as an authentication provider in Red Hat Developer Hub, when installed using the Operator.

For more information, see Installing Red Hat Developer Hub on OpenShift Container Platform with the Operator.

Procedure

  1. After the application is registered, note down the following:

    • clientId: Application (client) ID, found under App Registration Overview.
    • clientSecret: Secret, found under *App Registration Certificates & secrets (create new if needed).
    • tenantId: Directory (tenant) ID, found under App Registration Overview.
  2. Ensure the following fragment is included in your Developer Hub ConfigMap:

    auth:
      environment: production
      providers:
        microsoft:
          production:
            clientId: ${AZURE_CLIENT_ID}
            clientSecret: ${AZURE_CLIENT_SECRET}
            tenantId: ${AZURE_TENANT_ID}
            domainHint: ${AZURE_TENANT_ID}
            additionalScopes:
              - Mail.Send

    You can either create a new file or add it to an existing one.

  3. Apply the ConfigMap to your Kubernetes cluster:

    kubectl -n <your_namespace> apply -f <app-config>.yaml
  4. Create or reuse an existing Secret containing Azure credentials and add the following fragment:

    stringData:
      AZURE_CLIENT_ID: <value-of-clientId>
      AZURE_CLIENT_SECRET: <value-of-clientSecret>
      AZURE_TENANT_ID: <value-of-tenantId>
  5. Apply the secret to your Kubernetes cluster:

    kubectl -n <your_namespace> apply -f <azure-secrets>.yaml
  6. Ensure your Custom Resource manifest contains references to the previously created ConfigMap and Secret:

    apiVersion: rhdh.redhat.com/v1alpha1
    kind: Backstage
    metadata:
      name: <your-rhdh-cr>
    spec:
      application:
        imagePullSecrets:
        - rhdh-pull-secret
        route:
          enabled: false
        appConfig:
          configMaps:
            - name: <app-config-containing-azure>
        extraEnvs:
          secrets:
            - name: <secret-containing-azure>
  7. Apply your Custom Resource manifest:

    kubectl -n <your_namespace> apply -f rhdh.yaml
  8. Optional: If your rhdh.yaml file is not changed, for example, you only updated the ConfigMap and Secret referenced from it, refresh your Developer Hub deployment by removing the corresponding pods:

    kubectl -n <your_namespace> delete pods -l backstage.io/app=backstage-<your-rhdh-cr>
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.