index.ts

Overview

The [index.ts](/projects/291/68798) file serves as the main entry point for deploying a comprehensive Kubernetes monitoring stack tailored for the ShapeShift Unchained platform. Utilizing Pulumi's infrastructure-as-code framework, it provisions a fully integrated observability solution combining Prometheus, Grafana, Alertmanager, and supporting components via the popular `kube-prometheus-stack` Helm chart.

This deployment includes customized storage configurations, dashboard provisioning, alerting rules, and external access setup through Grafana Ingress. The file orchestrates the infrastructure resources necessary to gather, visualize, and alert on metrics from blockchain coinstacks and their Kubernetes environments.

Detailed Explanation

Exported Async Function (Default Export)

export = async (): Promise<Outputs> => { ... }

• Purpose: The exported asynchronous function is the Pulumi program's entrypoint. It executes the deployment logic and returns a collection of outputs for downstream consumption or inspection.

• Returns: A Promise resolving to an Outputs object (Record<string, any>), currently empty but available to add outputs if needed.

• Usage: Pulumi automatically invokes this function when running pulumi up or other lifecycle commands.

Internal Workflow and Logic

1. Configuration Loading

   const { kubeconfig, domain, additionalDomain } = await getConfig()
   

   • Imports runtime configuration values:

     • kubeconfig: Kubernetes cluster access credentials.

     • domain: Primary domain for services.

     • additionalDomain: Optional secondary domain for multi-domain support.

2. Namespace and Provider Setup

   const name = 'unchained'
   const namespace = `${name}-monitoring`
   const provider = new k8s.Provider('kube-provider', { kubeconfig })
   

   • Defines consistent naming for resources.

   • Creates a Pulumi Kubernetes provider instance to interact with the target cluster.

3. Helm Chart Deployment: kube-prometheus-stack

   new k8s.helm.v3.Release(
     name,
     {
       name,
       chart: 'kube-prometheus-stack',
       version: '52.1.0',
       repositoryOpts: { repo: 'https://prometheus-community.github.io/helm-charts' },
       namespace,
       values: { ... } // extensive custom values object
     },
     { provider }
   )
   

   • Deploys the complete Prometheus monitoring stack via Helm.

   • Specifies the chart version and repository.

   • Targets the dedicated namespace ${name}-monitoring.

   • Customizes various components via values:

     • Prometheus: retention, storage with AWS EBS gp3 tuning.

     • Grafana: admin password, persistence, dashboards, GitHub OAuth for authentication.

     • Alertmanager: storage, custom configuration loaded from files, templating for Discord notifications.

     • Additional Prometheus Rules: loaded from JSON file.

     • Kube-State-Metrics: label allowlists for metrics filtering.

   • Uses readFileSync to load local dashboard JSON and alerting config files, injecting environment variables into alertmanager config dynamically.

4. Grafana Ingress Deployment

   new grafana.Ingress(
     name,
     {
       namespace,
       domain,
       additionalDomain,
     },
     { provider }
   )
   

   • Instantiates a Grafana Ingress resource defined in the grafana module.

   • This manages external access routing to Grafana, including TLS and domain configuration.

5. Outputs

   • Returns an empty outputs object for now. Can be extended to export resource information or endpoints.

Important Implementation Details

• Pulumi Kubernetes Provider: The provider encapsulates authentication and connection state for the Kubernetes cluster, ensuring all resources are deployed in a consistent context.

• Helm Chart Customization: Leveraging Helm's flexibility, the deployment finely tunes components for the platform's scale and AWS infrastructure specifics (e.g., gp3 EBS volume class with throughput and IOPS annotations).

• Dynamic Configuration Injection: Alertmanager's config YAML contains placeholders replaced at runtime by environment variables for Discord webhook URLs, ensuring secrets are managed outside code.

• Grafana Dashboards: Dashboards are preloaded into Grafana via JSON files, providing immediate observability without manual setup.

• GitHub OAuth Authentication: Grafana access is secured using GitHub OAuth, configured through environment variables for client ID, secret, and allowed organizations.

• Namespace Isolation: The entire monitoring stack is deployed in a dedicated namespace (unchained-monitoring) to isolate resources and scopes.

• Version Pinning: Helm chart version 52.1.0 is pinned to ensure predictable deployment behavior.

Interaction with Other System Components

• Kubernetes Cluster: Deploys resources directly into the cluster using the provided kubeconfig.

• Prometheus & Grafana Ecosystem: Sets up the core monitoring components that scrape metrics from blockchain coinstacks and Kubernetes system endpoints.

• Alertmanager: Configured to send alerts to Discord channels using webhooks.

• Grafana Ingress: Exposes Grafana dashboards externally via Traefik ingress with TLS termination and domain routing.

• Local Configuration Files: Reads alerting rules, dashboard JSON, and template files from the local file system at deployment time.

• Environment Variables: Integrates secrets and runtime configuration via environment variables, facilitating secure and flexible deployments.

Usage Example

This file is not directly invoked by users but run by Pulumi during deployment:

pulumi up

Pulumi executes the exported async function, which applies the Helm release and ingress resources defined herein, deploying the full monitoring stack into the Kubernetes cluster.

Mermaid Diagram: File Structure and Workflow

flowchart TD
  Start[Pulumi Entry Point]
  Start --> Config[getConfig()]
  Config --> K8sProvider[Kubernetes Provider]
  K8sProvider --> HelmRelease[k8s.helm.v3.Release (kube-prometheus-stack)]
  HelmRelease --> Prometheus[Prometheus Component]
  HelmRelease --> Grafana[Grafana Component]
  HelmRelease --> Alertmanager[Alertmanager Component]
  HelmRelease --> KubeStateMetrics[Kube-State-Metrics]
  HelmRelease --> Dashboards[Load Dashboards & Rules]
  HelmRelease --> Storage[Persistent Volume Claims]
  K8sProvider --> GrafanaIngress[grafana.Ingress]
  GrafanaIngress --> GrafanaDashboard[Expose Grafana UI]
  HelmRelease --> Outputs[Return Outputs Object]

Summary

The [index.ts](/projects/291/68798) file is the orchestrator for deploying a highly customized Prometheus and Grafana monitoring stack into a Kubernetes cluster using Pulumi. It integrates:

• Helm-based deployment of kube-prometheus-stack managing Prometheus, Grafana, Alertmanager, and exporters.

• Persistent storage with AWS EBS tuning for metrics durability.

• Preloaded Grafana dashboards and GitHub OAuth authentication.

• Alertmanager configuration with Discord webhook integration.

• External access setup for Grafana via ingress routing.

This deployment script is a cornerstone for enabling observability, alerting, and operational insights into the ShapeShift Unchained blockchain infrastructure.

Additional Notes

• The file currently does not export any outputs but can be extended to provide URLs, credentials, or status information.

• Sensitive values like passwords and tokens are injected via environment variables for security.

• The file depends on local files (./dashboards/overview.json, ./alertmanager/config.yaml, etc.) existing relative to the execution directory.

End of Documentation for index.ts