Deploy the xos-tester helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

Deploying a Helm chart to an Azure Kubernetes Service (AKS) cluster using Pulumi involves several steps. First, you need to create the AKS cluster. Once the cluster is provisioned and running, you can deploy the Helm chart to it.

Below is a detailed program written in TypeScript that sets up an AKS cluster and deploys the 'xos-tester' Helm chart to it.

### Prerequisite
Before you run the program, ensure that you've installed the Pulumi CLI and configured your Azure credentials.

### Program Overview
1. **Importing necessary modules**: You'll need the `azure-native` and `kubernetes` Pulumi providers. The `azure-native` provider is used to provision an AKS cluster, and the `kubernetes` provider is utilized to deploy Helm charts on Kubernetes.
   
2. **Creating the Resource Group**: AKS clusters are Azure resources that need to be placed inside a Resource Group.

3. **Creating an AKS Cluster**: You'll need to specify the desired properties for your AKS cluster, such as the node count, node size, and location.

4. **Setting up Kubeconfig**: Once the cluster is created, you need to obtain the kubeconfig file which is required to communicate with your Kubernetes cluster.

5. **Deploying the Helm Chart**: Finally, with the kubeconfig, you can use the Pulumi Kubernetes provider to deploy your Helm chart onto your AKS cluster.

The following code provides a complete Pulumi program to perform the aforementioned steps:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as azure_native from '@pulumi/azure-native';
import * as k8s from '@pulumi/kubernetes';

// Step 1: Create a resource group for AKS.
const resourceGroup = new azure_native.resources.ResourceGroup('myResourceGroup');

// Step 2: Create the AKS Cluster
const cluster = new azure_native.containerservice.ManagedCluster('myAKSCluster', {
    resourceGroupName: resourceGroup.name,
    // The DNS prefix is a unique name for the cluster.
    dnsPrefix: pulumi.interpolate`${pulumi.getStack()}-kube`,
    agentPoolProfiles: [{
        count: 2, // Specify the number of nodes in the Node Pool
        vmSize: azure_native.compute.VirtualMachineSizeTypes.Standard_DS2_v2, // Specify the size of the VMs
        mode: 'System', // Establishing that this node pool is a system one
        name: 'agentpool', // Name of the node pool
    }],
    // Define the Linux profile for the AKS cluster (used for SSH access)
    linuxProfile: {
        adminUsername: 'testuser',
        ssh: {
            publicKeys: [{
                keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3b...', // Your SSH public key string
            }],
        },
    },
    // This could specify which Kubernetes version AKS should use, e.g., '1.19.7'.
    // If not provided, the latest supported Kubernetes version will be used.
    kubernetesVersion: '1.19.7',
    // The name of the service principal used by AKS.
    // If not specified, a new service principal will be created.
    servicePrincipalProfile: {
        clientId: 'myServicePrincipalClientId',
        secret: 'myServicePrincipalClientSecret',
    },
    resourceGroupName: resourceGroup.name,
});

// Step 3: Export the AKS kubeconfig.
const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) =>
    azure_native.containerservice.listManagedClusterUserCredentials({
        resourceGroupName: rgName,
        resourceName: clusterName,
    }),
);

const kubeconfig = creds.kubeconfigs[0].value.apply(v => Buffer.from(v, 'base64').toString());

// Step 4: Use the kubeconfig to create a Provider resource then deploy a Helm chart
const k8sProvider = new k8s.Provider('k8sProvider', {
    kubeconfig: kubeconfig,
});

// Step 5: Deploy the 'xos-tester' Helm chart
const chart = new k8s.helm.v3.Chart('xos-tester', {
    chart: 'xos-tester',
    version: '1.2.3', // Replace with the desired chart version
    fetchOpts: {
        repo: 'http://chart-repository/', // Replace with the chart repository URL
    },
}, { provider: k8sProvider });

// Finally, we export the cluster's kubeconfig and the Service IP of the Helm chart if it applies.
export const kubeConfigOutput = kubeconfig;
export const frontEndServiceIp = chart.getResourceProperty('v1/Service', 'xos-tester', 'status').apply(s => s.loadBalancer.ingress[0].ip);
```

### Explanation
- **Importing Modules**: The top of the code imports modules that provide the functionality required to create and manage Azure resources and Kubernetes resources respectively.

- **Creating the Resource Group**: An instance of the `ResourceGroup` resource is created to logically group all our Azure resources.

- **Creating the AKS Cluster**: An instance of `ManagedCluster` is created within the resource group. We specified some necessary properties like the node size, the node count, and the SSH public key.

- **Exporting the AKS kubeconfig**: To interact with your AKS cluster, you need a kubeconfig file. This section of the code retrieves credentials that include the kubeconfig.

- **Provider Initialization**: A `Provider` instance is initialized with the kubeconfig, which informs Pulumi on how to communicate with your cluster.

- **Deploying the Helm Chart**: An instance of `Chart` from the `kubernetes.helm.v3` module represents the Helm chart you wish to deploy to your AKS cluster.

You'll need to replace placeholder values for SSH keys, service principal credentials, chart version, and repository URL with your own valid values.

### Running the Program
To run this program, save it in a file, for example `index.ts`, then execute it using the Pulumi CLI:

```shell
$ pulumi up
```

This command will provision the necessary resources on Azure and deploy the Helm chart. Make sure you review the plan before confirming the deployment.

After the deployment completes successfully, Pulumi outputs will include the kubeconfig and, if applicable, the IP address of the front-end service deployed by the xos-tester Helm chart.