Deploy the jx-app-datadog helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the `jx-app-datadog` Helm chart on Azure Kubernetes Service (AKS), you need to follow these steps:

1. Set up an AKS cluster: Before deploying any applications with Helm, you need a Kubernetes cluster. The AKS cluster will be your environment for running the Datadog agents.
2. Install and configure Helm: Helm is a package manager for Kubernetes that simplifies the deployment of applications.
3. Add the Helm repository for Datadog: This is where the `jx-app-datadog` chart is hosted.
4. Deploy the `jx-app-datadog` chart to your AKS cluster using Helm: This will install the Datadog agents into your cluster.

Below is a Pulumi program in TypeScript that accomplishes these tasks. The program uses Azure's native Pulumi provider to create an AKS cluster and then deploys the `jx-app-datadog` Helm chart to that cluster.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";
import * as azure from "@pulumi/azure";
import * as azuread from "@pulumi/azuread";
import * as azure_native from "@pulumi/azure-native";

// Create an Azure Resource Group
const resourceGroup = new azure.core.ResourceGroup("myResourceGroup", {
    location: "East US",
});

// Create an Azure AD service principal for the AKS cluster
const adApp = new azuread.Application("aks");
const adSp = new azuread.ServicePrincipal("aksSp", { applicationId: adApp.applicationId });
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
    servicePrincipalId: adSp.id,
    value: "strong-password-here",
    endDate: "2099-01-01T00:00:00Z",
});

// Create an AKS cluster
const k8sCluster = new azure.containerservice.KubernetesCluster("myK8sCluster", {
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,
    defaultNodePool: {
        name: "aksagentpool",
        nodeCount: 1,
        vmSize: "Standard_DS2_v2",
    },
    dnsPrefix: `${pulumi.getStack()}-kube`,
    linuxProfile: {
        adminUsername: "adminuser",
        sshKey: {
            keyData: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDf...",
        },
    },
    servicePrincipal: {
        clientId: adApp.applicationId,
        clientSecret: adSpPassword.value,
    },
});

// Export the kubeconfig
export const kubeconfig = k8sCluster.kubeConfigRaw;

// Provision a k8s provider using the generated kubeconfig from AKS cluster
const k8sProvider = new kubernetes.Provider("k8sProvider", {
    kubeconfig: k8sCluster.kubeConfigRaw,
});

// Add Datadog Helm repository
const datadogRepo = new kubernetes.helm.v3.Repository("datadogRepo", {
    name: "datadog",
    url: "https://helm.datadoghq.com",
}, { provider: k8sProvider });

// Deploy the jx-app-datadog helm chart into the AKS cluster
const datadogChart = new kubernetes.helm.v3.Chart("datadogChart", {
    chart: "datadog",
    version: "2.4.21", // Specify the version of the chart to install
    fetchOpts: {
        repo: "https://helm.datadoghq.com"
    },
    values: {
        datadog: {
            apiKey: "your-datadog-api-key-here",
            appKey: "your-datadog-app-key-here",
        },
    },
}, { provider: k8sProvider });

// Export the cluster name and kubeconfig
export const clusterName = k8sCluster.name;

```

This program starts by importing the required Pulumi packages for Azure and Kubernetes.

It creates an Azure Resource Group which is a logical container into which Azure resources like web apps, databases, and storage accounts are deployed and managed.

Next, it sets up an Azure AD application and service principal which are required for AKS to interact with other Azure services securely.

Then, it provisions an AKS cluster with a specified default node pool configuration. The `dnsPrefix` is set for the AKS cluster, which provides a unique FQDN for the cluster on the internet.

The program exports the raw kubeconfig string of the AKS cluster so that we can interact with our cluster using `kubectl`.

A Kubernetes provider is created next, which uses the generated kubeconfig to interact with the AKS cluster.

Then, it adds the Datadog Helm repository where the `jx-app-datadog` chart is located.

Finally, the program deploys the `jx-app-datadog` Helm chart to the AKS cluster using the corresponding Helm chart. It also specifies the version of the chart to be deployed and the necessary Datadog API and APP keys.

Keep in mind that you should replace `"strong-password-here"`, `"your-datadog-api-key-here"`, and `"your-datadog-app-key-here"` with actual strong password and DataDog API keys.

The `kubernetes.helm.v3.Chart` resource is used to deploy the Helm chart. It requires the chart version, repository URL, and the values that customize the deployment, which in this case, include the Datadog API and APP keys.

The keys must be kept private, so make sure you take the appropriate measures to secure these, for example by using secrets management. In production scenarios, do not hard-code these into your Pulumi program.

To run this program, you will need to have Pulumi installed and configured with the appropriate access to your Azure subscription. Once the program runs successfully, your `jx-app-datadog` chart will be deployed to the AKS cluster, and you can start monitoring your cluster using Datadog.