Deploy the openunison-k8s-login-oidc helm chart on Digital Ocean Kubernetes Service
TypeScriptTo deploy the
openunison-k8s-login-oidcHelm chart on the Digital Ocean Kubernetes Service using Pulumi, we will follow these steps:- Create a Kubernetes cluster on Digital Ocean using the
digitalocean.KubernetesClusterresource. This represents the Kubernetes cluster on which our OIDC-enabled applications will run. - Install the Helm chart using the
kubernetes.helm.v3.Chartresource, which allows us to deploy Helm charts on a Kubernetes cluster.
We will proceed with these resources step by step, and here is a program illustrating how you could write this in TypeScript using Pulumi.
Before we get started with the code, make sure you have Pulumi installed and configured to use the Digital Ocean provider. This typically involves setting up your Digital Ocean access token as an environment variable (
DIGITALOCEAN_TOKEN) for Pulumi to use.Here is the Pulumi program that you can use to deploy the
openunison-k8s-login-oidcHelm chart on a Digital Ocean Kubernetes cluster:import * as digitalocean from "@pulumi/digitalocean"; import * as kubernetes from "@pulumi/kubernetes"; import * as pulumi from "@pulumi/pulumi"; // Create a new Digital Ocean Kubernetes cluster. const cluster = new digitalocean.KubernetesCluster("do-k8s-cluster", { region: "nyc3", version: "latest", nodePool: { name: "default", size: "s-2vcpu-2gb", nodeCount: 2, }, }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeConfigs[0].rawConfig; // Create a provider instance using the kubeconfig from the created cluster. const k8sProvider = new kubernetes.Provider("k8s-provider", { kubeconfig: kubeconfig, }); // Use the Helm chart resource to deploy openunison-k8s-login-oidc. const openunisonChart = new kubernetes.helm.v3.Chart("openunison-login", { chart: "openunison-k8s-login-oidc", version: "<Specify Desired Chart Version>", // Replace with the desired chart version fetchOpts: { repo: "https://tremolosecurity.github.io/helm", // Repository where the chart is located }, // Set the values for the chart as needed. values: { // Provide appropriate values for the chart }, }, { provider: k8sProvider }); // Export the endpoint to access the application. export const openunisonEndpoint = openunisonChart.getResourceProperty( "v1/Service", "openunison/openunison-orchestra", "status" ).apply(status => status.loadBalancer.ingress[0].ip);This program performs the following actions:
-
It creates a Kubernetes cluster in the "nyc3" region with the "latest" version of Kubernetes supported by Digital Ocean. The cluster has a pool of 2 nodes of size "s-2vcpu-2gb".
-
The
kubeconfigof the created cluster is exported so that it can be used by the Kubernetes provider instantiated next. -
A
k8sProvideris created using the exportedkubeconfig. This Kubernetes provider will be used for all subsequent Kubernetes resources to ensure they are deployed to the created Digital Ocean cluster. -
The
openunison-k8s-login-oidcHelm chart is deployed to the cluster using thekubernetes.helm.v3.Chartresource. -
Values are set for the chart as needed, you would need to replace the placeholders with the actual configuration values required by the Helm chart.
-
An endpoint from the
openunison-k8s-login-oidcservice is exported. This is the IP you would use to access the deployed application.
The
kubeconfigandopenunisonEndpointare exported so you can use these outside of Pulumi to interact with your cluster and application.Replace the placeholder
<Specify Desired Chart Version>with the version of the Helm chart you wish to deploy, and remember to fill in thevaluessection with the chart's parameters specific to your use case.To use this code, save it to a file named
index.ts, and runpulumi upfrom within that directory in the terminal. Make sure to have Pulumi CLI installed and have runpulumi loginpreviously.This will setup the infrastructure on Digital Ocean and deploy the
openunison-k8s-login-oidcHelm chart as configured.- Create a Kubernetes cluster on Digital Ocean using the