Deploy the ssl-exporter helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the `ssl-exporter` Helm chart on AWS EKS using Pulumi, we need to accomplish a few tasks:

1. **Set up the EKS Cluster:** Create an Elastic Kubernetes Service (EKS) cluster in AWS. This will be the environment where our Kubernetes applications will run.
2. **Configure the Kubernetes Provider:** Use the Kubernetes provider to interact with the EKS cluster that we've set up.
3. **Deploy the Helm Chart:** Use the Helm provider to deploy the `ssl-exporter` Helm chart on the EKS cluster.

Here are the steps encapsulated in a Pulumi TypeScript program:

1. We start by importing the necessary Pulumi packages.
2. We set up an EKS cluster using the `eks.Cluster` resource.
3. We instantiate a Kubernetes provider that targets the created EKS cluster. This requires fetching the kubeconfig from the created EKS cluster resource.
4. Finally, we deploy the `ssl-exporter` Helm chart using the `kubernetes.helm.v3.Chart` resource targeting the Kubernetes provider linked to the EKS cluster.

Below you'll find the program that accomplishes these steps. Please ensure you have Pulumi and AWS CLI installed and configured on your machine before running the program.

```typescript
import * as eks from '@pulumi/eks';
import * as k8s from '@pulumi/kubernetes';
import * as pulumi from '@pulumi/pulumi';

// Create an EKS cluster.
const cluster = new eks.Cluster('my-cluster', {
    // Specify the desired settings for the cluster.
    desiredCapacity: 2, // the desired number of worker nodes
    minSize: 1, // the minimum number of worker nodes
    maxSize: 3, // the maximum number of worker nodes
    storageClasses: 'gp2', // the storage class
    deployDashboard: false, // indicate if the Kubernetes dashboard should be deployed
});

// Export the kubeconfig to access the cluster.
export const kubeconfig = cluster.kubeconfig;

// Create a Kubernetes provider that uses the kubeconfig from the EKS cluster.
const provider = new k8s.Provider('eks-k8s', {
    kubeconfig: cluster.kubeconfig,
});

// Use the kubernetes.helm.v3.Chart resource to deploy the ssl-exporter Helm chart.
const sslExporterChart = new k8s.helm.v3.Chart('ssl-exporter', {
    chart: 'ssl-exporter',
    version: '2.3.0', // specify the version of the chart
    fetchOpts: {
        repo: 'https://prometheus-community.github.io/helm-charts', // the repository where the chart is located
    },
}, { provider });

// Export the public URL to access the ssl-exporter if it creates an external endpoint.
// Note: This assumes the helm chart provisions a LoadBalancer Service.
export const sslExporterUrl = sslExporterChart.getResourceProperty('v1/Service', 'ssl-exporter', 'status').apply(status => {
    const ingress = status.loadBalancer.ingress[0];
    if (ingress) {
        return ingress.hostname || ingress.ip;
    }
});

```

When the Pulumi program runs, it will perform the following actions:

- Provision an EKS cluster with 1 to 3 worker nodes.
- Prepare the kubeconfig for connecting to the EKS cluster using Pulumi.
- Deploy the `ssl-exporter` Helm chart from the `prometheus-community` Helm repository onto the EKS cluster.

Here's a brief explanation of key components:

- `eks.Cluster`: This Pulumi component creates and manages an EKS cluster.
- `new pulumi.Config();`: Pulumi's way to handle configuration data.
- `k8s.Provider`: This tells Pulumi how to communicate with the EKS cluster.
- `k8s.helm.v3.Chart`: This resource represents a Helm chart, which is a packaged set of Kubernetes resources.
- `sslExporterChart.getResourceProperty`: This is used to pull a specific property from a resource deployed by the Helm chart, like the endpoint to access the deployed service.

Please note that provisioning cloud resources with Pulumi often incurs costs associated with the cloud provider. Always review the pricing details of the resources being created to avoid unexpected charges.