Deploy the tyk-dev-portal helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

Deploying the Tyk Developer Portal using a Helm chart on an Azure Managed OpenShift Service involves several steps. First, you'll need to create an OpenShift Managed Cluster in Azure. Once you have your OpenShift cluster running, you'll then use Helm to deploy the Tyk Developer Portal to that cluster.

Below is a Pulumi TypeScript program that sets up an OpenShift Managed Cluster and deploys the Tyk Developer Portal Helm chart to it. Let's walk through the code step by step:

### Step 1: Import necessary modules

We'll start by importing the `pulumi`, `azure-native`, and `kubernetes` modules. These modules contain the classes and functions we'll need to create the cluster and deploy the chart.

### Step 2: Create an OpenShift Managed Cluster

We'll use the `azure-native.containerservice.OpenShiftManagedCluster` class to create a new managed OpenShift cluster. The parameters will include the location, resource group name, and other cluster-specific settings like the OpenShift version and the authentication profile.

### Step 3: Deploy the Helm Chart to the Cluster

With the Kubernetes module, specifically the `kubernetes.helm.v3.Chart` class, we can deploy the Tyk Developer Portal Helm chart. We'll pass in parameters like the chart name, repository (if it's not a stable chart and needs a specific repo URL), and any custom values you wish to set.

### Full Pulumi Program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as aks from "azure-native/containerservice";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an Azure Managed OpenShift Cluster
const clusterName = "openshift-cluster"; // Define the name of the cluster
const location = "eastus"; // Define the location for the cluster
const resourceGroupName = "myResourceGroup"; // Define the resource group name where the cluster will be created

// Define the OpenShift Managed Cluster
const cluster = new aks.OpenShiftManagedCluster(clusterName, {
    // Define location and resource group for the cluster
    location: location,
    resourceGroupName: resourceGroupName,
    // Define OpenShift version and authentication profile as required
    openShiftVersion: "3.11",
    authProfile: {
        identityProviders: [{
            name: "Azure AD",
            provider: {
                kind: "AzureADIdentityProvider",
                clientId: "your-aad-client-id", // Replace with your actual client ID
                secret: "your-aad-secret", // Replace with your actual secret
                tenantId: "your-aad-tenant-id", // Replace with your actual tenant ID
            }
        }]
    },
    // Define networking, master pool profile, and agent pool profiles as required
});

// Step 2: Deploy the Tyk Developer Portal Helm Chart on the Openshift cluster
const chartName = "tyk-dev-portal";
const chartVersion = "x.y.z"; // Replace with the actual chart version
const helmChart = new k8s.helm.v3.Chart(chartName, {
    chart: chartName,
    version: chartVersion,
    fetchOpts: {
        repo: "https://helm.repo.address", // Replace with the actual Helm chart repo address, if needed
    }
    // Include additional Helm chart values or configuration options as required
    // values: { ... }
}, { provider: cluster });

// Export the cluster's kubeconfig
export const kubeConfig = cluster.kubeConfigRaw;
```

### Explanation of the Program

- The `aks.OpenShiftManagedCluster` class is used to create an Azure Managed OpenShift Service. The cluster creation parameters, including the OpenShift version and the Azure AD credentials, are specified within this class.
- The `k8s.helm.v3.Chart` class is used to deploy Helm charts to a Kubernetes cluster. We reference the Tyk Developer Portal Helm chart by its name and optionally specify a version and repository.
- The `cluster` object is used as a provider for the Helm chart deployment to ensure that the Helm chart is deployed to the newly created OpenShift cluster.
- The `kubeConfig` is exported to facilitate interaction with the cluster using `kubectl` once it's set up.

### What's Next?

Once the Pulumi program runs, it will:
- Set up an Azure Managed OpenShift Service.
- Deploy the Tyk Developer Portal Helm chart to the created OpenShift Service.

To run this Pulumi program, replace placeholders like `your-aad-client-id`, `your-aad-secret`, `your-aad-tenant-id`, `x.y.z`, and `https://helm.repo.address` with actual values relevant to your use case, and then use the following commands:

1. Install the Pulumi CLI and log in.
2. Create a new directory for your project and initialize a new Pulumi project using `pulumi new azure-typescript`.
3. Replace the content of `index.ts` with the program above.
4. Run `pulumi up` to preview and deploy the changes.

Remember, you'll need to have Azure credentials configured on the machine running Pulumi. The Pulumi CLI will use these credentials to authenticate with Azure and create the resources.