Deploy the traefik2 helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the Traefik 2 Helm chart on an Azure Kubernetes Service (AKS) cluster using Pulumi, we'll go through the following steps:

Create an AKS cluster: We'll create a managed Kubernetes cluster in Azure using the azure.containerservice.KubernetesCluster resource.
Install the Helm Chart: Once the AKS cluster is provisioned, we will deploy the Traefik 2 Helm chart using the kubernetes.helm.v3.Chart resource.

Here's how this can be done in TypeScript with Pulumi:

Step 1: Create the AKS Cluster

First, we will define the necessary resources to bring up an AKS cluster using the azure.containerservice.KubernetesCluster resource. We'll set up a minimal AKS cluster for this example, but remember that you might want to customize the cluster size and settings for a production environment.

Step 2: Deploy the Traefik 2 Helm Chart

With our AKS cluster in place, we can now deploy the Traefik 2 Helm chart. We'll use the kubernetes.helm.v3.Chart resource, which will allow us to deploy Helm charts into our Kubernetes cluster directly from Pulumi.

The repo argument specifies the Helm repository URL where the chart is located, and the chart argument specifies the name of the chart within that repository.

Below is the complete program that creates an AKS cluster and deploys the Traefik 2 Helm chart to it. Make sure to replace placeholder values (like <YOUR_AZURE_LOCATION>, <YOUR_CLUSTER_NAME>, etc.) with your own specific values.

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as k8s from "@pulumi/kubernetes";

// Define the AKS cluster.
const cluster = new azure.containerservice.KubernetesCluster("aksCluster", {
    resourceGroupName: "<YOUR_RESOURCE_GROUP_NAME>",
    location: "<YOUR_AZURE_LOCATION>",
    defaultNodePool: {
        name: "aksagentpool",
        nodeCount: 2,
        vmSize: "Standard_DS2_v2",
    },
    dnsPrefix: "<YOUR_DNS_PREFIX>",
    kubernetesVersion: "<DESIRED_KUBERNETES_VERSION>",
    servicePrincipal: {
        clientId: "<YOUR_CLIENT_ID>",
        clientSecret: "<YOUR_CLIENT_SECRET>",
    },
});

// Export the Kubeconfig to access the cluster using kubectl.
export const kubeconfig = cluster.kubeConfigRaw;

// Define a provider to handle Helm chart deployment using the output kubeconfig.
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Deploy the Traefik 2 Helm chart using the k8s provider.
const traefikChart = new k8s.helm.v3.Chart("traefik", {
    chart: "traefik",
    version: "<TRAFFIK_HELM_CHART_VERSION>", // Specify the chart version you want.
    namespace: "default", // The namespace where to deploy.
    fetchOpts:{ 
        repo: "https://helm.traefik.io/traefik", // Traefik's Helm repository.
    },
}, { provider: k8sProvider });

// Optionally, you could also pass additional configuration to the chart 
// via the 'values' property on the 'Chart' resource.

// Export the public IP address allocated for the Traefik load balancer.
export const traefikPublicIp = traefikChart.getResourceProperty("v1/Service", "traefik", "status")
    .apply(status => status.loadBalancer.ingress[0].ip);

Make sure to replace <YOUR_RESOURCE_GROUP_NAME>, <YOUR_AZURE_LOCATION>, <YOUR_DNS_PREFIX>, "<DESIRED_KUBERNETES_VERSION>", "<YOUR_CLIENT_ID>", "<YOUR_CLIENT_SECRET>", and "<TRAFFIK_HELM_CHART_VERSION>" with the actual values you wish to use for your setup.

This program will create an AKS cluster and use the Kubeconfig of that cluster to set up a Pulumi Kubernetes provider. That provider is then used to deploy the Traefik Helm chart to the AKS cluster. The Traefik deployment should include a Service of type LoadBalancer, which will provision a public IP in Azure that you can use to access the Traefik ingress.

To run this Pulumi program:

Install Pulumi CLI and set up Azure CLI with the credentials with the necessary permissions.
Ensure you've successfully logged in to both CLIs.
Create a new directory for your Pulumi program if you haven't already.
In the directory, run pulumi new typescript to create a new TypeScript-based Pulumi project.
Replace the contents of index.ts with the code above, substituting the placeholder values with the actual ones for your Azure environment.
Run npm install to install the necessary dependencies.
Use pulumi up to preview and deploy the changes.

After the deployment is successful, you can use the exported traefikPublicIp to reach your Traefik load balancer, and thus your services, externally.