Deploy the telemetry-e2e helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the `telemetry-e2e` helm chart on AWS EKS using Pulumi, we will need to follow these steps: 1. **Create an EKS Cluster**: Using the `eks.Cluster` high-level component, we can create a managed Kubernetes cluster on AWS. The EKS Cluster will be the environment where our applications run. 2. **Create an IAM Role for EKS**: AWS EKS requires an IAM Role to operate the EKS Cluster. We will create one with the necessary permissions using the `aws-iam.EKSRole` resource. 3. **Deploy the Helm Chart**: Once we have our Kubernetes cluster, we'll use the `kubernetes.helm.sh/v3.Chart` resource to deploy our `telemetry-e2e` helm chart onto the EKS cluster. Let's go through the detailed Pulumi TypeScript program for each step. ```typescript import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; import * as eks from "@pulumi/eks"; import * as k8s from "@pulumi/kubernetes"; import * as awsx from "@pulumi/awsx"; // Step 1: Create an EKS Cluster const vpc = new awsx.ec2.Vpc("myVpc", { numberOfAvailabilityZones: 2, }); const cluster = new eks.Cluster("myCluster", { vpcId: vpc.id, subnetIds: vpc.privateSubnetIds, instanceType: "t2.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, storageClasses: "gp2", // default deployDashboard: false, // Dashboard is not recommended in production environments }); // Export the cluster kubeconfig. export const kubeconfig = cluster.kubeconfig; // Step 2: Create an IAM Role for EKS const eksRole = new aws.iam.Role("eksRole", { assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: "eks.amazonaws.com", }), }); // Attaching the Amazon EKS worker node role policy to the IAM role const rolePolicyAttachment = new aws.iam.RolePolicyAttachment("eksRolePolicyAttachment", { role: eksRole, policyArn: aws.iam.ManagedPolicies.AmazonEKSWorkerNodePolicy, }); // Step 3: Deploy the Helm Chart // Configure the Kubernetes provider to use the EKS Cluster kubeconfig const k8sProvider = new k8s.Provider("k8sProvider", { kubeconfig: cluster.kubeconfig.apply(JSON.stringify), }); // Deploy the 'telemetry-e2e' helm chart const helmChart = new k8s.helm.v3.Chart("telemetry-e2e", { chart: "telemetry-e2e", version: "", // replace with the desired chart version fetchOpts: { repo: "", // replace with the Helm repository URL }, }, { provider: k8sProvider }); // Export the URL for the deployed application // NOTE: You'll need to have a service of type LoadBalancer or similar to have an external endpoint export const appUrl = pulumi.interpolate`http://${helmChart.getResourceProperty("v1/Service", "", "status")["loadBalancer"]["ingress"][0]["hostname"]}`; // Note: Ensure that the '' in getResourceProperty matches the service within your Helm chart ``` **Explanation**: * The `eks.Cluster` component creates an EKS cluster within a new VPC and subnets provided by `awsx.ec2.Vpc`. The `instanceType`, `desiredCapacity`, `minSize`, and `maxSize` are cluster configuration details which you can modify according to your use case. * `kubeconfig` is exported so that you can use it outside of Pulumi to communicate with your Kubernetes cluster through `kubectl`. * For the IAM Role (`aws.iam.Role`), we create a new role that Amazon EKS can assume with policies attached, which grant permissions necessary to run EKS. * The `kubernetes.helm.sh/v3.Chart` resource is used to deploy helm charts on our EKS cluster. You will need to provide the correct `chart`, `version`, and `fetchOpts.repo` as per your Helm chart's specifications. * Finally, we attempt to export the `appUrl` where your application will be accessible. The application URL depends on the exact service details defined within your Helm chart, which typically provisions a load balancer to accept traffic. Make sure to replace the placeholders with the appropriate values for the Helm chart version and repository URL. You would also need to match the service name with the one defined in your Helm chart for exporting the `appUrl`.