Deploy the old-joomla helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

To deploy the old-joomla Helm chart on Azure Managed OpenShift Service using Pulumi, you will need to complete several steps:

1. Set up an Azure Managed OpenShift Service cluster.
2. Deploy the old-joomla Helm chart into the OpenShift cluster.

Below you'll find a Pulumi program written in TypeScript that demonstrates how to achieve this task. This program assumes you have already configured Pulumi for Azure and have relevant permissions to create resources in your Azure subscription.

First, we will set up the Azure Managed OpenShift Cluster using `azure-native.containerservice.OpenShiftManagedCluster` resource. After the cluster is set up, we will deploy the `old-joomla` Helm chart using the `kubernetes.helm.v3.Chart` resource.

Here's a step by step guide in the form of a Pulumi program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as kubernetes from "@pulumi/kubernetes";
import * as azuread from "@pulumi/azuread";

// Step 1: Set up Azure AD Application for OpenShift
const adApp = new azuread.Application("openshift-ad-app");

const adSp = new azuread.ServicePrincipal("openshift-ad-sp", {
    applicationId: adApp.applicationId,
});

const adSpPassword = new azuread.ServicePrincipalPassword("openshift-ad-sp-password", {
    servicePrincipalId: adSp.id,
    value: "supersecretpassword",
    endDate: "2099-01-01T00:00:00Z",
});

// Step 2: Deploy the Azure Managed OpenShift cluster
const resourceGroup = new azure_native.resources.ResourceGroup("myResourceGroup");

const openShiftCluster = new azure_native.containerservice.OpenShiftManagedCluster("myOpenShiftCluster", {
    // Ensure that you replace these with the appropriate values for your context
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,
    openShiftVersion: "4.3", // Specify your desired OpenShift version
    masterPoolProfile: {
        name: "master", // This name must be 'master'
        count: 3,
        vmSize: "Standard_D4s_v3", // Modify as needed
    },
    agentPoolProfiles: [{
        name: "infra", // Name is arbitrary; 'infra' is common for infrastructure nodes
        role: "compute",
        count: 3,
        vmSize: "Standard_D4s_v3", // Modify as needed
        subnetCidr: "10.0.0.0/24",
    }],
    networkProfile: {
        vnetCidr: "10.0.0.0/8",
    },
    authProfile: {
        identityProviders: [{
            name: "Azure AD",
            provider: {
                clientId: adSp.applicationId,
                clientSecret: adSpPassword.value,
                kind: "AADIdentityProvider",
            },
        }],
    },
});

// Step 3: Configure kubectl to connect to the new OpenShift cluster
const k8sProvider = new kubernetes.Provider("openshift-k8s", {
    kubeconfig: openShiftCluster.config.apply(JSON.stringify), // Convert kubeconfig to a JSON string
});

// Step 4: Deploy the old-joomla Helm chart
const oldJoomlaChart = new kubernetes.helm.v3.Chart("old-joomla", {
    chart: "joomla",
    version: "7.1.11",             // Specify the chart version
    fetchOpts: {
        repo: "https://your-repo-url/", // Replace with the repository URL that contains your chart
    },
    
    // Set necessary values for the old-joomla installation, modify according to your needs
    values: { 
        // Example: enabling ingress
        ingress: {
            enabled: true,
            annotations: {
                "kubernetes.io/ingress.class": "nginx",
            },
            hosts: [
                {
                    host: "old-joomla.example.com",
                    paths: ["/"],
                },
            ],
        },
    },
}, { provider: k8sProvider });

// Export the OpenShift cluster's kubeconfig and Joomla Service URL
export const kubeconfig = openShiftCluster.config.apply(JSON.stringify);
export const joomlaServiceUrl = oldJoomlaChart.getResourceProperty("v1/Service", "old-joomla", "status").apply(status => {
    return status.loadBalancer.ingress[0].ip; // This will grab the IP address of the Service
});
```

In this program:

- We create an Azure AD application and a service principal which will be used by OpenShift for Azure integration.
- We set up a managed OpenShift cluster in a new resource group, including defining a master node pool and an agent pool. Replace `location`, `vmSize`, and `openShiftVersion` with values appropriate for your setup.
- We configure a Kubernetes provider to manage resources in the OpenShift cluster.
- We deploy Joomla using the official Helm chart. You'll need to specify the chart version and the repository URL where the chart is hosted. The values provided to the Joomla chart will vary based on configuration, but may include enabling ingress, setting database passwords, etc.

Please replace placeholders (e.g., `your-repo-url`, `supersecretpassword`) with actual values that you have access to. Remember to keep sensitive data like passwords and service principal details secure.

Finally, we export the kubeconfig for the OpenShift cluster and the load balancer IP for Joomla, allowing you to interact with them outside of Pulumi.

This program sets up infrastructure and deploys an application in a secure, repeatable, and scalable manner. To apply this Pulumi program, run `pulumi up` from your command line in the directory where this file is located after installing Pulumi and the necessary plugins.