Deploy the oci-registry helm chart on Azure Kubernetes Service (AKS)
TypeScriptTo deploy the
oci-registry
Helm chart on Azure Kubernetes Service (AKS), we need to follow a multi-step process. We'll create an AKS cluster, install and configure Helm, and then deploy the chart using Pulumi'skubernetes
provider.Here's a high-level overview of the process:
-
Create an AKS Cluster: This is where your applications will run. We will define an AKS cluster resource using Pulumi's
azure-native
provider. -
Install Helm on your local system: Helm is a package manager for Kubernetes, which we'll use to deploy the
oci-registry
chart. This step is typically done outside of Pulumi and assumes you have Helm installed on your local machine. -
Configure the Kubernetes Provider: Pulumi needs to communicate with your AKS cluster. We will set up the Kubernetes provider with the credentials from the created AKS cluster.
-
Deploy the Helm Chart: Finally, we'll write the code that instructs Pulumi to deploy the
oci-registry
helm chart on the AKS cluster.
Let's get started with the Pulumi TypeScript program to accomplish these tasks. Remember to have Pulumi CLI installed on your local machine and to have the Azure CLI installed and logged in to your Azure account.
import * as pulumi from "@pulumi/pulumi"; import * as azure from "@pulumi/azure"; import * as azuread from "@pulumi/azuread"; import * as k8s from "@pulumi/kubernetes"; import * as azureNative from "@pulumi/azure-native"; // Step 1: Create an AKS Cluster const resourceGroup = new azure.core.ResourceGroup("myResourceGroup", { location: "EastUS", // You can choose the location appropriate for you }); const adApp = new azuread.Application("myAdApp", {}); const adSp = new azuread.ServicePrincipal("myAdSp", { applicationId: adApp.applicationId, }); const adSpPassword = new azuread.ServicePrincipalPassword("myAdSpPassword", { servicePrincipalId: adSp.id, value: "password", // Please choose a more secure password and consider using Pulumi's secrets endDate: "2099-01-01T00:00:00Z", }); const k8sCluster = new azure.containerservice.KubernetesCluster("myK8sCluster", { resourceGroupName: resourceGroup.name, location: resourceGroup.location, defaultNodePool: { name: "aksagentpool", nodeCount: 2, vmSize: "Standard_D2_v2", // You can choose the VM size that's right for your use case }, dnsPrefix: `${pulumi.getStack()}-kube`, linuxProfile: { adminUsername: "adminuser", sshKey: { keyData: "ssh-rsa AAAAB3Nz...", // Replace with your actual SSH public key }, }, servicePrincipal: { clientId: adApp.applicationId, clientSecret: adSpPassword.value, }, kubernetesVersion: "1.18.14", }); // Export the kubeconfig export const kubeConfig = k8sCluster.kubeConfigRaw; // Step 2: Helm installation is done outside of Pulumi, please ensure Helm is installed on your system // Step 3: Configure the Kubernetes provider const k8sProvider = new k8s.Provider("k8sProvider", { kubeconfig: k8sCluster.kubeConfigRaw, }); // Step 4: Deploy the OCI Registry Helm Chart const ociRegistryChart = new k8s.helm.v3.Chart("ociRegistry", { chart: "oci-registry", version: "x.y.z", // Specify the chart version you want to deploy fetchOpts: { repo: "https://charts.example.com/", // Replace with the actual Helm chart repository }, }, { provider: k8sProvider }); // Export the Helm chart resources export const ociRegistryResources = ociRegistryChart.resources;
This program will do the following:
- Define a new resource group in Azure where all resources will reside.
- Create a new Azure AD application and service principal to manage resources.
- Establish a service principal password (consider using Pulumi secrets management for production use).
- Create an AKS cluster with a default node pool.
- Configure the Pulumi Kubernetes provider to use the generated kubeconfig from the AKS cluster.
- Deploy the
oci-registry
Helm chart to the AKS cluster.
Please make sure to replace placeholder values like
ssh-rsa AAAAB3Nz...
with your actual SSH public key and provide thechart
,version
, andrepo
URL for theoci-registry
Helm chart.To run this Pulumi program, save the code into a file named
index.ts
, then execute the following commands in your terminal:pulumi stack init dev pulumi up
This will provision the resources in Azure and deploy the Helm chart to your AKS cluster.
-