Deploy the neuvector-core helm chart on Opensshift

Question

Pulumi · Accepted Answer

To deploy the NeuVector Core Helm chart on an OpenShift cluster using Pulumi, you would typically use the `kubernetes.helm.v3.Chart` resource. This resource enables you to deploy Helm charts to a Kubernetes cluster, including OpenShift since OpenShift is a Kubernetes distribution.

Below is a step-by-step explanation followed by a TypeScript program that uses Pulumi to deploy the NeuVector Core Helm chart to an OpenShift cluster.

Before you start, ensure that you have:

1. **Pulumi installed**: If you haven’t already installed Pulumi, visit the [Pulumi Installation Guide](https://www.pulumi.com/docs/get-started/install/).

2. **Helm installed**: Since the deployment is using Helm to manage releases, Helm should be installed on your system. You can find the instructions on Helm's website.

3. **OpenShift cluster access configured**: Ensure that you have access to an OpenShift cluster and the `kubectl` command is configured to communicate with the cluster.

4. **Helm chart details**: Know the Helm repository and the chart details for NeuVector.

Here is the Pulumi program to deploy the NeuVector Core Helm chart on OpenShift:

```typescript
import * as k8s from "@pulumi/kubernetes";

// Create an instance of the k8s Provider connected to your OpenShift cluster.
const openshiftProvider = new k8s.Provider("openshift", {
    // Configure the provider with the appropriate kubeconfig. If the kubeconfig file
    // is not specified, Pulumi uses the default kubeconfig path.
    // kubeconfig: "<path-to-your-kubeconfig>",
});

// Deploy the NeuVector Core Helm chart into the OpenShift cluster.
const neuvectorChart = new k8s.helm.v3.Chart("neuvector-core", {
    // Specify the chart details such as repository, chart name, version, and values.
    // Replace the sample values with the actual ones for the NeuVector Core Helm chart.
    chart: "neuvector-core",
    version: "1.0.0", // Replace with the actual chart version
    fetchOpts: {
        repo: "https://neuvector.github.io/neuvector-helm/", // Replace with the actual Helm repository URL
    },
    // You can customize the NeuVector deployment by specifying values here.
    // For a list of available options, refer to the chart's values.yaml file.
    values: {
        // ... specify any custom values here ...
    },
}, { provider: openshiftProvider });

// Export the chart name.
export const chartName = neuvectorChart.metadata.apply(meta => meta.name);
```

In the above TypeScript program:

- We import the necessary Pulumi Kubernetes package to manage resources in our Kubernetes cluster.

- An instance of an OpenShift provider is created which allows Pulumi to communicate with the OpenShift cluster using the cluster's kubeconfig file.

- We deploy the NeuVector Core Helm Chart using the `k8s.helm.v3.Chart` class. The chart requires the repository URL, the chart name, and the chart version. These details should be provided based on the NeuVector documentation.

- Optionally, you can customize the deployment by providing a set of values in the `values` field that correspond to the configurable items in the Helm chart's `values.yaml` file.

- We export the name of the Helm chart as a stack output, which can be useful for referencing the chart in subsequent Pulumi stack updates or audits.

You would run this program using the Pulumi CLI by navigating to the directory where this file is located and executing `pulumi up`. Pulumi will then carry out the instructions specified in the code, deploying the NeuVector Core Helm chart to your OpenShift cluster.