Deploy the harbor-scanner-sysdig-secure helm chart on AWS EKS
TypeScriptTo deploy the
harbor-scanner-sysdig-secureHelm chart on AWS EKS, you would need to take the following steps:- Set up an EKS cluster on AWS.
- Configure the Helm chart repository where
harbor-scanner-sysdig-secureis located. - Install the Helm chart onto your EKS cluster.
Below is a Pulumi program written in TypeScript that demonstrates how to accomplish this. This program assumes that you have the necessary AWS credentials already set up for Pulumi to use.
First, we'll create an EKS cluster. In this example, we'll use the higher-level
eks.Clustercomponent which simplifies the setup. You’ll need to create an IAM role for your EKS cluster. Then you'll configure your VPC and subnet IDs, along with other necessary parameters.Next, we'll configure the Helm chart by setting up the repository and defining the chart's release. The details like
chart,version, andnamespaceare specific to theharbor-scanner-sysdig-securechart you want to deploy. You might need to check the Helm repository for the exact chart name and version.Here's the TypeScript program:
import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; import * as eks from "@pulumi/eks"; import * as k8s from "@pulumi/kubernetes"; // Create an EKS cluster. const cluster = new eks.Cluster("my-cluster", { // Specify the desired Kubernetes version, e.g., "1.21" version: "1.21", // Set up a node group for the cluster. nodeGroupOptions: { instanceType: "t2.medium", desiredCapacity: 2, }, }); // Create a Kubernetes provider instance using the kubeconfig from the created EKS cluster. const k8sProvider = new k8s.Provider("k8s-provider", { kubeconfig: cluster.kubeconfig.apply(JSON.stringify), }); // Set up the Helm chart repository. const harborScannerSysdigSecureRepo = new k8s.helm.v3.Repository("harbor-scanner-sysdig-secure-repo", { url: "https://charts.sysdig.com", // The repository URL; this might change so please verify. }, { provider: k8sProvider }); // Install the Helm chart into the cluster. const harborScannerSysdigSecureChart = new k8s.helm.v3.Chart("harbor-scanner-sysdig-secure", { chart: "harbor-scanner-sysdig-secure", version: "1.0.0", // Replace with the appropriate chart version. namespace: "default", // Replace with the namespace of your choice. fetchOpts: { repo: harborScannerSysdigSecureRepo.url, }, }, { provider: k8sProvider }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeconfig; // Optionally, export the URL to the Harbor interface if it creates an external endpoint. export const harborEndpoint = harborScannerSysdigSecureChart.getResourceProperty("v1/Service", "default/harbor", "status") .apply(status => status.loadBalancer.ingress[0]?.hostname || status.loadBalancer.ingress[0]?.ip);Let's break down what each part of the program does:
-
We create an EKS cluster by instantiating
eks.Cluster. The properties include the Kubernetes version, the node group configuration with EC2 instance type, and the desired number of nodes. -
We create a Kubernetes provider connected to the newly created EKS cluster by supplying its
kubeconfig, which we serialize into a string. This provider will allow us to interact with the Kubernetes API of our EKS cluster. -
Then, we declare a Helm chart repository using
k8s.helm.v3.Repository, specifying the URL of the repository where theharbor-scanner-sysdig-securechart is hosted. -
After setting up the repository, we use
k8s.helm.v3.Chartto deploy the Helm chart into our cluster. We specify the chart name, version, and release namespace. This will installharbor-scanner-sysdig-securein our Kubernetes cluster. -
Finally, we export the
kubeconfigrequired to interact with the Kubernetes cluster and the endpoint of the Harbor service, assuming it creates an external endpoint accessible over the internet.
Remember to check the official documentation and Helm repository for specific details about the
harbor-scanner-sysdig-securechart configuration and version. You might need to adjust the version and parameters to fit your requirements.