Deploy the signon-resources helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

Deploying a Helm chart to an Azure Kubernetes Service (AKS) cluster using Pulumi is a two-step process. First, you'll need to create an AKS cluster, and then you'll deploy the Helm chart to that cluster.

### Step 1: Create an AKS Cluster

Creating an AKS cluster involves defining a resource using Pulumi's Azure Native provider. The `azure-native.containerservice.ManagedCluster` resource creates an AKS cluster. You'll also need a resource group for the cluster using the `azure-native.resources.ResourceGroup` resource.

The AKS cluster requires an identity for the Kubernetes API server to interact with other Azure services, and you can define this with the `identity` property. You'll also need to specify the location, the Kubernetes version, and the properties required to run your cluster.

### Step 2: Deploy the Helm Chart

To deploy a Helm chart, you use Pulumi's Kubernetes provider. The `kubernetes.helm.v3.Chart` resource represents a Helm chart in a Kubernetes cluster. When you create this resource in Pulumi, it will instruct the Helm CLI to deploy the chart to your AKS cluster.

Here is a program written in TypeScript that creates an AKS cluster and then deploys a Helm chart to it:

```typescript
import * as azure from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an Azure Resource Group
const resourceGroup = new azure.resources.ResourceGroup("myResourceGroup", {
    location: "East US", // Choose the appropriate Azure region
});

// Step 2: Create an AKS Cluster in the Resource Group
const aksCluster = new azure.containerservice.ManagedCluster("myAksCluster", {
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,
    identity: {
        type: "SystemAssigned",
    },
    agentPoolProfiles: [{
        count: 1, // Number of nodes in node pool
        vmSize: "Standard_DS2_v2", // VM size for the nodes
        mode: "System",
        name: "agentpool",
    }],
    dnsPrefix: "myakscluster", // DNS prefix for AKS cluster
    kubernetesVersion: "1.18.14", // Specify the desired Kubernetes version
});

// After the AKS cluster is created, we need to setup the Kubernetes provider
// to point to the AKS cluster. This requires fetching the kubeconfig from the created AKS cluster.

// Step 3: Export the AKS cluster's kubeconfig
const credentials = pulumi.all([aksCluster.name, resourceGroup.name]).apply(([name, rgName]) => {
    return azure.containerservice.listManagedClusterUserCredentials({
        resourceName: name,
        resourceGroupName: rgName,
    });
});

const kubeconfig = credentials.kubeconfigs[0].value.apply(v => Buffer.from(v, "base64").toString());

// Step 4: Setup Kubernetes provider using kubeconfig of the AKS cluster
const provider = new k8s.Provider("aks-provider", {
    kubeconfig: kubeconfig,
});

// Step 5: Deploy the Helm chart using the `kubernetes` provider
const helmChart = new k8s.helm.v3.Chart("signon-resources", {
    chart: "signon-resources", // Name of the Helm chart
    version: "1.0.0", // Version of the Helm chart
    fetchOpts: {
        repo: "https://example.com/helm/charts", // URL of the repository where the Helm chart is located
    },
}, { provider: provider });

// Step 6: Export the AKS cluster's kubeconfig so that you can control the cluster with `kubectl`
export const kubeconfigOut = kubeconfig;
```

Let's go through the program step by step:

- **Step 1**: We create a resource group where all of our resources are going to live.
- **Step 2**: We define an AKS cluster, providing details like the number of nodes, node size, and Kubernetes version.
- **Step 3**: We obtain the credentials for our AKS cluster by calling an appropriate function from the Azure provider.
- **Step 4**: We set up a Pulumi Kubernetes provider instance using the fetched kubeconfig. This provider will be used to interact with our AKS cluster.
- **Step 5**: We deploy our Helm chart to the AKS cluster using the Kubernetes provider.
- **Step 6**: We export the kubeconfig of the AKS cluster, so you can use `kubectl` to interact with the cluster from your local machine.

Remember to replace `"https://example.com/helm/charts"` with the actual repository URL where your Helm chart is hosted and adjust the `chart` and `version` values according to your needs.

After executing this Pulumi program, the AKS cluster will be created and the specified Helm chart will be deployed to it. You can run this program with Pulumi CLI by navigating to the directory containing the program and executing the following commands:

```
pulumi up
```

This will provision the resources as defined in the program. When you need to change the configuration, update the Pulumi program and run `pulumi up` again. Pulumi will automatically update the infrastructure to match the new desired state.