Deploy the nginx-gateway-fabric helm chart on Digital Ocean Kubernetes Service

Question

Pulumi · Accepted Answer

To deploy the `nginx-gateway-fabric` Helm chart on the Digital Ocean Kubernetes Service (DOKS) using Pulumi, you would need to complete the following steps:

1. **Provision a Digital Ocean Kubernetes Cluster**: This is done using the `digitalocean.KubernetesCluster` resource, which establishes a Kubernetes cluster within the Digital Ocean environment. You must specify various properties like the region, version, and node pool details.

2. **Install the Helm Chart**: After you have a running Kubernetes cluster, you can deploy Helm charts using the `kubernetes.helm.v3.Chart` resource. Helm is a package manager for Kubernetes that allows you to package, configure, and deploy applications and services onto Kubernetes clusters.

Below, I'll provide a step-by-step Pulumi program written in TypeScript that carries out these tasks:

- Set up the required Digital Ocean Kubernetes cluster with a node pool.
- Deploy the `nginx-gateway-fabric` Helm chart to the cluster.

Please ensure you have Pulumi installed, and you're logged in to the Pulumi service. Also, ensure that you have the necessary credentials set up to interact with Digital Ocean and Kubernetes on your local machine.

Here's the Pulumi TypeScript program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as digitalocean from "@pulumi/digitalocean";
import * as k8s from "@pulumi/kubernetes";

// Create a Digital Ocean Kubernetes cluster.
const cluster = new digitalocean.KubernetesCluster("do-cluster", {
    region: "nyc1", // Choose a region that is most appropriate for you
    version: "latest", // Use the latest available version of Kubernetes
    nodePool: {
        name: "default-pool",
        size: "s-1vcpu-2gb", // Select a node size that fits your requirements and budget
        nodeCount: 2, // Decide on the number of nodes
    },
});

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeConfigs[0].rawConfig;

// Create an instance of the Kubernetes Provider based on the kubeconfig from the Digital Ocean cluster.
const k8sProvider = new k8s.Provider("do-k8s", {
    kubeconfig: cluster.kubeConfigs[0].rawConfig,
});

// Deploy the nginx-gateway-fabric Helm chart using the Kubernetes provider.
const nginxGatewayFabricChart = new k8s.helm.v3.Chart("nginx-gateway-fabric", {
    chart: "nginx-gateway-fabric",
    version: "1.0.0", // Make sure to specify the correct chart version
    // You can provide additional configuration here using the 'values' property if required.
}, { provider: k8sProvider });

// Export the public endpoint of the nginx service.
// The exact way to retrieve the endpoint depends on how the chart exposes the service.
// Below is a placeholder to show the concept; the actual property paths may differ.
export const nginxEndpoint = nginxGatewayFabricChart.getResourceProperty("v1/Service", "nginx-gateway-fabric-nginx-service", "status");
```

Explanation:

- The `digitalocean.KubernetesCluster` resource is instantiated to create the cluster in Digital Ocean with the specified region, version, and node pool configuration.
- The `kubeconfig` of the cluster is exported. This is required to interact with the cluster using Kubernetes commands.
- A Kubernetes provider is then declared with the `kubeconfig` obtained from the cluster. This provider will be used to deploy resources onto the cluster.
- The `nginx-gateway-fabric` Helm chart is installed on the cluster using the `k8s.helm.v3.Chart` resource. The `version` should be set to the specific version of the chart you want to deploy. Additional configuration may be provided in the `values` property of the chart resource.
- Lastly, we attempt to export the service endpoint, which would typically be the LoadBalancer IP or hostname if your Helm chart creates a LoadBalancer service. The actual export would depend on the structure of your Helm chart.

Remember that for different Helm charts, or different configurations within the `nginx-gateway-fabric` Helm chart, you might need to adjust the resource properties accordingly. Check the documentation for the specific Helm chart for configuration options.

This code assumes you have completed setup outside of Pulumi that includes:

- Configuring `pulumi` with access to your Pulumi account.
- Setting up Digital Ocean credentials for Pulumi to use.
- Ensuring your system has the necessary access to pull the Helm chart for deployment.

After having this code written in a `.ts` file within a Pulumi project, you can deploy this infrastructure using the Pulumi CLI by running `pulumi up` in your terminal, and Pulumi will handle the creation of the resources.