Deploy the cloudflare-tunnel-remote helm chart on Opensshift
TypeScriptTo deploy the Cloudflare Tunnel (previously known as Argo Tunnel) on an OpenShift cluster using Pulumi, we'll follow these steps:
- Set up a Pulumi program with the necessary imports.
- Configure our Kubernetes provider to connect to the OpenShift cluster.
- Use the Helm chart resource from Pulumi's Kubernetes provider to deploy the Cloudflare tunnel remote Helm chart to the OpenShift cluster.
Before we begin, you should have
kubectl
configured to access your OpenShift cluster and Pulumi CLI installed on your system. Since we're using TypeScript, Node.js should also be installed.Now, let's proceed with the Pulumi TypeScript program.
First, we need to import the necessary modules:
@pulumi/pulumi
for general Pulumi programming constructs.@pulumi/kubernetes
to directly interact with our Kubernetes cluster and deploy Helm charts.
Below is the program that performs the deployment:
import * as pulumi from '@pulumi/pulumi'; import * as kubernetes from '@pulumi/kubernetes'; // Step 1: Configure the Kubernetes provider // The `kubeconfig` field is omitted because Pulumi automatically uses the current context in ~/.kube/config // If you need to customize the kubeconfig or point to a different context, you may set it explicitly. const k8sProvider = new kubernetes.Provider('openshift-k8s', { // kubeconfig: '...' // <- Your kubeconfig here if needed }); // Step 2: Deploy the Cloudflare tunnel remote Helm chart const cloudflareTunnelChart = new kubernetes.helm.v3.Chart('cloudflare-tunnel', { chart: 'cloudflared', // The Helm chart for Cloudflare Tunnel might need to be fetched from a custom Helm repo. // You may need to provide a 'repo' parameter here with the URL to the Helm repository that contains the cloudflared chart. // Set the namespace where you want to deploy the chart, or omit it to use the default namespace. // namespace: 'default', values: { // Define the values that are relevant for the cloudflared Helm chart. // These values configure the Cloudflare Tunnel according to your Cloudflare account and settings. // You'll need to set specific values based on your Cloudflare Tunnel configuration. // For instance, you may need to configure the 'tunnel' and 'credentials' properties. // Please refer to the Helm chart's values file or documentation for the exact configuration options. }, }, { provider: k8sProvider }); // Export the public IP to access the Cloudflare tunnel if available export const publicIp = cloudflareTunnelChart.getResourceProperty('v1/Service', 'cloudflare-tunnel-public-ip', 'status') .apply(status => status.loadBalancer.ingress[0].ip);
Here's a breakdown of what each part of the program does:
- The Kubernetes provider object is created, establishing a connection to your OpenShift cluster.
- The Helm chart object is created, which tells Pulumi to deploy the
cloudflared
Helm chart. Note that we have commented out therepo
property, but in a real-world scenario, you would need to provide the Helm chart repository's URL where the Cloudflare Tunnel Helm chart is located. - The
values
property should be populated with configuration specific to your Cloudflare Tunnel setup. This typically involves things like your tunnel name, authentication details, and any other custom settings from the Helm chart.
After writing this code, you can run it using the standard Pulumi workflow:
pulumi up
This command will preview and then perform the deployment according to the plan shown. After the deployment is successful, Pulumi will provide an output that may include useful information, such as public IPs or endpoint URLs.