Deploy the kyso-scs helm chart on AWS EKS
TypeScriptDeploying a Helm chart on AWS EKS involves several steps, which include setting up the EKS cluster, configuring Kubernetes resources, and then deploying the Helm chart to the cluster. Below, you'll find a detailed explanation followed by a TypeScript program using Pulumi.
Explanation
-
Set Up EKS Cluster: We'll create an Amazon EKS cluster using the
aws.eks.Cluster
resource from the Pulumi AWS provider. This resource defines the EKS control plane. -
Node Group: For our EKS cluster to run workloads, we'll need a node group. We'll define this using the
aws.eks.NodeGroup
resource, which sets up the worker nodes and attaches them to the specified EKS cluster. -
Helm Release: Once the EKS cluster is ready, and the node group is attached, we'll deploy our Helm chart using the
helm.v3.Release
resource from Pulumi's Helm provider. Thekyso-scs
chart will be deployed on the EKS cluster. Make sure the Helm chartkyso-scs
is available in your configured Helm chart repositories. -
Roles and Permissions: Our EKS cluster will need an IAM role with the necessary policies for EKS to manage entities and resources. Additionally, worker nodes will need an IAM role to interact with AWS services.
Pulumi TypeScript Program
Below is the TypeScript program that performs all the steps listed above:
import * as pulumi from '@pulumi/pulumi'; import * as aws from '@pulumi/aws'; import * as eks from '@pulumi/eks'; import * as k8s from '@pulumi/kubernetes'; // Create an EKS cluster const cluster = new eks.Cluster('my-eks-cluster', { // Provide the desired EKS version version: '1.21', }); // Define the IAM role for the EKS nodes const nodeRole = new aws.iam.Role('my-node-role', { assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal( aws.iam.principals.Ec2Principal ), }); // Attach the worker node IAM policies new aws.iam.RolePolicyAttachment('my-node-role-attachment', { role: nodeRole.name, policyArn: aws.iam.ManagedPolicy.AmazonEKSWorkerNodePolicy, }); // Create a node group attached to the created EKS cluster const nodeGroup = new eks.NodeGroup('my-node-group', { cluster: cluster, instanceType: 't3.medium', desiredCapacity: 2, minSize: 1, maxSize: 3, nodeRole: nodeRole, }); // Initialize the Kubernetes provider const provider = new k8s.Provider('k8s-provider', { kubeconfig: cluster.kubeconfig.apply(JSON.stringify), }); // Deploy the kyso-scs Helm chart on the EKS cluster const helmRelease = new k8s.helm.v3.Release('kyso-scs-chart', { chart: 'kyso-scs', version: '1.0.0', // Specify the chart version if necessary namespace: 'default', // Specify the namespace if desired }, { provider }); // Export the cluster's kubeconfig export const kubeconfig = pulumi.secret(cluster.kubeconfig); // Export the Helm release status export const helmReleaseStatus = helmRelease.status;
The
eks.Cluster
creates the EKS cluster, and theeks.NodeGroup
provisions the worker nodes required for running Kubernetes workloads. We also define an IAM Role with the necessary policies for the worker nodes usingaws.iam.Role
andaws.iam.RolePolicyAttachment
.For deploying the Helm chart, we define
helmRelease
which manages the lifecycle of the Helm chart on the Kubernetes cluster represented by theprovider
.Finally, we export
kubeconfig
so it can be used to interact with your cluster using tools likekubectl
, andhelmReleaseStatus
to check the status of the deployed Helm chart.This is a simple setup devoid of finer details such as specifying AWS VPC configurations, subnets, IAM policies, and elaborate cluster configuration. Depending on your use case, you might need to delve deeper into these aspects for a production-ready setup.
-