Deploy the kong-authorizer helm chart on Digital Ocean Kubernetes Service
TypeScriptDeploying a Helm chart on a Digital Ocean Kubernetes Service with Pulumi involves several steps: setting up a Kubernetes cluster, installing the Helm chart, and configuring any necessary Kubernetes resources. We'll go through the process using Pulumi's TypeScript programming language.
Here's a breakdown of what we'll be doing:
-
Creating a Kubernetes cluster on Digital Ocean: This is done using the
digitalocean.KubernetesCluster
resource. You are required to provide a name, region, version, and node pool details at a minimum. For this example, we'll create a simple cluster with just one node pool. -
Installing the Helm chart: After the cluster is provisioned, we use the
kubernetes.helm.v3.Chart
resource to deploy thekong-authorizer
chart. This resource lets you manage Helm chart deployments just as you would with thehelm
CLI tool, but with the benefits of infrastructure as code practices.
First, ensure you have the Digital Ocean and Kubernetes Pulumi providers installed:
pulumi plugin install resource digitalocean v4.22.0 pulumi plugin install resource kubernetes v4.4.0
Now let's set up the Pulumi program:
import * as pulumi from "@pulumi/pulumi"; import * as digitalocean from "@pulumi/digitalocean"; import * as kubernetes from "@pulumi/kubernetes"; // Create a Digital Ocean Kubernetes cluster const cluster = new digitalocean.KubernetesCluster("kong-authorizer-cluster", { region: digitalocean.Regions.NYC3, // You can choose the region that is closer to your users version: "latest", // Specify your desired Kubernetes version nodePool: { name: "kong-authorizer-pool", size: digitalocean.DropletSlugs.DropletS2VCPU2GB, // This is the size of the node. You can select as per your requirement nodeCount: 1, // Number of nodes in the node pool }, }); // Export the cluster's kubeconfig export const kubeconfig = cluster.kubeConfigs.apply(kubeConfig => kubeConfig[0].rawConfig); // Using the resulting kubeconfig, install a Helm chart for Kong Authorizer const kongAuthorizer = new kubernetes.helm.v3.Chart("kong-authorizer", { chart: "kong-authorizer", // You would specify the repository here if this chart is hosted on a Helm repo // e.g., repo: "https://charts.example.com/" values: { // Specify your Helm chart values here // These are dependent on the 'kong-authorizer' chart you're using }, }, { provider: new kubernetes.Provider("kong-authorizer-provider", { kubeconfig: kubeconfig }) }); // Export the endpoint of the kong-authorizer service export const kongAuthorizerEndpoint = kongAuthorizer.getResource("v1/Service", "kong-authorizer", "kong-authorizer").status.apply(status => status.loadBalancer.ingress[0].ip);
Explanation of the code:
-
digitalocean.KubernetesCluster
: This resource provisions a Kubernetes cluster in the specified Digital Ocean region. We named the clusterkong-authorizer-cluster
and the node poolkong-authorizer-pool
. Theversion
selects the Kubernetes version; usinglatest
will provision the cluster with the latest stable version supported by Digital Ocean. -
cluster.kubeConfigs
: This attribute of theKubernetesCluster
resource outputs the kubeconfig needed to communicate with the cluster. We're exporting this so it can be used to configure the Kubernetes provider for Helm. -
kubernetes.helm.v3.Chart
: We're deploying thekong-authorizer
chart onto the Kubernetes cluster we created. Thevalues
object should contain configuration specific to the Helm chart you're deploying. If the chart requires being fetched from a specific Helm repository, you would include therepo
field with the repository URL. -
kubernetes.Provider
: This is a Pulumi Kubernetes provider that uses the kubeconfig of the created cluster. We're associating this provider with our Helm chart so that it installs on the correct cluster. -
kongAuthorizerEndpoint
: We're exporting an IP address which is the endpoint through which you can access the deployedkong-authorizer
. This assumes that the Helm chart creates a LoadBalancer service.
You should adjust the
values
configuration to match whatever configuration parameters thekong-authorizer
chart requires. This might include things like custom resource definitions (CRDs), service type, and so on.After writing and saving your
index.ts
file, navigate to your Pulumi project directory in your terminal, and runpulumi up
to execute the Pulumi program. This will create the cluster and deploy the Helm chart, managing the entire operation as a single deployment.-