Deploy the openshift-kube-state-metrics helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the `openshift-kube-state-metrics` Helm chart on Azure Kubernetes Service (AKS), you need to set up a few resources:

1. **Azure Resource Group**: A resource container that holds related resources for an Azure solution.
2. **AKS Cluster**: An Azure Kubernetes Service cluster where `openshift-kube-state-metrics` will be deployed.
3. **Helm Chart**: The Helm chart itself that contains the package of the pre-configured Kubernetes resources needed to run `openshift-kube-state-metrics`.

We will use Pulumi Azure provider to create the AKS cluster. Then, we'll utilize the Pulumi Kubernetes provider to deploy the `openshift-kube-state-metrics` Helm chart.

Below is the Pulumi program written in TypeScript that demonstrates how to accomplish this:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as azure from '@pulumi/azure';
import * as k8s from '@pulumi/kubernetes';

// Create a resource group
const resourceGroup = new azure.core.ResourceGroup('myResourceGroup', {
    // Provide your location, any valid Azure location is acceptable
    location: azure.Locations.WestUS2,
});

// Create an AKS cluster
const cluster = new azure.containerservice.KubernetesCluster('myAKSCluster', {
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,
    defaultNodePool: {
        name: 'default',
        nodeCount: 2, // You can specify the number of nodes here
        vmSize: 'Standard_D2_v2',
    },
    dnsPrefix: 'kube-aks', // Your unique AKS DNS prefix
    servicePrincipal: {
        clientId: process.env.AZURE_CLIENT_ID,
        clientSecret: process.env.AZURE_CLIENT_SECRET,
    },
});

// Export the kubeconfig to access the AKS cluster
export const kubeConfig = cluster.kubeConfigRaw;

// Create a kubernetes provider using the kubeconfig
const k8sProvider = new k8s.Provider('aksK8s', {
    kubeconfig: kubeConfig,
});

// Define the Helm chart, version, and repository
const chart = 'kube-state-metrics';
const version = '1.9.7'; // The version can change, use an appropriate chart version
const repo = 'https://helm.openshift.io/'; // The URL of the helm chart repository

// Deploy the helm chart using the kubernetes provider
const kubeStateMetrics = new k8s.helm.v3.Chart('kube-state-metrics', {
    chart: chart,
    fetchOpts:{
        repo: repo,
    },
    version: version,
    namespace: 'kube-system', // Deploying to the 'kube-system' namespace
}, { provider: k8sProvider });

// Export the deployment name
export const kubeStateMetricsName = kubeStateMetrics.metadata.apply(m => m.name);
```

Let's explain this code step-by-step:

1. We import the required Pulumi modules. The `pulumi` module provides core Pulumi functionalities. The `azure` module contains resources that allow interaction with Azure. The `kubernetes` module contains the Kubernetes provider and related resources.
   
2. We create an Azure `ResourceGroup`, which is a container that holds related resources for an Azure solution.

3. We proceed by creating an `AKS cluster` named `myAKSCluster`. Replace `process.env.AZURE_CLIENT_ID` and `process.env.AZURE_CLIENT_SECRET` with your Azure service principal credentials.

4. The `kubeConfig` output from the `AKS cluster` is exported so that it can be used outside of Pulumi for direct `kubectl` interactions.

5. A `kubernetes.Provider` named `aksK8s` is created using the `kubeConfig`. This provider is responsible for managing the Kubernetes resources.

6. We then define the Helm chart from a repository. For this example, we're using the `kube-state-metrics` Helm chart that’s hypothetically stored in the OpenShift Helm chart repository.

7. We deploy the `kube-state-metrics` Helm chart into the `kube-system` namespace of the AKS cluster.

8. Lastly, we export the name of the deployed kube-state-metrics service for reference. This can be useful if you want to interact with the service after its deployment.

This program should be executed with the Pulumi CLI, and you should have the following prerequisites satisfied:

- An Azure account with the necessary permissions to create resources.
- Service principal credentials for Azure.
- The Pulumi CLI installed and configured.
- Node.js and NPM installed to run TypeScript programs.

Once you run this program using the Pulumi CLI with `pulumi up`, it will provision the resources as specified and deploy the helm chart to the AKS cluster. Ensure to set the environment variables `AZURE_CLIENT_ID` and `AZURE_CLIENT_SECRET` with the respective credentials before running the command.