Deploy the oci-registry helm chart on Rancher

Question

Pulumi · Accepted Answer

To deploy the `oci-registry` Helm chart on a Rancher-managed Kubernetes cluster, you would typically follow these steps:

1. Install the Rancher2 provider.
2. Authenticate to the Rancher server.
3. Select the Kubernetes cluster managed by Rancher.
4. Use the `helm` resource to deploy the chart on the selected cluster.

Before going into the Pulumi program, let's make sure you have everything set up for the deployment:

- An active Rancher instance with a cluster added to it.
- Access to the Rancher API with appropriate permissions to manage resources.
- Helm chart details for `oci-registry`, such as the chart name and repository, or its package version if it's a local chart.
- Pulumi CLI installed and authenticated to your Pulumi account.
- Your preferred cloud provider CLI installed and configured with credentials (e.g., AWS CLI, Azure CLI, GCP CLI), which might be necessary if your Kubernetes cluster requires access to certain cloud-managed resources like storage buckets or databases.

We'll use TypeScript to create the Pulumi program to deploy the chart. The program will consist of the following major parts:

- Importing necessary Pulumi libraries and initializing the Rancher2 provider.
- Defining the Kubernetes cluster in Rancher where you want to deploy the Helm chart.
- Defining the Helm chart resource and specifying chart details, including any required Helm values.

Here is a detailed explanation and the program you would use to deploy the `oci-registry` Helm chart on Rancher:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";
import * as k8s from "@pulumi/kubernetes";

// Before running this program, make sure to set up your Pulumi provider configuration
// with the necessary credentials to authenticate with Rancher.

// This code assumes you have a Rancher cluster named `my-rancher-cluster`.
// You can fetch the cluster by name using the rancher2.Cluster.get function.
const cluster = rancher2.Cluster.get("my-rancher-cluster", "my-rancher-cluster");

// Initialize the Kubernetes provider using the kubeconfig from the Rancher cluster.
// This will allow us to deploy resources to the cluster managed by Rancher.
const k8sProvider = new k8s.Provider("k8s-provider", {
    kubeconfig: cluster.kubeConfig,
});

// Now we can deploy the oci-registry Helm chart to the cluster.
// Provide the chart name, version, and values according to the chart's requirements.
const ociRegistryChart = new k8s.helm.v3.Chart("oci-registry-chart", {
    chart: "oci-registry",
    version: "x.y.z", // Specify the chart version here
    // You can add a 'repo' property if the chart is from a Helm repository.
    // For example:
    // repo: "https://my-helm-repo.example.com/",
    fetchOpts: {
        // If the chart is an OCI chart, specify its repo and other details here.
        // For example:
        // repo: "oci://my-oci-registry.example.com/my-charts",
    },
    // Provide any required values for the chart.
    values: {
        // For example, to specify the service type and external port:
        // service: {
        //   type: "LoadBalancer",
        //   port: 80,
        // },
        // Include other values as needed for your deployment.
    },
}, { provider: k8sProvider });

// Export the public endpoint of the oci-registry if applicable.
export const ociRegistryEndpoint = ociRegistryChart.getResourceProperty("v1/Service", "oci-registry", "status").apply(status => status.loadBalancer.ingress[0].ip);
```

Please replace `x.y.z` with the exact version of the oci-registry Helm chart you intend to use. You will also need to fill in the `values` property with the configuration options required by the oci-registry chart. These values will depend on your specific use case and the configuration options supported by the chart.

In the last line, we export the endpoint for the `oci-registry` service, which you can use to access your OCI registry after it's deployed. Note that this assumes a LoadBalancer service type, which may not be applicable to your environment. Adjust accordingly based on your service configuration.

Remember that deploying the Helm chart using Pulumi will require you to have access rights for the resources and configurations you are making. Ensure that the necessary roles and permissions are in place before running the Pulumi program.