Deploy the wazuh helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the Wazuh helm chart on AWS EKS using Pulumi, we need to perform several steps:

1. **Set up an EKS Cluster**: We'll create an Amazon EKS cluster, which is a managed Kubernetes service that makes it easy to run Kubernetes on AWS without needing to maintain your own Kubernetes control plane.

2. **Configure the Kubernetes Provider**: Pulumi needs to interact with the Kubernetes API to deploy applications, which in this case is the Wazuh helm chart.

3. **Deploy the Helm Chart**: Once we have our cluster and Kubernetes provider configured, we can deploy the Wazuh helm chart to the cluster.

Here's the detailed process along with the TypeScript program to accomplish this:

### Setting up an EKS Cluster

We use the `eks.Cluster` resource to create an Amazon EKS cluster. You need to provide the necessary configurations such as the `vpcId` and `subnetIds` which the cluster will associate with. For detailed configurations, consult the [EKS Cluster documentation](https://www.pulumi.com/registry/packages/eks/api-docs/cluster/).

### Configuring the Kubernetes Provider

After the cluster is up and running, we use the cluster credentials to configure the Kubernetes provider. This provider allows Pulumi to deploy Kubernetes resources to the cluster.

### Deploying the Helm Chart

Finally, we can deploy the Wazuh helm chart using the `helm.v3.Chart` resource. It allows you to provide `chart` name, `version`, `repository` and any `values` necessary to configure the chart.

Let's put this into a Pulumi program:

```typescript
import * as eks from "@pulumi/eks";
import * as awsx from "@pulumi/awsx";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an EKS cluster.
const cluster = new eks.Cluster("wazuh-cluster", {
    instanceType: "t2.medium",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 2,
    providerCredentialOpts: {
        profileName: "aws-profile", // Make sure to replace this with your AWS profile name.
    },
});

// Step 2: Use the kubeconfig from the generated EKS cluster to create a Kubernetes provider instance.
const k8sProvider = new k8s.Provider("wazuh-k8s-provider", {
    kubeconfig: cluster.kubeconfig.apply(JSON.stringify),
});

// Step 3: Deploy the Wazuh helm chart using the Kubernetes provider.
const wazuhChart = new k8s.helm.v3.Chart("wazuh-chart", {
    chart: "wazuh",
    version: "4.2.5", // This should be the version you want to deploy, make sure this is up-to-date.
    fetchOpts:{
        repo: "https://wazuh.github.io/wazuh-charts", // Wazuh Helm repo URL.
    },
}, { provider: k8sProvider });

// Export the EKS cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;
```

To run this Pulumi program:

1. Install Pulumi and configure AWS access. Make sure AWS credentials are set up correctly in your environment (`~/.aws/credentials`).
2. Install Node.js and npm if they are not already installed.
3. Create a new directory, navigate into it, and run `pulumi new typescript` to create a new Pulumi TypeScript project.
4. Replace the contents of `index.ts` with the above program.
5. Run `pulumi up` to deploy the EKS cluster and the Wazuh helm chart.

Remember to replace placeholders like `"aws-profile"` with your actual AWS profile or other configurations specific to your environment.

After running `pulumi up`, Pulumi will print out the steps it plans to take. Upon confirmation, it will proceed with creating the EKS cluster and deploying the Wazuh helm chart to it. The output will include a `kubeconfig` that you can use to interact with your Kubernetes cluster using `kubectl`.