Deploy the universal-crossplane helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

To deploy the Universal Crossplane Helm chart on Azure Managed Openshift Service using Pulumi with TypeScript, you will need to follow these steps:

1. **Set up an Azure Managed OpenShift Cluster**: First, you need an Azure Managed OpenShift Cluster to deploy your applications. We will create an OpenShift Managed Cluster resource using Pulumi's `azure-native.containerservice.OpenShiftManagedCluster` resource.
   
2. **Deploy the Helm Chart**: After you have your cluster, you can then deploy the Universal Crossplane Helm chart using the Pulumi Kubernetes provider, specifically the `kubernetes.helm.v3.Chart` resource.

Let's start by creating the Azure Managed OpenShift cluster. To do this, you will need to register an `OpenShiftManagedCluster` resource with appropriate properties as required by the Azure platform, such as `location`, `openShiftVersion`, `agentPoolProfiles`, etc.

Once the OpenShift cluster is provisioned, you need to set up the Pulumi Kubernetes provider to deploy the Helm chart. The provider must be configured to connect to the cluster's Kubernetes endpoint, which you can retrieve from the provisioned OpenShift cluster's properties.

Finally, with the Kubernetes provider configured, use the `Chart` resource to deploy Universal Crossplane from the Helm repository.

Here is a basic Pulumi program in TypeScript that combines these steps:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Replace these variables with appropriate values
const location = "eastus"; // Azure region
const resourceGroupName = "myPulumiResourceGroup"; // Azure Resource Group
const clusterName = "myOpenShiftCluster"; // OpenShift Cluster name
const openShiftVersion = "4.3.0"; // OpenShift version (pick a supported one)

// Create an Azure Resource Group if it doesn't exist
const resourceGroup = new azure_native.resources.ResourceGroup("resourceGroup", {
    resourceGroupName: resourceGroupName,
    location: location,
});

// Create the Azure Managed OpenShift Cluster
const cluster = new azure_native.containerservice.OpenShiftManagedCluster("myCluster", {
    resourceName: clusterName,
    resourceGroupName: resourceGroup.name,
    location: location,
    openShiftVersion: openShiftVersion,
    networkProfile: {
        vnetCidr: "10.0.0.0/8",
    },
    masterPoolProfile: {
        count: 3,
        vmSize: "Standard_DS3_v2",
    },
    agentPoolProfiles: [{
        name: "agentpool",
        count: 3,
        vmSize: "Standard_DS3_v2",
        osType: "Linux",
    }],
    tags: {
        // Additional tags if needed
    },
});

// Deploy the Universal Crossplane Helm chart to the OpenShift Managed Cluster
const crossplaneChart = new k8s.helm.v3.Chart("crossplane-chart", {
    namespace: "crossplane-system",
    chart: "universal-crossplane",
    fetchOpts: {
        repo: "https://charts.crossplane.io/stable",
    },
    // Define values for the Helm chart if needed, for instance:
    // values: {
    //     replicaCount: 1,
    // },
}, { provider: new k8s.Provider("k8s-provider", {
    kubeconfig: cluster.kubeConfigRaw, // Assumes kubeconfig is available from the cluster resource
    context: `api-${clusterName}.${location}.cloudapp.azure.com:6443`, // Context is typically the cluster API endpoint
}) });

// Export the cluster's kubeconfig and endpoint
export const kubeconfig = cluster.kubeConfigRaw;
export const endpoint = pulumi.interpolate`https://${clusterName}.${location}.cloudapp.azure.com`;

```

This program does the following:

- **ResourceGroup**: Creates a new Azure Resource Group to organize all your Azure resources.
- **OpenShiftManagedCluster**: Provisions an Azure Managed OpenShift Cluster in the specified location, names, and other properties. The `networkProfile`, `masterPoolProfile`, and `agentPoolProfiles` are configured per your requirements.
- **kubernetes.helm.v3.Chart**: Deploys the Universal Crossplane Helm chart to your OpenShift cluster using the `Chart` resource. The `fetchOpts` specifies where to fetch the Helm chart from, and the provider configuration uses the kubeconfig from the OpenShift cluster.

Note that the properties for `OpenShiftManagedCluster` such as the `vmSize` and the `openShiftVersion` may need to be adjusted based on Azure's current offerings and version support.

This Pulumi program is an illustration that you'll need to modify with actual configurations fit for your setup, such as the version of OpenShift, VM sizes, the region, and the Helm chart configurations. Make sure you have the Azure CLI and `kubectl` installed and configured, along with the required permissions to create these resources within your Azure subscription.