Deploy the stateless helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

Deploying a stateless application using a Helm chart on Azure Kubernetes Service (AKS) is a common scenario. Helm is a powerful package manager for Kubernetes, which simplifies the deployment and management of applications. AKS is a managed Kubernetes service that simplifies the process of running Kubernetes clusters in Azure.

To accomplish your goal, we will undertake the following steps:

1. Set up an AKS cluster using the `azure-native` provider. This includes creating a resource group and the AKS cluster within that resource group.
2. Once the AKS cluster is provisioned, we configure our local environment to use the cluster's credentials so that we can deploy applications to it.
3. We will then use the `kubernetes` provider, specifically the Helm chart resource, to deploy a stateless Helm chart to the AKS cluster.

Let's go step-by-step with a Pulumi program written in TypeScript.

### Step 1: Installing the Necessary Providers

First, you will need to install the Pulumi providers for Azure and Kubernetes if you haven't already:

```sh
$ pulumi plugin install resource azure-native 2.11.0
$ pulumi plugin install resource kubernetes 4.4.0
```

You will also need the NPM packages for these providers:

```sh
$ npm install @pulumi/azure-native @pulumi/kubernetes
```

### Step 2: Writing the Pulumi Program

We will now write the Pulumi program that accomplishes the tasks described above:

```typescript
import * as azure_native from "@pulumi/azure-native";
import * as pulumi from "@pulumi/pulumi";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Establish the Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("myResourceGroup");

// Step 2: Create the AKS cluster
const cluster = new azure_native.containerservice.ManagedCluster("myAKSCluster", {
    resourceGroupName: resourceGroup.name,
    agentPoolProfiles: [{
        count: 2, // Number of agents (VMs) to host container workloads
        maxPods: 110, // Maximum number of pods that can run on a node
        mode: "System", // System nodes are core to the cluster, for running critical system services
        name: "agentpool",
        osDiskSizeGB: 30, // The disk size of the agent VMs
        osType: "Linux", // The operating system type of the agents
        vmSize: "Standard_DS2_v2", // VM size of the agents
    }],
    dnsPrefix: `${pulumi.getStack()}-kube`, // DNS prefix for your AKS cluster
    enableRBAC: true, // Enable RBAC for security
    kubernetesVersion: "1.20.9", // Specify the supported Kubernetes version
    linuxProfile: {
        adminUsername: "azureuser", // Admin username
        ssh: {
            publicKeys: [{
                keyData: "ssh-rsa ..." // SSH public key string for the admin user
            }],
        },
    },
}, { dependsOn: resourceGroup });

// Expose some necessary endpoints such as the kubeconfig
export const kubeconfig = cluster.kubeConfigRaw;

// Step 3: Deploy the Helm chart
// Ensure we have the AKS cluster available before deploying the chart
const k8sProvider = new k8s.Provider("k8s", {
    kubeconfig: cluster.kubeConfigRaw,
});

// This is where you define your helm chart configuration
const chart = new k8s.helm.v3.Chart("nginx", {
    chart: "nginx",
    version: "1.16.0", // Choose the version of the chart to deploy
    // Helm fetch options to retrieve the chart from the repository
    fetchOpts: {
        repo: "https://charts.bitnami.com/bitnami", // Repository URL from where to fetch the chart
    },
    namespace: "default",
}, { providers: { kubernetes: k8sProvider } });
```

### Explanation of the Program

In the above program:

- We create a new Azure resource group using the `ResourceGroup` class from the `azure-native` provider.
- We create a new AKS cluster using the `ManagedCluster` class and configure it with some basic settings including the size of the worker nodes, the number of worker nodes, the Kubernetes version, and SSH public key for secure access.
- We then output the `kubeconfig` of the cluster to enable access to the cluster from your local machine.
- A new instance of the Kubernetes `Provider` is created, which instructs Pulumi to use the kubeconfig obtained from the AKS cluster creation process.
- Finally, we define a Helm `Chart` resource to deploy an NGINX chart from the Bitnami Helm repository into the default namespace of our cluster.

### Important Notes:

- Before running this program, you should have relevant Azure credentials configured on your machine.
- Replace `"ssh-rsa ..."` with your actual SSH public key.
- The `kubeconfig` output can be used to set your local `KUBECONFIG` environment variable or be used with `kubectl` directly to interact with your AKS cluster.
- Ensure that the Kubernetes version specified is supported by AKS at the time of deployment.

With this program, Pulumi will handle the provisioning and deployment process, creating the AKS cluster and deploying the chosen Helm chart into it.