Deploy the v3-backend helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on an Azure Kubernetes Service (AKS) cluster, we need to follow these steps:

1. **Provision an AKS Cluster**: We'll create an AKS cluster where our Helm chart will be deployed. We'll define the required resources using `azure-native` resources because this module provides fine-grained access to Azure resources.

2. **Install the Helm chart**: After creating the AKS cluster, we'll configure Pulumi to use the Kubernetes provider to interact with the cluster and deploy the Helm chart.

For the purpose of this explanation, I'll assume that the Helm chart `v3-backend` is available in a public or private Helm repository. The AKS cluster will be created with default settings, and you will be required to adjust these settings based on your actual needs, such as the node size, the number of nodes, or the Kubernetes version.

Here's a program that will create an AKS cluster and deploy the Helm chart named `v3-backend`.

```typescript
import * as azure from "@pulumi/azure";
import * as azuread from "@pulumi/azuread";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

// Create an Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("myResourceGroup");

// Create an Azure AD service principal for the K8s cluster
const adApp = new azuread.Application("myApp");
const adSp = new azuread.ServicePrincipal("mySp", { applicationId: adApp.applicationId });
const adSpPassword = new azuread.ServicePrincipalPassword("mySpPassword", {
  servicePrincipalId: adSp.id,
  value: "password",
  endDate: "2099-01-01T00:00:00Z",
});

// Create an AKS cluster
const cluster = new azure.containerservice.KubernetesCluster("myCluster", {
  resourceGroupName: resourceGroup.name,
  location: resourceGroup.location,
  agentPoolProfiles: [{
    count: 2,
    maxPods: 110,
    vmSize: "Standard_DS2_v2",
    mode: "System",
    osDiskSizeGb: 30,
    type: "VirtualMachineScaleSets",
  }],
  dnsPrefix: "myakscluster",
  servicePrincipal: {
    clientId: adApp.applicationId,
    clientSecret: adSpPassword.value,
  },
  kubernetesVersion: "1.18.14",
  roleBasedAccessControl: { enabled: true },
  tags: {
    environment: "development",
  },
});
// Export the cluster's kubeconfig
export const kubeconfig = cluster.kubeConfigRaw;

// Use the AKS cluster as the target Kubernetes cluster
const k8sProvider = new k8s.Provider("k8sProvider", {
  kubeconfig: cluster.kubeConfigRaw,
});

// Deploy the v3-backend Helm chart to the AKS cluster
const helmChart = new k8s.helm.v3.Chart("v3-backend-chart", {
  chart: "v3-backend",
  version: "3.0.0", // Specify the chart version you want to deploy
  fetchOpts: {
    repo: "http://myhelmrepo.com/charts", // Replace with the URL of your Helm repository
  },
}, { provider: k8sProvider });

// Export the public IP to access the v3-backend service
export const backendServiceIP = helmChart
  .getResourceProperty("v1/Service", "v3-backend", "status")
  .apply(status => status.loadBalancer.ingress[0].ip);
```

Let's break down what this program does:

- **Resource Group**: A new Azure Resource Group is created to contain our AKS cluster.
- **Azure AD Objects**: An application and service principal are created in Azure AD for AKS to interact with other Azure services securely.
- **AKS Cluster**: The `KubernetesCluster` is defined with a system node pool, using the Azure AD objects created for authentication.
- **Helm Chart**: We set up a `Provider` which tells Pulumi how to communicate with the AKS cluster, and then we use it to deploy the `v3-backend` Helm chart from the specified repository.
- **Public IP Export**: We export the public IP assigned to your `v3-backend` service if it's a LoadBalancer type service. This allows you to access your deployment from the internet.

Notice that you'll need to replace `http://myhelmrepo.com/charts` with the URL to the Helm repository where your `v3-backend` chart is hosted.

After running the above program with Pulumi, it will provision the necessary Azure and Kubernetes resources and deploy your application to AKS using the Helm chart. You can see the public IP that was exported, which is the endpoint you can use to interact with your deployed `v3-backend` application.

To run this Pulumi program, save it in a `index.ts` file, make sure you have Pulumi installed, and have logged in to your Azure account via the Azure CLI. Then run `pulumi up` to execute it.