Deploy the tyk-dev-portal helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the Tyk Developer Portal using a Helm chart on Azure Kubernetes Service (AKS), you'll need to complete several steps. These include setting up an AKS cluster, configuring access to it, and then deploying the Helm chart onto the cluster. Below is a fully commented TypeScript program that accomplishes these tasks using Pulumi.

Firstly, we will use the `azure-native:containerservice:ManagedCluster` Pulumi resource to create an AKS cluster. Once the cluster is provisioned, we'll obtain the KubeConfig which is required to interact with the Kubernetes cluster. After that, we'll deploy the Tyk Developer Portal Helm chart into the AKS cluster.

Please note that to follow along with this program, you should have the Pulumi CLI installed, have an Azure account configured for Pulumi with the necessary permissions, and have Helm and Kubectl installed locally to work with Kubernetes clusters and Helm charts.

Here's the TypeScript program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Provision an AKS cluster in Azure
// Create a new resource group to contain the AKS cluster
const resourceGroup = new azure_native.resources.ResourceGroup("myResourceGroup", {});

// Create the AKS cluster
const cluster = new azure_native.containerservice.ManagedCluster("myAKSCluster", {
    resourceGroupName: resourceGroup.name,
    agentPoolProfiles: [{
        count: 2,  // Define how many VMs to include in the cluster
        vmSize: "Standard_DS2_v2",  // VM size for the VMs in the cluster
        mode: "System",  // Mode of the agent pool - System means System nodes
    }],
    dnsPrefix: "myakscluster",  // Unique DNS prefix for the AKS public service
    kubernetesVersion: "1.23.5",  // Define the version of Kubernetes to use
    enableRBAC: true,  // Enable RBAC for the AKS cluster
    identity: {
        type: "SystemAssigned",  // Define an identity type for the AKS cluster
    }
}, { dependsOn: [resourceGroup] });

// Export the KubeConfig for the AKS cluster which can be used to connect kubectl and pulumi
const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([name, rgName]) =>
    azure_native.containerservice.listManagedClusterUserCredentials({
        resourceName: name,
        resourceGroupName: rgName
    })
);
const kubeConfig = creds.kubeconfigs[0].value.apply(v => Buffer.from(v, "base64").toString());
export const kubeConfigOut = pulumi.secret(kubeConfig);

// Step 2: Configure Pulumi to use the new AKS cluster
// Create a provider for deploying resources to the AKS cluster
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeConfig,
});

// Step 3: Deploy the tyk-dev-portal Helm chart to the AKS cluster
// This uses the Helm Chart resource provided by Pulumi's Kubernetes provider
const tykDevPortalChart = new k8s.helm.v3.Chart("tyk-dev-portal", {
    chart: "tyk-dev-portal",
    version: "1.8.3", // Specify the Helm chart version you wish to deploy
    fetchOpts: {  // Add the details for fetching the Helm chart
        repo: "http://helm.tyk.io/public", // Tyk's official Helm chart repository
    },
}, { provider: k8sProvider });

// Export the frontend service IP for the Tyk Developer Portal
const frontendService = tykDevPortalChart.getResource("v1/Service", "tyk-dev-portal-tyk-headless");
export const frontendServiceIP = frontendService.status.loadBalancer.ingress[0].ip;

```

This program sets up a basic AKS cluster with system-assigned identity and RBAC enabled. Kubernetes version and node size are specified when creating the cluster. It also creates a Kubeconfig which is used to set up a k8s provider in Pulumi. This provider is then used to deploy the Tyk Developer Portal Helm chart from Tyk's Helm chart repository.

Please replace the chart version with the actual version you would like to deploy, as well as any other parameters or properties specific to your requirements or environment.

After running this program using the Pulumi CLI (with `pulumi up`), it will output the `kubeConfigOut` and `frontendServiceIP`, which you can use to access your Tyk Developer Portal on Azure Kubernetes Service.