Deploy the ibm-apic-ptl-instance helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

In this scenario, we’re going to set up an Azure Managed OpenShift Service, which is a fully managed service by Microsoft and Red Hat. This will enable us to run containerized applications on a Kubernetes platform without worrying about the underlying infrastructure maintenance.

Once the OpenShift cluster is established, we'll deploy an IBM API Connect (APIC) toolkit instance using a Helm chart. Helm is a package manager for Kubernetes that allows us to define, install, and upgrade complex Kubernetes applications. Helm charts are templates that describe the resources to be deployed on the Kubernetes cluster.

We will perform the following two main steps in the provided Pulumi program:

Create an Azure Red Hat OpenShift Cluster: We will define a Pulumi resource for creating a managed OpenShift cluster using azure-native.redhatopenshift.OpenShiftCluster.
Deploy the IBM APIC Toolkit Instance: After setting up the managed OpenShift cluster, we'll use the Helm chart ibm-apic-ptl-instance to deploy the IBM APIC Toolkit Instance onto the OpenShift cluster. We'll make use of the kubernetes.helm.v3.Chart resource for deploying Helm charts.

Here is a Pulumi TypeScript program that describes how to perform these tasks. Before running the program, ensure that you have installed the necessary Pulumi SDKs and configured your Azure provider credentials with Pulumi.

import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Create an Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("rg");

// Create an Azure Red Hat OpenShift Cluster
const openshiftCluster = new azure_native.redhatopenshift.OpenShiftCluster("openshiftCluster", {
    location: resourceGroup.location,
    resourceName: "openshift-example",
    resourceGroupName: resourceGroup.name,
    clusterProfile: {
        domain: "example",
        pullSecret: "<your pull secret>", // Replace with your Red Hat pull secret
    },
    masterProfile: {
        vmSize: "Standard_D16s_v3",
        subnetId: "/subscriptions/<your-subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>/subnets/<subnet-name>", // Specify your subnet ID
    },
    networkProfile: {
        podCidr: "10.128.0.0/14",
        serviceCidr: "172.30.0.0/16",
    },
    workerProfiles: [{ // Define worker profile configurations
        name: "worker",
        count: 3,
        vmSize: "Standard_D4s_v3",
    }],
});

// Deploy the ibm-apic-ptl-instance Helm chart on the OpenShift Cluster
const apicHelmChart = new k8s.helm.v3.Chart("ibm-apic-ptl-instance",
    {
        chart: "ibm-apic-ptl-instance",
        // Set the chart version to a specific version you want to deploy, or remove version to get the latest
        version: "1.0.0",
        fetchOpts: {
            repo: "https://charts.your-repo.com/", // Replace with your Helm chart repository where ibm-apic-ptl-instance is stored
        },
        // Set the values for the Helm release.
        values: {
            // Specify the necessary configuration values for your IBM API Connect scenario
        },
    },
    { provider: new k8s.Provider("k8s-provider", { kubeconfig: openshiftCluster.kubeconfig }) } // Use the kubeconfig from the created OpenShift Cluster
);

// Export the URL to access the OpenShift console
export const consoleUrl = openshiftCluster.consoleUrl;

Let’s break down some of the key parts of code:

We initiate a new resource group to organize the OpenShift cluster resources within.
We then instantiate the OpenShiftCluster resource, with some essential information such as location, resource name, cluster, and networking profiles. You must insert your specific details such as the pull secret, subscription ID, and networking parameters.
Notice that for the Workers' profile, you need to mention the number of nodes and the VM size. This may need to be adjusted depending on your workload requirements.
We then create a new Helm Chart resource that will deploy the ibm-apic-ptl-instance Helm chart.
The kubeconfig that the OpenShift cluster generates is passed into the Kubernetes provider for Pulumi, allowing it to interact with the OpenShift cluster.
Option fetchOpts.repo should be the URL pointing to where the Helm chart is stored. You may need to replace this value with the actual repository URL that hosts the IBM APIC Helm chart.
The values property in the Chart resource should be populated with the configuration values for your IBM API Connect deployment. You'll need to fill in these details based on your chart's requirements.
Finally, we export the URL so you can easily access the OpenShift console after the deployment completes.

Please replace the placeholder values in the code with actual values corresponding to your Azure subscription and the specifics of the Helm chart you are deploying. Once the program is ready, run it using the Pulumi CLI to provision your infrastructure and deploy the Helm chart to Azure Managed OpenShift Service.