Deploy the vault-helm-chart helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the `vault-helm-chart` on AWS EKS using Pulumi, you would need to follow these steps:

1. Create an EKS cluster: You will start by defining an Amazon EKS cluster. This is the foundational environment where your Kubernetes workloads, such as the Vault Helm chart, will run.

2. Deploy the Helm Chart: Once your cluster is up and running, you will deploy Vault via its Helm chart. Helm is a package manager for Kubernetes which simplifies deployment and management of Kubernetes applications.

To accomplish this, you will use Pulumi's `eks.Cluster` and `kubernetes.helm.v3.Chart` resources:

- `eks.Cluster`: This resource is used to create and manage an EKS cluster. You'll specify details such as the desired version of Kubernetes, node sizes, and min/max scaling properties.
  
- `kubernetes.helm.v3.Chart`: This resource is used to deploy Helm charts into a Kubernetes cluster. You'll specify the chart name (Vault), any specific values you want to override in the default Helm chart configuration, and the EKS cluster into which the chart should be deployed.

Below is a Pulumi program in TypeScript which sets up an EKS cluster and then deploys the Vault Helm chart to it.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";

// Create an EKS cluster
const cluster = new eks.Cluster("vault-eks-cluster", {
    instanceType: "t2.medium",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 2,
    version: "1.21",
});

// Create a Kubernetes provider instance that uses our EKS cluster from above
const k8sProvider = new k8s.Provider("k8s-provider", {
    kubeconfig: cluster.kubeconfig.apply(JSON.stringify),
});

// Deploy the Vault Helm chart into the EKS cluster using the k8s provider
const vault = new k8s.helm.v3.Chart("vault", {
    chart: "vault",
    version: "0.13.0",
    fetchOpts: {
        repo: "https://helm.releases.hashicorp.com",
    },
}, { provider: k8sProvider });

// Export the cluster's kubeconfig
export const kubeconfig = pulumi.secret(cluster.kubeconfig);
```

In this program, the `eks.Cluster` resource sets up the EKS cluster with a specified node size, minimum and maximum scaling capabilities, and the version of Kubernetes that you want to use.

The `kubernetes.helm.v3.Chart` resource then deploys Vault with a specified version (please replace it with the actual version you intend to use) using its Helm chart from the official HashiCorp Helm repository.

Lastly, the program exports the `kubeconfig` so you can interact with your Kubernetes cluster using kubectl or other Kubernetes tools.

Remember, you need to have Pulumi CLI installed and configured to connect to your AWS account. Additionally, ensure you have kubectl and Helm CLI installed if you intend to interact with the cluster and manage Helm releases directly from the command line.

Deploying the given program will give you a fully functional Vault deployment on AWS EKS, managed through Pulumi.