Deploy the workflows-softonic-factory helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy a Helm chart to an Azure Kubernetes Service (AKS) cluster, you'll go through a few high-level steps:

1. **Set up an AKS cluster**: You'll need an existing AKS cluster or you'll have to create one.
2. **Install the Helm chart**: Using Pulumi's Kubernetes provider, you can then deploy Helm charts to the cluster.

Before you begin, make sure you have the following prerequisites in place:

- An Azure subscription.
- The `azure-native` Pulumi provider for Azure resources.
- The `kubernetes` Pulumi provider for Helm chart deployment.
- Pulumi CLI installed and configured for use with Azure.

Let's start by creating an AKS cluster using Pulumi. We'll then install the Helm chart on the newly created cluster. To describe this process, I'll include inline code comments explaining the logic in each step.

Here is the TypeScript code to accomplish this:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Create an Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("resourceGroup");

// Create an AKS cluster
const cluster = new azure_native.containerservice.ManagedCluster("aksCluster", {
    resourceGroupName: resourceGroup.name,
    agentPoolProfiles: [{
        count: 2,
        maxPods: 110,
        mode: "System",
        name: "agentpool",
        osDiskSizeGB: 30,
        osType: "Linux",
        vmSize: "Standard_DS2_v2",
    }],
    dnsPrefix: pulumi.interpolate(`${resourceGroup.name}-kube`),
    enableRBAC: true,
    kubernetesVersion: "1.21.2",
    linuxProfile: {
        adminUsername: "adminuser",
        ssh: {
            publicKeys: [{
                keyData: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD...", // replace with your key
            }],
        },
    },
    nodeResourceGroup: `${resourceGroup.name}-aks`,
    servicePrincipalProfile: {
        clientId: "client-id", // replace with your own client ID
        secret: "client-secret", // replace with your own secret
    },
});

// Export the kubeconfig
export const kubeconfig = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) => {
    return azure_native.containerservice.listManagedClusterUserCredentials({
        resourceGroupName: rgName,
        resourceName: clusterName,
    }).then(creds => {
        const encoded = creds.kubeconfigs[0].value;
        const kubeconfig = Buffer.from(encoded, 'base64').toString();
        return kubeconfig;
    });
});

// Create a Kubernetes provider instance using the cluster's kubeconfig
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

const namespace = new k8s.core.v1.Namespace("helm-namespace", {
    metadata: {
        name: "softonic",
    },
}, {provider: k8sProvider});

// Deploy the 'workflows-softonic-factory' Helm chart
const helmChart = new k8s.helm.v3.Chart("softonic-factory-chart", {
    chart: "workflows-softonic-factory",
    version: "1.0.0", // specify the chart version
    namespace: namespace.metadata.name,
    fetchOpts: {
        repo: "https://charts.softonic.io", // specify the repository URL
    },
}, {provider: k8sProvider});

// Export the Helm chart status
export const helmChartStatus = helmChart.status;
```

Let's break this down:

1. We're creating an Azure Resource Group, which is a logical container for related Azure resources.
2. Next, we define an AKS cluster with a specific version, node size, and count that is within the resource group.
3. The `kubeconfig` is obtained for the AKS cluster, which is needed to configure the Kubernetes provider.
4. We create a new Kubernetes provider instance with the obtained `kubeconfig` from the AKS cluster.
5. Before deploying the Helm chart, we create a new namespace within the cluster using the Kubernetes provider.
6. We then deploy the specified Helm chart into the AKS cluster within the namespace created.
7. Finally, we export the Helm chart's status for inspection.

Replace the placeholders within the `ssh` `publicKeys` and `servicePrincipalProfile` with your own values. The `keyData` should be your SSH public key, and the `clientId` and `secret` should be obtained from your Azure service principal (which provides the permissions for Pulumi to manage resources in your Azure subscription).

This program assumes that you have the necessary permissions in your Azure subscription to create and manage resources, and that the Pulumi CLI is configured to use your Azure credentials.

Once you execute this Pulumi code with `pulumi up`, Pulumi will provision all resources defined and deploy the Helm chart onto the AKS cluster. You'll be able to see the status output in your terminal or the Pulumi Console, which will let you know if everything went smoothly.