Deploy the jwt-to-rbac helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the `jwt-to-rbac` Helm chart on AWS EKS using Pulumi, we need to create an EKS cluster first, as the Helm chart needs to be applied to a running Kubernetes cluster. We'll use Pulumi's AWS, AWSX, and EKS packages to achieve this, as they provide high-level abstractions for managing AWS resources and simplify the setup of EKS clusters.

The program will perform the following tasks:
1. Create an EKS cluster with default settings using the `eks.Cluster` class.
2. Use Pulumi's Helm chart support to deploy the `jwt-to-rbac` Helm chart to the EKS cluster.

Before running the program below, ensure that you have installed the Pulumi CLI, configured AWS credentials, and set up your Pulumi stack.

Here's a Pulumi TypeScript program that performs the above tasks:

```typescript
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an EKS cluster
const cluster = new eks.Cluster("my-cluster", {
    instanceType: "t2.medium",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 3,
    storageClasses: "gp2", // This is the default GP2 storage class
    version: "1.21", // Specify the version of Kubernetes to use
});

// Step 2: Deploy the jwt-to-rbac Helm chart on the EKS cluster
const jwtToRBACHelmChart = new k8s.helm.v3.Chart("jwt-to-rbac", {
    chart: "jwt-to-rbac", // Replace with the correct chart name or repo/chart name if it's from a custom repo
    version: "1.0.0", // Replace with the correct chart version
    namespace: "default", // Specify the namespace where the chart should be installed. Change if needed.
}, { provider: cluster.provider });

// Export the cluster's kubeconfig and the Helm chart deployment status
export const kubeconfig = cluster.kubeconfig;
export const chartStatus = jwtToRBACHelmChart.status;

```

Explanation of the Pulumi program:

- **eks.Cluster**: This class is used to create an Amazon EKS cluster. The `instanceType`, `desiredCapacity`, `minSize`, `maxSize`, `storageClasses`, and `version` are parameters that define the cluster's configuration. For instance, `instanceType: "t2.medium"` specifies the types of EC2 instances to use for cluster workers.

- **k8s.helm.v3.Chart**: This class is responsible for deploying Helm charts to a Kubernetes cluster. Here it is used to deploy the `jwt-to-rbac` Helm chart to the newly created EKS cluster. For this to work, you need to have the Helm chart available, and you might need to specify the Helm repository where the chart is stored if it's not in the default Helm repository.

- **kubeconfig**: The output of this variable will be the configuration needed to connect to your cluster with `kubectl`.

- **chartStatus**: This variable exports the status of the Helm deployment, which can be useful for automation and monitoring.

To run this Pulumi program:

1. Save the code into a file named `index.ts`.
2. Ensure you have the Pulumi AWS, AWSX, and EKS plugins installed in your Pulumi project. If not running, do so with the Pulumi CLI.
3. Run `pulumi up` to preview and deploy the changes. You will be prompted to confirm the deployment before any resources are created.

By following these steps, you'll set up an EKS cluster and deploy the `jwt-to-rbac` chart on it, providing you the flexibility and security you need for your Kubernetes-managed applications.