Deploy the postgresql-persistent helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the PostgreSQL Helm chart on an Azure Kubernetes Service (AKS) cluster using Pulumi, you'll need to follow several steps:

1. **Set up an AKS Cluster**: You'll first need a running AKS cluster. If you don't have one, you can create one using Pulumi's Azure Native provider.

2. **Install PostgreSQL using Helm**: Once you have the AKS cluster running, you can install a Helm chart for PostgreSQL, specifically one that includes a persistence volume, so the data is saved across Pod restarts.

Below is a Pulumi program in TypeScript that demonstrates how to set up an AKS cluster and then deploy PostgreSQL using a Helm chart. This program assumes that you have an Azure account and have configured your Pulumi environment with the appropriate access tokens.

Let's break down the steps in the code:

- Import necessary packages.
- Create an AKS cluster.
- Use the Pulumi Kubernetes provider to connect to the created AKS cluster.
- Deploy PostgreSQL using the Helm chart via the Pulumi Kubernetes provider.

Make sure to have Pulumi installed and your environment configured for Azure.

Here's the complete TypeScript program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";
import * as random from "@pulumi/random";

// Create a resource group, if you don't have one already
const resourceGroupName = new azure_native.resources.ResourceGroup("myResourceGroup");

// Create an AKS cluster
const aksCluster = new azure_native.containerservice.ManagedCluster("myAksCluster", {
    resourceGroupName: resourceGroupName.name,
    agentPoolProfiles: [{
        count: 1,
        maxPods: 110,
        mode: "System",
        name: "agentpool",
        osDiskSizeGB: 30,
        osType: "Linux",
        vmSize: "Standard_DS2_v2",
    }],
    dnsPrefix: "myakscluster",
    enableRBAC: true,
    kubernetesVersion: "1.18.14",
    linuxProfile: {
        adminUsername: "testuser",
        ssh: {
            publicKeys: [{
                keyData: "ssh-rsa ...", // replace with your SSH public key
            }],
        },
    },
    nodeResourceGroup: `MC_azure-native_go_aksnodepool`,
    servicePrincipalProfile: {
        clientId: "clientid", // replace with your service principal's client ID
        secret: "secret", // replace with your service principal's secret
    },
});

// Use Pulumi to get the generated Kubeconfig
const creds = pulumi.all([aksCluster.name, resourceGroupName.name]).apply(([clusterName, rgName]) => 
    azure_native.containerservice.listManagedClusterUserCredentials({
        resourceGroupName: rgName,
        resourceName: clusterName,
    }),
);

const kubeconfig = creds.kubeconfigs[0].value.apply(enc => Buffer.from(enc, "base64").toString());

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Deploy PostgreSQL using the Helm chart
const postgresChart = new k8s.helm.v3.Chart("postgresql", {
    chart: "postgresql",
    namespace: "default",
    // You can add your own configuration values here based on the PostgreSQL Helm chart's available settings
    values: {
        persistence: {
            enabled: true,
            size: "10Gi",
        },
    },
}, { provider: k8sProvider });

// Export the Kubeconfig and PostgreSQL service endpoint
export const kubeconfigOutput = kubeconfig;
export const postgresEndpoint = postgresChart.getResourceProperty("v1/Service", "default/postgresql", "status");

```

In the code above:

- We define a resource group and an AKS cluster with a small VM size and single node for demonstration purposes. In a production environment, you should choose an appropriately sized VM and node count.
- We use a Pulumi `apply` to retrieve the kubeconfig from the AKS cluster which allows us to interact with our cluster.
- We create a Kubernetes provider with this kubeconfig so that Pulumi can deploy resources to our AKS cluster.
- We then deploy PostgreSQL onto our AKS cluster using the `postgresql` Helm chart. We enable persistent storage to ensure data persistence.
- We export the kubeconfig and PostgreSQL service endpoint, which you can use to interact with your deployed PostgreSQL instance.

Remember to replace the placeholder values for SSH keys and service principal details with your own information. The SSH public key is used to connect to the AKS cluster nodes via SSH, and the service principal is needed for AKS authentication with Azure APIs.

After setting up the code, run `pulumi up` in your Pulumi project directory to execute the code and provision the resources.

Please ensure you understand the cost and security implications of running cloud resources and manage your Kubernetes secrets securely.