Deploy the postgres-cluster helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy a PostgreSQL cluster using a Helm chart on Azure Kubernetes Service (AKS), you'll need to follow these high-level steps:

1. Set up an AKS cluster where your PostgreSQL cluster will run.
2. Install the Helm CLI tool and configure Pulumi to use it.
3. Deploy the PostgreSQL Helm chart to the AKS cluster.

In the following Pulumi program, we'll accomplish these by:

- Creating an AKS cluster using the `azure-native` provider, which allows us to interact with Azure resources using Pulumi.
- Using the `kubernetes` provider, specifically the `Chart` resource, which allows us to deploy Helm charts.

The Helm chart we will deploy is the `postgresql` chart, which can be found in the Helm repository. This Helm chart sets up a PostgreSQL database cluster for you.

Here's a detailed Pulumi TypeScript program that accomplishes the above tasks:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Creating the AKS Cluster
// We'll define our AKS cluster. For simplicity, we'll create a small cluster suitable for testing purposes.
// In production, you'd want to customize your cluster further, perhaps with more nodes or more powerful VM sizes.
const resourceGroup = new azure_native.resources.ResourceGroup("aksResourceGroup");

const aksCluster = new azure_native.containerservice.ManagedCluster("aksCluster", {
    resourceGroupName: resourceGroup.name,
    agentPoolProfiles: [{
        count: 3, // Number of nodes in the node pool
        vmSize: "Standard_DS2_v2", // This is a good general-purpose VM size. For larger workloads, consider a more powerful size.
        mode: "System", // This is the default mode for AKS nodes.
        osType: "Linux", // We're using Linux because most Kubernetes workloads run on Linux.
        name: "agentpool" // The name of the agent pool.
    }],
    dnsPrefix: "akscluster", // This is the DNS prefix for the AKS Kubernetes API server.
    identity: {
        type: "SystemAssigned" // This assigns a system-managed identity to the AKS cluster.
    },
    kubernetesVersion: "1.21.2", // Specify your desired Kubernetes version here. Azure may support different versions.
    location: resourceGroup.location, // The location of the cluster will be the same as the resource group location.
});

// Step 2: Getting credentials for Kubernetes
// After the AKS cluster is created, we need to get the Kubernetes configuration in order to interact with the cluster.
const creds = pulumi.all([resourceGroup.name, aksCluster.name]).apply(([rgName, clusterName]) =>
    azure_native.containerservice.listManagedClusterUserCredentials({
        resourceGroupName: rgName,
        resourceName: clusterName,
    }));

const kubeconfig = creds.kubeconfigs[0].value.apply(v => Buffer.from(v, "base64").toString());

// Initialization of the Kubernetes provider using AKS kubeconfig
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Step 3: Deploying the PostgreSQL Helm chart
// Now, using the Kubernetes provider, we deploy the PostgreSQL Helm chart.
const postgresChart = new k8s.helm.v3.Chart("postgresChart", {
    chart: "postgresql",
    version: "9.1.4", // You can specify the chart version you want to deploy. Use `helm search repo <repo>` to find the version.
    fetchOpts: {
        repo: "https://charts.bitnami.com/bitnami", // The repository URL from where the chart should be fetched.
    },
    values: {
        // These values are used to configure the PostgreSQL chart.
        // Refer to the chart's values.yaml for the full list of configurable options.
        global: {
            storageClass: "default", // The name of your desired storageClass. "default" should work on AKS.
        },
        image: {
            tag: "11", // The PostgreSQL image version. This does not have to match the chart version.
        },
        postgresql: {
            username: "pulumiuser", // The user that will be created for accessing the database.
            password: "pulumi@password2021", // Password for the database user (Remember to change it!).
            database: "pulumi-db", // Name of the database to create.
        }
    },
}, {
    provider: k8sProvider, // Here we specify that we want to deploy on the AKS cluster that we created above.
});
```

This program starts by importing the necessary Pulumi packages. First, we declare an AKS resource group and create the AKS cluster within it, specifying the necessary VM size and count, and the version of Kubernetes we want to deploy.

Next, we retrieve the kubeconfig for the newly created Kubernetes cluster. The kubeconfig is necessary for our Kubernetes Pulumi provider to interact with the AKS cluster.

Then, we initialize the Kubernetes provider with the kubeconfig, enabling us to deploy Kubernetes resources, such as the PostgreSQL cluster using the Helm chart.

Finally, we declare the Helm chart resource, specifying the PostgreSQL chart and version we want to deploy. We also provide configuration values, such as the desired storage class, PostgreSQL version, and credentials for the PostgreSQL user.

You should replace the placeholder password `"pulumi@password2021"` with a secure password and adjust other `values` parameters as per your needs. Note that for production systems, you'll want to manage secrets more securely, perhaps using Pulumi's built-in secret management.

Please note that to run this program, you need access to an Azure subscription and have Pulumi CLI and Azure CLI installed and configured.

After executing the Pulumi program with `pulumi up`, you will have an AKS cluster running with a PostgreSQL database deployed. You can interact with this cluster using kubectl commands as you normally would with any Kubernetes cluster.