Deploy the temporal-stack helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the Temporal Stack Helm chart on Azure Kubernetes Service (AKS), we will write a Pulumi program in TypeScript that performs the following steps:

1. Provision an Azure Kubernetes Service (AKS) cluster.
2. Use Pulumi's Kubernetes provider to interact with the AKS cluster.
3. Deploy the Temporal Stack using the Helm Chart in the AKS cluster.

Here's how we will achieve these steps:

### Step 1: Provision the AKS Cluster
We'll start by creating an Azure Resource Group and an AKS cluster within that resource group using the `azure-native` provider.

### Step 2: Configure Kubernetes Provider
Once we have the AKS cluster, we'll configure the Kubernetes provider to use the kubeconfig from the provisioned AKS cluster. This allows Pulumi to interact with our newly created AKS cluster.

### Step 3: Deploy the Helm Chart
We will then deploy the Temporal Stack using the `kubernetes.helm.v3.Chart` resource, which allows us to specify the chart name, version, and any values we want to override.

Below is the complete program that you'll need to deploy the Temporal Stack Helm chart on an AKS cluster:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Provision the AKS Cluster
// Create a resource group for the AKS cluster
const resourceGroup = new azure.resources.ResourceGroup("my-resource-group");

// Create the AKS cluster
const cluster = new azure.containerservice.KubernetesCluster("my-aks-cluster", {
    // AKS cluster configuration
    resourceGroupName: resourceGroup.name,
    identity: {
        type: "SystemAssigned",
    },
    defaultNodePool: {
        name: "agentpool",
        nodeCount: 2,
        vmSize: "Standard_DS2_v2",
    },
    dnsPrefix: pulumi.interpolate(`${pulumi.getStack()}-kube`),
});

// Export the kubeconfig
export const kubeconfig = cluster.kubeConfig.apply(c => c.raw);

// Step 2: Configure Kubernetes Provider
// Set up the Kubernetes provider using the kubeconfig from the cluster
const k8sProvider = new k8s.Provider("k8s-provider", {
    kubeconfig: kubeconfig,
});

// Step 3: Deploy the Temporal Stack using Helm Chart
const temporalChart = new k8s.helm.v3.Chart("temporal-stack", {
    chart: "temporal-io/temporal",
    version: "1.0.0", // Specify the version of the Helm chart if required
    // Supply values for the Helm chart if required
    values: {
        elasticsearch: {
            enabled: true,
        },
        // Add any other values that should be overridden
    },
}, { provider: k8sProvider });

// Export the Temporal web service endpoint
export const temporalWebEndpoint = temporalChart.getResourceProperty("v1/Service", "temporal-web", "status").apply(s => `http://${s.loadBalancer.ingress[0].ip}:7233`);
```

## Explanation
- We create an Azure Resource Group named `"my-resource-group"` to organize all resources related to the AKS cluster.
- Within that group, we create a Kubernetes cluster (`"my-aks-cluster"`) with system-assigned managed identity (recommended for security).
- The default node pool is configured with a small size for demonstration purposes.
- We use an interpolation to create a unique DNS prefix for the cluster.

After creating the cluster, we export the `kubeconfig`, which is needed for configuring the Kubernetes provider.

In the Kubernetes provider setup, we use the exported `kubeconfig` to create a new provider instance (`"k8s-provider"`). This tells Pulumi how to communicate with our AKS cluster.

Finally, with the Kubernetes provider in place, we can deploy the Temporal Stack using the Helm Chart. We set the chart repository and version, and provide any custom values that are needed for our deployment.

The final exported `temporalWebEndpoint` uses Pulumi's ability to query live resources to output the ingress point of the Temporal web service, allowing you to navigate to the service once deployment is complete.

Please make sure the chosen version of the chart (`1.0.0` in this case) is available at the time you execute this and the chart name is `temporal-io/temporal`. This information, including available configurations and their defaults, can be found in the official Temporal Helm chart repository or documentation.