Deploy the sikalabs-harbor-master-snapshot helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

Deploying a Helm chart on AKS involves several steps: setting up an AKS cluster, configuring the Kubernetes provider for Pulumi, and then deploying the Helm chart to the cluster. Let's walk through each step.

### Setting Up an Azure Kubernetes Service (AKS) Cluster

First, we need to create an AKS cluster, which can be done using the `azure-native` provider's `ManagedCluster` resource. This resource allows you to define an AKS cluster with the required configurations like the node size, count, and location.

### Configuring Kubernetes Provider for Pulumi

After creating the AKS cluster, we need to set up the Kubernetes provider to interact with it. Pulumi uses the Kubernetes provider to deploy container-based applications on a cluster. We'd need to extract the kubeconfig from the created AKS cluster, which lets us connect to and manage the Kubernetes cluster.

### Deploying the Helm Chart

Finally, we would use the `helm.sh/v3.Chart` resource from Pulumi's Kubernetes provider to deploy the Helm chart. The Helm Chart resource is what we use to specify the Helm chart we want to deploy, in your case, it's the `sikalabs-harbor-master-snapshot` chart. We would specify the repository where the chart is located and any values we want to override in the default chart configuration.

Here is a TypeScript program that accomplishes the deployment of the `sikalabs-harbor-master-snapshot` helm chart on an AKS cluster:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Create an Azure Resource Group
const resourceGroup = new azure_native.resources.ResourceGroup("resourceGroup", {
    location: "EastUS", // You can choose the location that suits you.
});

// Create an AKS cluster
const cluster = new azure_native.containerservice.ManagedCluster("aksCluster", {
    resourceGroupName: resourceGroup.name,
    agentPoolProfiles: [{
        count: 2, // Number of nodes in the node pool
        vmSize: "Standard_D2_v2",
        name: "agentpool",
        mode: "System",
    }],
    dnsPrefix: "aksClusterDns",
    location: resourceGroup.location,
    enableRBAC: true, // Recommended to enable RBAC for security
}, { dependsOn: [resourceGroup] });

// Export the kubeconfig for the AKS cluster
const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([name, rgName]) => {
    return azure_native.containerservice.listManagedClusterUserCredentials({
        resourceName: name,
        resourceGroupName: rgName,
    });
});

const kubeconfig = creds.apply(creds => {
    const encoded = creds.kubeconfigs[0].value!;
    return Buffer.from(encoded, "base64").toString();
});

// Set up the Kubernetes provider to deploy the Helm chart
const provider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Deploy the helm chart
const helmChart = new k8s.helm.v3.Chart("sikalabsHarborMasterSnapshot", {
    chart: "harbor",
    version: "1.0.0", // Replace with the exact chart version
    fetchOpts: {
        repo: "https://charts.yourrepository.com/", // Replace with the correct Helm repository URL
    },
    // You can specify additional configuration values for the chart here if needed
}, { provider });

// Export relevant data
export const aksClusterName = cluster.name;
export const aksClusterKubeconfig = pulumi.secret(kubeconfig);
```

Here's a brief breakdown of what is happening in the code:

1. We declare a new resource group for the resources we are creating in Azure.

2. We create an AKS cluster through the `ManagedCluster` resource while defining the necessary properties, such as the number and size of the nodes and whether to enable RBAC.

3. After creating the AKS cluster, we retrieve the Kubernetes configuration with the `listManagedClusterUserCredentials` function which allows us to connect to the AKS cluster using kubectl or a Kubernetes client.

4. This configuration is passed to a new instance of the `Provider` resource, configured to manage the newly created AKS cluster.

5. With the Kubernetes provider set up, we deploy the Helm chart by creating a `Chart` resource. We specify the chart's name and version, along with the repository URL.

6. In the end, we export the cluster name and the kubeconfig as a secret for you to use with kubectl or other Kubernetes management tools.

To run this program, save the code in a file with a `.ts` extension, install the dependencies by running `npm install @pulumi/pulumi @pulumi/azure-native @pulumi/kubernetes`, and then use the `pulumi up` command to create the resources on Azure. This assumes that you've already logged in to Pulumi and set up the Azure credentials.