Deploy the web-dvwa helm chart on Oracle Kubernetes Engine (OKE)

Question

Pulumi · Accepted Answer

To deploy the DVWA (Damn Vulnerable Web Application) Helm chart on Oracle Kubernetes Engine (OKE), you'll need to create an instance of OKE, configure the Kubernetes provider to communicate with the OKE cluster, and deploy the Helm chart to the cluster.

Here is a step-by-step guide and the corresponding Pulumi program written in TypeScript:

1. **Set up OKE Cluster**: You will start by setting up an OKE cluster, which will be the Kubernetes environment where your application is going to run. This involves specifying the desired properties of your Kubernetes cluster.

2. **Configure Kubernetes Provider**: Once the cluster is provisioned, you will configure the Kubernetes provider by using the kubeconfig data that your OKE cluster outputs. The provider is how Pulumi communicates with your Kubernetes cluster.

3. **Deploy Helm Chart**: Finally, you will use the Kubernetes provider to deploy the DVWA Helm chart to your cluster. You specify the chart name, version, and any custom values that the chart requires.

Before proceeding, make sure you have the Pulumi CLI installed and set up with the necessary Oracle Cloud Infrastructure (OCI) credentials. Also, ensure the Helm CLI is installed as Pulumi may use it for fetching charts from remote repositories.

Here's the program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Configure OKE cluster
// Replace the below placeholders with your corresponding OCI configurations
const compartmentId = "your-compartment-id";
const nodeId = "your-node-id";

// Create an OKE cluster
const okeCluster = new oci.containerengine.Cluster("okeCluster", {
    compartmentId,
    kubernetesVersion: "v1.20.11", // specify the version you want to use
    // other OKE configurations...
});

// Create a node pool for your OKE cluster
const nodePool = new oci.containerengine.NodePool("nodePool", {
    clusterId: okeCluster.id,
    compartmentId,
    nodeConfigDetails: {
        size: 2, // number of nodes
        placementConfigs: [{
            availabilityDomain: "availability-domain",
            subnetId: "your-subnet-id",
        }],
    },
    nodeShape: "VM.Standard2.1",
    // other node pool configurations...
}, {dependsOn: okeCluster});

// Step 2: Configure Kubernetes provider
// Capture the kubeconfig from the OKE cluster
const kubeconfig = pulumi.
    all([okeCluster.id, compartmentId, nodePool.id]).
    apply(([clusterId, compartmentId, nodePoolId]) => oci.containerengine.getClusterKubeconfig({
        clusterId,
        compartmentId,
    }));

// Create a k8s provider instance using the kubeconfig
const provider = new k8s.Provider("okeK8sProvider", {
    kubeconfig: kubeconfig.rawConfig,
});

// Step 3: Deploy Helm chart
const webDvwaChart = new k8s.helm.v3.Chart("web-dvwa", {
    chart: "dvwa",
    version: "latest", // specify the version of the chart you wish to deploy
    fetchOpts: {
        repo: "http://path-to-dvwa-helm-chart/", // specify the Helm chart's repository URL
    },
}, {provider});

// Export the public IP to access the DVWA
export const endpoint = webDvwaChart.getResourceProperty("v1/Service", "web-dvwa", "status").apply(status => status.loadBalancer.ingress[0].ip);

```

This program will:
- Define and create an OKE cluster and node pool with the required configuration.
- Retrieve the cluster's kubeconfig which will be used to communicate with our Kubernetes cluster.
- Define a Kubernetes `Provider` that uses the kubeconfig of the OKE cluster.
- Deploy the DVWA Helm chart to the OKE cluster using the Helm `Chart` resource. Please ensure that the repository URL and chart version provided are accurate and correspond to the locations where the DVWA chart is stored.
- Finally, the program exports the endpoint, which is the public IP address you can use to access the DVWA once it's deployed.

Please replace placeholder values (like `"your-compartment-id"`, `"your-node-id"`, etc.) with actual values from your OCI account and configurations.

Once the Pulumi program is executed, it will create the necessary resources in your Oracle Cloud Infrastructure account and deploy the DVWA application. You can then navigate to the outputted IP address to access the web application.