Deploy the runtime-gvisor helm chart on AWS EKS

Question

Pulumi · Accepted Answer

Deploying a Helm chart to an AWS EKS cluster using Pulumi involves several steps. First, we'll create an EKS cluster using Pulumi's EKS package, which provides higher-level abstractions to simplify cluster creation. After setting up the EKS cluster, we will deploy the runtime-gvisor Helm chart to the cluster using Pulumi's Kubernetes package.

The Pulumi EKS package will help us create and manage the EKS cluster, and the Kubernetes package enables us to deploy Helm charts easily. We'll first define the cluster and then proceed with the Helm chart deployment.

Here's a program in TypeScript that accomplishes this goal:

```typescript
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";

// Create an EKS cluster with the default configuration.
const cluster = new eks.Cluster("my-cluster", {});

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;

// Use the cluster's kubeconfig to deploy the runtime-gvisor Helm chart.
const gvisorChart = new k8s.helm.v3.Chart("runtime-gvisor", {
    chart: "runtime-gvisor",
    // Specify the Helm repository URL if it's not a chart from the stable repository.
    // For example:
    // repo: "https://your-helm-chart-repository",
    version: "chart-version", // Replace with the desired chart version
    namespace: "gvisor", // Namespace where the chart should be installed
    // Values to pass to the Helm chart.
    values: {
        // Specify your values here. For example:
        // replicaCount: 2,
    },
}, { provider: cluster.provider });

// Export the Helm chart name and status. This is useful to ensure the Helm chart was deployed successfully.
export const gvisorChartStatus = gvisorChart.status;

```

In this program, we:

- Import the necessary Pulumi EKS and Kubernetes packages.
- Create an EKS cluster using `@pulumi/eks`. This abstracts away a lot of the complexities typically involved in setting up an EKS cluster.
- Export the `kubeconfig` which will allow us to interact with our Kubernetes cluster using tools like `kubectl` or other Kubernetes client libraries.
- Instantiate a Helm chart from the `@pulumi/kubernetes` package, which we refer to as `gvisorChart`.
  - `chart`: Refers to the name of the Helm chart we want to deploy, which in this case is "runtime-gvisor".
  - `repo`: If the Helm chart is not in the default Helm repository, you would specify the repository URL here.
  - `version`: This should be set to the version of the Helm chart you wish to deploy.
  - `namespace`: Specifies the Kubernetes namespace into which the Helm chart will be deployed.
  - `values`: This is an object that can contain any values you want to override in the Helm chart. These correlate to the values found in the chart's `values.yaml` file.
- Using the `provider` option, we ensure that Pulumi knows to deploy this Helm chart into the cluster we've just provisioned.
- Export important details such as the Helm chart status to confirm that it deployed successfully.

Replace `"chart-version"` with the specific version of the runtime-gvisor Helm chart you're deploying. You may need to consult the documentation for the Helm chart to know which values you can and should override.

Make sure you have Pulumi installed and configured for the appropriate AWS account. When you run `pulumi up`, this program will provision an EKS cluster and deploy the desired Helm chart on it.