Deploy the docker-gc helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the docker-gc Helm chart on Azure Kubernetes Service (AKS), you would need to perform several steps which include:

1. Creating an AKS cluster using Pulumi.
2. Setting up Helm and Tiller (if not using Helm v3 since Tiller is removed in Helm v3).
3. Deploying the docker-gc chart to the AKS cluster.

Pulumi provides a resource called `Chart` from the `kubernetes` package that lets you deploy Helm charts to a Kubernetes cluster. We will use this resource to deploy the docker-gc Helm chart to an AKS cluster.

First, you'll need to install the necessary Pulumi packages. You can do this by running the following commands in your terminal:

```bash
pulumi plugin install resource azure-native 2.11.0
pulumi plugin install resource kubernetes 4.4.0
```

Here's a Pulumi program in TypeScript that sets up an AKS cluster and deploys the docker-gc Helm chart to it:

```typescript
import * as azure from "@pulumi/azure";
import * as azuread from "@pulumi/azuread";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create an Azure Resource Group
const resourceGroup = new azure.core.ResourceGroup("aksResourceGroup", {
  location: "WestUS", // You can change the location to your preferred Azure region
});

// Create an Azure AD Application for AKS
const aksApp = new azuread.Application("aksApp", {});

// Create a Service Principal for the AD Application
const aksSp = new azuread.ServicePrincipal("aksSp", {
  applicationId: aksApp.applicationId,
});

// Create the Service Principal Password
const aksSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
  servicePrincipalId: aksSp.id,
  endDate: "2099-01-01T00:00:00Z",
});

// Create an AKS cluster
const k8sCluster = new azure.containerservice.KubernetesCluster("aksCluster", {
  resourceGroupName: resourceGroup.name,
  location: resourceGroup.location,
  // The dnsPrefix here is a unique DNS prefix where your management APIs will be exposed.
  // It must be unique across Azure and contain between 3 and 31 characters, 'a'-'z', '0'-'9', and '-'
  dnsPrefix: "unique-prefix", 
  defaultNodePool: {
    name: "aksagentpool",
    nodeCount: 2,
    vmSize: "Standard_DS2_v2",
  },
  identity: {
    type: "SystemAssigned",
  },
  servicePrincipal: {
    clientId: aksApp.applicationId,
    clientSecret: aksSpPassword.value,
  },
  // Enable RBAC (Role-Based Access Control) for secure interaction between AKS and Azure
  roleBasedAccessControl: { enabled: true },
});

// Expose the kubeconfig for AKS cluster
export const kubeconfig = k8sCluster.kubeConfigRaw;

// Create a Kubernetes provider instance that uses our kubeconfig
const k8sProvider = new k8s.Provider("k8sProvider", {
  kubeconfig: k8sCluster.kubeConfigRaw,
});

// Deploy the docker-gc helm chart using the Kubernetes provider
const dockerGcChart = new k8s.helm.v3.Chart("docker-gc", {
  chart: "docker-gc",
  // You can specify the Helm repository that contains the Docker GC chart.
  // Assuming "docker-gc" is a chart in the stable repository, or you may need to add repository details.
  fetchOpts: {
    repo: "https://kubernetes-charts.storage.googleapis.com/", // Replace with the actual Helm repository URL
  },
}, { provider: k8sProvider });

// Export the chart name as an output
export const chartName = dockerGcChart.metadata.apply(metadata => metadata.name);
```

Make sure to replace `unique-prefix` with a DNS prefix you own or one that's globally unique across Azure.

This code does the following:

- Sets up a new Azure Resource Group to organize resources in Azure.
- Creates an Azure Active Directory (AD) Application and Service Principal, which are used by AKS to interact with other Azure services securely.
- Creates a new AKS cluster in the specified location with a default node pool of 2 Virtual Machines.
- Outputs the `kubeconfig` file that enables you to connect to the Kubernetes cluster using `kubectl` or other Kubernetes management tools.
- Initializes the Kubernetes provider with the AKS cluster `kubeconfig`.
- Deploys the `docker-gc` Helm chart to the AKS cluster using Pulumi's `Chart` resource.

To use the above code:

1. Save it to a file called `index.ts`.
2. Initialize a new Pulumi project in the same directory as your file.
3. Install the required Pulumi packages with `npm install @pulumi/azure @pulumi/azuread @pulumi/kubernetes @pulumi/pulumi`.
4. Stand up the infrastructure using `pulumi up`.

Always check the Helm repository for the most recent information about the docker-gc chart, including its available versions and configurable values that you can set through the `values` property in the `Chart` resource.