Deploy the deepfence-agent helm chart on AWS EKS
TypeScriptTo deploy the deepfence-agent Helm chart on AWS Elastic Kubernetes Service (EKS), we will use Pulumi to create the following resources:
- An EKS Cluster: The Kubernetes cluster provided by AWS where your containerized applications will run. (aws.eks.Cluster)
- A Helm Chart: The Helm package that contains all the needed resources to deploy deepfence-agent in the EKS cluster. (kubernetes.helm.v3.Chart)
Below is a Pulumi TypeScript program that outlines the steps needed to create an AWS EKS cluster and deploy the deepfence-agent Helm chart onto it.
Before running this program, ensure that you have the AWS CLI installed and configured with the necessary credentials to create resources in your AWS account. Also ensure you have both
kubectlandpulumiCLI tools installed.import * as eks from "@pulumi/eks"; import * as k8s from "@pulumi/kubernetes"; // Create an EKS cluster. const cluster = new eks.Cluster("my-cluster", { instanceType: "t2.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, storageClasses: "gp2", deployDashboard: false, // Dashboard is not recommended in AWS }); // Once your cluster is created, you can get its kubeconfig as output. export const kubeconfig = cluster.kubeconfig; // Now, we'll proceed to deploy the deepfence-agent Helm chart. // Note: You'll need to have the Helm chart's repository information and any custom values you require. const deepfenceAgentChart = new k8s.helm.v3.Chart("deepfence-agent", { chart: "deepfence-agent", version: "0.1.0", // Replace with the version of the chart you want to deploy fetchOpts: { repo: "https://charts.deepfence.io", // The repository URL where the chart is located }, // If you have any specific configuration values, set them here. For example: values: { // Set custom values for the deepfence-agent helm chart here // sample configuration could be the monitoring endpoint or resource limits. // The configuration would look something like below: // endpoint: { // url: "https://path.to.your.monitoring.endpoint" // }, // resources: { // limits: { // cpu: "100m", // memory: "128Mi" // }, // requests: { // cpu: "100m", // memory: "128Mi" // } // } }, }, { provider: cluster.provider }); // Export the Helm chart deployment name export const chartName = deepfenceAgentChart.name;Here's what the code does:
-
It begins by defining an EKS cluster, giving it a name and specifying the size and type of instances to use for node groups. This includes the minimum, desired, and maximum size of your cluster. The
storageClassesset to "gp2" specifies the type of storage class to use. -
It exports the
kubeconfigwhich you can use to interact with your cluster usingkubectl. This is essential for running administration tasks against your Kubernetes cluster. -
A Helm Chart is then defined to deploy
deepfence-agent. Therepospecifies the location of the Helm repository containing the chart.valuesis where you'd put your custom configuration for the Helm chart.
Please make sure to replace the
versionand the values in thevaluesfield with those that are appropriate for your use case.When you run this Pulumi program, it will first create an EKS cluster and then deploy the
deepfence-agentHelm chart onto the cluster using the Kubernetes provider which is derived from the cluster.Important Note: Make sure that you're comfortable with any costs associated with the resources created by this script and that you have the necessary permissions to create resources in your AWS account.
To execute this program, navigate to the folder where the script is saved and run the following commands from your terminal:
pulumi upThis command will prompt Pulumi to execute the program, creating your EKS cluster and deploying the deepfence-agent onto it. Follow the prompts on the terminal to complete the deployment.