Deploy the kubecon helm chart on Azure Kubernetes Service (AKS)
TypeScriptTo deploy the KubeCon Helm chart on Azure Kubernetes Service (AKS), we will follow these general steps:
-
Create an AKS Cluster: We will use the
azure-native.containerservice.ManagedCluster
resource to define and create an AKS cluster. This managed Kubernetes service by Azure abstracts away much of the underlying infrastructure management, letting you focus on deploying containerized applications. -
Install the Helm Chart: To deploy the KubeCon Helm chart, we will use the
kubernetes.helm.v3.Chart
resource from thekubernetes
provider in Pulumi. Helm charts are packages of pre-configured Kubernetes resources. TheChart
resource allows us to apply a Helm chart to an AKS cluster, specifying any configuration values that the chart permits.
First, make sure you have the Pulumi CLI and Azure CLI installed and configured with the appropriate access rights to your target subscription.
Here is the Pulumi TypeScript program that performs this deployment:
import * as pulumi from "@pulumi/pulumi"; import * as azure_native from "@pulumi/azure-native"; import * as k8s from "@pulumi/kubernetes"; import * as azuread from "@pulumi/azuread"; // Step 1: Create an Azure Resource Group const resourceGroup = new azure_native.resources.ResourceGroup("aksResourceGroup", { resourceGroupName: "kubecon-aks-resources", location: "East US", // Choose the appropriate Azure region }); // Step 2: Set up an Azure AD Application for AKS const app = new azuread.Application("aksApp", { displayName: "kubeconAksApp", }); const servicePrincipal = new azuread.ServicePrincipal("aksServicePrincipal", { applicationId: app.applicationId, }); const adAppPassword = new azuread.ApplicationPassword("aksAppPassword", { applicationObjectId: app.objectId, }); // Step 3: Create a Virtual Network for the AKS cluster const virtualNetwork = new azure_native.network.VirtualNetwork("vnet", { resourceGroupName: resourceGroup.name, location: resourceGroup.location, addressSpace: { addressPrefixes: ["10.2.0.0/16"], }, }); // Step 4: Create a Subnet for the AKS cluster const subnet = new azure_native.network.Subnet("subnet", { resourceGroupName: resourceGroup.name, virtualNetworkName: virtualNetwork.name, addressPrefix: "10.2.0.0/24", }); // Step 5: Create an AKS Cluster const managedCluster = new azure_native.containerservice.ManagedCluster("aksCluster", { resourceGroupName: resourceGroup.name, location: resourceGroup.location, dnsPrefix: pulumi.interpolate`${resourceGroup.name}-kubecon`, agentPoolProfiles: [{ name: "default", count: 3, vmSize: "Standard_DS2_v2", osType: "Linux", }], linuxProfile: { adminUsername: "kubeconadmin", ssh: { publicKeys: [{ keyData: "<YOUR_SSH_PUBLIC_KEY>", // Replace with your SSH public key }], }, }, servicePrincipalProfile: { clientId: app.applicationId, secret: adAppPassword.value, }, networkProfile: { networkPlugin: "azure", serviceCidr: "10.3.0.0/24", dnsServiceIP: "10.3.0.10", dockerBridgeCidr: "172.17.0.1/16", loadBalancerSku: "Standard", }, defaultNodePool: { name: "default", type: azure_native.containerservice.AgentPoolType.System, subnetResourceId: subnet.id, }, }); // Step 6: Configure Pulumi to use the created AKS cluster's kubeconfig const creds = pulumi.output(azure_native.containerservice.listManagedClusterUserCredentials({ resourceGroupName: resourceGroup.name, resourceName: managedCluster.name, })); const kubeconfig = creds.apply(list => Buffer.from(list.kubeconfigs[0].value, "base64").toString()); const provider = new k8s.Provider("k8sProvider", { kubeconfig: kubeconfig, }); // Step 7: Install the KubeCon Helm Chart const kubeconHelmChart = new k8s.helm.v3.Chart("kubeconChart", { chart: "kubecon", // Here, we specify the repository that hosts the kubecon Helm chart. Please replace this with the actual one repo: "https://helm-repo-url.com/", version: "1.0.0", // Specify the version of the helm chart values: { /* custom values here */ }, }, { provider: provider }); // Export the kubeconfig and cluster name export const kubeconfigOutput = kubeconfig; export const clusterName = managedCluster.name;
Replace
<YOUR_SSH_PUBLIC_KEY>
with your own SSH public key to ensure access to the cluster nodes.Explanation of the Program:
-
Resource Group: We start by creating a resource group named
kubecon-aks-resources
which will contain all the resources. -
Azure AD Application & Service Principal: Since AKS requires an identity for creating and managing resources in Azure on behalf of the Kubernetes cluster, we create an Azure AD application and a corresponding service principal along with a secret.
-
Virtual Network & Subnet: Then we create a virtual network and a subnet where the AKS cluster's nodes will run.
-
AKS Cluster: We create the managed cluster itself with a Linux profile and service principal profile utilizing the previously generated application and service principal. The
agentPoolProfiles
defines the size and number of nodes. -
Provider Configuration: We retrieve the
kubeconfig
content from the AKS cluster to configure the Kubernetes provider for Pulumi. This allows Pulumi to manage resources in the cluster. -
Helm Chart: Next, we install the Helm chart with the name
kubecon
from the specified Helm repository.
Make sure to replace
https://helm-repo-url.com/
with the URL to the repository where the KubeCon Helm chart is hosted and also set any values that should be passed to the Helm chart.Finally, we export the
kubeconfig
and the cluster name for easy access to the newly created AKS cluster.-