Deploy the kube-lego helm chart on Kubernetes
TypeScriptTo deploy the
kube-lego
Helm chart on Kubernetes using Pulumi, you will need to do the following:- Configure Pulumi to use the appropriate Kubernetes context.
- Create a new Kubernetes Helm chart resource using Pulumi's
Chart
resource. - Specify the name of the Helm chart (
kube-lego
) and its settings.
First, ensure that you have:
- Pulumi CLI installed and setup with the Kubernetes cluster.
- kubectl configured to connect to your Kubernetes cluster.
- Helm configured if you need to customize chart sources or values further than what is shown.
The following program in TypeScript sets up the
kube-lego
Helm chart deployment on a Kubernetes cluster:import * as k8s from "@pulumi/kubernetes"; // Create a Helm Chart resource for the kube-lego Helm chart. // This assumes that the kube-lego chart is available in the configured Helm repository. const kubeLegoChart = new k8s.helm.v3.Chart("kube-lego", { // Specify the chart repository and name. // You must replace `REPO_NAME` with the name of the repository where kube-lego is hosted. // If kube-lego is on the default repository, you can simply use `kube-lego` as the chart name. // The `version` field can be used to pin to a specific chart version. chart: "kube-lego", version: "VERSION", // replace with the specific version of kube-lego chart you want to deploy fetchOpts: { repo: "https://charts.helm.sh/stable", // this example uses the Helm stable repo, replace with the actual repo URL for kube-lego }, // Define any values for the Helm chart's configurable options. // The following is an example of configuring kube-lego's email address. // You'll need to refer to the chart's documentation for all available configuration options. values: { // kube-lego specific settings, replace these values as per your requirements config: { LEGO_EMAIL: "your-email@example.com", // replace with your email address for Let's Encrypt notifications LEGO_URL: "https://acme-v01.api.letsencrypt.org/directory", // default Let's Encrypt URL, update if needed }, }, }); // Export the base domain name that kube-lego will secure with TLS. export const baseDomainName = "example.com"; // replace with your domain
Here's a breakdown of the code:
-
Import Pulumi Kubernetes library: Import the
@pulumi/kubernetes
library, which allows us to interact with Kubernetes resources. -
Create a Helm Chart Resource: Instantiate a Helm chart with
new k8s.helm.v3.Chart
. This tells Pulumi to deploy a Helm chart into your cluster. -
Chart Repository and Name: The
chart
property specifies the name of the Helm chart, andfetchOpts.repo
specifies the repository where the chart is located. ReplaceVERSION
with the version number you wish to deploy. -
Values: The
values
object allows you to configure the Helm chart. The values should match the settings that the kube-lego chart exposes for customization. The example above sets the email and URL for Let's Encrypt, but this will vary based on the actual values thekube-lego
chart supports. -
Export: The
export
at the end of the program allows you to export any output properties of your Pulumi program, which are printed to the console at the end of a successfulpulumi up
.
Note: As of my knowledge cutoff in 2023,
kube-lego
is deprecated and has been replaced bycert-manager
, so if you follow this for a live cluster, consider usingcert-manager
instead.Make sure to amend the values to fit your Helm chart and the version you wish to use. The repository URL should also be verified as Helm chart locations may change over time. If you have your own values.yaml file, you could also specify it as part of the
values
field.Before running the Pulumi program, install Pulumi CLI, set up your Pulumi stack, and authenticate to your Kubernetes cluster. Once you've done that, run
pulumi up
to deploy the kube-lego Helm chart.