Deploy the kubernetes-dashboard-gateway helm chart on Digital Ocean Kubernetes Service

Question

Pulumi · Accepted Answer

Deploying a Helm chart onto a Kubernetes cluster involves several steps. First, you will need to create a Kubernetes cluster, and then you will have to deploy the Helm chart onto that cluster. In this example, I will show you how to use Pulumi to create a Kubernetes cluster on DigitalOcean and deploy the `kubernetes-dashboard` Helm chart to it.

First, let's create a DigitalOcean Kubernetes cluster. We will use the `digitalocean.KubernetesCluster` resource in Pulumi's DigitalOcean provider to create the cluster. This resource allows you to define the desired state of your Kubernetes cluster, which Pulumi will then make a reality.

Once the cluster is up and running, we will deploy the `kubernetes-dashboard` Helm chart using Pulumi's Kubernetes provider. A Helm chart is a package that contains pre-configured Kubernetes resources. We use the `kubernetes.helm.v3.Chart` resource to specify the chart we would like to deploy along with any required configuration.

Here's a Pulumi TypeScript program that accomplishes this:

```typescript
import * as digitalocean from "@pulumi/digitalocean";
import * as kubernetes from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a DigitalOcean Kubernetes cluster.
const cluster = new digitalocean.KubernetesCluster("do-cluster", {
    region: "nyc3",
    version: "latest", // Specify the Kubernetes version. You can also pin to a specific version like "1.21.5-do.0".
    nodePool: {
        name: "default-pool", // Give a name to the node pool.
        size: "s-2vcpu-2gb", // Specify the size of the nodes. This one has 2 vCPUs and 2GB RAM.
        nodeCount: 2, // Number of nodes to deploy in the node pool (min of 1).
    },
});

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeConfigs[0].rawConfig;

// Create a provider for the created cluster.
const clusterProvider = new kubernetes.Provider("do-k8s", {
    kubeconfig: kubeconfig,
});

// Deploy the Kubernetes Dashboard Helm chart using the cluster provider.
const dashboard = new kubernetes.helm.v3.Chart("kubernetes-dashboard", {
    chart: "kubernetes-dashboard",
    version: "5.0.0", // Use the desired chart version. Check the Helm repository for available versions.
    namespace: "kube-system", // Deploy into the 'kube-system' namespace.
}, { provider: clusterProvider });

// Some Helm charts do not include services that expose them. They leave you to create the appropriate service to expose the dashboard.
// For Kubernetes Dashboard, you would typically expose the service using a LoadBalancer.
const dashboardService = new kubernetes.core.v1.Service("kubernetes-dashboard-lb", {
    metadata: {
        namespace: "kube-system",
        name: "kubernetes-dashboard-lb", // The name of the service.
    },
    spec: {
        type: "LoadBalancer",
        ports: [{
            port: 443,
            targetPort: 8443, // Kubernetes Dashboard listens on port 8443 by default.
        }],
        selector: dashboard.getResource("v1/Service", "kube-system", "kubernetes-dashboard").metadata.name.apply(n => ({ "k8s-app": n })),
    },
}, { provider: clusterProvider });

// Export the load balancer IP for the Kubernetes Dashboard so we can access it from the Internet
export const dashboardServiceIp = dashboardService.status.apply(status => status.loadBalancer.ingress[0].ip);
```

In the code above:

1. We create a Kubernetes cluster in the `nyc3` region of DigitalOcean with two nodes.
2. We get the raw kubeconfig from the cluster, which will be used by Pulumi to authenticate with the Kubernetes cluster.
3. We create a Pulumi provider instance for Kubernetes, which will let us deploy resources onto the created DigitalOcean Kubernetes cluster.
4. We use the `kubernetes.helm.v3.Chart` resource to deploy the Kubernetes Dashboard Helm chart.
5. We create a Kubernetes Service of type `LoadBalancer`, which will expose the Kubernetes Dashboard to the Internet.

Remember to run `pulumi up` to create the resources and deploy the Helm chart. Also, take care to manage the Kubernetes Dashboard's access controls since it provides administrative access to the Kubernetes cluster.

Lastly, once deployed, you can access the Kubernetes Dashboard using the external IP address provided by the `dashboardServiceIp` output. Please ensure you have secured access appropriately, as the Dashboard offers full control over your Kubernetes cluster.