Deploy the velero-backup helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the Velero backup Helm chart on Azure Kubernetes Service (AKS), we will first need to set up the AKS cluster. After setting up the cluster, we will install Velero using its Helm chart to manage backup and restore functionalities in the AKS cluster. We will use Pulumi's Kubernetes provider in conjunction with the Chart resource to deploy the Helm chart.

First, we'll create an AKS cluster. Then, we'll configure Pulumi to use the Kubernetes provider to connect to the newly created AKS cluster. Finally, we'll deploy Velero using the Helm chart.

Below is the Pulumi program in TypeScript that carries out these actions:

Create AKS cluster: We use the ProvisionedCluster resource from the azure-native provider to create an AKS cluster.
Install Velero: We deploy the Velero Helm chart onto our AKS cluster using Pulumi's Kubernetes provider with the Chart resource.

Make sure you have Pulumi installed, and you're logged into Azure CLI (az login) before running this program.

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create AKS cluster

// Provide the desired settings for the AKS cluster
const resourceGroupName = new azure.resources.ResourceGroup("resourceGroup", {
  resourceGroupName: "my-velero-aks-rg",
  location: "East US",
});

const aksCluster = new azure.containerservice.ManagedCluster("aksCluster", {
  resourceGroupName: resourceGroupName.name,
  location: resourceGroupName.location,
  // Define AKS cluster properties here
  // For example, you'll need to configure the node pool details, network settings, etc.
});

// Export the AKS cluster kubeconfig
export const kubeconfig = aksCluster.kubeConfigRaw;

// Step 2: Install Velero onto AKS cluster

// Create a k8s Provider instance using the kubeconfig from the created AKS cluster
const k8sProvider = new k8s.Provider("k8sProvider", {
  kubeconfig: aksCluster.kubeConfigRaw,
});

// Deploy Velero Helm chart
const veleroChart = new k8s.helm.v3.Chart("velero", {
  chart: "velero",
  version: "2.23.3", // Specify the version of Velero chart you want to deploy
  fetchOpts: {
    repo: "https://vmware-tanzu.github.io/helm-charts",
  },
}, { provider: k8sProvider });

// To access the Helm Chart, Velero requires additional configuration such as storage credentials.
// You'll need to create a secret or pass configuration values that contain the necessary credentials.

This program does the following:

It declares an Azure resource group where the AKS cluster will be created.
It defines the AKS cluster with the ManagedCluster resource. You would replace comments with the actual configuration you need, such as node pool sizes and other pertinent settings.
It exports the kubeconfig of the AKS cluster, which is needed to interact with the cluster via kubectl or any Kubernetes client.
It creates a Kubernetes provider instance configured to use the just created AKS cluster's kubeconfig.
It deploys the Velero Helm chart into the AKS cluster using the Kubernetes provider. You'll have to ensure that the Helm chart version you want to install is specified, and you're using the correct Helm repository URL.

Please remember to replace placeholder values, such as the Helm chart version, resource group name, and AKS cluster configuration, with real ones that fit your requirements.

Also, Velero requires access to a storage location where it can save backups. You should configure this as part of deploying the Helm chart, which may involve creating secret resources or setting appropriate Helm chart values, such as cloud provider credentials and bucket information, where Velero would store these backups.

You can run this Pulumi program with the following commands:

$ pulumi up # This will preview and deploy the changes described by the program

After deployment, you can use the outputted kubeconfig to interact with your AKS cluster and verify that Velero has been installed successfully:

$ kubectl --kubeconfig <path-to-generated-kubeconfig> get all -n velero

Replace <path-to-generated-kubeconfig> with the actual path to the kubeconfig file generated by Pulumi.