Deploy the aqua-quickstart helm chart on Rancher
TypeScriptTo deploy the
aqua-quickstarthelm chart on Rancher using Pulumi, you will need to interact with Rancher's Kubernetes cluster and deploy the chart into it. The Pulumi Rancher2 provider allows us to manage resources in a Rancher v2.x environment. Below you’ll find a detailed program written in TypeScript to demonstrate how to accomplish this task.The program consists of the following steps:
- Set up the Rancher2 Provider: This lets Pulumi communicate with your Rancher instance.
- Retrieve the desired Cluster: You need to know which Rancher Kubernetes cluster you want to deploy the
aqua-quickstarthelm chart on. - Deploy the Helm Chart: Using the
helm.v3.Chartresource from the Pulumi Kubernetes (K8s) provider, you can define and deploy theaqua-quickstarthelm chart in your chosen cluster.
Before running the following program, ensure you have installed Pulumi and set up the necessary credentials to communicate with your Rancher server and Kubernetes cluster.
Here is the full Pulumi TypeScript program to deploy the
aqua-quickstarthelm chart:import * as k8s from "@pulumi/kubernetes"; import * as rancher2 from "@pulumi/rancher2"; // Step 1: Set up the Rancher2 Provider // You'll need to configure your Rancher's API URL and access keys either through the // Pulumi config or environment variables. Here, we assume they are set up in the environment. // Initialize the Rancher2 provider. const rancherProvider = new rancher2.Provider("rancher", { // Use environment variables to supply the Rancher API URL and access keys. apiUrl: process.env.RANCHER_API_URL, accessKey: process.env.RANCHER_ACCESS_KEY, secretKey: process.env.RANCHER_SECRET_KEY }); // Step 2: Retrieve the desired Cluster // For simplicity, we're manually specifying the cluster ID. You should replace the placeholder // with your actual Rancher Kubernetes cluster ID or use an appropriate method to retrieve it dynamically. const clusterId = "c-np9q2"; // Replace with your actual Rancher Cluster ID // Step 3: Deploy the Helm Chart // The aqua-quickstart chart requires specific information such as namespace and possible values. // Update these settings to suit your deployment needs. const aquaChart = new k8s.helm.v3.Chart("aqua-quickstart", { chart: "aqua-quickstart", version: "6.2.0", // Specify the chart version. namespace: "aqua", // Deploy into the 'aqua' namespace (needs to be created if not already existing). fetchOpts: { repo: "https://helm.aquasec.com/", // This is the repository hosting the aqua-quickstart Helm chart. }, // You can supply additional values and settings that the chart might need. // values: { // key: "value" // } }, { provider: rancherProvider }); // Export the base URL of the Aqua console. You would normally get this from a service or ingress resource // after deploying the helm chart. For the sake of this example, we assume an ingress controller is // set up for Aqua and would export the hypothetical URL directly. export const aquaConsoleUrl = `https://aqua-console.${clusterId}.my-rancher-setup.com/`;Once you’ve set up the Pulumi project and stack in which the code will run, to execute the code, use the following Pulumi commands in your terminal:
pulumi upto deploy the helm chart making sure you have the correct Rancher API URL and keys set as environment variables (or Pulumi config) and that you have replacedclusterIdwith the correct one.
Remember that this script assumes that you have an existing Kubernetes namespace named
aquaand a Rancher cluster with the givenclusterId. Adapt the parts of the script that might be different for your environment, such as the chart version, chart settings in thevalues, or the helm chart repository URL.This deployment will set up Aqua's security tools in your Kubernetes cluster managed through Rancher. The actual resources created will depend on the specifics of the
aqua-quickstarthelm chart. You will need to consult the chart's documentation for details regarding the individual services and configurations it contains.