Deploy the ocp-route helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy an OCP (OpenShift Container Platform) Route Helm chart on an Azure Kubernetes Service (AKS) cluster using Pulumi, you will follow these steps:

1. **Set up your AKS cluster**: The first step is to create an AKS cluster where your Helm chart will be deployed.

2. **Install the Helm Chart**: Once you have an AKS cluster, you can utilize Pulumi's Helm Chart resource to deploy OCP Route or any other Helm charts to your cluster.

Let's begin by setting up a new AKS cluster.

Below is a TypeScript Pulumi program that demonstrates how to:

- Create a new resource group for your AKS deployment
- Deploy a new AKS cluster
- Deploy a Helm chart to that AKS cluster

Make sure you have installed Pulumi CLI and configured your Azure credentials before running this program.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as azuread from "@pulumi/azuread";
import * as kubernetes from "@pulumi/kubernetes";
import * as azureNative from "@pulumi/azure-native";

// Create a new resource group
const resourceGroup = new azure.core.ResourceGroup("myResourceGroup");

// Create an AD service principal for the AKS cluster.
const adApp = new azuread.Application("aks");
const adSp = new azuread.ServicePrincipal("aksSp", {applicationId: adApp.applicationId});
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
    servicePrincipalId: adSp.id,
    endDate: "2099-01-01T00:00:00Z",
});

// Now let's create the AKS cluster.
const k8sCluster = new azure.containerservice.KubernetesCluster("myK8sCluster", {
    resourceGroupName: resourceGroup.name,
    defaultNodePool: {
        name: "aksagentpool",
        nodeCount: 2,
        vmSize: "Standard_DS2_v2",
    },
    dnsPrefix: `${pulumi.getStack()}-kube`,
    linuxProfile: {
        adminUsername: "myadmin",
        sshKey: {
            keyData: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3b3Ida ...",
        },
    },
    servicePrincipal: {
        clientId: adApp.applicationId,
        clientSecret: adSpPassword.value,
    },
    kubernetesVersion: "1.18.14",
});

// Export the kubeconfig
const credentials = pulumi.all([k8sCluster.name, resourceGroup.name]).apply(([name, rgName]) =>
    azure.containerservice.listKubernetesClusterUserCredentials({
        resourceGroupName: rgName,
        resourceName: name,
    }),
);

export const kubeconfig = credentials.apply(creds => creds.kubeconfigs[0].value);

// Now that we have an AKS cluster, we can create a Kubernetes provider instance.
const k8sProvider = new kubernetes.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Deploy the ocp-route Helm chart on AKS
const ocpRouteChart = new kubernetes.helm.v3.Chart("ocp-route-chart", {
    chart: "ocp-route",
    version: "1.0.0", // Use the appropriate chart version
    fetchOpts: {
        repo: "http://your-helm-chart-repo/", // Make sure to replace with your Helm chart repository
    },
}, { provider: k8sProvider });

// Export the AKS cluster name and Kubeconfig
export const clusterName = k8sCluster.name;
```

In this program:

- We define an Azure Resource Group to logically organize the AKS resources.
- We create an Azure AD application and service principal that AKS uses for Azure integrations.
- The AKS cluster is created with two nodes of a specified size using the `azure.containerservice.KubernetesCluster` resource.
- For the SSH key in `linuxProfile`, you need to provide your SSH public key to allow SSH access to the nodes if required.
- A kubeconfig is exported which will be used to interact with the AKS cluster.
- We then create a `kubernetes.Provider`, which is how Pulumi connects to the Kubernetes cluster.
- Finally, the Helm chart is deployed using the `kubernetes.helm.v3.Chart` resource. You will need to specify the repository URL where your chart is located and the version of the chart you wish to install.

To run this Pulumi program, save it to a file (e.g., `index.ts`), then run `pulumi up` from the command line. This will provision the resources in Azure and output the kubeconfig needed to connect to the AKS cluster.

Please note that you will have to replace the dummy values for `sshKey` and `repo` with real values that match your setup. The `ocp-route` chart should be in the Helm chart repository you specified, and you should provide the correct version. If the `ocp-route` chart requires additional configuration values, you can provide them in the `values` property of the `ocpRouteChart`.