Deploy the icinga2-agent helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the Icinga2-Agent Helm chart on an AWS EKS cluster, we will need to set up an EKS cluster first and then install the Helm chart into our cluster.

To achieve this, we will follow these steps:

Create an EKS cluster: We use the aws.eks.Cluster resource to create a new EKS cluster. This resource provisions all the necessary infrastructure components for an EKS cluster within AWS.
Define the IAM role for the EKS cluster: We use the aws-iam.EKSRole resource to define an IAM role with the necessary permissions that the EKS service will assume to manage resources on your behalf.
Deploy Helm chart: We use the kubernetes.helm.sh/v3.Chart resource to deploy the Icinga2-Agent Helm chart to our EKS cluster.

The following Pulumi program is a complete TypeScript example of performing all the above steps:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an EKS cluster
const cluster = new eks.Cluster("eks-cluster", {
    version: "1.21",
    instanceType: "t3.medium",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 3,
    createOidcProvider: true,
});

// Step 2: Define an IAM role for the EKS cluster
// Note: You should attach policies that give the role sufficient permissions
const eksRole = new aws.iam.Role("eksRole", {
    assumeRolePolicy: {
        Version: "2012-10-17",
        Statement: [{
            Action: "sts:AssumeRole",
            Effect: "Allow",
            Principal: {
                Service: "eks.amazonaws.com",
            },
        }],
    },
});

// Attach the necessary policies to the EKS role
const rolePolicyAttachment = new aws.iam.RolePolicyAttachment("role-policy-attachment", {
    role: eksRole,
    policyArn: aws.iam.ManagedPolicies.AmazonEKSClusterPolicy,
});

// Step 3: Deploy the Icinga2-Agent Helm chart
// Assume Helm chart exists in a reachable Helm repo, replaced with "<helm-repo-url>" and "<chart-name>"
const helmChart = new k8s.helm.v3.Chart("icinga2-agent", {
    chart: "<chart-name>",
    version: "<chart-version>", // specify chart version
    fetchOpts: {
        repo: "<helm-repo-url>",
    },
    values: {
        // specify values for the chart
    },
}, { provider: cluster.provider });

// Export the kubeconfig to access the cluster
export const kubeconfig = cluster.kubeconfig;

Before running this program, you must replace "<helm-repo-url>" and "<chart-name>" with the actual URL of the Helm chart repository and the name of the Icinga2-Agent chart. Additionally, you must specify the version of the chart you want to deploy in place of "<chart-version>".

Make sure to fill in the values object with appropriate configuration for the Icinga2-Agent if needed. The Helm chart documentation will usually provide details on what values are configurable.

This program sets up an EKS cluster with a node group capable of running workloads. It then defines an IAM role for the cluster with the necessary policies attached. Finally, it uses the Pulumi Kubernetes provider to deploy the specified Helm chart to the cluster. The kubeconfig output can be used to interact with the cluster using kubectl or any other Kubernetes tooling.