Deploy the harbor-scanner-aqua helm chart on AWS EKS
TypeScriptTo deploy the harbor-scanner-aqua helm chart on AWS EKS, you'll perform several steps including setting up an EKS cluster, configuring Helm, and deploying the chart. I'll lead you through creating an EKS cluster using Pulumi's EKS package, which simplifies the process. Then, we'll use the
kubernetes.helm.v3.Chart
resource from the Pulumi Kubernetes provider to deploy the helm chart.Prerequisites
Make sure you have the following prerequisites installed and set up:
- Pulumi CLI
- AWS CLI, configured with appropriate access credentials and default region
- Node.js and npm
- Kubernetes CLI (kubectl)
Step 1: Setting up the EKS Cluster
First, we will define our EKS cluster. Pulumi’s EKS package provides a high-level abstraction over AWS EKS, which simplifies the creation and management of the cluster.
import * as awsx from "@pulumi/awsx"; import * as eks from "@pulumi/eks"; import * as pulumi from "@pulumi/pulumi"; import * as k8s from "@pulumi/kubernetes"; // Create a VPC for our cluster. const vpc = new awsx.ec2.Vpc("my-vpc", { numberOfAvailabilityZones: 2 }); // Create an EKS cluster with the default configuration. const cluster = new eks.Cluster("my-cluster", { vpcId: vpc.id, subnetIds: vpc.publicSubnetIds, instanceType: "t2.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, providerCredentialOpts: { profileName: aws.config.profile, // use AWS profile from config }, }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeconfig;
In this code, we create a new VPC using
awsx.ec2.Vpc
. This VPC will contain our EKS cluster. Theeks.Cluster
resource provision includes a cluster with a specifiedinstanceType
, and the number of desired instances is set with thedesiredCapacity
,minSize
, andmaxSize
arguments.Step 2: Deploying the Helm Chart
With the EKS cluster in place, we can proceed to deploy the harbor-scanner-aqua helm chart using the
kubernetes.helm.v3.Chart
resource.// Create a Kubernetes Helm Chart in the EKS cluster. const harborScannerAqua = new k8s.helm.v3.Chart("harbor-scanner-aqua", { chart: "harbor-scanner-aqua", // Replace this with the correct repository URL or name. // For example, if deploying from Bitnami, specify `bitnami/<chart>`. fetchOpts: { repo: "https://helm-chart-repository-url/" }, namespace: "default", // Deploy into the default namespace. values: { // Specify any custom values here. }, }, { provider: new k8s.Provider("k8s-provider", { kubeconfig: cluster.kubeconfig }) }); // Export the Harbor Scanner Aqua endpoint so you can access it. export const harborScannerAquaEndpoint = harborScannerAqua.getResourceProperty("v1/Service", "harbor-scanner-aqua", "status") .apply(status => status.loadBalancer.ingress[0].ip);
Here we define the Helm chart we want to deploy by specifying the chart name, any custom values, and the location of the Helm chart's repository. Once deployed, we can export the service endpoint of the Harbor Scanner Aqua.
Complete Pulumi Program
Combine the code for setting up the EKS cluster and deploying the Harbour Scanner Aqua Helm Chart into one program:
import * as awsx from "@pulumi/awsx"; import * as eks from "@pulumi/eks"; import * as pulumi from "@pulumi/pulumi"; import * as k8s from "@pulumi/kubernetes"; // Create a VPC for our cluster. const vpc = new awsx.ec2.Vpc("my-vpc", { numberOfAvailabilityZones: 2 }); // Create an EKS cluster. const cluster = new eks.Cluster("my-cluster", { vpcId: vpc.id, subnetIds: vpc.publicSubnetIds, instanceType: "t2.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, providerCredentialOpts: { profileName: aws.config.profile, // use AWS profile from config }, }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeconfig; // Deploy Harbor Scanner Aqua Helm Chart. const harborScannerAqua = new k8s.helm.v3.Chart("harbor-scanner-aqua", { chart: "harbor-scanner-aqua", fetchOpts: { repo: "https://helm-chart-repository-url/" }, namespace: "default", values: { // Place your custom values }, }, { provider: new k8s.Provider("k8s-provider", { kubeconfig: cluster.kubeconfig }) }); // Export the Harbor Scanner Aqua service endpoint. export const harborScannerAquaEndpoint = harborScannerAqua.getResourceProperty("v1/Service", "harbor-scanner-aqua", "status") .apply(status => status.loadBalancer.ingress[0].ip);
To run this program:
- Save the code to a file with a
.ts
extension (e.g.,index.ts
). - Ensure you've configured the Pulumi CLI with your AWS credentials and have selected the correct stack.
- Run
npm install
to install the required dependencies. - Execute
pulumi up
to preview and deploy the changes.
When you run
pulumi up
, Pulumi will provision the required resources in the correct order. After the deployment, you can use theharborScannerAquaEndpoint
export to access the Harbor Scanner Aqua service.Please replace
"https://helm-chart-repository-url/"
with the URL of the actual repository where the Harbor Scanner Aqua Helm chart is located, and populate thevalues
property with any necessary configurations that the chart requires.