Deploy the haveged helm chart on AWS EKS

Question

Pulumi · Accepted Answer

Deploying a Helm chart on AWS EKS using Pulumi involves several steps: setting up the EKS cluster, installing and configuring the Helm chart, and then deploying it to EKS. The `haveged` Helm chart you've mentioned is used to provide additional entropy for applications running within your Kubernetes cluster, which can be crucial for ensuring cryptographic operations have enough randomness.

Below, I'll guide you through a Pulumi program that accomplishes the following:
1. Creates an EKS cluster using the `awsx` package, which provides higher-level abstractions simplifying EKS cluster creation.
2. Deploys the `haveged` Helm chart using Pulumi's Helm support within the `kubernetes` package.

Firstly, we need to install the necessary Pulumi packages for AWS and Kubernetes. You would typically do this by running `npm install` command with these packages as arguments. For this example, we'll assume these libraries are already installed and ready to use.

Here is the Pulumi TypeScript program:

```typescript
import * as awsx from '@pulumi/awsx';
import * as kubernetes from '@pulumi/kubernetes';
import * as pulumi from '@pulumi/pulumi';

// Create a new EKS cluster. The `awsx` library will automatically create the necessary resources.
const cluster = new awsx.eks.Cluster('myCluster');

// Create a kubeconfig that is compatible with our EKS cluster.
const kubeconfig = pulumi.
  all([cluster.eksCluster.name, cluster.eksCluster.endpoint, cluster.eksCluster.certificateAuthority, cluster.core.instanceRoles[0].arn]).
  apply(([name, endpoint, ca, instanceRoleArn]) => {
    return awsx.eks.computeKubeconfig(name, endpoint, ca.data, instanceRoleArn);
});

// Create an instance of the Pulumi Kubernetes Provider using the kubeconfig generated for the EKS cluster.
const k8sProvider = new kubernetes.Provider('k8sProvider', {
    kubeconfig: kubeconfig,
});

// Deploy the `haveged` Helm chart to the EKS cluster using the Kubernetes provider.
const havegedChart = new kubernetes.helm.v3.Chart('haveged', {
    fetchOpts: {
        repo: 'https://hastebrot.github.io/helm-charts/', // Replace with the actual repository if different
    },
    chart: 'haveged',
}, { provider: k8sProvider });

// Export the cluster's kubeconfig and name of the Helm release.
export const kubeconfigOutput = kubeconfig;
export const helmReleaseName = havegedChart.metadata.apply(metadata => metadata.name);
```

This program does the following:
- It creates a new EKS cluster using `awsx.eks.Cluster`.
- It computes a kubeconfig for the newly created EKS cluster, which is necessary for interacting with the cluster using `kubectl` and other Kubernetes tools.
- It instantiates a Kubernetes provider that knows how to interact with our EKS cluster using the generated kubeconfig.
- It deploys the `haveged` Helm chart to our EKS cluster with an instance of `kubernetes.helm.v3.Chart`, which Pulumi uses to deploy Helm charts via the Kubernetes provider.
- It exports the generated kubeconfig and the Helm release name, which you can use to verify and interact with your deployment.

Keep in mind that you need to replace `'https://hastebrot.github.io/helm-charts/'` with the actual repository URL that hosts the `haveged` chart if it's hosted elsewhere.

To apply this Pulumi program, you would run `pulumi up` in the CLI after setting up your Pulumi stack. This would prompt Pulumi to begin provisioning the AWS EKS cluster and deploying the `haveged` chart onto the cluster. If you have the `kubectl` command installed and configured with the `kubeconfig` that Pulumi exports, you can interact with your Kubernetes resources like usual.

Please note that operating an EKS cluster incurs costs on AWS, and it's important to monitor your cloud resources to avoid unexpected charges.