Deploy the vspgwu helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

To deploy the `vspgwu` Helm chart on an Azure Managed OpenShift Service using Pulumi, you need to perform a series of steps. Firstly, you will need to create an instance of an Azure OpenShift Managed Cluster. Once the cluster is provisioned, you can then deploy the Helm chart to the cluster. Here's a detailed breakdown of the tasks: 1. **Create an Azure Resource Group**: This will be a container that holds related resources for an Azure solution. 2. **Provision an Azure OpenShift Managed Cluster**: This sets up the Kubernetes-based Azure Red Hat OpenShift managed cluster. 3. **Deploy the `vspgwu` Helm Chart to the cluster**: Helm charts are packages that define a set of Kubernetes resources, which can be deployed to a Kubernetes cluster. Now, let's get into the TypeScript program that uses Pulumi to accomplish this: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as azureNative from "@pulumi/azure-native"; import * as k8s from "@pulumi/kubernetes"; // Step 1: Create an Azure Resource Group const resourceGroup = new azureNative.resources.ResourceGroup("myResourceGroup"); // Step 2: Provision an Azure OpenShift Managed Cluster const openshiftCluster = new azureNative.containerservice.OpenShiftManagedCluster("myOpenShiftCluster", { resourceGroupName: resourceGroup.name, location: resourceGroup.location, openShiftVersion: "4.3", // specify the desired OpenShift version networkProfile: { vnetCidr: "10.0.0.0/8", }, masterPoolProfile: { count: 3, vmSize: "Standard_D4s_v3", }, agentPoolProfiles: [{ name: "agentpool", count: 3, vmSize: "Standard_D4s_v3", osType: "Linux", }], authProfile: { identityProviders: [{ name: "Azure AD", provider: { kind: "AADIdentityProvider", clientId: "", // specify the Azure AD client ID secret: "", // specify the Azure AD secret tenantId: "", // specify the Azure AD tenant ID } }] } }); // Step 3: Deploy the `vspgwu` Helm Chart to the cluster // We use the credentials from the created OpenShift cluster to configure the Kubernetes provider. const clusterCredentials = azureNative.containerservice.listOpenShiftManagedClusterUserCredentialsOutput({ resourceName: openshiftCluster.name, resourceGroupName: resourceGroup.name, }); const k8sProvider = new k8s.Provider("openshiftK8s", { kubeconfig: clusterCredentials.kubeconfigs[0].value.apply(x => x.toString("utf-8")), }); // Deploy the vspgwu Helm chart const vspgwuChart = new k8s.helm.v3.Chart("vspgwu-chart", { chart: "vspgwu", version: "1.2.3", // replace with the actual chart version you want to deploy // namespace and other parameters can be specified here }, { provider: k8sProvider }); // Export the public IP to access the deployed service export const publicIp = pulumi.interpolate`${vspgwuChart.getResourceProperty("v1/Service", "vspgwu-service", "status")["loadBalancer"]["ingress"][0]["ip"]}`; ``` This Pulumi program is doing the following: - **Creating a Resource Group**: This is where all the Azure resources will live. - **Provisioning an Azure OpenShift Managed Cluster**: We create an OpenShift cluster with defined attributes including version, network profile, VM sizes, and Azure AD integration for authentication. - **Setting up Kubernetes provider with Cluster Credentials**: We retrieve the credentials from the created OpenShift cluster to set up the Pulumi Kubernetes provider. - **Deploying the Helm Chart**: With the Kubernetes provider configured, we then deploy the Helm chart `vspgwu`. In the place of ``, ``, and ``, you should provide your actual Azure AD credentials. Also, the `version` of the Helm chart should be the version you want to deploy. If it is a custom or private chart, you'll need to provide additional details like `repo`. Lastly, an export is defined to retrieve the public IP address of the vspgwu service once it's deployed, which can be used to access the service from the internet. Please ensure you have the `@pulumi/azure-native` and `@pulumi/kubernetes` packages installed in your Pulumi project. This aids in interacting with Azure resources and Kubernetes resources, respectively. Please note, this operation can take a while as it provisions infrastructure on Azure and deploys a Helm chart. Run this code using Pulumi CLI and after deployment, check the resources through the Azure portal and Kubernetes management tools like `kubectl`.