Deploy the kubernetes-external-secrets helm chart on Digital Ocean Kubernetes Service
TypeScriptDeploying a Helm chart on Kubernetes, in this case,
kubernetes-external-secrets
on DigitalOcean Kubernetes Service (DOKS), involves a few steps:- Provisioning the Kubernetes Cluster: This step creates a DOKS cluster using Pulumi's DigitalOcean provider.
- Installing the Helm Chart: This deploys the
kubernetes-external-secrets
chart onto the DOKS cluster.
Let's go through each step with the corresponding Pulumi code.
Step 1: Provisioning the DOKS Cluster
First, we will provision a DigitalOcean Kubernetes cluster. Here, we make use of the
digitalocean.KubernetesCluster
resource from the Pulumi DigitalOcean provider. Adjust thenodePool
configuration to match your desired capacity and instance size.import * as digitalocean from "@pulumi/digitalocean"; const cluster = new digitalocean.KubernetesCluster("do-cluster", { region: "nyc3", version: "latest", // Specify the desired Kubernetes version. nodePool: { name: "default", size: "s-2vcpu-2gb", // Size of the nodes (this is the smallest size). nodeCount: 2, // Number of nodes you want in your DOKS cluster. }, });
Step 2: Installing the Helm Chart
For installing the Helm chart, we utilize the
kubernetes.helm.v3.Chart
resource from Pulumi's Kubernetes provider. This resource facilitates the deployment of Helm charts on a Kubernetes cluster. In this scenario, we're deploying thekubernetes-external-secrets
chart from its Helm repository.import * as kubernetes from "@pulumi/kubernetes"; // Ensure you have configured the Kubernetes provider to connect to the DOKS cluster. const kubeconfig = cluster.kubeConfigs[0].rawConfig; const provider = new kubernetes.Provider("do-k8s", { kubeconfig }); // Deploy the kubernetes-external-secrets Helm chart on the DOKS cluster. const externalSecretsChart = new kubernetes.helm.v3.Chart("external-secrets", { chart: "kubernetes-external-secrets", version: "8.3.0", // Specify the chart version you want to deploy. fetchOpts: { repo: "https://external-secrets.github.io/kubernetes-external-secrets/", }, }, { provider });
Putting it all together
Now let's combine both steps into a single Pulumi program that will set up your DOKS cluster and deploy the
kubernetes-external-secrets
chart onto it.Here’s the complete program:
import * as digitalocean from "@pulumi/digitalocean"; import * as kubernetes from "@pulumi/kubernetes"; // Create a DigitalOcean Kubernetes cluster. const cluster = new digitalocean.KubernetesCluster("do-cluster", { region: "nyc3", version: "latest", nodePool: { name: "default", size: "s-2vcpu-2gb", nodeCount: 2, }, }); // Export the Kubeconfig so that clients can access the cluster. export const kubeconfig = cluster.kubeConfigs[0].rawConfig; // Kubernetes provider to connect to the created cluster. const provider = new kubernetes.Provider("do-k8s", { kubeconfig: kubeconfig, }); // Deploy the kubernetes-external-secrets Helm chart. const externalSecretsChart = new kubernetes.helm.v3.Chart("external-secrets", { chart: "kubernetes-external-secrets", version: "8.3.0", fetchOpts: { repo: "https://external-secrets.github.io/kubernetes-external-secrets/", }, }, { provider }); // Export the external-secrets chart version being deployed. export const externalSecretsVersion = externalSecretsChart.version;
Running the Program
To run this Pulumi program, save the code into a file named
index.ts
, and then follow these steps:- Initialize a new Pulumi project if you haven't already. You can use
pulumi new typescript
and then replace the auto-generatedindex.ts
with the content above. - Make sure you have the required Pulumi stack configuration set up.
- Run
pulumi up
to preview and deploy these changes.
After successful deployment, Pulumi will provision a DOKS cluster, install the Kubernetes provider to connect to this cluster, and then deploy the
kubernetes-external-secrets
Helm chart onto your cluster using the specified chart version.