Deploy the loki-proxy helm chart on Azure Kubernetes Service (AKS)

Question

Pulumi · Accepted Answer

To deploy the `loki-proxy` Helm chart on Azure Kubernetes Service (AKS), we'll take the following approach:

1. **Create an AKS Cluster**: We'll define the AKS cluster using the `azure-native.hybridcontainerservice.ProvisionedCluster` resource. For this example, a minimal setup is shown, but you should tailor the AKS parameters like node size, count, or Kubernetes version according to your requirements and best practices.

2. **Install the Helm Chart**: We will use the `kubernetes.helm.sh/v3.Chart` resource to deploy the `loki-proxy` Helm chart on the AKS cluster we created in step 1.

Here's a Pulumi TypeScript program that carries out these steps:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as azure from '@pulumi/azure';
import * as azuread from '@pulumi/azuread';
import * as k8s from '@pulumi/kubernetes';
import * as azureNative from '@pulumi/azure-native';

// Step 1: Create the Azure Kubernetes Service (AKS) Cluster
const resourceGroupName = new azureNative.resources.ResourceGroup("rg", {
    resourceGroupName: "lokiProxyResourceGroup",
    location: "East US", // Ensure that the location is appropriate for your case
});

const managedClusterName = "lokiProxyAksCluster";

// Create an AD service principal for the AKS cluster.
const adApp = new azuread.Application("aks");
const adSp = new azuread.ServicePrincipal("aksSp", { applicationId: adApp.applicationId });
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
    servicePrincipalId: adSp.id,
    value: "Password#1234", // Replace with a secure password
    endDate: "2099-01-01T00:00:00Z",
});

// Now lets create the AKS cluster itself.
const k8sCluster = new azureNative.hybridcontainerservice.ProvisionedCluster("aksCluster", {
    resourceGroupName: resourceGroupName.name,
    resourceName: managedClusterName,
    location: resourceGroupName.location,
    properties: { // Adjust the properties appropriately
        kubernetesVersion: "1.18.14", // Confirm the correct version for your use case
        controlPlane: {
            vmSize: "Standard_DS2_v2", // Choose an appropriate VM size
        },
        agentPoolProfiles: [{
            count: 3,
            vmSize: "Standard_DS2_v2",
        }],
        linuxProfile: {
            adminUsername: "aksuser",
            ssh: {
                publicKeys: [{
                    keyData: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3dd...", // Use your SSH public key
                }],
            },
        },
    },
});

// Export the KubeConfig
const creds = pulumi.all([resourceGroupName.name, k8sCluster.name]).apply(([rgName, clusterName]) =>
    azureNative.hybridcontainerservice.listProvisionedClusterUserCredentials({
        resourceName: clusterName,
        resourceGroupName: rgName,
    }));

const kubeConfig = creds.apply(creds => Buffer.from(creds.kubeconfigs![0].value!, "base64").toString());

// Step 2: Install the Helm chart loki-proxy on AKS
// Use the kubeConfig from the cluster to create a provider instance which we can pass to helm chart
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeConfig,
});

// Deploy the helm chart using the k8s provider instance
const lokiProxyChart = new k8s.helm.v3.Chart("loki-proxy", {
    chart: "loki-proxy",
    version: "0.1.0", // Make sure you specify the correct chart version
    fetchOpts: {
        repo: "http://your-helm-chart-repository.org/", // Replace with actual Helm repo, if it's not on ArtifactHub or another common repo
    },
}, { provider: k8sProvider });

// Export the Kubernetes Cluster name
export const clusterName = k8sCluster.name;
```

**Explanation:**
- We start by importing the necessary modules for working with Pulumi, Azure, Azure AD, Kubernetes, and Azure Native.
- A new resource group is defined with `azureNative.resources.ResourceGroup`.
- An AD application and service principal are created for AKS with `azuread.Application` and `azuread.ServicePrincipal`.
- Next, we describe and create an AKS cluster using `azureNative.hybridcontainerservice.ProvisionedCluster`.
- We retrieve the generated `kubeConfig` of the AKS cluster, which is necessary to interact with our cluster using `kubectl`.
- We create a Pulumi Kubernetes provider with the `kubeConfig` retrieved from the AKS cluster.
- With this provider, we deploy the `loki-proxy` Helm chart, specifying its name, version, and the repository from where to fetch the Helm chart.
- Finally, we export the AKS cluster name for reference.

Make sure you have the Pulumi CLI installed and configured to access Azure. Also, ensure you have 'kubectl' installed if you need to interact with the AKS cluster directly.

After you've set up your Pulumi stack with `pulumi stack init` and set any required configuration, run `pulumi up` to deploy this program.