Deploy the keycloak-configurator helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy the `keycloak-configurator` Helm chart on an AWS EKS cluster using Pulumi, we need to follow these steps:

1. **Set up an EKS Cluster**: Before you can deploy any workloads on Kubernetes, you'll need a Kubernetes cluster. Amazon EKS provides a managed Kubernetes service that makes it easier to run Kubernetes without needing to install and operate your own Kubernetes control plane or worker nodes.

2. **Create an ECR Repository (Optional)**: Amazon Elastic Container Registry (ECR) is used to store, manage, and deploy container images. This step is optional and depends on whether your Helm chart needs to use any custom container images that you want to store in AWS.

3. **Deploy the Helm Chart**: Helm is a package manager for Kubernetes, which allows you to define, install, and upgrade even the most complex Kubernetes applications using "charts". We'll use the `keycloak-configurator` chart to deploy Keycloak onto our EKS cluster.

Let's walk through the TypeScript program you'll write to accomplish this using Pulumi.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx"; // Provides high-level AWS components.
import * as eks from "@pulumi/eks"; // Streamlines the use of EKS.
import * as k8s from "@pulumi/kubernetes"; // Kubernetes Pulumi provider.

// Step 1: Set up an EKS Cluster.
// We create a new EKS cluster. The `eks.Cluster` resource automatically creates the necessary AWS resources.
const cluster = new eks.Cluster("keycloak-cluster", {
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 2,
    instanceType: "t2.medium",
});

// Step 2: (Optional) Create an ECR Repository.
// This is not necessary for the Helm chart alone, but it's here for completeness if you need a private container registry.
const repository = new awsx.ecr.Repository("keycloak-configurator-repo");

// Step 3: Deploy the Helm chart on the EKS Cluster.
// Note: We assume the keycloak-configurator chart is available in a Helm repository, and we need to provide the repo URL.
const keycloakChart = new k8s.helm.v3.Chart("keycloak-configurator", {
    chart: "keycloak-configurator",
    version: "1.0.0", // Replace with the appropriate chart version.
    repositoryOpts: {
        repo: "http://example.com/helm-charts", // Replace with the actual Helm repository URL.
    },
    values: {
        // Provide any required values for your chart.
        // This depends on the specific chart and its configuration options.
    },
}, { provider: cluster.provider });

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;
```

In the above program:
- We begin by importing the required Pulumi libraries for our task.
- When creating the EKS cluster, we define the desired capacity and size of the cluster along with the type of instance we want to use, `t2.medium` is a general-purpose instance type that should be adequate for small to medium apps.
- Creating an ECR repository is optional and depends on whether your Helm chart requires access to private container images.
- We then declare the `keycloak-configurator` Helm chart. When using this Pulumi resource, the chart is applied to the Kubernetes cluster defined by `provider`.
- Finally, we export the kubeconfig, which can be used to communicate with our EKS cluster using `kubectl`.

You can alter the `values` object to configure your Keycloak deployment according to the specific Helm chart documentation, which should be available wherever you source the chart from.

Please ensure you have configured Pulumi with your AWS credentials and that you have Helm and kubectl installed on your machine for this program to work correctly. Once deployed, Keycloak will be running within your EKS cluster, and you can manage it using Kubernetes tools like `kubectl`.