Deploy the datadog-apm helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

Deploying a Helm chart on an Azure Managed OpenShift Service using Pulumi requires several steps. We first need to create an Azure Managed OpenShift cluster, and then we will deploy a Helm chart onto it. In this case, we want to deploy the DataDog APM chart to the cluster.

We will use the following resources to accomplish our task:

azure-native.containerservice.OpenShiftManagedCluster: This resource allows us to create an instance of an Azure OpenShift Managed Service, which is a service that offers a fully managed OpenShift cluster.
kubernetes.helm.v3.Chart: This resource is part of the Kubernetes provider, and it allows us to deploy Helm charts onto a Kubernetes cluster. Helm is a package manager for Kubernetes that packages multiple Kubernetes resources into a single logical deployment unit called a Chart.

First, ensure you've installed Pulumi and set up Azure credentials on your machine and logged into the Azure CLI.

Now let's dive into the program:

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

const name = "datadog-apm";

// Step 1: Create an Azure Managed OpenShift cluster.
const cluster = new azure.containerservice.OpenShiftManagedCluster(name, {
    // Replace these with the actual location and OpenShift version
    location: "East US", 
    resourceGroupName: "resourceGroup1",
    openShiftVersion: "4.3", // Specify the OpenShift version
    // Define the agent pool for the OpenShift cluster
    agentPoolProfiles: [{
        name: "agentpool",
        role: "compute", // The role can be 'compute', 'infra', or 'master'
        count: 3,
        vmSize: "Standard_DS3_v2",
    }],
    // Define the network profile for the OpenShift cluster
    networkProfile: {
        vnetCidr: "10.0.0.0/8",
    },
    // Ensure you supply the necessary authProfile details
    authProfile: {
        identityProviders: [{
            name: "AzureADIdentityProvider",
            provider: {
                // You must replace the secrets with real values
                secret: "clientSecret",
                clientId: "clientId",
                tenantId: "tenantId",
                // Only include if using a group sync
                customerAdminGroupId: "adminGroupId",
            },
        }],
    },
});

// Step 2: Deploy the DataDog APM Helm chart to the OpenShift cluster.
const datadogApmChart = new k8s.helm.v3.Chart(name, {
    chart: "datadog",
    version: "2.6.5", // Replace with the version of the chart you want to deploy
    fetchOpts: { 
        repo: "https://helm.datadoghq.com/", // The Helm repository URL for DataDog
    },
    // Define values for the Helm chart
    values: {
        datadog: {
            apiKey: "<DATADOG_API_KEY>", // Enter your DataDog API key
            appKey: "<DATADOG_APP_KEY>", // Enter your DataDog app key
            apm: {
                enabled: true,
            },
            // Other values can be set based on the DataDog Helm chart's requirements
        },
    },
    // Point the Helm chart to the created cluster
    provider: new k8s.Provider("k8s-provider", {
        kubeconfig: cluster.kubeConfigRaw, // Raw Kubernetes config from the Azure OpenShift cluster
    }),
}, { dependsOn: [cluster] });

// Export the cluster's kubeconfig
export const kubeConfig = cluster.kubeConfigRaw;

This program does the following:

Sets up an Azure Managed OpenShift cluster using the OpenShiftManagedCluster resource. You will need to replace placeholders with actual values. Especially, authProfile should have your Azure Active Directory application details for the OpenShift cluster to use for authentication.
Deploys the DataDog APM Helm chart using the Chart resource from Pulumi's Kubernetes provider. It specifies the DataDog APM specific values, such as your API and APP keys which you would get from your DataDog account. The dependsOn option ensures that the Helm chart deployment will only start once the OpenShift cluster is available.
Exports the kubeConfig as an output, which you can use to interact with your Kubernetes cluster using kubectl or other tools.

Replace the placeholder values with actual data appropriate to your environment. Be sure to handle your secrets securely using Pulumi's secret management.

After writing this code in a index.ts file, you can run it using Pulumi CLI commands:

pulumi up

This command initiates the deployment process, where Pulumi will show you a preview of the resources that will be created and ask for confirmation before proceeding.

Remember to configure the required Azure settings and have the appropriate permissions before running the Pulumi program.