Deploy the kubescape-prometheus-integrator helm chart on Linode Kubernetes Engine
TypeScriptDeploying a Helm chart on a Kubernetes cluster involves a few steps. We will first ensure that we have a Kubernetes cluster up and running. Then, we will install the Helm chart on that cluster. Since we're going to deploy on the Linode Kubernetes Engine (LKE), I'll show you how to set up the cluster on Linode and then deploy the
kubescape-prometheus-integratorHelm chart using Pulumi with TypeScript.Before you start with the deployment, make sure you have the following prerequisites on your local development machine:
- Pulumi CLI installed
- Linode CLI with a generated token that has permissions to create Kubernetes clusters
- Helm CLI for working with Helm charts
kubectlCLI for interacting with the Kubernetes cluster- Configured access to the Linode account via the CLI
Now let's proceed with the implementation:
-
Create a Kubernetes Cluster on Linode: We define a Pulumi program to provision an LKE cluster. We won't provide a detailed walkthrough on how to create a Linode Kubernetes cluster as this will focus on deploying the Helm chart.
-
Deploy the Helm Chart: After the cluster is provisioned, we will use the Pulumi Kubernetes provider to deploy the
kubescape-prometheus-integratorHelm chart. -
Configure the Helm Chart: If necessary, we can pass custom configuration values to the Helm chart by using the
valuesproperty.
Below is a TypeScript program that implements the deployment. It assumes you are already logged into the Linode CLI and Pulumi CLI with the necessary credentials.
import * as pulumi from "@pulumi/pulumi"; import * as kubernetes from "@pulumi/kubernetes"; // Step 1: Provisioning the Linode Kubernetes cluster is omitted for brevity // Step 2: Deploy the kubescape-prometheus-integrator Helm chart const kubescapePrometheusChart = new kubernetes.helm.v3.Chart("kubescape-prometheus-integrator", { chart: "kubescape-prometheus-integrator", version: "1.0.0", // Replace with the actual chart version fetchOpts: { repo: "https://charts.your-repository.com/", // Replace with the actual helm chart repository URL }, // If needed, add custom values for the Helm chart here values: { // Custom configuration values for kubescape-prometheus-integrator chart }, }); // Obtaining a kubeconfig to interact with the provisioned cluster // This step assumes the LKE cluster is already created and available const kubeconfig = linodeKubernetesCluster.kubeconfig.apply(JSON.stringify); // Export the kubeconfig to a file export const exportedKubeconfig = pulumi.all([kubeconfig]).apply(([kc]) => { require('fs').writeFileSync('kubeconfig-linode.json', kc, 'utf-8'); return kc; }); // Step 3: Use 'kubectl' with the exported kubeconfig to interact with the clusterIn the
exportedKubeconfigbit, we're taking the kubeconfig that Linode provides us and writing it to a local file so it can be used with thekubectlcommand-line tool. You can then usekubectl --kubeconfig kubeconfig-linode.json get podsto interact with your cluster.Remember that we've used placeholders for certain values such as the chart's version and chart repository URL. You'll need to replace them with the appropriate details for
kubescape-prometheus-integrator.Important Notes:
- The Helm chart name and version need to match what’s available in the repository.
- Helm repository where your
kubescape-prometheus-integratorchart is hosted should be specified infetchOpts.repo. If the chart is in a private repository, you will need to add appropriate credentials. - Custom configurations for your Helm chart should be set in the
valuesobject within the chart definition.
After writing this program, run the following commands to execute it:
pulumi up # to create the resources pulumi stack output exportedKubeconfig # to view the kubeconfigThe making of the kubeconfig file in this example lets you use it with
kubectlif you want to interact with your Kubernetes cluster. It's crucial to secure your kubeconfig file and handle it carefully to avoid unauthorized access to your Kubernetes cluster.