Deploy the jwks-merge helm chart on AWS EKS

Question

Pulumi · Accepted Answer

To deploy a Helm chart on an Amazon EKS (Elastic Kubernetes Service) cluster using Pulumi, we first need to provision an EKS cluster and then deploy the Helm chart onto it. We will use Pulumi's AWS and Kubernetes providers to accomplish this.

The `awsx` package provides a high-level API to create EKS clusters easily. Once the cluster is created, we will obtain the kubeconfig required to communicate with the cluster. With the kubeconfig in hand, Pulumi's Kubernetes provider can be utilized to deploy the `jwks-merge` Helm chart. Typically, the Helm chart needs to be available either in an online repository or on your local filesystem for deployment. You'll need to provide the `repo` attribute if it's from an online repository or the `path` if you have it locally.

Here's how you can do it:

1. **Set up the EKS Cluster**: We create an EKS cluster using the `awsx.eks.Cluster` class.
2. **Get the kubeconfig**: The `kubeconfig` is obtained from the created EKS cluster to interact with it.
3. **Deploy the Helm Chart**: We use the `kubernetes.helm.v3.Chart` class from Pulumi's Kubernetes provider to deploy the Helm chart.

Below is the TypeScript program that accomplishes the above steps:

```typescript
import * as awsx from '@pulumi/awsx';
import * as k8s from '@pulumi/kubernetes';

// Create an EKS cluster.
const cluster = new awsx.eks.Cluster('my-cluster');

// Once the cluster is created, we can access its kubeconfig to deploy applications.
const kubeconfig = cluster.kubeconfig.apply(JSON.stringify);

// Create an instance of the Kubernetes provider with the cluster's kubeconfig.
const provider = new k8s.Provider('k8s-provider', {
    kubeconfig: kubeconfig,
});

// Now, let's deploy the jwks-merge Helm chart using the Kubernetes provider.
// Make sure to specify the correct repo or path for the jwks-merge Helm chart.
const chart = new k8s.helm.v3.Chart('jwks-merge-chart', {
    repo: 'my-helm-repo', // Replace with actual Helm repo URL or name where jwks-merge is hosted.
    chart: 'jwks-merge',
    // Optionally, specify the version of the Helm chart and any values required by the chart.
    // version: '1.0.0',
    // values: { /* ... */ },
}, { provider });

// Export the cluster's kubeconfig and the chart's resources.
export const kubeconfigOutput = kubeconfig;
export const chartResources = chart.resources;
```

In the above program:

- Replace `'my-helm-repo'` with the actual Helm repository name or URL where the `jwks-merge` chart is located.
- If your chart requires you to specify a version or custom values, you can pass those to the `version` and `values` fields within the `Chart` constructor.
- The `export` statements are used to output the `kubeconfig` and the resources created by the Helm chart. This allows you to see these outputs after running `pulumi up`.
  
Remember, before running this Pulumi program, ensure that you have the AWS CLI configured with the necessary credentials and Pulumi CLI installed. Once you've prepared, you can run the program with `pulumi up` to deploy the resources.

As an additional resource, Pulumi's documentation provides ample examples and guides. The resources used in this script can be found in the official Pulumi documentation for [AWS EKS](https://www.pulumi.com/docs/reference/pkg/awsx/eks/cluster/) and [Helm Charts on Kubernetes](https://www.pulumi.com/registry/packages/kubernetes/api-docs/helm/v3/chart/).