Deploy the alb-controller helm chart on Oracle Kubernetes Engine (OKE)

Question

Pulumi · Accepted Answer

To deploy the ALB Ingress Controller Helm chart on an Oracle Kubernetes Engine (OKE) cluster, you will need to perform the following steps:

1. **Set up the Oracle Kubernetes Engine (OKE) cluster**: Before deploying the Helm chart, you need to have an OKE cluster up and running. You can create an OKE cluster using the OCI Console or Pulumi's `oci.ContainerEngine.Cluster` resource if you need to provision a new cluster programmatically.

2. **Install the Pulumi CLI and setup your environment for Oracle Cloud Infrastructure (OCI)**: Ensure that you have Pulumi installed and you're logged in to your OCI account by using the Pulumi CLI. Configure the required credentials for OCI.

3. **Install the Helm CLI**: The Helm CLI is required if you need to manually fetch and inspect the Helm chart before deploying with Pulumi.

4. **Deploy the ALB Ingress Controller Helm Chart**: You will use Pulumi's `kubernetes.helm.v3.Chart` resource to deploy the ALB Ingress Controller Helm chart to your OKE cluster. Ensure you have the right configurations from Oracle for the Helm chart, such as the chart name, version, and any custom values you may need to provide.

Below is a detailed Pulumi program in TypeScript that performs the deployment of the Helm chart. The code includes comments explaining each part of the program:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as oci from '@pulumi/oci';
import * as k8s from '@pulumi/kubernetes';

// Define configuration for the OCI provider.
const providerConfig = new oci.Provider('oci', {
    region: 'us-ashburn-1', // Replace with your region if different
    // Ensure you have the appropriate OCI configuration profile.
    // The profile should be configured with the necessary credentials.
});

// Create or select an existing OKE cluster using OCI provider resources.
// If you're creating a new cluster, you can use `oci.ContainerEngine.Cluster` resource.
// For deploying to an existing cluster, use the `k8s.Provider` with the kubeconfig of your cluster.

// In this sample, we're assuming that you have set up kubeconfig for the OKE cluster
// and have a Kubernetes provider instance configured to communicate with your OKE cluster.
const k8sProvider = new k8s.Provider('oke-k8s', {
    // Make sure that `kubeconfig` is correctly set in your environment for Pulumi to pick it up,
    // or you can explicitly pass the kubeconfig file's contents.
    kubeconfig: pulumi.output(process.env.KUBECONFIG).apply(k => k!),
});

// Specify the ALB Ingress Controller Helm chart details.
const albControllerChart = new k8s.helm.v3.Chart('alb-controller', {
    chart: 'aws-load-balancer-controller',
    version: '1.2.3', // specify the chart version you want to deploy
    fetchOpts: {
        repo: 'https://some.helm.repo/path', // specify the Helm repo URL containing the chart
    },
    // Define any values that need to be overwritten in the default chart.
    values: {
        clusterName: 'my-cluster', // replace with the actual name of your OKE cluster
        region: 'us-ashburn-1',   // replace with the relevant OCI region
        vpcId: 'ocid1.vpc...',     // replace with your VPC OCID
        // Define more values as per your requirements.
    },
}, { provider: k8sProvider });

// Export the ALB Ingress Controller service endpoint if applicable.
export const albIngressControllerEndpoint = albControllerChart.getResourceProperty(
    'v1/Service', 'aws-load-balancer-controller', 'status'
).apply(status => status.loadBalancer.ingress[0].hostname);

```

What the code above does:

- It sets up an OCI provider configuration using your OCI account details.
- It then assumes that you have already provisioned an OKE cluster (either via the OCI console or Pulumi) and that you have configured your `kubeconfig` correctly to communicate with this cluster.
- Next, it uses the `k8s.Provider` class to create a provider instance that allows Pulumi to interact with the Kubernetes API of your OKE cluster.
- Using the `k8s.helm.v3.Chart` resource, the code deploys the "aws-load-balancer-controller" Helm chart to the OKE cluster.
- Finally, it exports the endpoint of the ALB Ingress Controller service if it's exposed as a LoadBalancer service so you can use the hostname to access it.

Please replace placeholder values such as the chart version, repo URL, cluster name, region, VPC OCID, etc., with the actual values you have.

To run this Pulumi program, save the code into a file named `index.ts` inside a Pulumi project directory, and run `pulumi up`. The Pulumi CLI will execute the code and provision the resources as specified.