Deploy the openunison-k8s-login-oidc helm chart on Digital Ocean Kubernetes Service
TypeScriptTo deploy the
openunison-k8s-login-oidc
Helm chart on the Digital Ocean Kubernetes Service using Pulumi, we will follow these steps:- Create a Kubernetes cluster on Digital Ocean using the
digitalocean.KubernetesCluster
resource. This represents the Kubernetes cluster on which our OIDC-enabled applications will run. - Install the Helm chart using the
kubernetes.helm.v3.Chart
resource, which allows us to deploy Helm charts on a Kubernetes cluster.
We will proceed with these resources step by step, and here is a program illustrating how you could write this in TypeScript using Pulumi.
Before we get started with the code, make sure you have Pulumi installed and configured to use the Digital Ocean provider. This typically involves setting up your Digital Ocean access token as an environment variable (
DIGITALOCEAN_TOKEN
) for Pulumi to use.Here is the Pulumi program that you can use to deploy the
openunison-k8s-login-oidc
Helm chart on a Digital Ocean Kubernetes cluster:import * as digitalocean from "@pulumi/digitalocean"; import * as kubernetes from "@pulumi/kubernetes"; import * as pulumi from "@pulumi/pulumi"; // Create a new Digital Ocean Kubernetes cluster. const cluster = new digitalocean.KubernetesCluster("do-k8s-cluster", { region: "nyc3", version: "latest", nodePool: { name: "default", size: "s-2vcpu-2gb", nodeCount: 2, }, }); // Export the cluster's kubeconfig. export const kubeconfig = cluster.kubeConfigs[0].rawConfig; // Create a provider instance using the kubeconfig from the created cluster. const k8sProvider = new kubernetes.Provider("k8s-provider", { kubeconfig: kubeconfig, }); // Use the Helm chart resource to deploy openunison-k8s-login-oidc. const openunisonChart = new kubernetes.helm.v3.Chart("openunison-login", { chart: "openunison-k8s-login-oidc", version: "<Specify Desired Chart Version>", // Replace with the desired chart version fetchOpts: { repo: "https://tremolosecurity.github.io/helm", // Repository where the chart is located }, // Set the values for the chart as needed. values: { // Provide appropriate values for the chart }, }, { provider: k8sProvider }); // Export the endpoint to access the application. export const openunisonEndpoint = openunisonChart.getResourceProperty( "v1/Service", "openunison/openunison-orchestra", "status" ).apply(status => status.loadBalancer.ingress[0].ip);
This program performs the following actions:
-
It creates a Kubernetes cluster in the "nyc3" region with the "latest" version of Kubernetes supported by Digital Ocean. The cluster has a pool of 2 nodes of size "s-2vcpu-2gb".
-
The
kubeconfig
of the created cluster is exported so that it can be used by the Kubernetes provider instantiated next. -
A
k8sProvider
is created using the exportedkubeconfig
. This Kubernetes provider will be used for all subsequent Kubernetes resources to ensure they are deployed to the created Digital Ocean cluster. -
The
openunison-k8s-login-oidc
Helm chart is deployed to the cluster using thekubernetes.helm.v3.Chart
resource. -
Values are set for the chart as needed, you would need to replace the placeholders with the actual configuration values required by the Helm chart.
-
An endpoint from the
openunison-k8s-login-oidc
service is exported. This is the IP you would use to access the deployed application.
The
kubeconfig
andopenunisonEndpoint
are exported so you can use these outside of Pulumi to interact with your cluster and application.Replace the placeholder
<Specify Desired Chart Version>
with the version of the Helm chart you wish to deploy, and remember to fill in thevalues
section with the chart's parameters specific to your use case.To use this code, save it to a file named
index.ts
, and runpulumi up
from within that directory in the terminal. Make sure to have Pulumi CLI installed and have runpulumi login
previously.This will setup the infrastructure on Digital Ocean and deploy the
openunison-k8s-login-oidc
Helm chart as configured.- Create a Kubernetes cluster on Digital Ocean using the