Skip to content

Commit

Permalink
azure-go-aks-helm: ported from TypeScript (pulumi#948)
Browse files Browse the repository at this point in the history 
* Port azure-ts-aks-helm example to Go

* Fix README
  • Loading branch information
@t0yv0
t0yv0 authored Mar 18, 2021
1 parent c8461ac commit 2a10da7
Show file tree
Hide file tree
Showing 7 changed files with 738 additions and 0 deletions.
3 changes: 3 additions & 0 deletions azure-go-aks-helm/Pulumi.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
name: azure-ts-aks-helm
runtime: go
description: Azure Native Go Pulumi example featuring Helm chart deployment to AKS
109 changes: 109 additions & 0 deletions azure-go-aks-helm/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
[![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new)

# Azure Kubernetes Service (AKS) Cluster and Helm Chart

This example demonstrates creating an [Azure Kubernetes Service (AKS)](https://docs.microsoft.com/en-us/azure/aks/)
cluster and deploying a Helm Chart from [Bitnami Helm chart repository](https://github.com/bitnami/charts)
into this cluster, all in one Pulumi program.

The example showcases the [native Azure provider for Pulumi](https://www.pulumi.com/docs/intro/cloud-providers/azure/).


## Prerequisites

- Install [Pulumi](https://www.pulumi.com/docs/get-started/install/).

- Install [Go](https://golang.org)

- We will be deploying to Azure, so you will need an Azure account. If
you do not have an account, [sign up for free here](https://azure.microsoft.com/en-us/free/).

- Setup and authenticate the [native Azure provider for Pulumi](https://www.pulumi.com/docs/intro/cloud-providers/azure/setup/).


## Running the Example

In this example we will provision a Kubernetes cluster running a
public Apache web server, verify we can access it, and clean up when
done.

1. Get the code:

```bash
$ git clone [email protected]:pulumi/examples.git
$ cd examples/azure-go-aks-helm
```

2. Restore dependencies and build:

```bash
$ go build
```

3. Create a new stack, which is an isolated deployment target for this example:

```bash
$ pulumi stack init
```

4. Set the required configuration variables for this program:

```bash
$ pulumi config set azure-native:location westus2
```

5. Deploy everything with the `pulumi up` command. This provisions
all the Azure resources necessary, including an Active Directory
service principal, AKS cluster, and then deploys the Apache Helm
Chart, all in a single gesture (takes 5-10 min):

```bash
$ pulumi up
```

6. Now your cluster and Apache server are ready. Several output
variables will be printed, including your cluster name
(`clusterName`), Kubernetes config (`kubeconfig`) and server IP
address (`apacheServiceIP`).

Using these output variables, you may access your Apache server:

```bash
$ curl $(pulumi stack output apacheServiceIP)
<html><body><h1>It works!</h1></body></html>
```

And you may also configure your `kubectl` client using the
`kubeConfig` configuration:

```bash
$ pulumi stack output kubeconfig --show-secrets > kubeconfig.yaml
$ KUBECONFIG=./kubeconfig.yaml kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
apache-chart LoadBalancer 10.0.154.121 40.125.100.104 80:30472/TCP,443:30364/TCP 8m
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 8m
```

7. At this point, you have a running cluster. Feel free to modify
your program, and run `pulumi up` to redeploy changes. The Pulumi
CLI automatically detects what has changed and makes the minimal
edits necessary to accomplish these changes. This could be
altering the existing chart, adding new Azure or Kubernetes
resources, or anything, really.

TIP: if you make changes to the example code outside of an IDE,
run the Go compiler after every change:

```bash
$ go build
```

8. Once you are done, you can destroy all of the resources, and the
stack:

```bash
$ pulumi destroy
$ pulumi stack rm
$ rm kubeconfig.yaml
```
130 changes: 130 additions & 0 deletions azure-go-aks-helm/cluster.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
// Copyright 2016-2021, Pulumi Corporation. All rights reserved.
//
// Functions to provision and interact with an AKS cluster.

package main

import (
"encoding/base64"

cs "github.com/pulumi/pulumi-azure-native/sdk/go/azure/containerservice"
"github.com/pulumi/pulumi-azure-native/sdk/go/azure/resources"
"github.com/pulumi/pulumi-azuread/sdk/v3/go/azuread"
"github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

type ClusterInfo struct {
ManagedCluster *cs.ManagedCluster
ResourceGroup *resources.ResourceGroup
}

func buildCluster(ctx *pulumi.Context, cfg Config) (*ClusterInfo, error) {
resourceGroup, err := resources.NewResourceGroup(ctx, "rg", nil)
if err != nil {
return nil, err
}

adApp, err := azuread.NewApplication(ctx, "app",
&azuread.ApplicationArgs{
Name: pulumi.String("app"),
})
if err != nil {
return nil, err
}

adSp, err := azuread.NewServicePrincipal(ctx, "service-principal",
&azuread.ServicePrincipalArgs{
ApplicationId: adApp.ApplicationId,
})
if err != nil {
return nil, err
}

adSpPassword, err := azuread.NewServicePrincipalPassword(ctx, "sp-password",
&azuread.ServicePrincipalPasswordArgs{
ServicePrincipalId: adSp.ID(),
Value: cfg.Password,
EndDate: pulumi.String("2099-01-01T00:00:00Z"),
})
if err != nil {
return nil, err
}

k8sCluster, err := cs.NewManagedCluster(ctx, "cluster",
&cs.ManagedClusterArgs{
ResourceGroupName: resourceGroup.Name,
AddonProfiles: cs.ManagedClusterAddonProfileMap{
"KubeDashboard": cs.ManagedClusterAddonProfileArgs{
Enabled: pulumi.Bool(true),
},
},
AgentPoolProfiles: cs.ManagedClusterAgentPoolProfileArray{
cs.ManagedClusterAgentPoolProfileArgs{
Count: pulumi.Int(cfg.NodeCount),
VmSize: pulumi.String(cfg.NodeSize),
MaxPods: pulumi.Int(110),
Mode: pulumi.String("System"),
Name: pulumi.String("agentpool"),
OsDiskSizeGB: pulumi.Int(30),
OsType: pulumi.String("Linux"),
Type: pulumi.String("VirtualMachineScaleSets"),
},
},
DnsPrefix: resourceGroup.Name,
EnableRBAC: pulumi.Bool(true),
KubernetesVersion: pulumi.String(cfg.K8sVersion),
LinuxProfile: cs.ContainerServiceLinuxProfileArgs{
AdminUsername: pulumi.String(cfg.AdminUserName),
Ssh: cs.ContainerServiceSshConfigurationArgs{
PublicKeys: cs.ContainerServiceSshPublicKeyArray{
cs.ContainerServiceSshPublicKeyArgs{
KeyData: cfg.SshPublicKey,
},
},
},
},
NodeResourceGroup: pulumi.String("node-resource-group"),
ServicePrincipalProfile: cs.ManagedClusterServicePrincipalProfileArgs{
ClientId: adApp.ApplicationId,
Secret: adSpPassword.Value,
},
})

return &ClusterInfo{
ManagedCluster: k8sCluster,
ResourceGroup: resourceGroup,
}, nil
}

func getKubeconfig(ctx *pulumi.Context, cluster *ClusterInfo) pulumi.StringOutput {
return pulumi.All(cluster.ManagedCluster.Name, cluster.ResourceGroup.Name).
ApplyString(func(names []interface{}) (string, error) {
k8sClusterName := names[0].(string)
resourceGroupName := names[1].(string)
out, err := cs.ListManagedClusterUserCredentials(ctx,
&cs.ListManagedClusterUserCredentialsArgs{
ResourceGroupName: resourceGroupName,
ResourceName: k8sClusterName,
},
)
if err != nil {
return "", err
}
decoded, err := base64.StdEncoding.DecodeString(out.Kubeconfigs[0].Value)
if err != nil {
return "", err
}
return string(decoded), nil
})
}

func buildProvider(
ctx *pulumi.Context,
cluster *ClusterInfo,
kubeConfig pulumi.StringOutput) (*kubernetes.Provider, error) {

return kubernetes.NewProvider(ctx, "k8s-provider", &kubernetes.ProviderArgs{
Kubeconfig: kubeConfig,
})
}
86 changes: 86 additions & 0 deletions azure-go-aks-helm/config.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
// Copyright 2016-2021, Pulumi Corporation. All rights reserved.
//
// Configures the example. If password and public key for connecting
// to the cluster are not set with `pulumi config`, we generate a
// random password and key pair.

package main

import (
"github.com/pulumi/pulumi-random/sdk/v3/go/random"
"github.com/pulumi/pulumi-tls/sdk/v2/go/tls"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi/config"
)

type Config struct {
K8sVersion string
Password pulumi.StringInput
GeneratedKeyPair *tls.PrivateKey
AdminUserName string
SshPublicKey pulumi.StringInput
NodeCount int
NodeSize string
}

func configure(ctx *pulumi.Context) (Config, error) {
out := Config{}

cfg := config.New(ctx, "")

out.K8sVersion = cfg.Get("k8sVersion")
if out.K8sVersion == "" {
out.K8sVersion = "1.18.14"
}

generatedKeyPair, err := tls.NewPrivateKey(ctx, "ssh-key",
&tls.PrivateKeyArgs{
Algorithm: pulumi.String("RSA"),
RsaBits: pulumi.Int(4096),
})
if err != nil {
return Config{}, err
}
out.GeneratedKeyPair = generatedKeyPair

pw := cfg.Get("password")
if pw == "" {
randPW, err := random.NewRandomPassword(ctx, "pw",
&random.RandomPasswordArgs{
Length: pulumi.Int(20),
Special: pulumi.Bool(true),
})

if err != nil {
return Config{}, err
}

out.Password = randPW.Result
} else {
out.Password = pulumi.String(pw)
}

out.AdminUserName = cfg.Get("adminUserName")
if out.AdminUserName == "" {
out.AdminUserName = "testuser"
}

sshPubKey := cfg.Get("sshPublicKey")
if sshPubKey == "" {
out.SshPublicKey = generatedKeyPair.PublicKeyOpenssh
} else {
out.SshPublicKey = pulumi.String(sshPubKey)
}

out.NodeCount = cfg.GetInt("nodeCount")
if out.NodeCount == 0 {
out.NodeCount = 2
}

out.NodeSize = cfg.Get("nodeSize")
if out.NodeSize == "" {
out.NodeSize = "Standard_D2_v2"
}

return out, nil
}
12 changes: 12 additions & 0 deletions azure-go-aks-helm/go.mod
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
module go-ex

go 1.15

require (
github.com/pulumi/pulumi-azure-native/sdk v0.7.1
github.com/pulumi/pulumi-azuread/sdk/v3 v3.5.0
github.com/pulumi/pulumi-kubernetes/sdk/v2 v2.8.2
github.com/pulumi/pulumi-random/sdk/v3 v3.1.0 // indirect
github.com/pulumi/pulumi-tls/sdk/v2 v2.5.0 // indirect
github.com/pulumi/pulumi/sdk/v2 v2.21.2
)
Loading

0 comments on commit 2a10da7

Please sign in to comment.