azure-py-aks-helm (pulumi#951)

* Initial ts->py example port

* Working Python example

* Fixes

* Fix markdown typo

* Copyright in all py files

azure-py-aks-helm/.gitignore

@@ -0,0 +1,3 @@
+*.pyc
+venv/
+.vscode

azure-py-aks-helm/Pulumi.yaml

@@ -0,0 +1,6 @@
+name: azure-py-aks-helm
+runtime:
+  name: python
+  options:
+    virtualenv: venv
+description: Azure Native Python Pulumi example featuring Helm chart deployment to AKS

azure-py-aks-helm/README.md

@@ -0,0 +1,100 @@
+[![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new)
+
+# Azure Kubernetes Service (AKS) Cluster and Helm Chart
+
+This example demonstrates creating an [Azure Kubernetes Service (AKS)](https://docs.microsoft.com/en-us/azure/aks/)
+cluster and deploying a Helm Chart from [Bitnami Helm chart repository](https://github.com/bitnami/charts)
+into this cluster, all in one Pulumi program.
+
+The example showcases the [native Azure provider for Pulumi](https://www.pulumi.com/docs/intro/cloud-providers/azure/).
+
+
+## Prerequisites
+
+- Install [Pulumi](https://www.pulumi.com/docs/get-started/install/).
+
+- Install [Python 3.6](https://www.python.org/downloads/) or higher.
+
+- We will be deploying to Azure, so you will need an Azure account. If
+  you do not have an account, [sign up for free here](https://azure.microsoft.com/en-us/free/).
+
+- Setup and authenticate the [native Azure provider for Pulumi](https://www.pulumi.com/docs/intro/cloud-providers/azure/setup/).
+
+
+## Running the Example
+
+In this example we will provision a Kubernetes cluster running a
+public Apache web server, verify we can access it, and clean up when
+done.
+
+1.  Get the code:
+
+    ```bash
+    $ git clone [email protected]:pulumi/examples.git
+    $ cd examples/azure-py-aks-helm
+    ```
+
+2.  Create a new stack, which is an isolated deployment target for this example:
+
+    ```bash
+    $ pulumi stack init
+    ```
+
+3.  Set the required configuration variables for this program:
+
+    ```bash
+    $ pulumi config set azure-native:location westus2
+    ```
+
+4.  Deploy everything with the `pulumi up` command. This provisions
+    all the Azure resources necessary, including an Active Directory
+    service principal, AKS cluster, and then deploys the Apache Helm
+    Chart, all in a single gesture (takes 5-10 min):
+
+    ```bash
+    $ pulumi up
+    ```
+
+	Note: this command will create a virtual environment and restore
+    dependencies automatically as described in [Pulumi
+    docs](https://www.pulumi.com/docs/intro/languages/python/#virtual-environments).
+
+5.  Now your cluster and Apache server are ready. Several output
+    variables will be printed, including your cluster name
+    (`cluster_name`), Kubernetes config (`kubeconfig`) and server IP
+    address (`apache_service_ip`).
+
+    Using these output variables, you may access your Apache server:
+
+    ```bash
+    $ curl $(pulumi stack output apache_service_ip)
+    <html><body><h1>It works!</h1></body></html>
+    ```
+
+    And you may also configure your `kubectl` client using the
+    `kubeconfig` configuration:
+
+    ```bash
+    $ pulumi stack output kubeconfig --show-secrets > kubeconfig.yaml
+    $ KUBECONFIG=./kubeconfig.yaml kubectl get service
+
+    NAME           TYPE           CLUSTER-IP     EXTERNAL-IP      PORT(S)                      AGE
+    apache-chart   LoadBalancer   10.0.154.121   40.125.100.104   80:30472/TCP,443:30364/TCP   8m
+    kubernetes     ClusterIP      10.0.0.1       <none>           443/TCP                      8m
+    ```
+
+6.  At this point, you have a running cluster. Feel free to modify
+    your program, and run `pulumi up` to redeploy changes. The Pulumi
+    CLI automatically detects what has changed and makes the minimal
+    edits necessary to accomplish these changes. This could be
+    altering the existing chart, adding new Azure or Kubernetes
+    resources, or anything, really.
+
+7.  Once you are done, you can destroy all of the resources, and the
+    stack:
+
+    ```bash
+    $ pulumi destroy
+    $ pulumi stack rm
+    $ rm kubeconfig.yaml
+    ```

azure-py-aks-helm/__main__.py

@@ -0,0 +1,29 @@
+# Copyright 2016-2021, Pulumi Corporation.  All rights reserved.
+
+"""Provisions Apache via a Helm chart onto an AKS cluster created in
+`cluster.py`.
+
+"""
+
+import pulumi
+from pulumi.resource import ResourceOptions
+from pulumi_kubernetes.helm.v3 import Chart, ChartOpts
+
+import cluster
+
+
+apache = Chart('apache-chart',
+    ChartOpts(
+        chart='apache',
+        version='8.3.2',
+        fetch_opts={'repo': 'https://charts.bitnami.com/bitnami'}),
+    ResourceOptions(provider=cluster.k8s_provider))
+
+
+apache_service_ip = apache.get_resource('v1/Service', 'apache-chart').apply(
+    lambda res: res.status.load_balancer.ingress[0].ip)
+
+
+pulumi.export('cluster_name', cluster.k8s_cluster.name)
+pulumi.export('kubeconfig', cluster.kubeconfig)
+pulumi.export('apache_service_ip', apache_service_ip)

azure-py-aks-helm/cluster.py

@@ -0,0 +1,79 @@
+# Copyright 2016-2021, Pulumi Corporation.  All rights reserved.
+
+"""Provisions an AKS cluster."""
+
+
+import base64
+
+from pulumi_azure_native import resources, containerservice
+import pulumi
+import pulumi_azuread as azuread
+import pulumi_kubernetes as k8s
+
+import config
+
+
+resource_group = resources.ResourceGroup('rg')
+
+
+ad_app = azuread.Application('app', display_name='app')
+
+
+ad_sp = azuread.ServicePrincipal('service-principal',
+    application_id=ad_app.application_id)
+
+
+ad_sp_password = azuread.ServicePrincipalPassword('sp-password',
+    service_principal_id=ad_sp.id,
+    value=config.password,
+    end_date='2099-01-01T00:00:00Z')
+
+
+k8s_cluster = containerservice.ManagedCluster('cluster',
+    resource_group_name=resource_group.name,
+    addon_profiles={
+        'KubeDashboard': {
+            'enabled': True,
+        },
+    },
+    agent_pool_profiles=[{
+        'count': config.node_count,
+        'max_pods': 110,
+        'mode': 'System',
+        'name': 'agentpool',
+        'node_labels': {},
+        'os_disk_size_gb': 30,
+        'os_type': 'Linux',
+        'type': 'VirtualMachineScaleSets',
+        'vm_size': config.node_size,
+    }],
+    dns_prefix=resource_group.name,
+    enable_rbac=True,
+    kubernetes_version=config.k8s_version,
+    linux_profile={
+        'admin_username': config.admin_username,
+        'ssh': {
+            'publicKeys': [{
+                'keyData': config.ssh_public_key,
+            }],
+        },
+    },
+    node_resource_group='node-resource-group',
+    service_principal_profile={
+        'client_id': ad_app.application_id,
+        'secret': ad_sp_password.value,
+    })
+
+
+creds = pulumi.Output.all(resource_group.name, k8s_cluster.name).apply(
+    lambda args:
+    containerservice.list_managed_cluster_user_credentials(
+        resource_group_name=args[0],
+        resource_name=args[1]))
+
+
+kubeconfig = creds.kubeconfigs[0].value.apply(
+    lambda enc: base64.b64decode(enc).decode())
+
+
+k8s_provider = k8s.Provider('k8s-provider', kubeconfig=kubeconfig)

azure-py-aks-helm/config.py

@@ -0,0 +1,38 @@
+# Copyright 2016-2021, Pulumi Corporation.  All rights reserved.
+
+"""Configures the example. If password and public key for connecting
+to the cluster are not set with `pulumi config`, we generate a random
+password and key pair.
+
+"""
+
+from pulumi import Config
+from pulumi_random import RandomPassword
+from pulumi_tls import PrivateKey
+
+
+config = Config()
+
+
+k8s_version = config.get('k8sVersion') or '1.18.14'
+
+
+password = config.get('password') or RandomPassword('pw',
+    length=20, special=True)
+
+
+generated_key_pair = PrivateKey('ssh-key',
+    algorithm='RSA', rsa_bits=4096)
+
+
+admin_username = config.get('adminUserName') or 'testuser'
+
+
+ssh_public_key = config.get('sshPublicKey') or \
+    generated_key_pair.public_key_openssh
+
+
+node_count = config.get_int('nodeCount') or 2
+
+
+node_size = config.get('nodeSize') or 'Standard_D2_v2'

azure-py-aks-helm/requirements.txt

@@ -0,0 +1,6 @@
+pulumi-azuread>=3.0.0,<4.0.0
+pulumi-azure-native>=0.7.0
+pulumi-kubernetes>=2.0.0,<3.0.0
+pulumi-random>=3.0.0,<4.0.0
+pulumi-tls>=3.0.0,<4.0.0
+pulumi>=2.0.0,<3.0.0