def setup_kubernetes_provider(self):
# Now we're gonna configure Pulumi to talk to the controlplane to do k8s stuff.
eks_parent_opts = pulumi.ResourceOptions(
parent=self.eks_cluster_resource)
kubectl_config = pulumi.Output.all(
self.eks_cluster_resource, "us-west-2",
self.endpoint).apply(generateKubectlConfig)
self.kube_provider = pulumi_kubernetes.Provider(
self.cluster_name + "-k8s-provider",
kubeconfig=kubectl_config,
__opts__=eks_parent_opts)
# function.
# That function requires passing values that are not be known until the resources are created.
# Thus, the use of "apply()" to wait for those values before calling the function.
creds = pulumi.Output.all(resource_group.name, k8s_cluster.name).apply(
lambda args: containerservice.list_managed_cluster_user_credentials(
resource_group_name=args[0], resource_name=args[1]))
# The "list_managed_cluster_user_credentials" function returns an array of base64 encoded kubeconfigs.
# So decode the kubeconfig for our cluster but mark it as a secret so Pulumi treats it accordingly.
kubeconfig = pulumi.Output.secret(creds.kubeconfigs[0].value.apply(
lambda enc: base64.b64decode(enc).decode()))
### End of AKS Cluster Related Resources
# The K8s provider which supplies the helm chart resource needs to know how to talk to the K8s cluster.
# So, instantiate a K8s provider using the retrieved kubeconfig.
k8s_provider = k8s.Provider('k8s-provider', kubeconfig=kubeconfig)
# Create a chart resource to deploy apache using the k8s provider instantiated above.
apache = Chart('apache-chart',
ChartOpts(
chart='apache',
version='8.3.2',
fetch_opts={'repo': 'https://charts.bitnami.com/bitnami'}),
opts=ResourceOptions(provider=k8s_provider))
# Get the helm-deployed apache service IP which isn't known until the chart is deployed.
apache_service_ip = apache.get_resource(
'v1/Service',
'apache-chart').apply(lambda res: res.status.load_balancer.ingress[0].ip)
# Correct option using "concat()"
import pulumi
import pulumi_kubernetes as kubernetes
from cluster import aks
k8s_provider = kubernetes.Provider("aks-k8s-provider",
kubeconfig=aks.kube_config_raw)
backend_name = "azure-vote-back"
REDIS_PORT = 6379
azure_vote_back_deployment = kubernetes.apps.v1.Deployment(
"azure_vote_backDeployment",
api_version="apps/v1",
kind="Deployment",
metadata={
"name": backend_name,
},
spec={
"replicas": 1,
"selector": {
"match_labels": {
"app": backend_name,
},
},
"template": {
"metadata": {
"labels": {
"app": backend_name,
},
},
from pulumi_kubernetes.core.v1 import Namespace
from pulumi_kubernetes.storage.v1 import StorageClass
# Get the stack
stack = pulumi.get_stack()
sr = "jaxxstorm/cluster/{}".format(stack)
stack_ref = pulumi.StackReference(sr)
# Get the kubeconfig from the stack
kubeconfig = stack_ref.get_output("kubeConfig")
# Get configuration options
config = pulumi.Config()
namespace = config.require("namespace")
# Set up the provider
provider = k8s.Provider("home.lbrlabs", kubeconfig=kubeconfig)
# Create the namespace
ns = Namespace(
"ns",
metadata={
"name": namespace,
},
opts=pulumi.ResourceOptions(provider=provider),
)
# Install the helm chart
helm.Chart(
"local-volume-provisioner",
helm.LocalChartOpts(path="charts/provisioner",
namespace=ns.metadata["name"],
prefs='{}',
expToken='{.credential.token_expiry}',
tokenKey='{.credential.access_token}')
return config
gke_masterAuth = cluster.master_auth['clusterCaCertificate']
gke_endpoint = cluster.endpoint
gke_context = gcp_project + '_' + gcp_zone + '_' + cluster_name
k8s_config = pulumi.Output.all(
gke_masterAuth, gke_endpoint,
gke_context).apply(lambda args: generate_k8_config(*args))
cluster_provider = pulumi_kubernetes.Provider(cluster_name,
kubeconfig=k8s_config)
ns = Namespace(cluster_name,
__opts__=ResourceOptions(provider=cluster_provider))
gke_deployment = Deployment(
app_name,
metadata={
'namespace': ns,
'labels': app_label,
},
spec={
'replicas': 3,
'selector': {
'matchLabels': app_label
},
'template': {
# Exercise 1
# Create a cluster resource using our custom component resource class
cluster = cluster.Cluster(
'k8scluster',
cluster.ClusterArgs(
resource_group_name=resource_group.name,
password=password,
node_count=node_count,
node_size=node_size,
k8s_version=k8s_version,
admin_username=admin_username,
))
# The K8s provider which supplies the helm chart resource needs to know how to talk to the K8s cluster.
# So, instantiate a K8s provider using the retrieved kubeconfig.
k8s_provider = k8s.Provider('k8s-provider', kubeconfig=cluster.kubeconfig)
# Create a chart resource to deploy apache using the k8s provider instantiated above.
apache = Chart('apache-chart',
ChartOpts(
chart='apache',
version='8.3.2',
fetch_opts={'repo': 'https://charts.bitnami.com/bitnami'}),
opts=ResourceOptions(provider=k8s_provider))
# Get the helm-deployed apache service IP which isn't known until the chart is deployed.
apache_service_ip = apache.get_resource(
'v1/Service',
'apache-chart').apply(lambda res: res.status.load_balancer.ingress[0].ip)
# Correct option using "concat()"
username="******",
),
])
# Export the cluster kubeconfig.
pulumi.export("kubeconfig", cluster.kubeconfig)
# Create a role-based kubeconfig with the named profile and the new
# role mapped into the cluster's RBAC.
role_kubeconfig = cluster.get_kubeconfig(
profile_name=aws.config.profile,
role_arn=cluster_admin_role.arn,
)
pulumi.export("roleKubeconfig", role_kubeconfig)
role_provider = k8s.Provider(
"provider",
kubeconfig=role_kubeconfig,
opts=pulumi.ResourceOptions(depends_on=[cluster.provider]))
# Create a pod with the role-based kubeconfig.
pod = k8s.core.v1.Pod(
"nginx",
spec=k8s.core.v1.PodSpecArgs(containers=[
k8s.core.v1.ContainerArgs(
name="nginx",
image="nginx",
ports=[
k8s.core.v1.ContainerPortArgs(name="http", container_port=80)
],
)
], ),
opts=pulumi.ResourceOptions(provider=role_provider),