Deploy the gardener-webterminal helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the Gardener Web Terminal Helm chart on a Google Kubernetes Engine (GKE) cluster, you'll need to perform the following steps:

1. Set up and configure a GKE cluster.
2. Install the Helm CLI tool if not already installed.
3. Use the Helm Pulumi resource to deploy the chart onto the GKE cluster.

Below, I'm going to write a Pulumi program in TypeScript to illustrate these steps:

### Prerequisites

Before running the Pulumi program, make sure you have the following prerequisites:

- A Google Cloud Platform (GCP) account.
- `gcloud` CLI is installed and configured with your GCP credentials. Follow the [gcloud installation guide](https://cloud.google.com/sdk/docs/install) if needed.
- Pulumi CLI installed. If needed, follow the [Pulumi installation instructions](https://www.pulumi.com/docs/get-started/install/).
- Node.js and npm installed.

After making sure you have all the prerequisites, you can begin by creating a new Pulumi project:

```shell
pulumi new typescript
```

### Explanation and Pulumi Program

Let's create the GKE cluster first. We will use the `@pulumi/gcp` package which provides convenience classes to create and manage GKE clusters.

```typescript
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("gardener-webterminal-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest", // Alternatively, specify your desired version.
    nodeVersion: "latest",
    nodeConfig: {
        // Choose the machine type that fits the size/requirements of your workload
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/cloud-platform",
        ],
    },
});

// Export the Kubeconfig
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Deploy the gardener-webterminal helm chart
const gardenerWebterminalChart = new k8s.helm.v3.Chart("gardener-webterminal", {
   chart: "webterminal",
   version: "1.0.0", // Specify the version of the chart you wish to deploy
   fetchOpts:{
       repo: "http://charts.gardener.cloud/stable", // URL of the Helm repository
   },
}, { provider: k8sProvider });

// Export the web terminal endpoint
export const webTerminalEndpoint = "http://gardener-webterminal.example.com";
```

Let's break down what this Pulumi program does:

1. `gcp.container.Cluster`: Creates a new Google Kubernetes Engine cluster with the specified node count and machine type.
2. `kubeconfig`: Pulumi automatically generates a kubeconfig file that you can use to interact with your GKE cluster using `kubectl`.
3. `k8s.Provider`: Creates a new Kubernetes provider that knows how to communicate with the newly created GKE cluster using the kubeconfig.
4. `k8s.helm.v3.Chart`: Deploys the Gardener Web Terminal Helm chart to your GKE cluster, referencing the Helm chart name and version as well as the URL to the Helm repository.

Keep in mind that you may need to adjust the Helm chart version, machine type, initial node count, etc., based on the actual requirements and available options for the Gardener Web Terminal Helm chart and your GKE setup.

To run this Pulumi program, you would navigate to the directory containing this program and execute:

```shell
pulumi up
```

This command will provision the resources as declared in the TypeScript code.

### Notes:
- Replace `http://gardener-webterminal.example.com` with the actual endpoint that you're expecting to deploy the web terminal to. This value may need to be determined after deploying the Helm chart by inspecting the service or ingress that it creates.
- The version `1.0.0` of the chart is a placeholder. Make sure to check for the actual chart version you want to deploy.
- Depending on your Helm chart's requirements, you might need to pass additional configuration options to the `k8s.helm.v3.Chart` resource.
- Ensure you have enabled the GKE APIs within your GCP console for the project you are deploying resources into.

This is a basic deployment, and you may need to customize security, networking, or other advanced configurations. You can explore further customization by referring to Pulumi's documentation on [GKE Clusters](https://www.pulumi.com/registry/packages/gcp/api-docs/container/cluster/) and [Helm charts](https://www.pulumi.com/registry/packages/kubernetes/api-docs/helm/v3/chart/).