Deploy the haproxytech-haproxy-ingress helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the `haproxytech-haproxy-ingress` Helm chart on Google Kubernetes Engine (GKE), we'll go through the process step-by-step. The process involves:

1. Setting up a GKE cluster.
2. Configuring Pulumi to work with your GKE cluster.
3. Deploying the Helm chart to the GKE cluster.

For this purpose, we will be using Pulumi's TypeScript SDK, which allows us to define our cloud resources using TypeScript programming language. Let's break down the steps into detailed subtasks that are coded out.

### Setting up a GKE Cluster
First, we need to create a Kubernetes cluster in Google Cloud where our ingress controller will run. Using Pulumi's GCP provider, we can define a GKE cluster resource.

### Configuring Pulumi for GKE
After the GKE cluster is provisioned, Pulumi needs to be configured to interact with it. This is typically done by setting up the kubeconfig file, which contains the necessary credentials to communicate with the Kubernetes API server. Pulumi does this automatically for you when the GKE cluster is created in the same Pulumi program.

### Deploying the Helm Chart
Finally, we deploy the `haproxytech-haproxy-ingress` Helm chart on the provisioned GKE cluster. The `kubernetes.helm.v3.Chart` resource from Pulumi's Kubernetes provider is designed to deploy Helm charts.

Below is the full TypeScript program that accomplishes these steps:

```typescript
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Setting up GKE Cluster
const name = "haproxy-ingress-gke-cluster"; // Name of the GKE Cluster

const gkeCluster = new gcp.container.Cluster(name, {
    initialNodeCount: 2,
    minMasterVersion: "latest", // Use the latest version, or specify a version
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1", // Choose the machine type based on your requirements
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Step 2: Configuring Pulumi for GKE
// No additional configuration is needed as Pulumi automatically uses the kubeconfig from the created cluster.

// Export the Cluster name
export const clusterName = gkeCluster.name;

// Obtain the Kubeconfig after creation of the cluster
export const kubeconfig = gkeCluster.name.apply(name => {
    return gcp.container.getCluster({
        name: name,
        location: gkeCluster.location,
        project: gkeCluster.project,
    });
}).kubeconfig;

// Step 3: Deploy the Helm chart on GKE Cluster
const chart = new k8s.helm.v3.Chart("haproxy-ingress", {
    chart: "haproxy-ingress",
    version: "1.16.1", // Use the correct chart version
    fetchOpts: {
        repo: "https://haproxy-ingress.github.io/charts",
    }
}, { provider: new k8s.Provider("k8s-provider", { kubeconfig: kubeconfig }) });

// Export the ingress endpoint to access the Helm chart application
export const ingressEndpoint = chart.getResourceProperty("v1/Service", "haproxy-ingress", "status").apply(status => status.loadBalancer.ingress[0].ip);
```

### Explanation of the Program:

- We import the Pulumi GCP and Kubernetes SDKs, which allow us to interact with Google Cloud Platform services and Kubernetes resources.
- We define a new GKE cluster with a couple of initial nodes. You may need to adjust the machine type and the number of nodes based on your expected workload.
- No explicit kubeconfig setup is needed as Pulumi auto-generates kubeconfig after creating the GKE cluster.
- We then deploy the Helm chart by creating a new chart resource. We specify the chart name, version, and the repo where the chart is hosted.
- We use `getResourceProperty` to extract the ingress IP of the deployed service to make it accessible for external use. This endpoint will allow traffic to reach services managed by the HAProxy Ingress Controller.

After deploying this Pulumi program, the `haproxytech-haproxy-ingress` chart will be up and running in your GKE cluster, which you can interact with using the exported ingress endpoint.

To run this Pulumi program:

1. Ensure you have Pulumi installed and configured for use with GCP.
2. Save the above program in a file, e.g., `index.ts`.
3. Run `pulumi stack init` to create a new stack for your application.
4. Run `pulumi up` to create resources; this will output the resulting ingress endpoint after deployment.

The above code is complete and should work "out of the box" with appropriate GCP project configuration and Pulumi setup. It will spin up a new GKE cluster and deploy the `haproxytech-haproxy-ingress` Helm chart onto it.