Deploy the twampy helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

Deploying a Helm chart on Google Kubernetes Engine (GKE) involves a few steps. We'll need to set up a GKE cluster, configure our local Kubernetes environment to communicate with the cluster, and finally deploy the Helm chart.

Before we begin, make sure you have the following installed:
- Pulumi CLI
- Google Cloud SDK (`gcloud`)
- Helm 3 CLI
- kubectl (which can be installed via the Google Cloud SDK)

Additionally, you should have a Google Cloud account with the necessary permissions to create and manage GKE clusters.

In the Pulumi program below, we will:
1. Create a GKE cluster using Pulumi's GCP provider.
2. Use Pulumi's Kubernetes provider to deploy the Helm chart.

Here is a program in TypeScript that accomplishes the deployment, broken down with explanations:

```typescript
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a new GKE cluster.
const cluster = new gcp.container.Cluster("twampy-cluster", {
    // The location of the cluster - could be a zone or a region, adjust as needed.
    location: "us-central1",
    // Specify the initial node count and configuration.
    initialNodeCount: 2,
    nodeConfig: {
        // Use a standard machine type, this can also be adjusted as per requirements.
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Once the cluster is created, we can access its kubeconfig which allows us to
// interact with the cluster using tools like kubectl and the Helm CLI.
const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// The `k8s.Provider` uses the kubeconfig to configure the Kubernetes API client.
const k8sProvider = new k8s.Provider("gkeK8s", { kubeconfig });

// Deploy the twampy Helm chart to the GKE cluster.
const twampyChart = new k8s.helm.v3.Chart("twampy-chart", {
    chart: "twampy",
    version: "0.1.0", // Specify the version of the chart here.
    fetchOpts: {
        repo: "http://example.com/helm-charts", // Replace with the correct Helm chart repository URL.
    },
}, { provider: k8sProvider });

// Export the public IP address of the twampy service once it's ready.
export const twampyPublicIp = twampyChart.getResourceProperty("v1/Service", "twampy-service", "status").apply(status => status.loadBalancer.ingress[0].ip);
```

In the above program:
- We first declare a GKE cluster. Adjust the location, node count, and machine type as needed for your specific use case.
- We include the required OAuth scopes for nodes to interact with the Google Cloud APIs.
- We generate a kubeconfig using the cluster name, endpoint, and master authentication details.
- We then create an instance of the Kubernetes provider using this kubeconfig, which allows Pulumi to communicate with our new cluster.
- Next, we deploy the Helm chart for "twampy", specifying the chart version and the repository where the chart can be found. Be sure to replace `http://example.com/helm-charts` with the actual URL for the twampy Helm chart repository.
- Finally, we attempt to export the public IP assigned to our twampy service, provided that it's exposed as a LoadBalancer.

Remember to replace placeholders (like the Helm repo URL) with actual values. Also, make sure you have authenticated with GCP and have selected the appropriate project where you want to deploy the cluster using the `gcloud` CLI tool.

Once you've prepared your environment and inserted the correct values into the code, you can use Pulumi to deploy your stack with:

```bash
pulumi up
```

If this is your first time using Pulumi, you might want to visit [Pulumi's Getting Started guide](https://www.pulumi.com/docs/get-started/) for a more comprehensive introduction.