Deploy the resource-manager-operator helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on Google Kubernetes Engine (GKE) using Pulumi, you'll generally need to follow these steps:

1. Set up a GKE cluster or have one ready to use.
2. Install and configure Pulumi with the appropriate cloud provider (Google Cloud in this case).
3. Write and run a Pulumi program that deploys the Helm chart to GKE.

Let's go through each of these steps to understand what's involved, and I'll provide you with a Pulumi TypeScript program that accomplishes this task.

### Step 1: Set up a GKE Cluster

Before you can deploy a Helm chart, you must have a GKE cluster running. You can set this up through the Google Cloud Console, `gcloud` CLI, or using Pulumi to provision one if you don't already have a cluster.

### Step 2: Install and Configure Pulumi

You need to have Pulumi CLI installed on your machine. After installing Pulumi, log in with `pulumi login` and configure your Google Cloud credentials using `gcloud auth application-default login`.

### Step 3: Write a Pulumi Program

We'll use Pulumi's GKE support to work with the cluster and Pulumi's Kubernetes provider to deploy a Helm chart. Here's the Pulumi program that does this:

```typescript
import * as k8s from "@pulumi/kubernetes";
import * as gcp from "@pulumi/gcp";

// Step 1: Create or configure access to an existing GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
  // ... specify your cluster configuration
});

// Once the cluster is available, configure Pulumi to use the cluster's Kubernetes API
const kubeconfig = () => {
  const context = gcp.container.getCluster({
    name: cluster.name,
    location: cluster.location,
    project: cluster.project,
  });

return context.then(ctx => ctx.masterAuth.clusterCaCertificate).apply(
    caCertificate => ctx.masterAuth.clientCertificate).apply(
    clientCertificate => ctx.masterAuth.clientKey).apply(
    clientKey => ctx.endpoint).apply(endpoint => {
    return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${caCertificate}
    server: https://${endpoint}
  name: gke
contexts:
- context:
    cluster: gke
    user: gke
  name: gke
current-context: gke
kind: Config
preferences: {}
users:
- name: gke
  user:
    client-certificate-data: ${clientCertificate}
    client-key-data: ${clientKey}
    `;
  });
};

// Step 2: Declare the Helm chart for the resource-manager-operator
const chart = new k8s.helm.v3.Chart("resource-manager-operator", {
  chart: "resource-manager-operator",
  version: "1.2.3", // ... specify the version you want to deploy
  // Optionally customize the installation, for example by specifying values or namespace
  namespace: "default",
  fetchOpts: {
    repo: "http://charts.example.com/", // ... specify the repository URL of the Helm chart
  },
}, { providers: { kubernetes: new k8s.Provider("k8s-provider", { kubeconfig: kubeconfig() }) }});

export const chartName = chart.name;
```

Let's break down this program:

- First, we import Pulumi's Kubernetes and GCP packages. These are necessary to interact with both our GKE cluster and the Kubernetes API from our Pulumi program.
- We then declare a `gcp.container.Cluster` to either define a new GKE cluster or to configure our Pulumi program to interact with an existing one.
- We set up access to the Kubernetes cluster by creating a `kubeconfig` variable. This contains credentials for interacting with the Kubernetes API and is necessary for Pulumi's Kubernetes provider.
- We declare a `k8s.helm.v3.Chart` object which represents the Helm chart we want to deploy. Replace the placeholder values with the actual details of the Helm chart such as `chart`, `version`, and `repo`.
- Finally, we export the name of the chart as a stack output. This can be useful if we want to use the output values of this Pulumi stack in other programs or stacks.

### Running the Program

To initialize a new Pulumi project, use the following commands in your terminal:

```bash
mkdir my-gke-helm-deployment && cd my-gke-helm-deployment
pulumi new typescript
```

Replace the generated `index.ts` with the above TypeScript code. You may need to adjust the placeholders with actual values as per your requirement, like the chart name, version, and Kubernetes namespace, and specify the Helm chart's repository URL.

Install the required packages by running the following command in the terminal:

```bash
npm install @pulumi/kubernetes @pulumi/gcp
```

Finally, run `pulumi up` to deploy your Helm chart on the GKE cluster. If everything is correctly set up, Pulumi will provision the resources described in your program, and your Helm chart will be deployed to the GKE cluster.