Deploy the stateless-nginx helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on Google Kubernetes Engine (GKE), we'll need to go through a few steps:

1. Set up a GKE cluster: Creating a Kubernetes cluster in GKE where our Helm chart will be deployed.

2. Install and configure Helm: Helm is a package manager that will allow us to define, install, and upgrade the `stateless-nginx` chart.

3. Deploy the Helm chart: Using Pulumi to define and deploy the Helm chart to the GKE cluster.

Below, you'll find a detailed TypeScript program that performs these steps using Pulumi.

First off, we will have to create a GKE cluster using Pulumi's `@pulumi/gcp` package. Then we'll set up the Helm release using Pulumi's `@pulumi/kubernetes` package.

Here is the detailed program that accomplishes these steps:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest", // Specify the minimum master version
    nodeVersion: "latest",      // Specify the node version
    nodeConfig: {
        machineType: "n1-standard-1", // Define the machine type for cluster nodes
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the GKE cluster created
export const kubeConfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Deploy nginx Helm chart in the GKE cluster
const nginxHelmChart = new k8s.helm.v3.Chart("nginx", {
    chart: "nginx",
    version: "1.17.10", // Specify the version of the chart
    fetchOpts: {
        repo: "https://charts.bitnami.com/bitnami", // Define which repository to fetch the chart
    },
}, { provider: new k8s.Provider("k8s-provider", { kubeconfig: kubeConfig }) });

// Export the Helm chart resources created
export const nginxHelmResources = nginxHelmChart.resources;
```

In this program, we:

1. Import the necessary Pulumi libraries to interface with Kubernetes and GCP.

2. Define a GKE cluster where our nodes are based on the `n1-standard-1` machine type, which is suitable for small to medium workloads. We also specify the versions and required OAuth scopes for the nodes.

3. Export the cluster's name and generate a kubeconfig file necessary for interfacing with the GKE cluster through `kubectl`.

4. Deploy an nginx Helm chart from Bitnami's Helm chart repository to the GKE cluster using Pulumi's Kubernetes provider. We specify the `nginx` chart version `1.17.10`.

5. Export resources created by the Helm chart, which can be used to further inspect the Kubernetes resources created by the Helm chart using the Pulumi CLI.

When running this program with Pulumi, it will provision a new GKE cluster and deploy the nginx Helm chart into it. You can monitor the progress using the Pulumi CLI and interact with the cluster using `kubectl` with the generated kubeconfig.