Deploy the web-service helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a web-service Helm chart on Google Kubernetes Engine (GKE), you would need to perform the following steps:

1. **Create a GKE cluster**: Provision a Kubernetes cluster using the GKE service in Google Cloud Platform (GCP).
2. **Install Helm**: Make sure Helm is installed on your local machine or wherever you plan to run Pulumi from because Pulumi's `helm.v3.Release` resource will utilize the Helm CLI.
3. **Deploy the Helm chart**: Utilize Pulumi's Helm integration to deploy your web-service chart onto the GKE cluster.

Here's a detailed walk-through with Pulumi using TypeScript:

### Prerequisites

Before you begin, make sure you have the following installed:

- **Pulumi CLI**: You'll need the Pulumi CLI to instantiate and manage your infrastructure.
- **Google Cloud SDK (gcloud)**: This is necessary to authenticate with GCP.
- **Helm**: This is required for Pulumi's Helm Release resource to work, as it uses the Helm binary under the hood.
- **Node.js and npm**: Since we're using TypeScript, these are required to run the Pulumi program.

### Pulumi Program (TypeScript)

We are going to write a Pulumi program that will:

- Create a GKE cluster.
- Use the Pulumi Kubernetes provider to interact with the GKE cluster.
- Deploy a Helm chart to the GKE cluster.

Here's the TypeScript code that accomplishes this:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create a GKE cluster
const cluster = new gcp.container.Cluster("gke-cluster", {
    initialNodeCount: 2,
    nodeVersion: "latest",
    minMasterVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1", // This is a standard type, you may choose according to your needs
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Step 2: Configure Kubernetes provider to connect to the GKE cluster
const k8sProvider = new k8s.Provider("gke-k8s", {
    kubeconfig: pulumi.
        all([cluster.name, cluster.endpoint, cluster.masterAuth]).
        apply(([name, endpoint, masterAuth]) => {
            const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
            return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
        }),
});

// Step 3: Deploy a Helm chart to the GKE cluster
const chart = new k8s.helm.v3.Release("web-service", {
    chart: "nginx", // The name of the chart, replace with 'web-service' or relevant name.
    version: "1.16.1", // Specify the exact chart version
    namespace: "default", // The Kubernetes namespace in which to deploy this chart.
    // Retrieve values from a separate file or define them here
    values: {
        service: {
            type: "LoadBalancer",
        },
    },
}, { provider: k8sProvider });

// Export the Service URL
export const serviceUrl = pulumi.interpolate`http://${chart.status.apply(status => status.loadBalancer.ingress[0].ip)}`;

```

In this program:

- We start by defining a GKE cluster with the `gcp.container.Cluster` resource, specifying the initial number of nodes, node version, and machine type.
- Once the cluster is created, we export its name.
- Next, we set up the `k8s.Provider` which configures Pulumi to use the kubeconfig from our GKE cluster, enabling Pulumi to interact with our GKE cluster.
- Finally, we deploy an Nginx Helm chart as an example Helm chart. You would replace `"nginx"` and its corresponding `version` with your web-service chart details. We use the `k8s.helm.v3.Release` resource to deploy the chart to your GKE cluster in the default namespace. The chart values include a service of type `LoadBalancer`, which would create a load balancer for your service when the Helm chart is deployed.
- We then export the external IP address of the deployed service. You can visit this IP in a browser to see the deployed web service, once it's running.

To run this Pulumi program, install the necessary packages:

```bash
npm install @pulumi/pulumi @pulumi/gcp @pulumi/kubernetes
```

You can save this code in a file, such as `index.ts`, and initialize a Pulumi project. Run the following commands in the terminal at the same location as your `index.ts`:

```bash
pulumi new typescript --dir my-k8s-project --force
cd my-k8s-project
# Copy the index.ts content into the `index.ts` inside the my-k8s-project directory.
pulumi up
```

The `pulumi up` command will create the resources in GCP. Once completed, it will output the name of your cluster and the service URL that you can open in your browser.