Deploy the web-wallet helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

Deploying a Helm chart to a Google Kubernetes Engine (GKE) cluster can be done using Pulumi to both provision the GKE cluster and deploy the Helm chart. To keep things clear and understandable, I'll guide you through each step of the way.

Here's the overall process:
1. First, we'll set up a `gcp.container.Cluster` resource using Pulumi's `gcp` package to create a GKE cluster.
2. Once the GKE cluster is set up, we'll instantiate a Kubernetes provider that knows how to communicate with our GKE cluster.
3. Following that, we'll deploy the web-wallet Helm chart using the `kubernetes.helm.v3.Chart` resource from the `@pulumi/kubernetes` package.

The GKE cluster is where your Kubernetes services and workloads will run, while the Helm chart is a package that contains all the necessary info to create an instance of a web-wallet service on that Kubernetes cluster.

Below is the TypeScript code for the Pulumi program that executes the above tasks:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

const name = "web-wallet";

// Create a GKE cluster
const cluster = new gcp.container.Cluster(name, {
    initialNodeCount: 2,
    minMasterVersion: "latest", // Use the latest available version of GKE
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1", // Represents a small machine type, change as needed
        oauthScopes: [
            "https://www.googleapis.com/auth/cloud-platform",
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the Cluster using kubectl
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes Provider instance that uses our cluster from above
const k8sProvider = new k8s.Provider(name, { kubeconfig: kubeconfig });

// Deploy the web-wallet Helm chart
const webWalletChart = new k8s.helm.v3.Chart(name, {
    chart: "web-wallet", // The name of the Helm chart; make sure this is correct
    version: "1.0.0",    // Specify the chart version
    fetchOpts:{
        repo: "http://charts.example.com/", // URL to the repository where the chart is hosted
    },
}, { provider: k8sProvider });

// Export the web-wallet service's IP or hostname
export const webWalletServiceIp = webWalletChart.getResourceProperty("v1/Service", `${name}-web-wallet`, "status").apply(status => status.loadBalancer.ingress[0].ip || status.loadBalancer.ingress[0].hostname);
```

In this code:

- The `gcp.container.Cluster` class creates a new GKE cluster. We provide it with an initial number of nodes, the machine type, and the necessary OAuth scopes. 
- `kubeconfig` is created based on cluster details to interact with the Kubernetes cluster via `kubectl`.
- Then we create a Kubernetes provider that understands how to communicate with the just provisioned GKE cluster using the generated `kubeconfig`.
- `k8s.helm.v3.Chart` resource is used to install a Helm chart called `web-wallet`. We specify the URL to the Helm chart's repository where it can be fetched from. If `web-wallet` is a placeholder, replace it with the chart's actual name and version, and update the repository URL to point to where your chart is hosted.

To run this Pulumi program, you'll need to install Pulumi and set up the GCP provider. You can follow the get-started guide on Pulumi's website: [Get Started with GCP](https://www.pulumi.com/docs/get-started/gcp/).

Once the setup is complete, save the above code into a file named `index.ts`, and then you can execute the program using the Pulumi command-line tool:

```shell
$ pulumi up
```

This will prompt you whether to perform the deployment as per the above declarations. After confirming, Pulumi will provision the resources in the given order, and eventually, the Helm chart will be deployed to the GKE cluster. After successful deployment, you can view the web-wallet service's IP or hostname in the Pulumi stack's outputs.