Deploy the quay helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the Quay Helm chart on Google Kubernetes Engine (GKE), we must follow several steps:

1. **Create a GKE Cluster**: We begin by creating a GKE cluster where our Helm chart will be deployed. The cluster is the set of compute resources that will run your containerized applications.

2. **Install the Helm Chart**: Once we have our Kubernetes cluster, we use Helm, which is a package manager for Kubernetes, to manage and deploy applications (in this case, the Quay Helm chart).

The following program in TypeScript uses Pulumi to accomplish the above steps:

- The `gcp.container.Cluster` resource is used to create the GKE cluster.
- The `kubernetes.helm.v3.Chart` resource is used to deploy the Quay Helm chart to the created GKE cluster.

Before we proceed with the code, ensure that you have installed Pulumi and have set up your GCP credentials.

Now, let's walk through the TypeScript program which carries out the above steps:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("pulumi-quay-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the cluster using kubectl
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("gkeK8s", {
    kubeconfig: kubeconfig,
});

// Deploy the Quay Helm chart using the kubernetes provider.
const quayChart = new k8s.helm.v3.Chart("quay", {
    repo: "https://quay.github.io/helm", // This URL might be different, check the official Quay Helm chart repository.
    chart: "quay",
    version: "3.3.0", // Choose the version that suits your requirements.
    // Values in values.yml can be provided here.
    values: {
        // Specify custom Quay configuration values here.
        // Typically, these values would be read from a separate config file or Pulumi config.
    },
}, { provider: k8sProvider });

// Export the status of the deployment
export const quayChartStatus = quayChart.status;
```

Here's what each part of the script does:

- **GKE Cluster Creation**: We define a GKE cluster with a specific machine type and OAuth scopes necessary for the Kubernetes nodes to operate under GCP.

- **Kubeconfig**: This configuration allows you to interact with the cluster using tools like `kubectl`. We generate it dynamically based on the cluster details and export it.

- **Kubernetes Provider**: This resource tells Pulumi how to communicate with the GKE cluster.

- **Helm Chart Deployment**: We define a Helm chart resource, specifying the chart repository, the chart name, and the version we wish to install. We can also supply a set of values inline or from a file which define the configuration of Quay.

After running this program with Pulumi CLI, it will output the cluster name and the status of the Helm chart deployment which you can use to monitor the deployment process. To actually run this Pulumi program, save it into a `.ts` file, install the required packages using npm or yarn, and run `pulumi up`.