Deploy the universal-crossplane helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the Universal Crossplane Helm chart on Google Kubernetes Engine (GKE), you'll need to perform the following steps programmatically using Pulumi:

1. **Create a GKE Cluster**: You'll start by defining a GKE cluster resource using Pulumi's Google Cloud provider. This Kubernetes cluster will be the foundation where all your workloads, including Universal Crossplane, will run.

2. **Install the Helm Chart**: Once you have a Kubernetes cluster, you'll use Pulumi's Helm Release resource to deploy the Universal Crossplane chart into your GKE cluster.

Below is a Pulumi TypeScript program that accomplishes these steps. The program assumes that you already have a Google Cloud project set up and that Pulumi is configured with the necessary credentials to create resources in this project.

Here is the detailed Pulumi TypeScript program:

```typescript
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the GKE cluster using kubectl
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses the kubeconfig from the GKE cluster
const k8sProvider = new k8s.Provider("gke-k8s", {
    kubeconfig: kubeconfig,
});

// Deploy the Universal Crossplane Helm chart
const crossplane = new k8s.helm.v3.Release("universal-crossplane", {
    chart: "universal-crossplane",
    version: "1.3.0", // This should be the version you want to deploy
    namespace: "crossplane-system",
    repositoryOpts: {
        repo: "https://charts.crossplane.io/stable",
    },
}, { provider: k8sProvider });

// Export the status of the deployed Helm chart
export const crossplaneStatus = crossplane.status;
```

### Explanation

- **GKE Cluster**: The `gcp.container.Cluster` resource defines your Kubernetes cluster in GCP. For the cluster, you choose its size (`initialNodeCount`) and the Kubernetes version for the master and nodes (`minMasterVersion` and `nodeVersion` respectively). You also specify the machine type for the nodes and the OAuth scopes necessary for the functionalities you want to use on these nodes.

- **Exported Kubeconfig**: Pulumi enables you to export the kubeconfig that you can use with `kubectl` to interact with your cluster. This kubeconfig is dynamically created using your cluster's output properties, including the cluster endpoint and the master's auth credentials.

- **Kubernetes Provider**: The `k8s.Provider` resource is a representation of your GKE cluster in Pulumi and uses the kubeconfig from the previous step to authenticate.

- **Helm Release**: The `k8s.helm.v3.Release` resource is where you specify the details of the Universal Crossplane Helm chart that you want to deploy. You specify the chart name, version, and namespace where it should be deployed. The `repositoryOpts` provide the URL to the Helm repository that hosts the Universal Crossplane chart.

By executing this program with Pulumi, you will create a new GKE cluster and deploy Universal Crossplane onto it. Ensure that you have the necessary permissions and configurations to create and manage GKE clusters and to deploy Helm charts.

Remember that deploying Universal Crossplane on a GKE cluster also requires you to have the Helm CLI installed and configured locally if you wish to manage Helm releases directly. However, Pulumi abstracts this requirement and interacts with Helm programmatically.