Deploy the variant-service-deployments helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on Google Kubernetes Engine (GKE) using Pulumi, we must accomplish a few things:

1. Set up a GKE cluster where the Helm chart will be deployed.
2. Install and configure the Helm chart on the GKE cluster.

Here's a breakdown of the necessary steps to deploy the `variant-service-deployments` Helm chart to GKE using Pulumi with TypeScript:

### Step 1: Create a GKE Cluster
We'll need to first create a GKE cluster, which will be the environment that runs our Kubernetes services. This involves defining a `Cluster` resource using the `@pulumi/gcp` package.

### Step 2: Deploy Helm Chart to the GKE Cluster
Once we have a cluster, we can deploy our Helm chart to it. This is accomplished by creating a `Chart` resource from the `@pulumi/kubernetes` package, which Pulumi uses to manage Kubernetes resources through code, including Helm charts. We'll point this chart to the `variant-service-deployments` Helm chart and configure it accordingly.

### Pulumi Program for Deploying Helm Chart to GKE

Below is a TypeScript program that performs the outlined steps to deploy the `variant-service-deployments` Helm chart to a GKE cluster.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1", // This specifies what kind of machine to use. You can choose a machine type that best fits your needs
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Obtain the Kubeconfig after the cluster is created to interact with the GKE cluster
const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("my-k8s-provider", {
    kubeconfig: kubeconfig,
});

// Deploy the variant-service-deployments Helm chart
const variantServiceChart = new k8s.helm.v3.Chart("variant-service-deployments", {
    chart: "variant-service-deployments",
    // Specify where your Helm chart is located
    fetchOpts: {
        repo: "http://charts.example.com/", // Replace this with the repository URL of your Helm chart
    },
    // Here you would specify the values for your Helm chart
    values: {
        // Change these values based on the configuration options of your specific chart
        serviceType: "LoadBalancer",
        replicaCount: 1,
    },
}, { provider: k8sProvider });

// Export the Helm chart deployment status
export const variantServiceDeploymentStatus = variantServiceChart.status;

```

### Explanation

- **Cluster Creation**: We declare a `gcp.container.Cluster` which defines the configuration for the GKE cluster like node count, machine type, and OAuth scopes needed by nodes for access to GCP services.

- **Kubeconfig Generation**: After the cluster is created, we generate the `kubeconfig`, which is necessary for the Kubernetes provider to interact with the GKE cluster.

- **Kubernetes Provider**: We create an instance of the `@pulumi/kubernetes` provider using the kubeconfig. This provider allows Pulumi to perform operations on our Kubernetes cluster.

- **Helm Chart Deployment**: We define a new Helm chart resource using `k8s.helm.v3.Chart` and specify the `variant-service-deployments` chart name along with its configuration parameters. Make sure to change the `repo` URL and `values` fields to match your Helm chart's repository and specific configuration needs.

- **Exports**: We export the cluster's name and the Helm chart deployment status for easy access. The exported values can be used for debugging or integration with other systems.

Please modify the values for machine types, OAuth scopes, Helm chart repository URL, and chart values as per the actual requirements of your `variant-service-deployments` Helm chart and GKE configurations. The GKE node OAuth scopes I included are for accessing GCP services like Compute, Storage, Logging, and Monitoring from within the cluster nodes.

Finally, ensure that you have the appropriate permissions and have set up the `gcloud` CLI on the machine executing the Pulumi program. The program assumes you've already authenticated using `gcloud auth login`.