Deploy the lotta-api helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart onto a Google Kubernetes Engine (GKE) cluster using Pulumi, you'll need to perform a series of steps which include creating a GKE cluster, setting up the necessary Kubernetes provider to interact with the cluster, and finally deploying the Helm chart using Pulumi's `helm.v3.Chart` resource.

Below is a Pulumi program in TypeScript that accomplishes these objectives. I'll guide you through the process explaining each step.

### Step 1: Create a GKE cluster
We'll start by creating a GKE cluster using Pulumi's `container.v1beta1.Cluster` resource. This will provision a new Kubernetes cluster in the specified project and zone within Google Cloud.

### Step 2: Obtain the Kubeconfig
Once the cluster is provisioned, we'll need to obtain the kubeconfig file that will allow us to communicate with our new Kubernetes cluster.

### Step 3: Set up the Kubernetes provider
We will configure a Pulumi Kubernetes provider to use the kubeconfig from the GKE cluster. This provider is responsible for communicating with the Kubernetes cluster to deploy and manage resources.

### Step 4: Deploy the Helm chart
Using the Pulumi Kubernetes provider, we will deploy the 'lotta-api' Helm chart to the GKE cluster using the `helm.v3.Chart` resource.

Here's the complete program:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("gke-cluster", {
    // Define your cluster settings here, like location, node settings, etc.
    initialNodeCount: 3,
    nodeVersion: "latest",
    minMasterVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Obtain the kubeconfig from the GKE cluster
const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our kubeconfig
const k8sProvider = new k8s.Provider("k8s-provider", {
    kubeconfig: kubeconfig,
});

// Deploy the 'lotta-api' Helm chart using the Helm provider
const lottaApiChart = new k8s.helm.v3.Chart("lotta-api-chart", {
    chart: "lotta-api",
    version: "1.0.0", // Specify the chart version
    fetchOpts: {
        repo: "https://charts.example.com/", // Specify the Helm chart repository
    },
}, { provider: k8sProvider });

// Export the Helm chart deployment status
export const lottaApiDeploymentStatus = lottaApiChart.status;
```

### Explanation of the Code
- The `gcp.container.Cluster` resource initializes a new GKE cluster. You must define the number of nodes, the machine type for the nodes, and other specific settings for your cluster.
- The `kubeconfig` is a computed value that constructs the kubeconfig file contents needed to connect to the GKE cluster from your machine.
- The `k8s.Provider` resource sets up the Kubernetes provider with the generated kubeconfig.
- The `k8s.helm.v3.Chart` resource represents the Helm chart deployment. It specifies the `lotta-api` chart along with the version and repository details. The actual location (i.e., the URL of `https://charts.example.com/`) will need to be replaced with the actual URL of the Helm repository where the `lotta-api` chart is stored.

### Next Steps
To deploy this program:
1. Ensure you have the Pulumi CLI installed and configured for use with GCP.
2. Save the code into a file, for example `index.ts`.
3. Run `pulumi up` in the command line to preview and deploy these changes.

The Pulumi CLI will perform a preview run showing you the resources that will be created for your GKE cluster and the Helms chart deployment. After reviewing the changes, you can choose to proceed with the deployment.

Keep in mind that this is a basic setup. For production deployments, you might need to consider additional aspects like setting up VPCs, namespaces, resource quotas, network policies, IAM roles, among other best practices.