Deploy the argo-cr helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the Argo CD helm chart on Google Kubernetes Engine (GKE), you'll need to perform the following steps using Pulumi:

1. Create a GKE cluster: Before deploying Argo CD, we need a Kubernetes cluster. This will be achieved by creating an instance of `gcp.container.Cluster`.

2. Configure Kubernetes provider: To interact with the created GKE cluster using Pulumi, you'll set up a Kubernetes provider that uses the kubeconfig from the GKE cluster.

3. Deploy the Argo CD helm chart: Leveraging the Pulumi Kubernetes provider, we'll deploy the Argo CD helm chart using the `kubernetes.helm.v3.Chart` resource.

Outlined below is a program written in TypeScript that orchestrates the above steps using Pulumi. The code includes detailed comments that explain each part of the process.

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as gcp from '@pulumi/gcp';
import * as k8s from '@pulumi/kubernetes';

// Step 1: Create a GKE cluster
const cluster = new gcp.container.Cluster('gke-cluster', {
    initialNodeCount: 2,
    nodeConfig: {
        // Choose the appropriate machine type for your needs
        machineType: 'n1-standard-1',
        // Adjust OAuth scopes depending on your use case
        oauthScopes: [
            'https://www.googleapis.com/auth/compute',
            'https://www.googleapis.com/auth/devstorage.read_only',
            'https://www.googleapis.com/auth/logging.write',
            'https://www.googleapis.com/auth/monitoring',
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Obtain the Kubeconfig after the cluster is created
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
});

// Step 2: Configure the Kubernetes provider
// The provider uses the kubeconfig to connect to the GKE cluster.
const k8sProvider = new k8s.Provider('gkeK8s', {
    kubeconfig: kubeconfig,
});

// Step 3: Deploy the Argo CD helm chart
const argoCdChart = new k8s.helm.v3.Chart('argo-cd', {
    fetchOpts:{
        repo: 'https://argoproj.github.io/argo-helm',
    },
    // Replace with the appropriate chart version
    version: '3.2.2',
    chart: 'argo-cd',
}, { provider: k8sProvider });

// Export the Argo CD load balancer address
export const argoCdAddress = argoCdChart.getResourceProperty('v1/Service', 'argo-cd/argo-cd-server', 'status').apply(status => status.loadBalancer.ingress[0].ip);

```

Here's an explanation of the resources used:

- `gcp.container.Cluster`: This resource is used to create and manage a GKE cluster within GCP. Here, we're specifying an initial node count and basic configuration for the node pool.

- `k8s.Provider`: This is a Pulumi Kubernetes provider which allows you to interact with the Kubernetes resources within the cluster. It's configured with the kubeconfig data from the GKE cluster.

- `k8s.helm.v3.Chart`: This Pulumi resource is used to deploy Helm charts to your Kubernetes cluster. Helm is a package manager for Kubernetes that simplifies deployment. In this program, we're deploying the 'argo-cd' chart from the Argo Project's Helm repository.

To run this Pulumi program, you'll need to have Node.js installed, along with the Pulumi CLI. You should also have set up your Google Cloud credentials so that Pulumi can interact with your GCP account. Once you have those in place, you can create a new Pulumi project, replace your `index.ts` file with the code above, and run it using `pulumi up`.

Please make sure to use the correct chart version for Argo CD and configure the GKE cluster according to your requirements. The OAuth scopes provided to the GKE node pool are a minimal set that should be tailored to your needs.

After you execute the code, Pulumi will output the name of your GKE cluster and the external IP address of the Argo CD server's load balancer service, which you can use to access the Argo CD UI once it's deployed.