Deploy the namespace-controller helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the namespace-controller Helm chart on a Google Kubernetes Engine (GKE) cluster, you'll first need a running GKE cluster. With Pulumi, you can create all the necessary infrastructure using code. I'll first show you how to create a GKE cluster, and then how to deploy the namespace-controller Helm chart onto that cluster.

We will use the following Pulumi resources:

- `google-native.container/v1beta1.Cluster`: This resource will create a GKE cluster.
- `kubernetes.helm.sh/v3.Release`: This resource will deploy the Helm chart.

### GKE Cluster Creation

First, we will create a GKE cluster using the `google-native.container/v1beta1.Cluster` resource from the Pulumi Google Native provider. This provider allows you to manage Google Cloud resources using Google's Cloud API directly.

The cluster will have a default node pool with a specified number of nodes. You need to specify the `project`, `location`, and `name` for your cluster. The `nodeConfig` specifies properties for the nodes in the cluster, including the machine type and the image type.

### Helm Chart Deployment

Once the cluster is up and running, we'll use the `kubernetes.helm.sh/v3.Release` resource to deploy the namespace-controller Helm chart. For this, we'll set up a Helm release and specify the chart name, version, and the Kubernetes namespace where you want the chart to be deployed.

Below is the TypeScript program written with Pulumi that creates a GKE cluster and deploys the namespace-controller Helm chart onto it:

```typescript
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
    initialNodeCount: 2,
    nodeConfig: {
        preemptible: true,
        machineType: "n1-standard-1",
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig
export const kubeconfig = cluster.name.apply(name => {
    const cluster = gcp.container.getCluster({
        name: name,
        location: "us-central1-a",
    });
    const context = `${gcp.config.project}_${cluster.location}_${cluster.name}`;
    return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${cluster.masterAuth.clusterCaCertificate}
    server: https://${cluster.endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user: 
    auth-provider: 
      config: 
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
});

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("my-k8s-provider", {
    kubeconfig: kubeconfig,
});

// Deploy the namespace-controller Helm chart on the GKE cluster
const namespaceController = new k8s.helm.v3.Chart("namespace-controller", {
    chart: "namespace-controller",
    version: "0.1.0", // Replace with the actual chart version
    namespace: "default", // Replace with the target namespace if not default
}, { provider: k8sProvider });

// Export the Helm chart name
export const namespaceControllerName = namespaceController.getResourceName();
```

### Explanation

1. We import required packages: `gcp` for managing Google Cloud resources, and `k8s` for interacting with Kubernetes clusters.
2. We define a GKE cluster with a specified number of nodes and machine configuration.
3. We export the cluster name and dynamically generate kubeconfig so Pulumi can communicate with the new cluster.
4. We create a new Kubernetes provider and pass the kubeconfig we obtained from the GKE cluster.
5. We deploy the namespace-controller Helm chart using the `k8s.helm.v3.Chart` class, specify the chart location and the version, and pass our Kubernetes provider.
6. Lastly, we export the namespace-controller Helm release name.

Keep in mind that the placeholder values for the chart version and namespace should be replaced with actual ones based on your use case. Before running this program, ensure you have your Google Cloud SDK configured with your credentials and the Pulumi CLI installed and set up.