Deploy the python-app helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

Deploying a Helm chart to a Google Kubernetes Engine (GKE) cluster involves several steps using Pulumi:

1. **Setting up a new GKE cluster**: We'll create a new GKE cluster where the Helm chart will be deployed.
2. **Deploying the Helm chart**: Once the cluster is ready, we'll deploy a Helm chart, such as `python-app`, to the cluster.

Below is a Pulumi program in TypeScript to accomplish these tasks:

First, we'll need to import necessary Pulumi packages for GCP and Helm. These packages provide the ability to declare resources such as GKE clusters and Helm charts as code.

Then, we'll create a new GKE cluster by defining a `google-native.container.v1beta1.Cluster` resource. The resource properties will specify the configurations of your GKE cluster, such as the machine type of the cluster nodes and the number of nodes in the default node pool.

After the GKE cluster is created, we'll deploy the Helm chart `python-app` to the cluster. For this, we'll use the `helm.v3.Chart` resource from the `@pulumi/kubernetes` package.

Here's a full program that illustrates this process:

```typescript
import * as gcp from "@pulumi/gcp";
import * as kubernetes from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("gke-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1", // Specifies the machine type for the cluster's nodes
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Once the cluster is created, we need to configure kubectl to connect to the new GKE cluster.
const kubeConfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Export the kubeConfig
export const kubeconfig = kubeConfig;

// Create a Kubernetes provider instance that uses our cluster from above.
const clusterProvider = new kubernetes.Provider("gke-provider", {
    kubeconfig: kubeConfig,
});

// Deploy the Helm chart `python-app` using the clusterProvider.
const pythonAppChart = new kubernetes.helm.v3.Chart("python-app", {
    repo: "example-repo", // Replace with the actual Helm repo name
    chart: "python-app",
    version: "1.2.3", // Replace with the actual chart version
}, { provider: clusterProvider });

// Export the Helm chart status
export const pythonAppStatus = pythonAppChart.status;
```

This program performs the following:

- **Imports the required modules**: We import `@pulumi/gcp` for creating resources in GCP, `@pulumi/kubernetes` for Helm chart deployment, and `@pulumi/pulumi` which provides core Pulumi functions and types.
- **Creates a GKE Cluster**: We create a GKE cluster with the desired node count and machine types using `@pulumi/gcp`.
- **Generates kubeconfig**: We create the `kubeconfig` needed to access the GKE cluster by combining cluster attributes like name, endpoint, and masterAuth data.
- **Exports**: We export the `clusterName` and `kubeconfig` as stack outputs, which can be useful for accessing the cluster outside of Pulumi.
- **Sets up Kubernetes provider**: A Kubernetes provider is configured to interact with the newly created GKE cluster using the acquired `kubeconfig`.
- **Deploys Helm Chart**: The Helm chart specified by `python-app` is deployed using the Kubernetes provider tied to our GKE cluster. The namespace where the Helm chart will be deployed can be specified as part of the `Chart` resource options if required.

Please note the following:
- The `kubeconfig` is created using the `pulumi.all().apply()` pattern so that we can asynchronously fetch the output properties of the `cluster` after it's finished creating.
- The Helm chart `python-app` and its version `1.2.3` are placeholders. You will need to replace `"example-repo"` and `"1.2.3"` with actual values that correspond to your Helm chart's repository and version.
- The `pythonAppChart` resource will invoke Helm in the background to roll out the Python app onto the Kubernetes cluster.

Please ensure that you have configured your Pulumi with the correct GCP credentials, and have Helm installed if you run this code. You don't need to run Helm commands manually; Pulumi takes care of deploying the chart for you.