Deploy the websample helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on Google Kubernetes Engine (GKE), you would typically follow these steps:

1. Set up a GKE cluster where your Helm chart can be deployed. This entails creating the cluster and configuring it for your requirements.
2. Install Helm, which is a package manager for Kubernetes that allows you to define, install, and upgrade even the most complex Kubernetes applications with simple commands.
3. Prepare your Helm chart. If you already have a Helm chart, you should ensure it's correctly configured for your deployment. If you don't have one, you can create a new Helm chart or use an existing chart from a repository.
4. Deploy the Helm chart to the GKE cluster.

In the Pulumi program below, I will show you how to accomplish the first and last steps using TypeScript. This program assumes you have already configured Pulumi with access to your Google Cloud account and have Helm installed locally if you wish to test Helm operations before deploying through Pulumi.

### Detailed Explanation:

We will use two primary resources from the Pulumi Google Cloud (GCP) provider:

- `gcp.container.Cluster`: This resource will create a new GKE cluster. It needs configurations like the cluster's name, location, initial node count, and the machine type to use for the cluster nodes.

- `kubernetes.helm.v3.Chart`: Once we have a GKE cluster, this resource from the Pulumi Kubernetes provider will be used to deploy the Helm chart on our GKE cluster.

Now here's the full Pulumi program in TypeScript:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Initialize a GKE cluster configuration using the gcp.container.Cluster resource.
const cluster = new gcp.container.Cluster("websample-cluster", {
    initialNodeCount: 2,
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Create a Kubernetes Provider that uses our newly created GKE cluster
const k8sProvider = new k8s.Provider("k8s-provider", {
    kubeconfig: cluster.endpoint.apply(endpoint => {
        const clusterName = cluster.name.apply(name => name);
        const zone = cluster.zone.apply(zone => zone);
        const project = cluster.project.apply(project => project);
        return pulumi
        .all([cluster.name, cluster.endpoint, cluster.masterAuth])
        .apply(([name, endpoint, masterAuth]) => {
            const context = `${project}_${zone}_${name}`;
            return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
        });
    },
});

// Define a Helm chart resource for deploying websample chart using the Helm provider
const websampleChart = new k8s.helm.v3.Chart("websample-chart", {
    chart: "websample",
    // Assuming "websample" is a chart available in a reachable Helm chart repository
    // For a custom chart, you would need to provide `repo` and `path` arguments, or load it from a local directory.
}, { provider: k8sProvider });

// Export some properties of the GKE cluster and Helm chart
export const clusterName = cluster.name;
export const clusterZone = cluster.zone;
export const websampleChartStatus = websampleChart.status;
```

This program performs the following actions:

1. It imports the necessary Pulumi packages.
2. It creates a GKE cluster with a basic node configuration, including the machine type and OAuth scopes for Google Cloud APIs.
3. It sets up a Pulumi Kubernetes provider to interact with our GKE cluster using the cluster's endpoint and credentials.
4. It creates a Helm chart resource that points to the "websample" Helm chart and deploys this chart onto our cluster using the Kubernetes provider that we set up.
5. It exports a few outputs for us to see the details of our newly created GKE cluster and the status of the Helm chart deployment.

**Please Note**: Replace `"websample"` with the name of your actual Helm chart and configure the `chart` parameter accordingly. If your Helm chart is stored in a private repository or requires specific values, you will need to adjust the `k8s.helm.v3.Chart` resource by setting the `repo` and `values` properties as needed.

The `kubeconfig` is dynamically generated using the cluster endpoint and other details fetched from the allocated GKE cluster. This is then used to configure the Pulumi Kubernetes provider (`k8sProvider`), which allows Pulumi to interact with our Kubernetes cluster using the same privileges as `gcloud` CLI would on your local machine.

Finally, we create a new Helm chart resource and associate it with our Kubernetes provider. This Helm chart resource points to the `"websample"` chart and configures it to be deployed using the provider we created. The actual Helm chart configuration details, such as custom values or repository URLs, may need to be adjusted to match your Helm chart's requirements.

After executing this Pulumi program with `pulumi up`, you will have a deployed instance of your websample Helm chart on GKE.