Deploy the jx-arcalos-role-controller helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

Deploying a Helm chart to a Google Kubernetes Engine (GKE) cluster using Pulumi involves several steps. Below is a step-by-step guide to accomplish this.

Set up a GKE Cluster: First, we need to create a GKE cluster where the Helm chart will be deployed. Pulumi provides resource classes in its GKE package to create and manage GKE clusters.
Install the Helm Chart: After the GKE cluster is up and running, we'll install the jx-arcalos-role-controller Helm chart into the cluster. Pulumi's Kubernetes provider supports deploying Helm charts with the Chart resource.

Here's a Pulumi program in TypeScript that performs these two steps. This program does the following:

Import necessary packages.
Create a GKE cluster.
Deploy the Helm chart to the created GKE cluster.

Before running this program, ensure you have Pulumi installed, are authenticated with Google Cloud, and have created a new Pulumi project configured for use with GCP.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-gke-cluster", {
    initialNodeCount: 2,
    nodeVersion: "latest",
    minMasterVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the GKE cluster
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes Provider instance that uses our cluster from above.
const clusterProvider = new k8s.Provider("gkeK8s", {
    kubeconfig: kubeconfig,
});

// Deploy the jx-arcalos-role-controller helm chart
const helmChart = new k8s.helm.v3.Chart("arcalos-role-controller", {
    chart: "jx-arcalos-role-controller",
    // You might need to specify the version based on the Helm chart availability
    // version: "x.y.z",
    // Replace <repo-url> with the actual Helm chart repository URL
    fetchOpts: {
        repo: "<repo-url>",
    },
}, { provider: clusterProvider });

// Export the Helm chart status
export const helmChartStatus = helmChart.status;

Explanation:

We start by importing the required Pulumi packages (@pulumi/pulumi, @pulumi/gcp, and @pulumi/kubernetes).
We create a GKE cluster with two nodes using the gcp.container.Cluster class. We specify the machine type and OAuth scopes for the Google Cloud APIs that nodes may access.
We then export the GKE cluster name and the kubeconfig which will be used to access the GKE cluster once it's up and running.
Using the kubeconfig, we create an instance of the k8s.Provider, which tells Pulumi how to communicate with our GKE cluster.
Finally, we deploy the jx-arcalos-role-controller Helm chart to the cluster using the k8s.helm.v3.Chart resource.

To run the Pulumi program:

Navigate to the directory containing the Pulumi program.
Run pulumi up and select "yes" to create the resources in GCP.

After running the program, you can use the outputted kubeconfig to configure kubectl and interact with your GKE cluster directly.

Remember to replace <repo-url> with the actual URL to the repository containing the jx-arcalos-role-controller Helm chart. If required, specify the version of the Helm chart you want to deploy by uncommenting and setting the version field in the helmChart definition.

The chart is fetched from the specified Helm repo, and all necessary Kubernetes resources defined by the chart will be created in the GKE cluster. You can check the status of the deployed chart using the exported helmChartStatus.