Deploy the burrow helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the Burrow Helm chart on Google Kubernetes Engine (GKE), you need to perform a series of actions:

1. **Create a GKE cluster**: You need a Kubernetes cluster running on GKE. This cluster will be the environment where Burrow runs.
2. **Install and Configure Helm**: Helm is a package manager for Kubernetes which allows you to manage Kubernetes applications. Burrow can be installed via a Helm chart, so Helm must be installed and configured to your Kubernetes cluster.
3. **Deploy the Burrow Helm Chart**: After setting up Helm, you'll locate the Helm chart for Burrow (which might require you to add Helm chart repositories) and deploy it to your GKE cluster.

Let's break down the corresponding Pulumi TypeScript program that accomplishes the above steps:

### Step 1 - Define GKE Cluster

The `gcp.container.Cluster` resource is used to create a new GKE cluster. The configuration includes the name, location, node count, and other important settings for the cluster.

### Step 2 - Use Helm Chart

We'll use the `helm.v3.Chart` resource from Pulumi’s Helm package to deploy Burrow from its Helm chart. You may need to provide the necessary chart values according to Burrow's configuration requirements.

Here's the complete TypeScript program:

```typescript
import * as gcp from "@pulumi/gcp";
import * as pulumi from "@pulumi/pulumi";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create a GKE cluster.
const cluster = new gcp.container.Cluster("burrow-cluster", {
    initialNodeCount: 2,
    nodeConfig: {
        // Specify the amount of memory and CPU each node will have.
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

// Export the Cluster name and Kubeconfig
export const clusterName = cluster.name;
export const kubeConfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Step 2: Install and Configure Helm and Tiller.
const tillerServiceAccount = new k8s.core.v1.ServiceAccount("tiller", {
    apiVersion: "v1",
    metadata: { name: "tiller", namespace: "kube-system" },
}, { provider: cluster });

new k8s.rbac.v1.RoleBinding("tiller-binding", {
    metadata: {
        name: "tiller-binding",
        namespace: "kube-system"
    },
    subjects: [{ kind: "ServiceAccount", name: "tiller" }],
    roleRef: {
        kind: "ClusterRole",
        name: "cluster-admin",
        apiGroup: "rbac.authorization.k8s.io",
    }
}, { provider: cluster });

// Step 3: Deploy the Burrow Helm Chart.
const burrowChart = new k8s.helm.v3.Chart("burrow", {
    chart: "burrow",
    version: "1.0.0", // Replace with the desired chart version
    fetchOpts:{
        repo: "https://charts.example.com/", // Replace with the Burrow Helm chart repository URL
    },
    // Define values for the Helm chart as needed.
    values: {
        serviceType: "ClusterIP",
        // ... other chart values.
    },
}, { provider: cluster });

// Export the Burrow deployment details
export const burrowChartName = burrowChart.getResource("v1/Service", "burrow").metadata.name;
```

### Step-by-step explanation:

- The `gcp.container.Cluster` creates a GKE cluster with the specified configuration. The node count and machine type can vary depending on your needs.
- `kubeConfig` is a way to build our kubeconfig file which allows us to interact with our cluster using `kubectl` or other Kubernetes tools.
- A `ServiceAccount` for Tiller (Helm's server-side component) is created along with a `RoleBinding` to give it the right level of access to manage resources in the cluster.
- The `k8s.helm.v3.Chart` resource deploys Burrow using its Helm chart by providing necessary chart information and values. You would need to replace `https://charts.example.com/` with the actual repository URL where the Burrow Helm chart is located and specify the chart version you wish to use.
- Finally, we export the name of the Burrow service created by the Helm chart as `burrowChartName`, which can be useful for configuring DNS or debugging.

To use this Pulumi program, you'd save it to a `index.ts` file, set up your Pulumi environment (project and stack), and run it with `pulumi up`. This would provision all the cloud resources and deploy Burrow as described.

Remember to check the [Pulumi GKE documentation](https://www.pulumi.com/docs/reference/pkg/gcp/container/cluster/) for more details on the GKE cluster configuration and the [Pulumi Kubernetes Helm Chart documentation](https://www.pulumi.com/docs/reference/pkg/kubernetes/helm/v3/chart/) for Helm chart deployments.