Deploy the chaoskube helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the `chaoskube` Helm chart on a Google Kubernetes Engine (GKE) cluster using Pulumi, you will need to follow these steps:

1. Set up a new GKE cluster or use an existing one.
2. Install the Helm chart for `chaoskube` on the cluster.

The following Pulumi program in TypeScript shows you how to do this. The code is composed of two main parts:

- The first part creates a new GKE cluster using Pulumi's `gcp.container.Cluster` resource. If you already have an existing cluster, you can skip this part and configure the Helm chart installation to use your existing cluster.
- The second part installs the `chaoskube` Helm chart to the GKE cluster using Pulumi's `kubernetes.helm.v3.Chart` resource.

Before running this program, you should have the following prerequisites met:

- Pulumi CLI installed and configured with the appropriate credentials for Google Cloud and Kubernetes.
- Node.js and npm installed to run the Pulumi program.
- Access to a Google Cloud project, and the GKE API should be enabled for that project.

Here is the detailed Pulumi program for deploying `chaoskube` on GKE:

```typescript
import * as gcp from "@pulumi/gcp";
import * as kubernetes from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

// Create a GKE cluster
const cluster = new gcp.container.Cluster("pulumi-gke-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the cluster using kubectl
export const kubeConfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a provider for the above instantiated cluster
const gkeProvider = new kubernetes.Provider("gkeProvider", {
    kubeconfig: kubeConfig,
});

// Deploy the chaoskube Helm chart onto the GKE cluster using the Helm provider
const chaoskubeChart = new kubernetes.helm.v3.Chart("chaoskube", {
    chart: "chaoskube",
    version: "0.23.0", // Specify the version of the chart you want to deploy
    fetchOpts: {
        repo: "https://helm.robusta.dev",
    },
}, { provider: gkeProvider });

// Export the Helm chart name
export const chaoskubeChartName = chaoskubeChart.releaseName;
```

This program creates a new GKE cluster with two nodes, each of type `n1-standard-1`. The nodes will have the required OAuth scopes for GCP services and the latest Kubernetes version available. The output of the program includes the cluster name and KubeConfig which can be used with `kubectl` to manage the Kubernetes resources directly.

Once the cluster is up and running, the program configures a `kubernetes.Provider` for Pulumi to interact with the Kubernetes API server. Then it installs the `chaoskube` Helm chart from the specified Helm repository into the cluster. The `chaoskube` Helm chart version used in this example is `0.23.0`. You can change the `version` attribute to match the version you wish to deploy.

When you are ready to deploy the Pulumi program, you can run the following commands:

```bash
pulumi stack init dev
pulumi up
```

These commands will initiate a new stack, which is an isolated environment for your Pulumi resources, and deploy the resources defined in the Pulumi program. After running `pulumi up`, you will be shown a preview of the resources that will be created. If everything looks correct, confirm the deployment to create the resources. Once the deployment is complete, Pulumi will output the `clusterName` and `chaoskubeChartName`.

Please ensure that you have the necessary permissions for the Google Cloud resources and services before executing this program. You can always modify the program as per your requirements and the resources you already have.