Deploy the twitter-app helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

Deploying a Helm chart on Google Kubernetes Engine (GKE) using Pulumi involves several steps, which I'll explain in detail. We'll go through:

1. Creating a GKE cluster: This involves setting up Kubernetes on GCP.
2. Installing the Helm chart: We'll leverage Pulumi's integration with Helm to deploy `twitter-app`.

This program will be written in TypeScript, which is a statically typed superset of JavaScript that compiles to plain JavaScript.

### 1. Creating a GKE cluster

We will use Pulumi's `google-native.container/v1beta1.Cluster` to create a GKE cluster. The `google-native` provider allows us to work directly with GCP's Cloud API.

Here's why we are using these specific resources:

- `google-native.container/v1beta1.Cluster`: Represents a Kubernetes cluster in GKE.

### 2. Installing a Helm chart

Once we have the Kubernetes cluster, we can deploy applications on it using Helm charts. Pulumi is capable of working directly with Helm and can be instructed to deploy a chart from a repository.

- `kubernetes.helm.v3.Chart`: Pulumi's resource for deploying a Helm chart in a Kubernetes cluster.

Now, let's write the Pulumi program. Make sure you have Pulumi installed and set up with your GCP credentials.

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Create a GKE cluster.
const cluster = new gcp.container.Cluster("twitter-app-cluster", {
    initialNodeCount: 2,
    minMasterVersion: "latest",
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig to access the cluster with kubectl
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider("twitter-app-k8s", {
    kubeconfig: kubeconfig,
});

// Deploy the twitter-app Helm chart.
const twitterAppChart = new k8s.helm.v3.Chart("twitter-app", {
    chart: "twitter-app",
    version: "0.1.0",
    fetchOpts: {
        repo: "http://charts.example.com/", // Use the correct repository URL
    },
}, { provider: k8sProvider });

// Export the frontend service IP to access the twitter-app
export const twitterAppFrontendIp = twitterAppChart.getResourceProperty("v1/Service", "twitter-app", "status")
.apply(status => status.loadBalancer.ingress[0].ip);
```

What we are doing in the program:

- We're creating a `Cluster` resource using GCP's `container.Cluster` class, which creates a new Kubernetes cluster. We set the initial node count and machine type of the nodes.
- We export some useful properties such as the cluster name and the kubeconfig, which can be used to interact with the cluster using the `kubectl` command-line tool.
- We set up a `k8s.Provider`, which is Pulumi's way to interact with the Kubernetes cluster. It needs a kubeconfig, so we're passing the one we got from our GKE cluster resource.
- We deploy the Helm chart by creating a `Chart` resource under the Kubernetes provider. The `chart` parameter specifies the name of the Helm chart and `fetchOpts.repo` indicates the repository where the Helm chart is located.

FYI: Before deploying this program, you'll need to replace `http://charts.example.com/` with the URL of the Helm chart repository that contains the `twitter-app` chart.

After writing the code, you can deploy this stack using Pulumi's command line:

```bash
pulumi up
```

This command will provision the declared resources in your GCP account. Make sure the Pulumi CLI is configured for the correct GCP project and that you have access rights to create resources.

Once the deployment is successful, you can access the `twitter-app` using the external IP address output by Pulumi. Use the `pulumi stack output twitterAppFrontendIp` command to retrieve it.