Deploy the fluentd-kubernetes-daemonset helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the `fluentd-kubernetes-daemonset` Helm chart on Google Kubernetes Engine (GKE), we'll go through a few steps. Firstly, we'll set up a GKE cluster using Pulumi. Then, we'll use the Pulumi Kubernetes provider to install the `fluentd-kubernetes-daemonset` chart from Helm's stable repository.

Here is a general explanation of the process:

### Step 1: Define the GKE Cluster
We will create a GKE cluster resource using Pulumi's GCP provider. We specify the required properties such as the project ID, zone, and the initial node count.

### Step 2: Configure Kubernetes Provider
Once the GKE cluster is up and running, we configure Pulumi's Kubernetes provider to target this cluster. This entails using the output properties of the created GKE cluster resource, such as the cluster name and kubeconfig.

### Step 3: Deploy Fluentd DaemonSet using Helm Chart
Finally, we deploy `fluentd-kubernetes-daemonset` using the Helm Chart. Pulumi's Kubernetes provider allows us to deploy Helm charts in a manner similar to using `helm` command-line tool.

Let's put it all together in a Pulumi TypeScript program:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as gcp from '@pulumi/gcp';
import * as k8s from '@pulumi/kubernetes';

// Step 1: Create a GKE cluster
const cluster = new gcp.container.Cluster('my-gke-cluster', {
    initialNodeCount: 2,
    nodeVersion: 'latest',
    minMasterVersion: 'latest',
    location: 'us-central1-a',
    nodeConfig: {
        machineType: 'n1-standard-1',
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Step 2: Configure the Kubernetes provider to use the GKE cluster
const k8sProvider = new k8s.Provider('k8s-provider', {
    kubeconfig: cluster.name.apply(name => {
        const cluster = gcp.container.getCluster({
            name: name,
            location: 'us-central1-a',
        });
        return cluster.endpoint.apply(ep => {
            return cluster.masterAuth.apply(masterAuth => {
                const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
                return `
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${ep}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
                `;
            });
        });
    }),
});

// Step 3: Deploy the fluentd-kubernetes-daemonset Helm chart
const fluentdChart = new k8s.helm.v3.Chart('fluentd', {
    repo: 'fluent',
    chart: 'fluentd-kubernetes-daemonset',
    version: '1.12.3', // specify the version you wish to deploy
}, { provider: k8sProvider });

// Export the Kubeconfig to connect to the cluster using `kubectl`
export const kubeconfig = k8sProvider.kubeconfig;
```

### Explanation:

- We define a new GKE cluster named `my-gke-cluster` with 2 nodes of type `n1-standard-1` and the necessary OAuth scopes that allow the nodes to interact with other Google Cloud services like compute, storage, logging, and monitoring.
- Next, we set up the Kubernetes provider using the details from the GKE cluster. This includes setting up the `kubeconfig` which allows Pulumi to communicate with our Kubernetes cluster. We dynamically construct the `kubeconfig` using the cluster's endpoint and credentials.
- For deploying the Helm chart, we use the `k8s.helm.v3.Chart` resource, specifying the repository and chart name along with the version. We're pinning to version `1.12.3`, but this can be updated to the latest chart version you want to use. It is important to provide the created Kubernetes provider instance to this Helm chart resource so it knows which cluster to target.
- We export the `kubeconfig` so you can interact with your Kubernetes cluster using `kubectl` outside of Pulumi after it's all set up.

This program will create the cluster, configure Kubernetes to connect to it, and deploy the `fluentd-kubernetes-daemonset` Helm chart. Make sure to have Pulumi and GCP configured on your machine with the required privileges to create and manage GKE clusters and deploy to Kubernetes. After running `pulumi up`, Pulumi will execute these definitions and provision the resources on your GCP account.