Deploy the centos-twwiki helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy a Helm chart on Google Kubernetes Engine (GKE), you will need to follow these steps:

1. Create a GKE cluster to host your applications.
2. Configure kubectl to connect to your new cluster.
3. Use Helm to deploy the chart to the cluster.

Below is a detailed explanation and a Pulumi program written in TypeScript to accomplish these steps:

### Prerequisites
- You must have Helm installed on your machine to work with Helm charts.
- Make sure you're authenticated with Google Cloud and have the necessary permissions to create and manage GKE clusters and deploy applications to them.

### Step 1: Create a GKE Cluster
Firstly, we use the `gcp.container.Cluster` resource to create a new cluster in Google Kubernetes Engine. This cluster will be the foundation where the Helm chart gets deployed.

### Step 2: Configure kubectl
Once the cluster is up and running, we need to configure kubectl so that it points to this new cluster. This step is typically done outside of a Pulumi program using the `gcloud` command-line tool or Pulumi's `Kubeconfig` output.

### Step 3: Deploy the Helm Chart
Finally, we use the `kubernetes.helm.v3.Chart` resource from Pulumi's Kubernetes provider to deploy the `centos-twwiki` Helm chart. This resource will take care of fetching the Helm chart from its repository and deploying it onto the cluster using the settings provided.

Here's the full Pulumi program:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as gcp from '@pulumi/gcp';
import * as k8s from '@pulumi/kubernetes';

// Step 1: Provision a GKE cluster
const cluster = new gcp.container.Cluster("gke-cluster", {
    initialNodeCount: 2,
    nodeVersion: "latest",
    minMasterVersion: "latest",
    // Define the machine type and other properties of the nodes in the cluster.
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Kubeconfig
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Step 3: Deploy the Helm Chart
const twWikiChart = new k8s.helm.v3.Chart("twwiki", {
    chart: "centos-twwiki",
    // You might also specify the version and repository of the chart here
    // e.g., version: "1.0.0", repositoryOpts: { repo: "http://example.com/charts" }
}, { provider: new k8s.Provider("k8s-provider", { kubeconfig }) });

// Export the Helm chart deployment status
export const twWikiStatus = twWikiChart.status;
```

### Explanation of the Program:
- It begins by importing the necessary Pulumi libraries.
- Then, it provisions a GKE cluster. You can adjust the `initialNodeCount`, `nodeConfig`, and other settings as needed for your use case.
- The `kubeconfig` is exported so that you can easily interact with your new cluster using `kubectl` after the cluster is provisioned. This step is critical to control the cluster after creation.
- Finally, we deploy the Helm chart `centos-twwiki`. The program assumes the chart is publicly available without specifying the chart version and repository; add those details if needed.

After the deployment, you will need to configure your local `kubectl` to interact with the new cluster using the generated `kubeconfig`. Typically, you can do this by setting the `KUBECONFIG` environment variable or by merging this new context into your existing `~/.kube/config` file.

Once `kubectl` is configured, you can use it to check the status of the Helm deployment and to interact with your GKE cluster in general.