Deploy the oof helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

In order to deploy a Helm chart on Google Kubernetes Engine (GKE), you'll need to perform the following steps:

1. **Create a GKE cluster**: To host your applications, you'll need a Kubernetes cluster. You'll use Pulumi to create a GKE cluster.
2. **Install Helm on your local machine**: Helm is a package manager for Kubernetes that allows you to manage Kubernetes applications. Helm charts help you define, install, and upgrade even the most complex Kubernetes applications.
3. **Deploy the Helm chart**: After configuring your Pulumi program to connect to the created GKE cluster, you'll use the `kubernetes.helm.v3.Chart` resource to deploy the Helm chart to your cluster.

Below is a Pulumi program written in TypeScript that walks through these steps.

First, make sure you have Pulumi installed and configured to access your GCP account. You can install Pulumi from the [official installation guide](https://www.pulumi.com/docs/get-started/install/), and you can set up Google Cloud by following the instructions [here](https://www.pulumi.com/registry/packages/gcp/installation-configuration/).

You will also need to install Helm, which you can do by following the instructions on the [official Helm website](https://helm.sh/docs/intro/install/).

Once these prerequisites are in place, here's the Pulumi TypeScript program that performs the required steps:

```typescript
import * as pulumi from '@pulumi/pulumi';
import * as gcp from '@pulumi/gcp';
import * as k8s from '@pulumi/kubernetes';

// Create a GKE cluster
const cluster = new gcp.container.Cluster("my-cluster", {
    initialNodeCount: 2,
    nodeConfig: {
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/compute",
            "https://www.googleapis.com/auth/devstorage.read_only",
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring"
        ],
    },
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes Provider instance with the kubeconfig.
const k8sProvider = new k8s.Provider("my-k8s-provider", {
    kubeconfig: kubeconfig,
});

// Define the Helm chart, in this case, a chart named "oof"
const helmChart = new k8s.helm.v3.Chart("oof-chart", {
    chart: "oof",
    // You must pass the correct repo information if it's a custom chart.
    // Example:
    // repo: "https://charts.example.com/",
    values: {
        // Custom values for the Helm chart can be defined here.
    },
}, { provider: k8sProvider });

// Export the public IP of the service to access the Helm chart
export const servicePublicIp = helmChart.getResourceProperty("v1/Service", "oof-chart-oof", "status").apply(status => status.loadBalancer.ingress[0].ip);
```

Here's what the code does:

- **Define a GKE cluster**: A new GKE cluster is created with a certain number of nodes (specified by `initialNodeCount`) and specific machine types for the nodes (specified by `machineType` within `nodeConfig`).
- **Export the cluster name**: This is helpful for reference and when connecting to the cluster with tools like `kubectl`.
- **Generate and export a kubeconfig**: This configuration file contains all the necessary details to connect to the GKE cluster with the Kubernetes client. It's constructed with the cluster's endpoint and its master authorization data.
- **Create a Kubernetes provider**: Pulumi uses this provider to interact with the GKE cluster we've created. It's important to associate the generated kubeconfig with the provider so it knows how to communicate with your Kubernetes cluster.
- **Deploy the Helm chart**: The `k8s.helm.v3.Chart` resource is used to deploy the Helm chart named "oof." Here, you need to replace `"oof"` with the actual Helm chart name you wish to deploy. If this chart is hosted in a custom Helm repository, you need to specify the `repo` URL.
- **Export the public IP**: If the Helm chart you're deploying includes a Kubernetes Service of type LoadBalancer, this code exports the public IP address that allows you to access the deployed services.

After writing the above TypeScript code in a file (for example, `index.ts`), you can deploy this Pulumi program by running the following commands in your terminal:

```bash
pulumi up
```

This command will provision the resources as defined in the program. It'll also show you a preview of the resources that will be created and prompt for confirmation before proceeding.

Once your resources are successfully provisioned, you can use the outputted kubeconfig and the service's public IP address to interact with your deployed services.