Deploy the wazuh-manager-filebeat helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

To deploy the `wazuh-manager-filebeat` Helm chart on Google Kubernetes Engine (GKE), we'll proceed through several steps: 1. **Set up a GKE cluster**: Provision a Kubernetes cluster on GKE using Pulumi. 2. **Install the Helm chart**: Use the Helm package manager to install the `wazuh-manager-filebeat` chart. We will be using two Pulumi resources from the search results: - `google-native.container/v1beta1.Cluster`: To create the GKE cluster. - `kubernetes.helm.sh/v3.Release`: To deploy the Helm chart onto the Kubernetes cluster. Below is the TypeScript program that accomplishes these steps: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; import * as k8s from "@pulumi/kubernetes"; // The program below will deploy the wazuh-manager-filebeat Helm chart on GKE. // Step 1: Create a GKE Cluster // We create a GKE cluster to host our wazuh-manager-filebeat workload. // More info: https://www.pulumi.com/registry/packages/google-native/api-docs/container/v1beta1/cluster/ const cluster = new gcp.container.Cluster("wazuh-cluster", { initialNodeCount: 2, // Provisioning an initial number of two nodes nodeVersion: "latest", // Using the latest version available for nodes. minMasterVersion: "latest", // Using the latest Kubernetes version for the master. }); // Export the Cluster name export const clusterName = cluster.name; // Export the Kubeconfig file for our cluster so we can interact with it export const kubeconfig = pulumi. all([cluster.name, cluster.endpoint, cluster.masterAuth]). apply(([name, endpoint, masterAuth]) => { const context = `${gcp.config.project}_${gcp.config.zone}_${name}`; return `apiVersion: v1 clusters: - cluster: certificate-authority-data: ${masterAuth.clusterCaCertificate} server: https://${endpoint} name: ${context} contexts: - context: cluster: ${context} user: ${context} name: ${context} current-context: ${context} kind: Config preferences: {} users: - name: ${context} user: auth-provider: config: cmd-args: config config-helper --format=json cmd-path: gcloud expiry-key: '{.credential.token_expiry}' token-key: '{.credential.access_token}' name: gcp `; }); // Step 2: Install the wazuh-manager-filebeat Helm chart // We use the `kubernetes.helm.sh/v3.Release` resource to deploy the Helm chart // to our GKE cluster. Ensure that you have the Helm chart repository added and updated. // More info: https://www.pulumi.com/registry/packages/kubernetes/api-docs/helm.sh/v3/release/ const wazuhManagerFilebeat = new k8s.helm.v3.Release("wazuh-manager-filebeat", { // Specify any custom values you need for the Helm chart. // For example, you might need to specify the appropriate namespaces // or any wazuh-specific configuration values: values: { // Add values specific to the wazuh-manager-filebeat chart }, chart: "wazuh-manager-filebeat", // Specify the repository URL where the chart can be found repositoryOpts: { repo: "" // Replace with the actual Helm chart repo URL }, // Use the kubeconfig from the cluster we created earlier namespace: "default", // This should be changed if you have a specific namespace in mind }, { provider: new k8s.Provider("k8s-provider", { kubeconfig }) }); // Export the status of the deployed Helm release export const helmStatus = wazuhManagerFilebeat.status; ``` In the above code: - We defined a new GKE cluster with an initial number of two nodes and the latest available versions for both the node image and the master. - A kubeconfig file is generated to enable interaction with the cluster using `kubectl` or other Kubernetes tools. - We then defined a new Helm release for the `wazuh-manager-filebeat` chart. This assumes you have the Helm chart repository containing the `wazuh-manager-filebeat` chart. To run this code, you'd need to install Pulumi and configure your GCP credentials. Save this code to a file, for example, `index.ts`, and then run `pulumi up` to deploy it. Please make sure to replace `` with the actual URL where the Helm chart is hosted. Finally, the status of the Helm release and the cluster name are exported so you can retrieve them easily after the deployment, by executing `pulumi stack output helmStatus` and `pulumi stack output clusterName`.