Deploy the tyk-pump helm chart on Google Kubernetes Engine (GKE)

Question

Pulumi · Accepted Answer

In order to deploy the Tyk Pump Helm chart on a Google Kubernetes Engine (GKE) cluster using Pulumi, you'll first need to create a GKE cluster, and then use the Helm chart resource to deploy Tyk Pump onto that cluster. I'll guide you through the process step by step.

First, we'll set up a GKE cluster. For this, we will use the google-native.container/v1beta1.Cluster resource from the Google Native provider. This resource allows you to create and manage a Kubernetes cluster in GKE.

Once the GKE cluster is up and running, we'll deploy the Tyk Pump Helm chart to it. We will use the kubernetes.helm.sh/v3.Release resource, provided by the Kubernetes provider, to deploy Helm charts. Tyk Pump is a component of Tyk's API Gateway that handles the analytics data and pumps it into whichever analytics storage option you have configured Tyk to use.

The following TypeScript program in Pulumi demonstrates how to accomplish this task:

import * as gcp from '@pulumi/gcp';
import * as k8s from '@pulumi/kubernetes';
import * as pulumi from '@pulumi/pulumi';

const gcpConfig = new pulumi.Config('gcp');
const project = gcpConfig.require('project');
const zone = gcpConfig.require('zone');

// Create a GKE cluster
const cluster = new gcp.container.Cluster('tyk-pump-cluster', {
    initialNodeCount: 2, // Specify the number of nodes in the node pool.
    minMasterVersion: 'latest', // Use the latest version of GKE master.
    nodeVersion: 'latest', // Use the latest version for the nodes.
    location: zone,
    project: project
});

// Export the Cluster name
export const clusterName = cluster.name;

// Export the Kubeconfig
export const kubeconfig = pulumi.
    all([cluster.name, cluster.endpoint, cluster.masterAuth]).
    apply(([name, endpoint, masterAuth]) => {
        const context = `${gcpConfig.project}_${gcpConfig.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

// Create a Kubernetes provider instance that uses our cluster from above.
const k8sProvider = new k8s.Provider('k8s-provider', {
    kubeconfig: kubeconfig,
});

// Deploy the Tyk Pump Helm chart
const tykPumpChart = new k8s.helm.v3.Chart('tyk-pump', {
    chart: 'tyk-pump',
    version: '0.1.0', // Specify the chart version you want to deploy
    fetchOpts: {
        repo: 'https://helm.tyk.io/public/helm/charts/', // Tyk Pump Helm repo URL
    },
}, { provider: k8sProvider });

// Export the Tyk Pump service endpoint
export const tykPumpEndpoint = tykPumpChart.getResourceProperty('v1/Service', 'tyk-pump-tyk-pump', 'status').apply(status => status.loadBalancer.ingress[0].ip);

How the code works:

We import the necessary Pulumi packages for GCP and Kubernetes.
We set up the GCP configuration, including grabbing the project and zone parameters from the configuration.
We create a GKE cluster using gcp.container.Cluster. We specify the initial number of nodes, the GKE master version, and the location.
We then export the cluster name, which is useful for diagnostics or management with kubectl.
We create the kubeconfig that will be used by the Kubernetes provider to interact with our GKE cluster.
We set up the Kubernetes provider (k8s.Provider) and pass our kubeconfig.
We deploy the Tyk Pump Helm chart by creating a new instance of k8s.helm.v3.Chart. We specify the chart version and provide the repository URL where the Helm chart is located.
Finally, we export the Tyk Pump service endpoint, which you can use to interact with the Tyk Pump API once it is fully deployed and running.

Please note that before running this program, you will need to have Pulumi configured with access to your GCP account and install the necessary Pulumi GCP and Kubernetes plugins. This program assumes you already have gcloud installed and authenticated on your machine since the kubeconfig relies on gcloud for generating access tokens.

After you have set up Pulumi, you can run the following commands to deploy the stack:

pulumi stack init dev
pulumi config set gcp:project <your-gcp-project>
pulumi config set gcp:zone <your-gcp-zone>
pulumi up

Remember to replace <your-gcp-project> and <your-gcp-zone> with your specific Google Cloud project ID and zone where you want to deploy the cluster.

After deployment, Pulumi CLI will provide you with the outputs defined in the program, which will include the kubeconfig and the Tyk Pump service endpoint.