Deploy the tempest helm chart on Google Kubernetes Engine (GKE)
TypeScriptTo deploy a Helm chart on Google Kubernetes Engine (GKE) using Pulumi, we will follow a series of steps:
-
Create a GKE cluster: We'll use the
gcp.container.Cluster
resource, which encapsulates a GKE cluster's properties and provides a way to provision a cluster in your GCP project. -
Configure kubectl: This step involves configuring
kubectl
to interact with the newly created GKE cluster, which is necessary for deploying Helm charts. -
Deploy the Helm chart: We'll use the
harness.service.Helm
resource to deploy the Helm chart. The Tempest Helm chart must be available in a Helm repository.
Here's the TypeScript program that accomplishes these tasks, with comments explaining each part:
import * as gcp from "@pulumi/gcp"; import * as k8s from "@pulumi/kubernetes"; import * as pulumi from "@pulumi/pulumi"; // Create a GKE cluster. const cluster = new gcp.container.Cluster("gke-cluster", { // ... specify your cluster configuration initialNodeCount: 2, nodeVersion: "latest", minMasterVersion: "latest", nodeConfig: { machineType: "n1-standard-1", oauthScopes: [ // Scopes for authenticating with GCP services. "https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/devstorage.read_only", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring", ], }, }); // Export the Kubeconfig for the GKE cluster. export const kubeconfig = pulumi.all([cluster.name, cluster.endpoint, cluster.masterAuth]).apply(([name, endpoint, masterAuth]) => { const context = `${gcp.config.project}_${gcp.config.zone}_${name}`; return `apiVersion: v1 clusters: - cluster: certificate-authority-data: ${masterAuth.clusterCaCertificate} server: https://${endpoint} name: ${context} contexts: - context: cluster: ${context} user: ${context} name: ${context} current-context: ${context} kind: Config preferences: {} users: - name: ${context} user: auth-provider: config: cmd-args: config config-helper --format=json cmd-path: gcloud expiry-key: '{.credential.token_expiry}' token-key: '{.credential.access_token}' name: gcp `; }); // Create a Kubernetes provider instance that uses our cluster from above. const k8sProvider = new k8s.Provider("gkeK8s", { kubeconfig: kubeconfig, }); // Deploy the Tempest Helm chart into the GKE cluster. const tempest = new k8s.helm.v3.Chart("tempest", { chart: "tempest", // Assuming 'tempest' is the name of the chart in your repository // You'll need to specify the repository too if it is not a stable chart // e.g., repository: "https://charts.example.com/", version: "1.0.0", // substitute with actual chart version // values: { /* override default chart values here if needed */ }, }, { provider: k8sProvider }); // Export the endpoint to access the deployed service, if applicable. export const tempestEndpoint = tempest.getResourceProperty("v1/Service", "tempest", "status").apply(status => status.loadBalancer?.ingress[0]?.ip); // To view this endpoint, you can use `pulumi stack output tempestEndpoint` once the application is deployed.
Here is an explanation of the program:
- We start by importing necessary Pulumi packages including
@pulumi/gcp
for Google Cloud resources,@pulumi/kubernetes
for Kubernetes resources, and@pulumi/pulumi
for core Pulumi functionalities. - We configure and create a GKE cluster using the
gcp.container.Cluster
resource. You'll have to fill in the desired configuration for your cluster, such as the node count, machine type, and OAuth scopes required for accessing other Google Cloud services. - The
kubeconfig
is dynamically generated using the output properties of the created cluster, so you can interact with the cluster usingkubectl
. - We create a Pulumi Kubernetes provider associated with our GKE cluster; this provider is used when deploying the Helm chart. The
kubeconfig
is passed to this provider. - We then create a new instance of
k8s.helm.v3.Chart
, which represents the Helm chart deployment. We specify the chart name and the version. If the Helm chart is located in a custom repository, you should also specify therepository
property with the correct URL. - The last step involves exporting the endpoint to the deployed service, which can be accessed once the service is up and running, through the provided output command.
To run this Pulumi program, save the TypeScript code to a file usually named
index.ts
in your Pulumi project directory. Ensure you have authenticated with GCP and have installed the necessary packages by runningnpm install @pulumi/gcp @pulumi/kubernetes @pulumi/pulumi
. Then, execute the program by runningpulumi up
.Please note that you might need to adjust the Helm chart related settings such as the chart name, repository, and values to match with the Tempest Helm chart you are referring to.
-