1. Packages
  2. Google Cloud (GCP) Classic
  3. How-to Guides
  4. Google Kubernetes Engine (GKE) Cluster with Service Account
Google Cloud Classic v7.27.0 published on Thursday, Jun 13, 2024 by Pulumi

Google Kubernetes Engine (GKE) Cluster with Service Account

gcp logo
Google Cloud Classic v7.27.0 published on Thursday, Jun 13, 2024 by Pulumi

    View Code Deploy this example with Pulumi

    This example deploys an Google Cloud Platform (GCP) Google Kubernetes Engine (GKE) cluster, and deploys an example application that consumes a PubSub topic. The cluster has a secret which contains Google Cloud Service Account Credentials

    Deploying the App

    To deploy your infrastructure, follow the below steps.


    1. Install Pulumi

    2. Install Node.js

    3. Install a package manager for Node.js, such as npm or Yarn.

    4. Install Google Cloud SDK (gcloud)

    5. Configure GCP Auth

      • Login using gcloud

        $ gcloud auth login
        $ gcloud config set project <YOUR_GCP_PROJECT_HERE>
        $ gcloud auth application-default login

      Note: This auth mechanism is meant for inner loop developer workflows. If you want to run this example in an unattended service account setting, such as in CI/CD, please follow instructions to configure your service account. The service account must have the role Kubernetes Engine Admin / container.admin.


    After cloning this repo, from this working directory, run these commands:

    1. Install the required Node.js packages:

      This installs the dependent packages needed for our Pulumi program.

      $ npm install
    2. Create a new Pulumi stack, which is an isolated deployment target for this example:

      This will initialize the Pulumi program in TypeScript.

      $ pulumi stack init
    3. Set the required GCP configuration variables:

      This sets configuration options and default values for our cluster.

      $ pulumi config set gcp:project <YOUR_GCP_PROJECT_HERE>
      $ pulumi config set gcp:zone us-west1-a     // any valid GCP Zone here
    4. Set some optional configuration variables (note, these values are optional and have defaults set):

      $ pulumi config set name <NAME>
      $ pulumi config set machineType n1-standard-1
    5. Stand up the GKE cluster:

      To preview and deploy changes, run pulumi update and select “yes.”

      The update sub-command shows a preview of the resources that will be created and prompts on whether to proceed with the deployment. Note that the stack itself is counted as a resource, though it does not correspond to a physical cloud resource.

      You can also run pulumi up --diff to see and inspect the diffs of the overall changes expected to take place.

      Running pulumi up will deploy the GKE cluster. Note, provisioning a new GKE cluster takes between 3-5 minutes.

    6. After 3-5 minutes, your cluster will be ready, and the kubeconfig YAML you’ll use to connect to the cluster will be available as an output.

    7. Access the Kubernetes Cluster using kubectl

      To access your new Kubernetes cluster using kubectl, we need to setup the kubeconfig file and download kubectl. We can leverage the Pulumi stack output in the CLI, as Pulumi facilitates exporting these objects for us.

      $ pulumi stack output kubeconfig --show-secrets > kubeconfig
      $ export KUBECONFIG=$PWD/kubeconfig
      $ kubectl version
      $ kubectl cluster-info
      $ kubectl get nodes
    8. Verify the pubsub example is working

      The pubsub deployment should be running, you can check it by examining the logs:

      k logs -n pubsub -l appClass=pubsub
      Pulling messages from Pub/Sub subscription...
    9. Once you’ve finished, tear down your stack’s resources by destroying and removing it:

      $ pulumi destroy --yes
      $ pulumi stack rm --yes
    gcp logo
    Google Cloud Classic v7.27.0 published on Thursday, Jun 13, 2024 by Pulumi