https://pulumi.com logo
Title
b

billions-glass-17089

02/03/2022, 6:06 PM
I'm creating a GKE cluster and want to deploy to it in the same stack. Is it possible to do this without configuring
kubectl
?
p

prehistoric-activity-61023

02/03/2022, 6:23 PM
it should be
you can get kubeconfig from the freshly created GKE cluster within pulumi stack
I remember if was kinda tricky though. Let me take a look at my project, maybe I’ll be able to copy’n’paste you some code snippet 🙂
b

billions-glass-17089

02/03/2022, 6:24 PM
how? the only method I see on
Cluster
that might relate is
masterAuth
kk thanks, yeah it's not obvi to me
p

prehistoric-activity-61023

02/03/2022, 6:25 PM
(code is from python but you should be able to “translate” that to other lang pretty easily)
first of all, kubeconfig template:
GKE_KUBECONFIG_TEMPLATE = """
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: {0}
    server: https://{1}
  name: {2}
contexts:
- context:
    cluster: {2}
    user: {2}
  name: {2}
current-context: {2}
kind: Config
preferences: {{}}
users:
- name: {2}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{{.credential.token_expiry}}'
        token-key: '{{.credential.access_token}}'
      name: gcp
"""
considering that
self.cluster
in this context is an instance of `gcp.container.Cluster`:
#
        # Generate kubeconfig
        #
        k8s_info = pulumi.Output.all(
            self.cluster.name,  # 0
            self.cluster.endpoint,  # 1
            self.cluster.master_auth,  # 2
            self.cluster.project,  # 3
            self.cluster.location,  # 4
        )
        self.kubeconfig = k8s_info.apply(
            lambda info: GKE_KUBECONFIG_TEMPLATE.format(
                info[2]["cluster_ca_certificate"],
                info[1],
                "{0}_{1}_{2}".format(info[3], info[4], info[0]),
            )
        )
then you can create a k8s provider:
k8s_provider = k8s.Provider(
    "k8s-provider",
=>  kubeconfig=kubeconfig,
)
b

billions-glass-17089

02/03/2022, 6:27 PM
amazing, let me try this, thank you!
p

prehistoric-activity-61023

02/03/2022, 6:28 PM
you just have to remember to pass this provider to all k8s resources you’re gonna create using
pulumi.ResourceOptions
and
provider
option
additionally, take a look at this example: https://github.com/pulumi/examples/tree/master/gcp-py-gke
b

billions-glass-17089

02/03/2022, 6:44 PM
huzzah it works! Typescript template:
function kubeConfigTemplate(
  clusterName: Output<string>,
  endpoint: Output<string>,
  clusterCaCert: Output<string>
) {
  return pulumi.interpolate`
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${clusterCaCert}
    server: https://${endpoint}
  name: ${clusterName}
contexts:
- context:
    cluster: ${clusterName}
    user: ${clusterName}
  name: ${clusterName}
current-context: ${clusterName}
kind: Config
preferences: {}
users:
- name: ${clusterName}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
  `;
}
Thank you @prehistoric-activity-61023 for the help!
🙌 1