This message was deleted.
# google-clouds
sparse-intern-71089
02/03/2022, 6:06 PMThis message was deleted.
p
prehistoric-activity-61023
02/03/2022, 6:23 PMit should be
prehistoric-activity-61023
02/03/2022, 6:23 PMyou can get kubeconfig from the freshly created GKE cluster within pulumi stack
prehistoric-activity-61023
02/03/2022, 6:24 PMI remember if was kinda tricky though. Let me take a look at my project, maybe I’ll be able to copy’n’paste you some code snippet 🙂
b
billions-glass-17089
02/03/2022, 6:24 PMhow? the only method I see on
ClustermasterAuthbillions-glass-17089
02/03/2022, 6:24 PMkk thanks, yeah it's not obvi to me
p
prehistoric-activity-61023
02/03/2022, 6:25 PM(code is from python but you should be able to “translate” that to other lang pretty easily)
prehistoric-activity-61023
02/03/2022, 6:25 PMfirst of all, kubeconfig template:
Copy code
GKE_KUBECONFIG_TEMPLATE = """
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: {0}
server: https://{1}
name: {2}
contexts:
- context:
cluster: {2}
user: {2}
name: {2}
current-context: {2}
kind: Config
preferences: {{}}
users:
- name: {2}
user:
auth-provider:
config:
cmd-args: config config-helper --format=json
cmd-path: gcloud
expiry-key: '{{.credential.token_expiry}}'
token-key: '{{.credential.access_token}}'
name: gcp
"""prehistoric-activity-61023
02/03/2022, 6:26 PMconsidering that
self.cluster Copy code
#
# Generate kubeconfig
#
k8s_info = pulumi.Output.all(
self.cluster.name, # 0
self.cluster.endpoint, # 1
self.cluster.master_auth, # 2
self.cluster.project, # 3
self.cluster.location, # 4
)
self.kubeconfig = k8s_info.apply(
lambda info: GKE_KUBECONFIG_TEMPLATE.format(
info[2]["cluster_ca_certificate"],
info[1],
"{0}_{1}_{2}".format(info[3], info[4], info[0]),
)
)prehistoric-activity-61023
02/03/2022, 6:27 PMthen you can create a k8s provider:
Copy code
k8s_provider = k8s.Provider(
"k8s-provider",
=> kubeconfig=kubeconfig,
)b
billions-glass-17089
02/03/2022, 6:27 PMamazing, let me try this, thank you!
p
prehistoric-activity-61023
02/03/2022, 6:28 PMyou just have to remember to pass this provider to all k8s resources you’re gonna create using
pulumi.ResourceOptionsproviderprehistoric-activity-61023
02/03/2022, 6:28 PMadditionally, take a look at this example:
https://github.com/pulumi/examples/tree/master/gcp-py-gke
b
billions-glass-17089
02/03/2022, 6:44 PMhuzzah it works!
Typescript template:
Copy code
function kubeConfigTemplate(
clusterName: Output<string>,
endpoint: Output<string>,
clusterCaCert: Output<string>
) {
return pulumi.interpolate`
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: ${clusterCaCert}
server: https://${endpoint}
name: ${clusterName}
contexts:
- context:
cluster: ${clusterName}
user: ${clusterName}
name: ${clusterName}
current-context: ${clusterName}
kind: Config
preferences: {}
users:
- name: ${clusterName}
user:
auth-provider:
config:
cmd-args: config config-helper --format=json
cmd-path: gcloud
expiry-key: '{.credential.token_expiry}'
token-key: '{.credential.access_token}'
name: gcp
`;
}🙌 1
4 Views