I m creating a GKE cluster and want to deploy to it in the s Pulumi Community #google-cloud

I'm creating a GKE cluster and want to deploy to i...

billions-glass-17089

02/03/2022, 6:06 PM

I'm creating a GKE cluster and want to deploy to it in the same stack. Is it possible to do this without configuring

kubectl

prehistoric-activity-61023

02/03/2022, 6:23 PM

it should be

prehistoric-activity-61023

02/03/2022, 6:23 PM

you can get kubeconfig from the freshly created GKE cluster within pulumi stack

prehistoric-activity-61023

02/03/2022, 6:24 PM

I remember if was kinda tricky though. Let me take a look at my project, maybe I’ll be able to copy’n’paste you some code snippet 🙂

billions-glass-17089

02/03/2022, 6:24 PM

how? the only method I see on

Cluster

that might relate is

masterAuth

billions-glass-17089

02/03/2022, 6:24 PM

kk thanks, yeah it's not obvi to me

prehistoric-activity-61023

02/03/2022, 6:25 PM

(code is from python but you should be able to “translate” that to other lang pretty easily)

prehistoric-activity-61023

02/03/2022, 6:25 PM

first of all, kubeconfig template:

Copy code

GKE_KUBECONFIG_TEMPLATE = """
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: {0}
    server: https://{1}
  name: {2}
contexts:
- context:
    cluster: {2}
    user: {2}
  name: {2}
current-context: {2}
kind: Config
preferences: {{}}
users:
- name: {2}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{{.credential.token_expiry}}'
        token-key: '{{.credential.access_token}}'
      name: gcp
"""

prehistoric-activity-61023

02/03/2022, 6:26 PM

considering that

self.cluster

in this context is an instance of `gcp.container.Cluster`:

Copy code

#
        # Generate kubeconfig
        #
        k8s_info = pulumi.Output.all(
            self.cluster.name,  # 0
            self.cluster.endpoint,  # 1
            self.cluster.master_auth,  # 2
            self.cluster.project,  # 3
            self.cluster.location,  # 4
        )
        self.kubeconfig = k8s_info.apply(
            lambda info: GKE_KUBECONFIG_TEMPLATE.format(
                info[2]["cluster_ca_certificate"],
                info[1],
                "{0}_{1}_{2}".format(info[3], info[4], info[0]),
            )
        )

prehistoric-activity-61023

02/03/2022, 6:27 PM

then you can create a k8s provider:

Copy code

k8s_provider = k8s.Provider(
    "k8s-provider",
=>  kubeconfig=kubeconfig,
)

billions-glass-17089

02/03/2022, 6:27 PM

amazing, let me try this, thank you!

prehistoric-activity-61023

02/03/2022, 6:28 PM

you just have to remember to pass this provider to all k8s resources you’re gonna create using

pulumi.ResourceOptions

and

provider

option

prehistoric-activity-61023

02/03/2022, 6:28 PM

additionally, take a look at this example: https://github.com/pulumi/examples/tree/master/gcp-py-gke

billions-glass-17089

02/03/2022, 6:44 PM

huzzah it works! Typescript template:

Copy code

function kubeConfigTemplate(
  clusterName: Output<string>,
  endpoint: Output<string>,
  clusterCaCert: Output<string>
) {
  return pulumi.interpolate`
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${clusterCaCert}
    server: https://${endpoint}
  name: ${clusterName}
contexts:
- context:
    cluster: ${clusterName}
    user: ${clusterName}
  name: ${clusterName}
current-context: ${clusterName}
kind: Config
preferences: {}
users:
- name: ${clusterName}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
  `;
}

Thank you @prehistoric-activity-61023 for the help!

🙌 1

Open in Slack

Previous Next