Thread
#gcp
    b

    billions-glass-17089

    7 months ago
    I'm creating a GKE cluster and want to deploy to it in the same stack. Is it possible to do this without configuring
    kubectl
    ?
    p

    prehistoric-activity-61023

    7 months ago
    it should be
    you can get kubeconfig from the freshly created GKE cluster within pulumi stack
    I remember if was kinda tricky though. Let me take a look at my project, maybe I’ll be able to copy’n’paste you some code snippet 🙂
    b

    billions-glass-17089

    7 months ago
    how? the only method I see on
    Cluster
    that might relate is
    masterAuth
    kk thanks, yeah it's not obvi to me
    p

    prehistoric-activity-61023

    7 months ago
    (code is from python but you should be able to “translate” that to other lang pretty easily)
    first of all, kubeconfig template:
    GKE_KUBECONFIG_TEMPLATE = """
    apiVersion: v1
    clusters:
    - cluster:
        certificate-authority-data: {0}
        server: https://{1}
      name: {2}
    contexts:
    - context:
        cluster: {2}
        user: {2}
      name: {2}
    current-context: {2}
    kind: Config
    preferences: {{}}
    users:
    - name: {2}
      user:
        auth-provider:
          config:
            cmd-args: config config-helper --format=json
            cmd-path: gcloud
            expiry-key: '{{.credential.token_expiry}}'
            token-key: '{{.credential.access_token}}'
          name: gcp
    """
    considering that
    self.cluster
    in this context is an instance of gcp.container.Cluster:
    #
            # Generate kubeconfig
            #
            k8s_info = pulumi.Output.all(
                self.cluster.name,  # 0
                self.cluster.endpoint,  # 1
                self.cluster.master_auth,  # 2
                self.cluster.project,  # 3
                self.cluster.location,  # 4
            )
            self.kubeconfig = k8s_info.apply(
                lambda info: GKE_KUBECONFIG_TEMPLATE.format(
                    info[2]["cluster_ca_certificate"],
                    info[1],
                    "{0}_{1}_{2}".format(info[3], info[4], info[0]),
                )
            )
    then you can create a k8s provider:
    k8s_provider = k8s.Provider(
        "k8s-provider",
    =>  kubeconfig=kubeconfig,
    )
    b

    billions-glass-17089

    7 months ago
    amazing, let me try this, thank you!
    p

    prehistoric-activity-61023

    7 months ago
    you just have to remember to pass this provider to all k8s resources you’re gonna create using
    pulumi.ResourceOptions
    and
    provider
    option
    additionally, take a look at this example:https://github.com/pulumi/examples/tree/master/gcp-py-gke
    b

    billions-glass-17089

    7 months ago
    huzzah it works! Typescript template:
    function kubeConfigTemplate(
      clusterName: Output<string>,
      endpoint: Output<string>,
      clusterCaCert: Output<string>
    ) {
      return pulumi.interpolate`
    apiVersion: v1
    clusters:
    - cluster:
        certificate-authority-data: ${clusterCaCert}
        server: https://${endpoint}
      name: ${clusterName}
    contexts:
    - context:
        cluster: ${clusterName}
        user: ${clusterName}
      name: ${clusterName}
    current-context: ${clusterName}
    kind: Config
    preferences: {}
    users:
    - name: ${clusterName}
      user:
        auth-provider:
          config:
            cmd-args: config config-helper --format=json
            cmd-path: gcloud
            expiry-key: '{.credential.token_expiry}'
            token-key: '{.credential.access_token}'
          name: gcp
      `;
    }
    Thank you @prehistoric-activity-61023 for the help!