API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 22nd, 2019
245
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
TypoScript 2.66 KB | None | 0 0
raw download clone embed print report
  1. import * as gcp from "@pulumi/gcp";
  2. import * as k8s from "@pulumi/kubernetes";
  3. import * as pulumi from "@pulumi/pulumi";
  4. import * as random from "@pulumi/random";
  5.  
  6. export class GkeCluster extends pulumi.ComponentResource {
  7.   public cluster: gcp.container.Cluster;
  8.   public provider: k8s.Provider;
  9.  
  10.   constructor(name: string, opts: pulumi.ComponentResourceOptions = {}) {
  11.     super("examples:kubernetes-ts-multicloud:GkeCluster", name, {}, opts);
  12.  
  13.     // Find the latest engine version.
  14.     const engineVersion = gcp.container.getEngineVersions().latestMasterVersion;
  15.  
  16.     // Generate a strong password for the Kubernetes cluster.
  17.     const password = new random.RandomPassword(
  18.       "password",
  19.       {
  20.         length: 20,
  21.         special: true
  22.       },
  23.       { parent: this }
  24.     ).result;
  25.  
  26.     // Create the GKE cluster.
  27.     const k8sCluster = new gcp.container.Cluster(
  28.       "primary",
  29.       {
  30.         initialNodeCount: 1,
  31.         nodeVersion: engineVersion,
  32.         minMasterVersion: engineVersion,
  33.         masterAuth: { username: "master-user", password: password },
  34.         removeDefaultNodePool: true,
  35.         nodeConfig: {
  36.           machineType: "n1-standard-1",
  37.           oauthScopes: [
  38.             "https://www.googleapis.com/auth/logging.write",
  39.             "https://www.googleapis.com/auth/monitoring"
  40.           ]
  41.         }
  42.       },
  43.       { parent: this }
  44.     );
  45.     this.cluster = k8sCluster;
  46.  
  47.     // Manufacture a GKE-style Kubeconfig. Note that this is slightly "different" because of the way GKE requires
  48.     // gcloud to be in the picture for cluster authentication (rather than using the client cert/key directly).
  49.     const k8sConfig = pulumi
  50.       .all([k8sCluster.name, k8sCluster.endpoint, k8sCluster.masterAuth])
  51.       .apply(([name, endpoint, auth]) => {
  52.         const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
  53.         return `apiVersion: v1
  54. clusters:
  55. - cluster:
  56.     certificate-authority-data: ${auth.clusterCaCertificate}
  57.     server: https://${endpoint}
  58.   name: ${context}
  59. contexts:
  60. - context:
  61.     cluster: ${context}
  62.     user: ${context}
  63.   name: ${context}
  64. current-context: ${context}
  65. kind: Config
  66. preferences: {}
  67. users:
  68. - name: ${context}
  69.   user:
  70.     auth-provider:
  71.       config:
  72.         cmd-args: config config-helper --format=json
  73.         cmd-path: gcloud
  74.         expiry-key: '{.credential.token_expiry}'
  75.         token-key: '{.credential.access_token}'
  76.       name: gcp
  77. `;
  78.       });
  79.  
  80.     // Export a Kubernetes provider instance that uses our cluster from above.
  81.     this.provider = new k8s.Provider(
  82.       "gke",
  83.       { kubeconfig: k8sConfig },
  84.       { parent: this }
  85.     );
  86.   }
  87. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!