Advertisement
Guest User

Untitled

a guest
Oct 22nd, 2019
239
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import * as gcp from "@pulumi/gcp";
  2. import * as k8s from "@pulumi/kubernetes";
  3. import * as pulumi from "@pulumi/pulumi";
  4. import * as random from "@pulumi/random";
  5.  
  6. export class GkeCluster extends pulumi.ComponentResource {
  7.   public cluster: gcp.container.Cluster;
  8.   public provider: k8s.Provider;
  9.  
  10.   constructor(name: string, opts: pulumi.ComponentResourceOptions = {}) {
  11.     super("examples:kubernetes-ts-multicloud:GkeCluster", name, {}, opts);
  12.  
  13.     // Find the latest engine version.
  14.     const engineVersion = gcp.container.getEngineVersions().latestMasterVersion;
  15.  
  16.     // Generate a strong password for the Kubernetes cluster.
  17.     const password = new random.RandomPassword(
  18.       "password",
  19.       {
  20.         length: 20,
  21.         special: true
  22.       },
  23.       { parent: this }
  24.     ).result;
  25.  
  26.     // Create the GKE cluster.
  27.     const k8sCluster = new gcp.container.Cluster(
  28.       "primary",
  29.       {
  30.         initialNodeCount: 1,
  31.         nodeVersion: engineVersion,
  32.         minMasterVersion: engineVersion,
  33.         masterAuth: { username: "master-user", password: password },
  34.         removeDefaultNodePool: true,
  35.         nodeConfig: {
  36.           machineType: "n1-standard-1",
  37.           oauthScopes: [
  38.             "https://www.googleapis.com/auth/logging.write",
  39.             "https://www.googleapis.com/auth/monitoring"
  40.           ]
  41.         }
  42.       },
  43.       { parent: this }
  44.     );
  45.     this.cluster = k8sCluster;
  46.  
  47.     // Manufacture a GKE-style Kubeconfig. Note that this is slightly "different" because of the way GKE requires
  48.     // gcloud to be in the picture for cluster authentication (rather than using the client cert/key directly).
  49.     const k8sConfig = pulumi
  50.       .all([k8sCluster.name, k8sCluster.endpoint, k8sCluster.masterAuth])
  51.       .apply(([name, endpoint, auth]) => {
  52.         const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
  53.         return `apiVersion: v1
  54. clusters:
  55. - cluster:
  56.     certificate-authority-data: ${auth.clusterCaCertificate}
  57.     server: https://${endpoint}
  58.   name: ${context}
  59. contexts:
  60. - context:
  61.     cluster: ${context}
  62.     user: ${context}
  63.   name: ${context}
  64. current-context: ${context}
  65. kind: Config
  66. preferences: {}
  67. users:
  68. - name: ${context}
  69.   user:
  70.     auth-provider:
  71.       config:
  72.         cmd-args: config config-helper --format=json
  73.         cmd-path: gcloud
  74.         expiry-key: '{.credential.token_expiry}'
  75.         token-key: '{.credential.access_token}'
  76.       name: gcp
  77. `;
  78.       });
  79.  
  80.     // Export a Kubernetes provider instance that uses our cluster from above.
  81.     this.provider = new k8s.Provider(
  82.       "gke",
  83.       { kubeconfig: k8sConfig },
  84.       { parent: this }
  85.     );
  86.   }
  87. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement