1. Answers
  2. Using Kubernetes Networking.gke.io With Redis.redis.opstreelabs.in

Using Kubernetes Networking.gke.io With Redis.redis.opstreelabs.in

In this guide, we will set up Kubernetes resources using Pulumi to deploy a Redis instance managed by Opstree Labs and configure networking using GKE (Google Kubernetes Engine). The key services involved are Kubernetes, GKE networking, and the Redis operator from Opstree Labs.

Step-by-Step Explanation

Step 1: Set up Pulumi and Kubernetes Provider

  1. Initialize a new Pulumi project.
  2. Configure the Kubernetes provider to connect to your GKE cluster.

Step 2: Deploy Redis using Opstree Labs Redis Operator

  1. Install the Redis operator from Opstree Labs.
  2. Create a Redis instance using the custom resource definition (CRD) provided by the Redis operator.

Step 3: Configure GKE Networking

  1. Set up the necessary network policies to allow traffic to and from the Redis instance.
  2. Ensure that the Redis service is exposed correctly within the GKE cluster.

Summary and Conclusion

In this guide, we successfully set up a Redis instance managed by Opstree Labs on a GKE cluster and configured the necessary networking policies. This involved using Pulumi to manage Kubernetes resources, deploying the Redis operator, and configuring GKE networking to ensure proper communication with the Redis instance.

Full Code Example

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Set up Pulumi and Kubernetes Provider
const cluster = new gcp.container.Cluster("gke-cluster", {
    initialNodeCount: 3,
    minMasterVersion: "latest",
    nodeConfig: {
        machineType: "e2-medium",
    },
});

const kubeconfig = pulumi.all([cluster.name, cluster.endpoint, cluster.masterAuth]).apply(([name, endpoint, auth]) => {
    const context = \`\${gcp.config.project}_\${gcp.config.zone}_\${name}\`;
    return \`apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: \${auth.clusterCaCertificate}
    server: https://\${endpoint}
  name: \${context}
contexts:
- context:
    cluster: \${context}
    user: \${context}
  name: \${context}
current-context: \${context}
kind: Config
preferences: {}
users:
- name: \${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
\`;
});

const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: kubeconfig,
});

// Step 2: Deploy Redis using Opstree Labs Redis Operator
const redisOperatorCrd = new k8s.apiextensions.v1.CustomResourceDefinition("redisOperatorCrd", {
    metadata: { name: "redis.opstreelabs.in" },
    spec: {
        group: "redis.opstreelabs.in",
        versions: [{
            name: "v1",
            served: true,
            storage: true,
            schema: {
                openAPIV3Schema: {
                    type: "object",
                    properties: {
                        spec: {
                            type: "object",
                            properties: {
                                size: { type: "integer" },
                                version: { type: "string" },
                            },
                        },
                    },
                },
            },
        }],
        scope: "Namespaced",
        names: {
            plural: "redis",
            singular: "redis",
            kind: "Redis",
            shortNames: ["rd"],
        },
    },
}, { provider: k8sProvider });

const redisInstance = new k8s.apiextensions.CustomResource("redisInstance", {
    apiVersion: "redis.opstreelabs.in/v1",
    kind: "Redis",
    metadata: { name: "my-redis" },
    spec: {
        size: 3,
        version: "6.0.5",
    },
}, { provider: k8sProvider });

// Step 3: Configure GKE Networking
const networkPolicy = new k8s.networking.v1.NetworkPolicy("redisNetworkPolicy", {
    metadata: { name: "redis-allow" },
    spec: {
        podSelector: {
            matchLabels: { app: "redis" },
        },
        policyTypes: ["Ingress", "Egress"],
        ingress: [{
            from: [{
                podSelector: {
                    matchLabels: { app: "redis-client" },
                },
            }],
        }],
        egress: [{
            to: [{
                podSelector: {
                    matchLabels: { app: "redis-client" },
                },
            }],
        }],
    },
}, { provider: k8sProvider });

export const clusterName = cluster.name;
export const kubeConfig = kubeconfig;
export const redisInstanceName = redisInstance.metadata.name;
export const networkPolicyName = networkPolicy.metadata.name;

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up