[DO NOT MERGE] Helm Provider & Tiller Scratch

examples/gke-regional-public-cluster/main.tf

@@ -9,12 +9,25 @@ provider "google-beta" {
   region  = "${var.region}"
 }
 
+module "install-tiller" {
+  source = "../../modules/gke-helm-tiller"
+
+  gke_host_endpoint      = "${module.gke_cluster.endpoint}"
+  access_token           = "${data.google_client_config.client.access_token}"
+
+  client_certificate     = "${module.gke_cluster.client_certificate}"
+  client_key             = "${module.gke_cluster.client_key}"
+  cluster_ca_certificate = "${module.gke_cluster.cluster_ca_certificate}"
+}
+
 # Use Terraform 0.10.x so that we can take advantage of Terraform GCP functionality as a separate provider via
 # https://github.com/terraform-providers/terraform-provider-google
 terraform {
   required_version = ">= 0.10.3"
 }
 
+data "google_client_config" "client" {}
+
 module "gke_cluster" {
   # When using these modules in your own templates, you will need to use a Git URL with a ref attribute that pins you
   # to a specific version of the modules, such as the following example:

examples/gke-regional-public-cluster/outputs.tf

@@ -0,0 +1 @@
+

examples/gke-regional-public-cluster/variables.tf

@@ -5,10 +5,12 @@
 
 variable "project" {
   description = "The name of the GCP Project where all resources will be launched."
+  default     = "graphite-test-rileykarson"
 }
 
 variable "region" {
   description = "The Region in which all GCP resources will be launched."
+  default     = "us-central1"
 }
 
 # ---------------------------------------------------------------------------------------------------------------------

modules/gke-cluster/outputs.tf

@@ -48,3 +48,18 @@ output "kubernetes_dashboard_enabled" {
   description = "Whether kubernetes dashboard enabled"
   value       = "${element(concat(google_container_cluster.cluster.*.addons_config.0.kubernetes_dashboard.0.disabled, list("")), 0)}"
 }
+
+output "client_certificate" {
+  description = "TODO"
+  value       = "${base64decode(google_container_cluster.cluster.master_auth.0.client_certificate)}"
+}
+
+output "client_key" {
+  description = "TODO"
+  value       = "${base64decode(google_container_cluster.cluster.master_auth.0.client_key)}"
+}
+
+output "cluster_ca_certificate" {
+  description = "TODO"
+  value       = "${base64decode(google_container_cluster.cluster.master_auth.0.cluster_ca_certificate)}"
+}

modules/gke-helm-tiller/README.md

@@ -0,0 +1,20 @@
+# GKE Helm & Tiller Module
+
+The GKE Helm & Tiller module is used to add Tiller to your GKE cluster in order
+to enable making releases using helm.
+
+## How do you use this module?
+
+* See the [root README](/README.md) for instructions on using Terraform modules.
+* See the [examples](/examples) folder for example usage.
+* See [variables.tf](./variables.tf) for all the variables you can set on this module.
+* See [outputs.tf](./outputs.tf) for all the variables that are outputed by this module.
+
+## What is Helm? 
+
+Helm is an alternative to `kubectl` used to make deployments on Kubernetes.
+
+## What is Tiller
+
+Tiller is a cluster-side server that's necessary for Helm to function. Tiller
+runs as a sidecar service.

modules/gke-helm-tiller/main.tf

@@ -0,0 +1,51 @@
+provider "helm" {
+  tiller_image   = "gcr.io/kubernetes-helm/tiller:latest"
+  install_tiller = true
+
+  kubernetes {
+    host                   = "${data.template_file.gke_host_endpoint.rendered}"
+
+    token                  = "${data.template_file.access_token.rendered}"
+    client_certificate     = "${data.template_file.client_certificate.rendered}"
+    client_key             = "${data.template_file.client_key.rendered}"
+    cluster_ca_certificate = "${data.template_file.cluster_ca_certificate.rendered}"
+  }
+}
+
+resource "helm_repository" "incubator" {
+    name = "incubator"
+    url  = "https://kubernetes-charts-incubator.storage.googleapis.com"
+}
+
+resource "helm_release" "release" {
+  name = "test"
+  chart = "stable/kibana"
+}
+
+# Workaround for Terraform limitation where you cannot directly set a depends on directive or interpolate from resources
+# in the provider config.
+# Specifically, Terraform requires all information for the Terraform provider config to be available at plan time,
+# meaning there can be no computed resources. We work around this limitation by creating a template_file data source
+# that does the computation.
+# See https://github.com/hashicorp/terraform/issues/2430 for more details
+data "template_file" "gke_host_endpoint" {
+  template = "${var.gke_host_endpoint}"
+}
+
+data "template_file" "access_token" {
+  template = "${var.access_token}"
+}
+
+data "template_file" "client_certificate" {
+  template = "${var.client_certificate}"
+}
+
+data "template_file" "client_key" {
+  template = "${var.client_key}"
+}
+
+data "template_file" "cluster_ca_certificate" {
+  template = "${var.cluster_ca_certificate}"
+}
+
+

modules/gke-helm-tiller/variables.tf

@@ -0,0 +1,24 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# REQUIRED PARAMETERS
+# These variables are expected to be passed in by the operator
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "gke_host_endpoint" {
+  description = "The endpoint of your GKE cluster"
+}
+
+variable "access_token" {
+  description = "The GCP access token used by your Google provider"
+}
+
+variable "client_certificate" {
+  description = "TODO"
+}
+
+variable "client_key" {
+  description = "TODO"
+}
+
+variable "cluster_ca_certificate" {
+  description = "TODO"
+}