I cannot create cluster for Pulumi because the code is flagging, please assist

Question

I am working on creating a cluster on Google cloud via Pulumi on VScode platform and it is written in Typescript but "cluster" is flagging red.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const cluster = new gcp.container.Cluster("cluster", {
    zone: "us-central1-a"
    initialNodeCount: 3,
});

export const clusterId = cluster.id;

Please assist on what could be done to aid the successful creation of the cluster using Pulumi with IAC for google cloud. Thanks.

Showing Typescript code and corresponding errors

Answer 1

It looks like Pulumi is not able to find the GCP project to deploy to.

You need to login to the google cloud on your workstation as per: https://www.pulumi.com/docs/get-started/gcp/begin/#configure-gcp

Or, you can set up related environment variables: https://www.pulumi.com/docs/intro/cloud-providers/gcp/setup/#optional-settings

Answer 2

Assuming you've installed Google Cloud SDK and then Initialized Cloud SDK ;

Run : gcloud auth application-default login

Which will result in the following;

Your browser has been opened to visit:

    https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=000000000000-abcdefghijklmnopqrstuvwxyz.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8085%2F&scope=openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud......

Credentials saved to file: [/Users/$HOME/.config/gcloud/application_default_credentials.json]

These credentials will be used by any library that requests Application Default Credentials (ADC).
/Users/$HOME/.bin/google-cloud-sdk/lib/third_party/google/auth/_default.py:69: UserWarning: Your application has authenticated using end user credentials from Google Cloud SDK without a quota project. You might receive a "quota exceeded" or "API not enabled" error. We recommend you rerun `gcloud auth application-default login` and make sure a quota project is added. Or you can use service accounts instead. For more information about service accounts, see https://cloud.google.com/docs/authentication/
  warnings.warn(_CLOUD_SDK_CREDENTIALS_WARNING)

Quota project "<PROJECT_NAME>" was added to ADC which can be used by Google client libraries for billing and quota. Note that some services may still bill the project owning the resource.

Then, Run : pulumi preview

It looks like the zone: is now deprecated, the following config works for me:

const cluster = new gcp.container.Cluster("cluster", {
    initialNodeCount: 1,

    loggingService: "logging.googleapis.com/kubernetes",
    monitoringService: "monitoring.googleapis.com/kubernetes",

    removeDefaultNodePool: true,

    enableLegacyAbac: false,
    enableBinaryAuthorization: true,

    addonsConfig: {
        horizontalPodAutoscaling: {
            disabled: false,
        },
        istioConfig: {
            disabled: false,
            auth: "AUTH_MUTUAL_TLS",
        },
        cloudrunConfig: {
            disabled: true
        }
    },
},  {
    customTimeouts: {
        create: "30m",
        update: "30m",
        delete: "30m"
    }
});