Create new GKE cluster using OCLI
The following document shows how to create a new GKE cluster using OCLI
Prerequisites
-
Install gcloud >= 2.50 and gke-gcloud-auth-plugin plugin.
-
You must have a GCP project and a user or serviceaccount having
adminprivileges. You can log in using the following command.gcloud config set project $PROJECT_ID # gcloud ADC login gcloud auth application-default login -
Enable Service usage API in your project. You can use the below command or use the console for the same.
gcloud auth login \ && gcloud services enable serviceusage.googleapis.com --project=$PROJECT_ID
Suggestion
We highly recommend you to please go through the GCP Infrastructure requirements carefully.
Installing OCLI
- Download the binary using the below command.
curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_arm64" -o oclicurl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_amd64" -o oclicurl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_arm64" -o oclicurl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_amd64" -o ocli - Make the binary executable and move it to
$PATHsudo chmod +x ./ocli sudo mv ocli /usr/local/bin - Confirm by running the command
ocli --version
Configuring input config file
- To create a new cluster, you would require your GCP
Project ID,Region, andNetworkdetails - Run the following command to fill in the inputs interactively
ocli infra-init - For networking, there are two possible configurations:
- New network (Recommended) - This creates a new Virtual network for your new cluster.
- Existing network - You can enter your existing Virtual network.
- Existing network part of shared VPC
- Existing network not a part of shared VPC
- Once all the inputs are filled, an input config file with the name of
tfy-config.yamlwould be generated in your current directory. We highly recommend you to once go through the generated config file and tally your inputs. You can also customize the inputs directly by editing the file. Below is the sample for the same:
aws: null
azure: null
binaries:
terraform:
binary_path: null
terragrunt:
binary_path: null
gcp:
cluster:
master_cidr_block: 172.16.0.32/28
name: test
pod_range_name: pods
service_range_name: services
version: "1.29"
network:
additional_ranges: []
existing: true
network_name: tfy-xxx-asso1-vpc
pod_cidr: ""
service_cidr: ""
shared_vpc:
enabled: false
network_name: ""
project_id: ""
subnet_name: ""
subnet_cidr: ""
subnet_id: projects/tfy-xxx/regions/asia-south1/subnetworks/tfy-xxx-xxx-vpc
network_tags: []
platform_features:
artifact_registry:
enabled: true
blob_storage:
blob_storage_override_enabled: false
blob_storage_override_name: ""
enabled: true
cluster_integration:
enabled: true
enabled: true
secrets_manager:
enabled: true
project:
id: tfy-xxxx
region:
availability_zones:
- us-central1-a
- us-central1-b
name: us-central1
tags: {}
tfy_control_plane:
enabled: false
provider: gcp
aws: null
azure: null
binaries:
terraform:
binary_path: null
terragrunt:
binary_path: null
gcp:
cluster:
master_cidr_block: 172.16.0.32/28
name: test
pod_range_name: pods
service_range_name: services
version: "1.29"
network:
additional_ranges: []
existing: false
network_name: ""
pod_cidr: 10.244.0.0/16
service_cidr: 10.255.0.0/16
shared_vpc:
enabled: false
network_name: ""
project_id: ""
subnet_name: ""
subnet_cidr: 10.10.0.0/16
subnet_id: ""
network_tags: []
platform_features:
artifact_registry:
enabled: true
blob_storage:
blob_storage_override_enabled: false
blob_storage_override_name: ""
enabled: true
cluster_integration:
enabled: true
enabled: true
secrets_manager:
enabled: true
project:
id: tfy-xxxx
region:
availability_zones:
- us-central1-a
- us-central1-b
name: us-central1
tags: {}
tfy_control_plane:
enabled: false
provider: gcp
Create the cluster
Run the following command to create the GKE cluster.
ocli infra-create --file tfy-config.yaml
This command may take around 30-45 minutes to complete.
Connecting the cluster
- Head over to the TrueFoundry platform and log in. If you haven't logged in, then you can sign up here.
- Once you have logged in, navigate to
Settingstag from the left panel and create the new API key. Copy the API key as it will be used in the next set of commands
Run the following commands to create the cluster in the portal. The control plane URL is the URL where you are logged in
ocli compute-plane-connect -f tfy-config.yaml --api-key API_KEY --control-plane-url CONTROL_PLANE_URL
-
This will generate a token that has to be used with the below command.
-
Create a values.yaml file and paste the tenant, control plane URL and the token
## @section Global Parameters ## @param tenantName Parameters for tenantName ## Tenant Name - This is same as the name of the organization used to sign up ## on Truefoundry ## tenantName: "TENANT" ## @param controlPlaneURL Parameters for controlPlaneURL ## URL of the control plane - Same as the URL of the Truefoundry dashboard ## controlPlaneURL: "CONTROL_PLANE_URL" ## @param clusterName Name of the cluster ## Name of the cluster that you have created on AWS/GCP/Azure ## clusterName: "CLUSTER_NAME" ## @section Parameters for tfyAgent ## @param tfyAgent.enabled Flag to enable Tfy Agent ## tfyAgent: enabled: true ## @param tfyAgent.clusterToken Parameters for clusterToken ## Token for cluster authentication ## clusterToken: "CLUSTER_TOKEN" -
Execute the command
ocli compute-plane-install -f values.yaml --cluster-type gcp-gke-standard
Saving the output file
Once the above command finishes, save the output using the command below:
ocli output --file tfy-config.yaml > output.txt
Updated about 1 month ago