The Onboarding CLI is a powerful command-line tool designed to streamline the process of deploying GKE clusters along with their essential requirements. Developed to simplify the setup of Kubernetes clusters, this CLI automates the entire deployment process, minimising manual intervention and enabling users to focus on their core tasks. By asking a few crucial inputs from the user, the CLI swiftly configures the necessary infrastructure, easing the burden of cluster creation and management.

Pre-requisites

1. Download gcloud >= 2.50

2. You must have a GCP project and your user or serviceaccount should have full access to it.

3. Set up application default credentials with gcloud so that CLI can authenticate

   Shell

   # gcloud ADC login
   gcloud auth application-default login
   

4. Ensuring GCP Infrastructure requirements are read carefully.

Download the CLI

1. Download the binary using the below command.
   1. For Apple Silicon MacOS
      Shell

      curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_darwin_arm64 -o ocli
      

   2. For Intel MacOS
      Shell

      curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_darwin_amd64 -o ocli
      

   3. For Linux (arm)
      Shell

      curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_linux_arm64 -o ocli
      

   4. For Linux (amd)
      Shell

      curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_linux_amd64 -o ocli
      

2. Make the binary executable and move it to $PATH
   Shell

   sudo chmod +x ./ocli
   sudo mv ocli /usr/local/bin
   

3. Confirm by running the command
   Shell

   ocli
   

🚧

Update to latest version

Always make sure to update ocli to the latest version.

Creating a config file

In the section we will check how to create a config file. A config file is a YAML file for giving inputs to the CLI related to the GKE cluster.

1. A GKE cluster can be created in two ways

   1. Existing Network - If you already have an existing network where you want to deploy the cluster, the CLI can leverage that and create the required components inside the subnetwork. Read existing network requirements to know more on this
   2. New Network (Recommended) - If you don't have any existing subnetwork or want to deploy the cluster in a new subnetwork, the CLI gives you an option to input your required subnet range, a pod subnet additional range and a service additional range. Read new network requirements to know more on this.

2. Run the below command

   Shell

   ocli infra init
   

3. Screen will be cleared and you will be asked for cloud provider choice. Select gcp and proceed for giving input for your organisation ID

   Shell

   Truefoundry is a platform that makes it very easy to deploy microservices, ML models training jobs, LLMs on Kubernetes. We will start the process of bootstrapping a Kubernetes cluster. This CLI is useful only if you don't have a Kubernetes cluster. If you already have a cluster, please go to https://docs.truefoundry.com/docs/creating-your-own-kubernetes-cluster
   Let's get started!
   
   1. Cloud Provider
   In which cloud provider you would like to deploy your cluster: :
      aws
      azure
   >  gcp
   gcp
   
   2. Project Details
   2(A) What is your GCP project ID:  project-id-1234
   

❗️

rpc error: code = PermissionDenied desc = The caller does not have permission

This error indicates that you don't have permission in your project or the project ID is incorrect. To go through the CLI you should have max permissions in the project.

❗️

listGCPProjects: Error creating projects client for listing projects: google: could not find default credentials

This indicates that you have not set up application default login with gcloud. To achieve that run the following command from the Prerequisites

Shell

gcloud auth application-default login

4. Enter the name of the cluster. You are not required to enter prefixes like tfy as this will get added automtically. So if you chose you cluster name as example and region as us-central1, then all the resources will be created with the prefix tfy-example-usce1
   Shell

   What is the cluster name that you want for your cluster (final name of your cluster will tfy-<NAME>-<SHORT_REGION>):
   

4. Select the region where you want to deploy your cluster. It is important to note that you must have enough quotas in your region to run workloads. You can again use up and down arrow keys and / for searching through the list of regions.
   Shell

   4. Location Details
   4(A). Regions
   Use the arrow keys to navigate: ↓ ↑ → ←  and / toggles search
   In which region you want to deploy your cluster: ?
     asia-east1
     asia-east2
     asia-northeast1
     asia-northeast2
   ↓ asia-northeast3
   

   1. Enter the no of availability zones where you want to deploy your cluster. Default value is 3 , min is 2 and max is the no of availability zones present in that region. After this go ahead and select the availability zones accordingly.
      Shell

      4(B). Availability Zones
      Enter the number of availability zones (Default 3: 2 <= range <=4):  3
      Use the arrow keys to navigate: ↓ ↑ → ←  and / toggles search
      Select the availabiltity zone 1: 
        us-central1-a
        us-central1-b
        us-central1-c
        us-central1-f
      

Existing Network

1. Select existing when you want to deploy your cluster in a an existing network.
   Shell

   5. Network and VPC
   Use the arrow keys to navigate: ↓ ↑ → ← 
   Do you want to create a new network or reuse an existing network: 
     new
     existing
   

2. You can select your existing VPC from the drop down list.
   Shell

   5(A). Network Name
   Use the arrow keys to navigate: ↓ ↑ → ←  and / toggles search
   Select the network where you want to deploy your cluster: 
     default
     example-vpc
   

3. You can select your subnet from the drop down list. This subnet must have a pods and a services additional range. Read Existing network to know more on this.
   Shell

   5(B). Private Subnetwork ID
   Use the arrow keys to navigate: ↓ ↑ → ←  and / toggles search
   Select the subnetwork name where you want to deploy your cluster: 
     projects/example-project/regions/us-central1/subnetworks/example-subnet-1
     projects/example-project/regions/us-central1/subnetworks/example-subnet-2
     projects/example-project/regions/us-central1/subnetworks/example-subnet-3
     projects/example-project/regions/us-central1/subnetworks/example-subnet-4
   

4. Generated config file will look something like this.
   YAML

   aws: null
   azure: null
   binaries:
       terraform:
           binary_path: null
       terragrunt:
           binary_path: null
   gcp:
       cluster:
           name: gordon
       network:
           existing: true
           network_name: example-vpc
           pod_cidr: ""
           service_cidr: ""
           subnet_cidr: ""
           subnet_id: projects/example-project-1234/regions/us-central1/subnetworks/example-subnet-2
       project:
           id: example-project-1234
       region:
           availability_zones:
               - us-central1-a
               - us-central1-b
               - us-central1-c
           name: us-central1
       tags: {}
   provider: gcp
   

New Network

If you want to use a new network to deploy the cluster

1. Specify the subnet range - Default value is 10.10.0.0/16
   Shell

   5(A). Subnet CIDR
   What should be the CIDR for your new subnet (Default: 10.10.0.0/16. Chose a range between /8 and /24):	
   

2. Specify the pod range - Default values is 10.244.0.0/16
   Shell

   5(B). Pod CIDR
   What should be the CIDR for your pod (Default: 10.244.0.0/16. Chose a range between /8 and /24):
   

3. Specify the services range - Default values is 10.255.0.0/16
   Shell

   5(C). Service CIDR
   What should be the CIDR for your service (Default: 10.255.0.0/16. Chose a range between /8 and /24):
   

• Generated config file
  YAML

  aws: null
  azure: null
  binaries:
      terraform:
          binary_path: null
      terragrunt:
          binary_path: null
  gcp:
      cluster:
          name: example-cluster
      network:
          existing: false
          network_name: ""
          pod_cidr: 10.244.0.0/16
          service_cidr: 10.255.0.0/16
          subnet_cidr: 10.10.0.0/16
          subnet_id: ""
      project:
          id: example-project-1234
      region:
          availability_zones:
              - asia-east1-a
              - asia-east1-b
              - asia-east1-c
          name: asia-east1
      tags: {}
  provider: gcp
  

Running the config file

Once the config file is created, you can run it by the following command

ocli infra create --file tfy-config.yaml

❗️

Create GCS bucket example-us-central1-tfy-ocli-bucket' unsuccessful after 3 retries

This is an intermittent error, you just need to run the command again.

Post cluster-creation steps

Saving the output

The above process generates some output which are helpful for deployment of some applications. For this save the output in some file

ocli infra output --file config.yaml > output.txt

Downloading the kubeconfig file

1. The CLI downloads kubectl if it is not present by default. However to connect to the GKE you have to install gke-gcloud-auth-plugin
2. Export the following variable

   export CLUSTER_NAME=""
   export REGION=""
   

3. Download the kubeconfig file
   Shell

   gcloud container clusters get-credentials $CLUSTER_NAME  --zone $REGION
   

Connecting the cluster to the platform

Follow the Connecting the cluster guide so as to connect the cluster to TrueFoundry's platform.