Creating A GKE Cluster Using Onboarding Cli
The Onboarding CLI is a powerful command-line tool designed to streamline the process of deploying GKE clusters along with their essential requirements. Developed to simplify the setup of Kubernetes clusters, this CLI automates the entire deployment process, minimising manual intervention and enabling users to focus on their core tasks. By asking a few crucial inputs from the user, the CLI swiftly configures the necessary infrastructure, easing the burden of cluster creation and management.
Pre-requisites
-
Download gcloud >= 2.50
-
You must have a GCP project and your user or serviceaccount should have full access to it.
-
Set up application default credentials with
gcloud
so that CLI can authenticate -
Ensuring GCP Infrastructure requirements are read carefully.
Download the CLI
-
Download the binary using the below command.
-
For Apple Silicon MacOS
-
For Intel MacOS
-
For Linux (arm)
-
For Linux (amd)
-
-
Make the binary executable and move it to
$PATH
-
Confirm by running the command
Update to latest version
Always make sure to update ocli
to the latest version.
Creating a config file
In the section we will check how to create a config file. A config file is a YAML file for giving inputs to the CLI related to the GKE cluster.
-
A GKE cluster can be created in two ways
- Existing Network - If you already have an existing network where you want to deploy the cluster, the CLI can leverage that and create the required components inside the subnetwork. Read existing network requirements to know more on this
- New Network (Recommended) - If you don’t have any existing subnetwork or want to deploy the cluster in a new subnetwork, the CLI gives you an option to input your required subnet range, a
pod
subnet additional range and aservice
additional range. Read new network requirements to know more on this.
-
Run the below command
-
Screen will be cleared and you will be asked for cloud provider choice. Select
gcp
and proceed for giving input for your organisation ID
rpc error: code = PermissionDenied desc = The caller does not have permission
This error indicates that you don’t have permission in your project or the project ID is incorrect. To go through the CLI you should have max permissions in the project.
listGCPProjects: Error creating projects client for listing projects: google: could not find default credentials
This indicates that you have not set up application default login with gcloud. To achieve that run the following command from the Prerequisites
-
Enter the name of the cluster. You are not required to enter prefixes like
tfy
as this will get added automtically. So if you chose you cluster name asexample
and region asus-central1
, then all the resources will be created with the prefixtfy-example-usce1
-
Select the region where you want to deploy your cluster. It is important to note that you must have enough quotas in your region to run workloads. You can again use up and down arrow keys and
/
for searching through the list of regions.
-
Enter the no of availability zones where you want to deploy your cluster. Default value is
3
, min is2
and max is the no of availability zones present in that region. After this go ahead and select the availability zones accordingly.
Existing Network
-
Select existing when you want to deploy your cluster in a an existing network.
-
You can select your existing VPC from the drop down list.
-
You can select your subnet from the drop down list. This subnet must have a
pods
and aservices
additional range. Read Existing network to know more on this. -
Generated config file will look something like this.
New Network
If you want to use a new network to deploy the cluster
-
Specify the subnet range - Default value is
10.10.0.0/16
-
Specify the pod range - Default values is
10.244.0.0/16
-
Specify the services range - Default values is
10.255.0.0/16
-
Generated config file
Running the config file
Once the config file is created, you can run it by the following command
Create GCS bucket example-us-central1-tfy-ocli-bucket’ unsuccessful after 3 retries
This is an intermittent error, you just need to run the command again.
Post cluster-creation steps
Saving the output
The above process generates some output which are helpful for deployment of some applications. For this save the output in some file
Downloading the kubeconfig
file
-
The CLI downloads kubectl if it is not present by default. However to connect to the GKE you have to install gke-gcloud-auth-plugin
-
Export the following variable
-
Download the kubeconfig file
Connecting the cluster to the platform
Follow the Connecting the cluster guide so as to connect the cluster to TrueFoundry’s platform.