Google Kubernetes Engine

From XennisWiki
Jump to: navigation, search

Kubernetes as a service of the Google Cloud Platform.

Usage

List clusters

gcloud container clusters list

Create (and delete) a cluster

Create a new cluster

gcloud container clusters create <name>

Example of creating a cluster, download the credentials and switch kubectl to this context.

PROJECT_ID=my-project
CLUSTER_NAME=my-cluster
CLUSTER_ZONE=europe-west1-b

# If you are not logged in, login first:
#gcloud auth login
#gcloud auth application-default login

gcloud container clusters create ${CLUSTER_NAME} --project ${PROJECT_ID} --zone ${CLUSTER_ZONE} --preemptible
gcloud container clusters get-credentials ${CLUSTER_NAME} --project ${PROJECT_ID} --zone ${CLUSTER_ZONE}
kubectl config use-context gke_${PROJECT_ID}_${CLUSTER_ZONE}_${CLUSTER_NAME}

Delete a cluster

gcloud container clusters delete <name>

Upgrade a cluster

CLUSTER_NAME=my-clusterCLUSTER_NAME
NODE_POOL=my-pool

gcloud container clusters upgrade ${CLUSTER_NAME} --master
gcloud container clusters upgrade ${CLUSTER_NAME} --node-pool ${NODE_POOL}

Tips

Configure service with a static IP

Further information: Configuring Domain Names with Static IP Addresses

PROJECT_NAME=my-project
REGION=europe-west1
IP_NAME=my-ip

# Reserve a static IP
gcloud compute --project ${PROJECT_NAME} addresses create ${IP_NAME} \
    --region ${REGION} \
    --description "Static IP for my Kubernetes service"
# Output the IP (field "address" in the output)
gcloud compute --project ${PROJECT_NAME} addresses describe ${IP_NAME} --region ${REGION}

In the configuration of the Kubernetes service add the IP

apiVersion: v1
[...]
spec:
  [...]
  type: LoadBalancer
  loadBalancerIP: <ip address>

Errors and problems

Forbidden to create cluster role binding

Command and error message
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "user@example.org" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: Required "container.clusterRoleBindings.create" permission.
Solution[1]

grep the username and password

gcloud container clusters describe <name> | grep -i -E "username|password"

Add the username and password to the command

kubectl --username=<username> --password=<password> create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

See also

References

External links