Kubernetes is a container orchestration tool and it is developed by Google. The same Kubernetes service they are providing on cloud called Google Kubernetes Engine (GKE). In this article, we will learn how to set up a GKE.
Create a VPC Network and Subnet
For more security and to isolate from other customers or other Kubernetes we will deploy our Kubernetes Engine on new VPC. To create the VPC, login to your Google cloud account and select the VPC network under networking from the home page. Click the VPC network to get a dashboard for the VPC network, there you can see all the default VPC. To create a new click on Create VPC network on top.
Give name and description for the VPC and create a subnet under this vpc, for the subnet you can add a private IP address. Refer to the below screenshot for more details.
Click the “Create” button to complete the activity.
2. Create the private Kubernetes cluster
To set up the GKE login to your Google cloud account. The home page looks like below. From the left side panel, clicks on Kubernetes Engine and click on clusters from the pop-up window.
If you already have a cluster it will displays the details here. If not click on “Create Cluster” to create one. On the next page, you can see a form to set up the cluster.
In the form, you can add a name for your cluster and select region or zone where you want to set up the cluster. A region may contain multiple zones, I have selected the zone us-central1-c. Next, select the master Kubernetes version, I chose the default which is 1.14.10-gke.17.
Once you completed the basic cluster details, click on the “Default pool” to setup nodes required for the cluster. Give a name for the node pool and enter the number of nodes required.
Once done click on Node from the left side panel and here you can select the node operating system and size (CPU and memory). I have configured it as the below screenshot.
Next, click on networking to configure the network for the cluster. Select the private cluster option and add the Master IP address range (I used the default 172.16.0.0/28 range). Make sure to check “Access master using its external IP address”. Select the VPC and subnet that we created earlier.
Also, Enable HTTP load balancing and enable master authorized network (this is required if we want to access master from the outside network). I have configured it with (0.0.0.0/0) so it can be accessed from anywhere. I recommend you to restrict based on your office or home IP address range.
Once done, then click the Create button to start the cluster. Once the cluster is ready we can see it on the dashboard with the cluster details.
Next, create a firewall rule to allow connections to the virtual machines
3. Create a firewall rule to allow connection
To create a firewall rule click VPC network under networking and select Firewall Rules.
Click the “Create firewall rule” button on top and add a name, description, and VPC as follows.
Next, create an ingress rule, I created an SSH (port 22) TCP rule and allowed connection from all the source IP address. Restrict the source IP address based on your requirements.
Click the “Create” button to complete it. This firewall rule helps us to log in to the Virtual machine. Earlier we have chosen the number of nodes as 3.
4. Connect to the cluster and testing
We have created the Kubernetes cluster and all required network configuration. Next, to connect the cluster click the “Connect” button on the dashboard. It will pop up another window, as mentioned in the window we have to configure kubectl command-line access by running the following command. To run the command on cloud shell press “Run in cloud shell” button.
Press enter to execute the command, you will get an output similar to below.
@cloudshell:~ (astral-option-257108)$ gcloud container clusters get-credentials techiesk8scluster --zone us-central1-c --project astral-option-257108
Fetching cluster endpoint and auth data.kubeconfig entry generated for techiesk8scluster.
To list all nodes and their details execute the below command.
$ kubectl get nodes NAME STATUS ROLES AGE VERSION gke-techiesk8scluster-default-pool-faa6aa67-b5bk Ready <none> 22m v1.14.10-gke.17 gke-techiesk8scluster-default-pool-faa6aa67-cncp Ready <none> 22m v1.14.10-gke.17 gke-techiesk8scluster-default-pool-faa6aa67-whgc Ready <none> 22m v1.14.10-gke.17
We have successfully set up Google Kubernetes Engine.
Next, we will deploy a sample application to check any issue with the cluster.
kubectl create deployment hello-world --image=gcr.io/hello-minikube-zero-install/hello-node deployment.apps/hello-world created
Here we have deployed an application present in the Google repository next we will expose it to the internet with the help of a load balancer.
kubectl expose deployment hello-world --port=8080 --type=LoadBalancer
Execute the below command to get the details about this service.
Here we see the cluster is assigned a public IP address to the application and the port number is 8080. Access the address on any browser to make sure that it is available over the internet.
Confirmed !! the application is available to the outside. Next, we will pull a docker image from outside the Google repository. It helps to confirm we can connect to the outside internet. For this am deploying a MariaDB application. Execute the below command for the deployment.
kubectl create deployment nginx --image nginx
It pulls the image from the Docker hub repository. To list all deployments
$ kubectl get deployment NAME READY UP-TO-DATE AVAILABLE AGE hello-world 1/1 1 1 20m nginx 1/1 1 1 13s
We have set up Google Kubernetes Engine and confirmed it is working as expected.
I have already written another Kubernetes installation which is on AWS cloud virtual machine with the help of the Kops tool. Please note it is not a service provided by AWS, but I have used AWS EC2 instance to set up the Kubernetes cluster. You can read more about this from the below link.