Pattern to produce simple Google Kubernetes (GKE) clusters.
The clusters created by this project are not production worthy. They create zonal clusters i.e. the control plane only exists in a single Google Zone, as does the nodes for the node pool (which, by default there is one of).
- Creates
- Requirements
- Usage
- Workspaces
- Flux bootstrapping
- Notes
- Using Weave GitOps on the cluster
- Connect a leaf cluster
- Simple network
- GKE cluster
- Autoscaling node pool
- Installs Weave Gitops Core (via Flux)
- DNS hosted zone
- Various service accounts
- You are part of the group gcp-weave-gitops-clusters-project-owners. Request joining via corp
$ make ENV=<env> tf-plan
# ...
$ make ENV=<env> tf-apply
# ...where env should match the name of the environment to be deployed and have a
corresponding tfvars file in vars/ (once you've run a make command with
ENV set it should remember it by reading .terraform/environment).
This uses Terraform Workspaces to provide isolation between different environments.
To create a new workspace run:
$ make ENV=<new-env> tf-create-workspaceYou'll need to update locals.tf's allowed_workspaces list (otherwise you'll
get Invalid index errors) and add any further customisations to the newly
created vars/<new-workspace-name>.tfvars file.
Workspaces are currently named after the region they're deployed to. If multiple workspaces are needed in the same region they can be created with some suffix.
Before bootstrapping, make sure to export the GitHub PAT token for the weaveworksbot. The token is available in 1password.
export GITHUB_TOKEN="<weaveworksbot token>"
make flux-bootstrapYou might find the following error
CRITICAL: ACTION REQUIRED: gke-gcloud-auth-plugin, which is needed for continued use of kubectl, was not found or is not executable.
Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
That you fix via gcloud components install gke-gcloud-auth-plugin
if you are using flux v0.33.0 you might hit this issue, so just use a previous
version to bootstrap. for example 0.32.0
Long term this project is intended to allow testing of multi-cluster configurations. As part of testing the more hostile potential setups each workspace creates its own VPC and subnet, i.e. assumes that the management cluster is in an entirely separate network to its leaf cluster (this may need to be pushed further to a separate project).
The Weave GitOps UI should be visible here.
The username and password can be found in 1password under wego-app-staging.
Contact corp-it if you do not have access to this.
If you find a bug, complete as much of the issue template as possible.
For the Weave GitOps Version field, provide the tag of the image which was
deployed at the time you noticed the bug. This can be found in this file
under spec.chart.values.image.tag.
Logs for the weave-gitops-app deployment can be found here.
If you cannot see that page, contact corp-it.
Now that you have provisioned your cluster, in the case of playing the role of a leaf cluster, you might want to connect it to a mangement clusters. You could read how to connect a leaf cluster.