Setup a Google Kubernetes Engine cluster

Setup a Google Kubernetes Engine cluster

先决条件

Create a new cluster

  1. $ gcloud services enable container.googleapis.com && \
  2.   gcloud container clusters create $CLUSTER_NAME \
  3.   --zone $ZONE \
  4.   --project $PROJECT_ID

For more options refer to the Google Cloud SDK docs, or instead create a cluster through the Cloud Console for a more interactive experience.

For private GKE clusters

Sidecar injection will not work for private clusters without extra steps. An automatically created firewall rule for master access does not open port 4000. This is needed for Dapr sidecar injection.

To review the relevant firewall rule:

  1. $ gcloud compute firewall-rules list --filter="name~gke-${CLUSTER_NAME}-[0-9a-z]*-master"

To replace the existing rule and allow kubernetes master access to port 4000:

  1. $ gcloud compute firewall-rules update <firewall-rule-name> --allow tcp:10250,tcp:443,tcp:4000

Retrieve your credentials for kubectl

  1. $ gcloud container clusters get-credentials $CLUSTER_NAME \
  2.     --zone $ZONE \
  3.     --project $PROJECT_ID

(可选) 安装Helm v3

  1. 安装 Helm v3 客户端

注意: 最新的 Dapr helm chart 不再支持 Helm v2。 请按照这篇文章 Helm 迁移指南 从Helm v2 迁移到Helm v3。

  1. 如果您需要 Kubernetes 仪表板权限,(例如 configmaps is forbidden: User “system:serviceaccount:kube-system:kubernetes-dashboard” cannot list configmaps in the namespace “default” 等等),执行这个命令
  1. kubectl create clusterrolebinding kubernetes-dashboard -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard