multi-cloud networking

Playing with GKE

cargo container lot — Photo by Chanaka on Pexels.com

Architecture

Terraform

	resource "google_compute_subnetwork" "gke-network" {
	project = var.project
	name = "network010"
	ip_cidr_range = "100.64.0.0/21"
	region = data.google_compute_zones.available.region
	network = google_compute_network.vpc_network["vpc001"].name
	secondary_ip_range {
	range_name = "network010-pods"
	ip_cidr_range = "100.64.8.0/21"
	}
	secondary_ip_range {
	range_name = "network010-services"
	ip_cidr_range = "100.64.16.0/21"
	}

	}

	module "gke" {
	datapath_provider = "ADVANCED_DATAPATH"
	default_max_pods_per_node = 10
	enable_private_nodes = true
	horizontal_pod_autoscaling = true
	http_load_balancing = true
	ip_range_pods = "network010-pods"
	ip_range_services = "network010-services"
	name = "gke-east-${google_compute_network.vpc_network["vpc001"].name}"
	network_policy = false
	network = google_compute_network.vpc_network["vpc001"].name
	region = data.google_compute_zones.available.region
	release_channel = "UNSPECIFIED"
	remove_default_node_pool = true
	sandbox_enabled = true
	source = "terraform-google-modules/kubernetes-engine/google//modules/beta-private-cluster"
	subnetwork = "network010"
	project_id = var.project
	zones = ["${element(data.google_compute_zones.available.names, 0)}"]

	node_pools = [
	{
	name = "node-pool-${google_compute_network.vpc_network["vpc001"].name}"
	machine_type = "e2-small"
	min_count = 2
	max_count = 5
	spot = true
	auto_repair = false
	auto_upgrade = false
	initial_node_count = 2
	}
	]
	}

view raw container.tf hosted with ❤ by GitHub

ricardotrentin@RicardontinsMBP gcp-lab % gcloud container clusters list

NAME             LOCATION  MASTER_VERSION   MASTER_IP     MACHINE_TYPE  NODE_VERSION     NUM_NODES  STATUS
gke-east-vpc001  us-east1  1.25.5-gke.2000  34.73.106.24  e2-small      1.25.5-gke.2000  3          RUNNING

ricardotrentin@RicardontinsMBP ~ %gcloud container clusters get-credentials gke-east-vpc001 --zone us-east1-b --project rtrentin-01


Fetching cluster endpoint and auth data.
kubeconfig entry generated for gke-east-vpc001.

ricardotrentin@RicardontinsMBP gcp-lab % kubectl  cluster-info

Kubernetes control plane is running at https://34.73.106.24
GLBCDefaultBackend is running at https://34.73.106.24/api/v1/namespaces/kube-system/services/default-http-backend:http/proxy
KubeDNS is running at https://34.73.106.24/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://34.73.106.24/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

ricardotrentin@RicardontinsMBP gcp-lab % kubectl get nodes 

NAME                                                 STATUS   ROLES    AGE     VERSION
gke-gke-east-vpc001-node-pool-vpc001-3f001dd8-pbmd   Ready    <none>   13m     v1.25.5-gke.2000
gke-gke-east-vpc001-node-pool-vpc001-3f001dd8-wng9   Ready    <none>   5h9m    v1.25.5-gke.2000
gke-gke-east-vpc001-node-pool-vpc001-3f001dd8-zvp9   Ready    <none>   4m25s   v1.25.5-gke.2000

ricardotrentin@RicardontinsMBP gcp-lab % kubectl describe node

Example of a deployment:

--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx 
  template:
    metadata:
      labels: 
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
--
apiVersion: v1
kind: Service
metadata:
  name: nginx
  annotations:
    networking.gke.io/load-balancer-type: "Internal"
spec:
  type: LoadBalancer
  externalTrafficPolicy: Cluster
  selector:
    app: nginx
  ports:
  - name: tcp-port
    protocol: TCP
    port: 80
    targetPort: 80

ricardotrentin@RicardontinsMBP gcp-lab % kubectl get svc        

NAME         TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP      100.64.16.1     <none>        443/TCP        7h27m
nginx        LoadBalancer   100.64.17.212   100.64.0.19   80:31405/TCP   69s

ricardotrentin@RicardontinsMBP gcp-lab % kubectl get deploy                         

NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   2/2     2            2           13m

ricardotrentin@RicardontinsMBP gcp-lab % kubectl get pods       

NAME                     READY   STATUS    RESTARTS   AGE
nginx-6d666844f6-q8vpk   1/1     Running   0          13m
nginx-6d666844f6-wv88k   1/1     Running   0          13m

Using NEG:

apiVersion: v1
kind: Service
metadata:
  name: nginx-neg
  annotations:
    cloud.google.com/neg: '{"exposed_ports": {"80":{"name": "nginx-neg"}}}'
spec:
  type: ClusterIP
  ports:
  - port: 80
    targetPort: 80
  selector:
    app: nginx

ricardotrentin@RicardontinsMBP gcp-lab % kubectl get svc   
                         
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   100.64.16.1     <none>        443/TCP   7h43m
nginx-neg    ClusterIP   100.64.23.184   <none>        80/TCP    87s

ricardotrentin@RicardontinsMBP gcp-lab % gcloud compute network-endpoint-groups list

NAME       LOCATION    ENDPOINT_TYPE   SIZE
nginx-neg  us-east1-b  GCE_VM_IP_PORT  2

References

https://cloud.google.com/kubernetes-engine/docs/concepts/kubernetes-engine-overview

https://registry.terraform.io/modules/terraform-google-modules/kubernetes-engine/google/24.1.0

Related

Leave a Reply Cancel reply

%d bloggers like this: