Google Kubernetes Engine (GKE) Integration Guide with Zeet
This guide details the process for integrating Google Kubernetes Engine (GKE) with Zeet. It includes instructions for setting up necessary cluster components and connecting your GKE cluster with Zeet.
1. Installing Cluster Components
Integrating GKE with Zeet involves configuring various components to enhance your Kubernetes cluster's functionality and manageability.
Cluster Components Manifests
All necessary files and templates are available in our GitHub repository: zeet-dev/zeet-cloud-gcp. This repository contains the required Terraform scripts and Kubernetes configurations for the integration.
Parameters Needed
Important parameters for the setup are:
- GCP_PROJECT_ID: Your Google Cloud Project ID.
- CLUSTER_NAME: The name of your GKE cluster.
- CLUSTER_REGION: The GCP region where your cluster is located.
- CLUSTER_DOMAIN: The domain name for your Kubernetes cluster.
These parameters are crucial for correctly configuring the cluster components.
2. Connecting Your Cloud Account with Zeet (Optional)
After setting up the cluster components, you may choose to connect your GCP account with Zeet. This step is necessary for Zeet to access your GCP resources.
Note: This step is required if you want Zeet to interface with your GCP account. If you're only managing resources within your GKE cluster, this step can be skipped.
For more details, refer to Zeet GCP Integration Documentation.
3. Connecting Your GKE Cluster with Zeet
Create a Service Account for Zeet with Cluster Access
Zeet needs a service account with role binding to manage your GKE cluster. Create a service account using the following manifest:
Refer to this guide for instructions on creating a kubeconfig file from a service account: Creating kubectl config file for service account.
Connect Your Cluster with Zeet
Navigate to the Zeet cluster connection page: Connect Cluster.
Upload the Kubeconfig File
Networking Configuration Details
This section provides comprehensive guidance on setting up domain names and ingress controllers for your GKE cluster integrated with Zeet.
Domain Name and Ingress Setup
Domain Configuration for Each Cluster:
- Ensure every GKE cluster has a unique and correctly set domain in the cluster settings.
- This domain serves as the primary endpoint for all services running on the cluster.
Using Zeet Managed Domains:
- For domains managed by Zeet (like
*.zeet.app
), you need to provide us with the NS record. This enables us to direct the domain to your Zeet account. - If you prefer using a custom subdomain, ensure it is configured to point to the correct IP addresses managed by your GKE cluster.
- For domains managed by Zeet (like
Google DNS and IAM Role Configuration:
- Add your cluster domain as a zone in Google DNS. This step is crucial for the domain to resolve correctly.
- Assign the IAM role for cert-manager/external-dns to this domain. This allows automated management of DNS records, facilitating smooth SSL/TLS certificate handling and renewals.
- Detailed steps and required scripts are available in our GKE Terraform Module.
Ingress Controller Configuration
Default In-cluster L4 Ingress Controller:
- If you're using Zeet's recommended in-cluster L4 ingress controller (such as Traefik or Nginx/Envoy), no extra configuration is required.
- Ensure your DNS settings are updated to reflect any changes in IP addresses or domain names associated with your cluster.
Using GCE's L7 Ingress Controller:
- For those opting for Google Cloud Engine's L7 ingress controller (ALB), additional steps are
necessary:
- Follow the guidelines in the Google Cloud Ingress Guide for proper setup and management.
- This includes configuring BackendConfig objects, SSL certificates, and ensuring that the domain and certificates are managed appropriately within the Google Cloud ecosystem.
- For those opting for Google Cloud Engine's L7 ingress controller (ALB), additional steps are
necessary:
Non-default Ingress Controllers:
- If you choose to use an ingress controller other than the default provided by Zeet, ensure it is configured to correctly point to the services within your cluster.
- Configuration details will vary based on the chosen ingress controller and should align with the specific requirements and documentation of that controller.