GKE Installer
Fury GKE Installer deploys a production-grade Kubernetes Fury cluster based on Google Kubernetes Engine (GKE).
If you are new to Kubernetes Fury please refer to the official documentation on how to get started.
Modules
The installer is composed of the following terraform modules:
| Module | Description |
|---|---|
| VPC and VPN | Deploy the necessary networking infrastructure |
| GKE | Deploy the GKE cluster |
Click on each module to see its full documentation.
Architecture
The GKE installers deploys and configures a production-ready GKE cluster without having to learn all internals of the service.
The GKE module deploys a private control plane cluster, where the control plane endpoint is not publicly accessible.
The VPC and VPN module setups all the necessary networking infrastructure and a bastion host.
The bastion host includes a OpenVPN instance easily manageable by using furyagent to provide access to the cluster.
🕵🏻♂️ Furyagent is a tool developed by SIGHUP to manage OpenVPN and SSH user access to the bastion host.
Usage
Requirements
- GCP Access Credentials of a GCP Account with
Project Ownerrole with the following APIs enabled:- Identity and Access Management (IAM) API
- Compute Engine API
- Cloud Resource Manager API
- Kubernetes Engine API
- terraform
0.15.4 sshor OpenVPN Client - Tunnelblick (on macOS) or OpenVPN Connect (for other OS) are recommended.
Create GKE Cluster
To create the cluster via the installers:
-
Use the VPC and VPN module to deploy the networking infrastructure
-
Configure access to the OpenVPN instance of the bastion host via furyagent
-
Connect to the OpenVPN instance
-
Use the GKE module to deploy the GKE cluster
Please refer to each module documentation and the example folder for more details.
You can follow the Fury on GKE quick start guide for a more detailed walkthrough