Prerequisites in Google Kubernetes Engine

Note Deploying to GKE will incur charges.

Create a service account using Google Kubernetes Engine. GKE uses this account to operate your cluster. Creating this account also generates a private key used for authentication.

The service account requires the following roles:

  • Compute Viewer: roles/compute.viewer
  • Project Viewer: roles/viewer
  • Kubernetes Engine Admin: roles/container.admin
  • Service Account User: roles/iam.serviceAccountUser

Google Documentation: Creating and Enabling Service Accounts

Create the GKE Cluster

Use Rancher to set up and configure your Kubernetes cluster.

  1. From the Clusters page, click Add Cluster.

  2. Choose Google Kubernetes Engine.

  3. Enter a Cluster Name.

  4. Use Member Roles to configure user authorization for the cluster. Click Add Member to add users that can access the cluster. Use the Role drop-down to set permissions for each user.

  5. Either paste your service account private key in the Service Account text box or Read from a file. Then click Next: Configure Nodes.

    Note: After submitting your private key, you may have to enable the Google Kubernetes Engine API. If prompted, browse to the URL displayed in the Rancher UI to enable the API.

  6. Select your Cluster Options

  7. Customize your Node Options

    • Enabling the Auto Upgrade feature for Nodes is not recommended.
  8. Select your Security Options

  9. Review your options to confirm they’re correct. Then click Create.

Result:

Your cluster is created and assigned a state of Provisioning. Rancher is standing up your cluster.

You can access your cluster after its state is updated to Active.

Active clusters are assigned two Projects:

  • Default, containing the default namespace
  • System, containing the cattle-system, ingress-nginx, kube-public, and kube-system namespaces