description |
---|
Enable access to the DuploCloud shell for your GCP account |
Enabling kubectl shell access in GCP is part of a one-time DuploCloud Portal setup process.
- In the Tenant list box, select the Tools Tenant.
- Navigate to Kubernetes -> Nodes.
- Select the Node Pool tab, and click Add.
The Add Node Pool pane
- Complete the required fields, and click Create.
- Once the node pool is complete, it will display on the GCP VM tab with a status of Running.
The GCE VM tab in the DuploCloud Portal
- In the Tenant list box, select the Tools Tenant.
- Navigate to Kubernetes -> Services.
- Click Add. The Add Service page displays.
- From the table below, enter the values that correspond to the fields on the Add Service page. Accept default values for fields not specified.
Add Service page field | Value |
---|---|
Name | kubectl |
Cloud | Google |
Platform | GKE Linux |
Docker Image | duplocloud/shell:terraform_kubectl_v15 |
- In the Environment Variables field, enter the following YAML. Replace the flask app secret (b33d13ab-5b46-443d-a19d-asdfsd443 in this example) with a string of random numbers and letters in the same format and replace CUSTOMER_PREFIX with your customer URL prefix.
- Name: FLASK_APP_SECRET
Value: b33d13ab-5b46-443d-a19d-asdfsd443
- Name: DUPLO_AUTH_URL
Value: https://<CUSTOMER_PREFIX>.duplocloud.net
- Click Next. The Advanced Options page displays.
- Click Create. The Service is created.
- Navigate to Kubernetes -> Services.
- Select the kubectl Service from the NAME column.
- Select the Load Balancers tab, and click Configure Load Balancer. The Add Load Balancer Listener pane displays.
- In the Select Type list box, select K8s Cluster IP.
- In the Container port and External port fields, enter 80.
- In the Health Check field, enter /duplo_auth.
- In the Backend Protocol list box, select TCP
- Select Advanced Kubernetes settings and Set HealthCheck annotations for Ingress.
- Click Add. The Load Balancer listener is added.
- In the Tenant list box, select the Tools Tenant.
- Navigate to Kubernetes -> Ingress.
- Click Add. The Add Kubernetes Ingress page displays.
- In the Ingress Name field, enter
kubect-shell
. - From the Ingress Controller list box, select gce.
- In the Visibility list box, select Public.
- In the DNS Prefix field**,** enter the DNS name prefix.
- In the Certificate ARN list box, select the ARN added to the Plan in the Certificate for Load Balancer and Ingress step.
The Add Kubernetes Ingress page
- Click Add Rule. The Add Ingress Rule pane displays.
- In the Path field, enter (/)
- In the Service Name list box, select the Service previously created (kubectl:80)
- Click Add Rule. A rule directing all traffic to the kubectl Service is created.
13. On the Add Kubernetes Ingress page, click Add. The Ingress is created.
-
Navigate to Administrator -> Systems Settings.
-
Select the System Config tab, and click Add. The Add Config pane displays.\
-
From the Config Type list box, select AppConfig.
-
From the Key list box, select Other.
-
In the second Key field, enter DuploShellfqdn
-
In the Value field, paste the Ingress DNS. To find the Ingress DNS, navigate to Kubernetes -> Ingress, and copy the DNS from the DNS column.\
-
Click Submit.
kubectl
shell access is enabled.