Skip to content

Cluster Setup

As of right now this is just a list that I am keeping for myself

Always

Build Cluster (make sure to use node w/ 2cpu for istio)

Install Istio w/ istioctl

  • Use the SDS profile

  • Override two settings on the ingressgateway [1]

Apply Istio auto injection to default namespace

Install FluxCD (https://fluxcd.netlify.com/) [2]

Setup DNS to point to EXTERNAL-IP from command kubectl get svc istio-ingressgateway -n istio-system

Migration only

Copy Secrets over (Example: kubectl get secret <secret> --context gke_sim-microservices-dev_us-central1-a_main-develop --export -o yaml | kubectl apply --context gke_sim-microservices-dev_us-central1-c_main-integration -f -)

  • You can get context with kubectl config current-context

New install

Setup Gcloud CloudSQL Proxy Credentials on cluster (https://cloud.google.com/sql/docs/postgres/sql-proxy)

[1] istioctl generation command (as of istio 1.5.1)

1
2
3
4
istioctl manifest generate --set profile=sds \
--set values.gateways.istio-egressgateway.enabled=false \
--set values.gateways.istio-ingressgateway.sds.enabled=true > \
$HOME/istio-ingressgateway.yaml

[2] Command below for private gitlab repos

1
2
3
4
5
6
fluxctl install \
--git-user="Samuel Beyeler" \
--git-email="sbeyeler@simpatra.com" \
--git-url=git@gitlab.com:simpatra/devops/manifests/integration.git \
--git-branch=develop \
--namespace=flux | kubectl apply -f -