-
Set default zone
gcloud config set compute/zone us-central1-a
-
Buat private cluster
gcloud beta container clusters create private-cluster \ --enable-private-nodes \ --master-ipv4-cidr 172.16.0.16/28 \ --enable-ip-alias \ --create-subnetwork ""
-
List subnetwork
gcloud compute networks subnets list --network default
gcloud compute networks subnets describe [SUBNET_NAME] --region us-central1
-
Buat vm
gcloud compute instances create source-instance --zone us-central1-a --scopes 'https://www.googleapis.com/auth/cloud-platform'
-
Copy ip vm
gcloud compute instances describe source-instance --zone us-central1-a | grep natIP
-
SSH ke vm
gcloud compute ssh source-instance --zone us-central1-a
-
Install and setup ``bash sudo apt-get install kubectl
```bash sudo apt-get install google-cloud-sdk-gke-gcloud-auth-plugin gcloud container clusters get-credentials private-cluster --zone us-central1-a
kubectl get nodes --output yaml | grep -A4 addresses
kubectl get nodes --output wide
-
Exit
exit
-
Delete cluster
gcloud container clusters delete private-cluster --zone us-central1-a
-
Create subnetwork
gcloud compute networks subnets create my-subnet \ --network default \ --range 10.0.4.0/22 \ --enable-private-ip-google-access \ --region us-central1 \ --secondary-range my-svc-range=10.0.32.0/20,my-pod-range=10.4.0.0/14
-
Create cluster with custom subnetwork
gcloud beta container clusters create private-cluster2 \ --enable-private-nodes \ --enable-ip-alias \ --master-ipv4-cidr 172.16.0.32/28 \ --subnetwork my-subnet \ --services-secondary-range-name my-svc-range \ --cluster-secondary-range-name my-pod-range \ --zone us-central1-a
-
get natIP
gcloud compute instances describe source-instance --zone us-central1-a | grep natIP
-
Authorize
gcloud container clusters update private-cluster2 \ --enable-master-authorized-networks \ --zone us-central1-a \ --master-authorized-networks [MY_EXTERNAL_RANGE]
-
SSH
gcloud compute ssh source-instance --zone us-central1-a
-
configure access
gcloud container clusters get-credentials private-cluster2 --zone us-central1-a
-
Verify no external IP
kubectl get nodes --output yaml | grep -A4 addresses