Google Kubernetes Engine (GKE) provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure. The GKE environment consists of multiple machines -specifically, Compute Engine instances- grouped together to form a cluster.
GKE clusters are powered by the Kubernetes open source cluster management system. Kubernetes provides the mechanisms through which you interact with your cluster. Using Kubernetes commands and resources allows you to deploy and manage your applications, perform administration tasks, set policies, and monitor the health of your deployed workloads.
To get started, you must first have:
- Google Cloud Account with your desired project,
- Google Kubernetes Engine API enabled, and
- Google Cloud SDK installed, to access Node and Services from the local machine along with Kubectl and Helm.
Creating a Google Kubernetes Cluster Using GKE
- Navigate to Google Kubernetes Engine page in the cloud console.
- Click on Create and, based on your requirements, select the cluster mode. In this guide, we will be using GKE Standard cluster mode to configure the cluster.
- Configure the following options in the Cluster Basics tab:
- Configure the following options in the Node Pools tab:
- Assign the Name, along with the Number of nodes in the Size tab.
- Based on your requirement, you can enable Autoscaling.
- Based on your Data Points estimation, select the Resource allocation (CPU, Memory, and Disk specifications) for the Node Pools in the Nodes section of the default pool to meet the infrastructure requirement.
Additional Security, Taints, and Labels can be configured for the Node Pools under the Security & Metadata section.
- Automation, Networking, and additional features can be configured in the Cluster section as per your requirement.
- After configuring all the sections, proceed to Create the cluster.
It will take a few minutes to initialize and create the Kubernetes cluster. After the creation is completed, the cluster will be available in the Kubernetes Cluster tab.
Connecting to the Google Kubernetes Cluster
- After creating the Kubernetes Cluster as mentioned above, set the region/zone along with the Project ID using this Google Cloud command line to authenticate and access the cluster:
gcloud config set project <project id>
gcloud config set compute/<region or zone> <value of region or zone>
- After configuring the default project and computing the region/zone, use the command below to fetch the authentication credentials for the cluster:
gcloud container clusters get-credentials <cluster name>
Verify the connection to your cluster using this Kubectl get nodes command to return a list of the cluster nodes:
kubectl get nodesNote! Remember you need to verify that the nodes are in the Ready status in the output of the command above.
Deploying Countly Application on Kubernetes Cluster
The following assumes you have already set up
helm. Serviced, Deployments, and Ingress resource configurations are available in our Github repository.
Firstly, create a namespace "Countly" and set it as default to deploy the services and application pods in the Countly namespace to isolate the resources in a single cluster, as shown below:
kubectl create ns countly
kubectl config set-context --current --namespace=countly
- After creating the namespace, create a storage class with a GCE-specific provisioner and Disk type.
kubectl apply -f mongo/storage-class.yaml
kubectl get storageclass
- Install MongoDB and set up a replica set configuration prior to installing Countly's API and Frontend pods, as plugins installation is dependent on MongoDB. Use the commands below:
helm install mongo -f mongo/values.yaml stable/mongodb-replicasetTo verify the installation, check the pods generated for MongoDB, as shown below:
kubectl get pods
- Before deploying the Countly application containers, create a Kubernetes Secret to authenticate to and access the Enterprise Edition Docker Images from our Private Google Container Registry.
To create the Secret, refer to this Guide.
Step available only in Countly Enterprise Edition.
- Once the MongoDB pods are running, create Countly Deployments and Services for the API and the Frontend.
countly-api.yamlneed to be edited with a key:value pair to configure pods with relevant values (Refer env config guide), in the env section:
- name: COUNTLY_PLUGINS
value: "mobile,web,desktop,some,more,plugins" #<Enterprise or Community Plugins>
- name: COUNTLY_CONFIG__FILESTORAGE
- name: COUNTLY_CONFIG__MONGODB
value: "mongodb://some.mongo.host/countly" #<Mongodb pod connection names>
- name: COUNTLY_CONFIG_HOSTNAME
value: countly.example.com #<Domain name required as url>
- name: COUNTLY_CONFIG__MAIL_TRANSPORT
- name: COUNTLY_CONFIG__MAIL_CONFIG_HOST
- name: COUNTLY_CONFIG__MAIL_CONFIG_PORT
- name: COUNTLY_CONFIG__MAIL_CONFIG_AUTH_USER
- name: COUNTLY_CONFIG__MAIL_CONFIG_AUTH_PASS
kubectl apply -f countly-frontend.yaml
kubectl apply -f countly-api.yaml
- Once Countly Service and deployments are up and running, you will also need to expose the setup to the outer world so that it can be accessible publicly.
This can be done by setting up an ingress resource configured to forward all incoming requests either to the Countly-API or to the Countly-frontend services based on the route defined.
To do this, create the Kubernetes secret to enable SSL for the URL mapped with your service. Use the command to help you create a TLS Secret:
kubectl create secret tls <add name to secret> --key <path-to-key> --cert <path-to-cert>
kubectl get secret #To view the secret created
- Create a Static IP address that will be assigned to Ingress resource through which you will map your DNS name, as shown below:
gcloud compute addresses create <name to Static External IP> --global
- After generating the TLS Secret, create the Ingress resource to route the traffic based on the path configured for the Countly application:
apiVersion: extensions/v1beta1To view the Ingress created, use the command below:
kubernetes.io/ingress.global-static-ip-name: "<name of external static-ip>"
- # countly.example.com
secretName: <Name of Secret created in 6th step>
- path: /i
- path: /i/*
- path: /o
- path: /o/*
- path: /*
kubectl get ingress
The final step would be to map the DNS A record with the IP address associated with Ingress.