This section walks you through the one-time set-up for creating and configuring a Google Cloud Platform (GCP) project.
If you haven‘t already installed the Google Cloud SDK, follow the instructions here. If you’re not sure if you have it installed, you can check with:
which gcloud
If you haven't already, create a Google Cloud Project.
You must grant your default compute service account the correct permissions before creating the deployment. Otherwise, the installation will fail.
Note the Project Number for your project by visiting the Dashboard Page of Google Cloud Console.
Navigate to the IAM section of the Google Cloud Console and make sure that your default compute service account (by default [PROJECT_NUMBER]-compute@developer.gserviceaccount.com) includes the following roles:
roles/container.admin)roles/editor, included by default)The following steps are automated with the script create_cluster_gke.sh located in this directory. To create a cluster with the script, simply run:
./tests/integration/create_cluster_gke.sh -c ${CLUSTER_NAME}
To list the options for the script, you can get help via -h:
./tests/integration/create_cluster_gke.sh -h
E2E tests require a Kubernetes cluster. You can create one using the Google Container Engine using the following command:
gcloud container clusters \ create ${CLUSTER_NAME} \ --zone ${ZONE} \ --project ${PROJECT_ID} \ --cluster-version ${CLUSTER_VERSION} \ --machine-type ${MACHINE_TYPE} \ --num-nodes ${NUM_NODES} \ --enable-kubernetes-alpha \ --no-enable-legacy-authorization
CLUSTER_NAME: Whatever suits your fancy, ‘istio-e2e’ is a good choice.ZONE: ‘us-central1-f’ is a good value to use.PROJECT_ID: is the ID of the GCP project that will house the cluster. You get a project by visiting GCP.CLUSTER_VERSION: 1.7.3 or later.MACHINE_TYPE: Use ‘n1-standard-4’NUM_NODES: Use 3.no-enable-legacy-authorization: Optional, needed if you want to test RBAC.gcloud container clusters get-credentials ${CLUSTER_NAME} \ --zone ${ZONE} --project ${PROJECT_ID}
kubectl create clusterrolebinding myname-cluster-admin-binding \ --clusterrole=cluster-admin \ --user=$(gcloud config get-value core/account)
You can set the HUB and TAG environment variables to point to your own Docker registry. Additionally, you can also set GS_BUCKET to use a different Google Storage Bucket than the default one (you need write permissions) it allows you to customize Makefile rules.
For example:
export HUB=myname export TAG=latest export GS_BUCKET=mybucket
Then you can build and push the docker images to your registry:
# Build images on the local docker. make docker # Push images to docker registry make push
On MacOS, you need to set the target operating system before building the images
GOOS=linux make docker push
In this case, you'll need to specify the image SHA in the TAG environment variable. You can pick any SHA available from the published build releases or the latest for latest released dev images.
export HUB="gcr.io/istio-testing" export TAG="latest"