This document shows how to create a Standard regional cluster to increase availability of the cluster's control plane and workloads during cluster upgrades, automated maintenance, or a zonal disruption.
GKE Autopilot clusters are always regional.
OverviewWhen you create a regional cluster instead of a zonal cluster, the cluster's control plane is replicated across multiple zones in a given region. For node pools in a regional cluster, you can manually specify the zone(s) in which to run the node pools or you can use the default configuration, which replicates each node pool across three zones of the control plane's region. All zones must be within the same region as the cluster's control plane.
Regional clusters replicate resources across multiple zones and consume additional quotas.
To learn about the different cluster availability types, see About cluster configuration choices.
The instructions in the following sections show you how to:
After you create a regional cluster, you cannot convert it to a zonal cluster.
The minimum information that you need to specify when creating a new regional cluster is a name, project (usually the current project), and region (usually the default location for command line tools), using the default settings for all other values. However, there are more possible configuration settings, only some of which are described in this guide and some of which can't be changed after cluster creation. Ensure that you understand which settings can't be changed after cluster creation, and that you choose the right setting when creating a cluster if you don't want to have to create it again.
You can see an overview of cluster configuration options in About cluster configuration choices, and a complete list of possible options in the gcloud container clusters create and Terraform google_container_cluster reference guides.
Before you start, make sure that you have performed the following tasks:
gcloud components update. Note: For existing gcloud CLI installations, make sure to set the compute/region property. If you use primarily zonal clusters, set the compute/zone instead. By setting a default location, you can avoid errors in the gcloud CLI like the following: One of [--zone, --region] must be supplied: Please specify location. You might need to specify the location in certain commands if the location of your cluster differs from the default that you set.Deny All or to restrict external IPs to specific VM instances at the organization, folder, or project level where you are trying to create a public GKE cluster, then your cluster creation operations will fail. See the troubleshooting information for details. Set up IAM service accounts for GKE
GKE uses IAM service accounts that are attached to your nodes to run system tasks like logging and monitoring. At a minimum, these node service accounts must have the Kubernetes Engine Default Node Service Account (roles/container.defaultNodeServiceAccount) role on your project. By default, GKE uses the Compute Engine default service account, which is automatically created in your project, as the node service account.
To grant the roles/container.defaultNodeServiceAccount role to the Compute Engine default service account, complete the following steps:
PROJECT_NUMBER-compute@developer.gserviceaccount.comReplace
PROJECT_NUMBER with the project number that you copied.gcloud projects describe PROJECT_ID \
--format="value(projectNumber)"
Replace PROJECT_ID with your project ID.
The output is similar to the following:
12345678901
roles/container.defaultNodeServiceAccount role to the Compute Engine default service account:
gcloud projects add-iam-policy-binding PROJECT_ID \
--member="serviceAccount:PROJECT_NUMBER-compute@developer.gserviceaccount.com" \
--role="roles/container.defaultNodeServiceAccount"
Replace PROJECT_NUMBER with the project number from the previous step.
The following instructions show you how to create a regional cluster with a node pool operating in a single zone within the region. The cluster's control plane is replicated across multiple zones in the specified region, but the nodes are located in the single zone, and are not replicated to other zones.
You can use the gcloud CLI, the Google Cloud console, or Terraform to create the cluster.
If you're developing GKE applications with Cloud Code for VS Code, try creating clusters with Cloud Code.
gcloudTo create a regional cluster with the gcloud CLI, use one of the following commands and replace the following variables:
CLUSTER_NAME: the name of your new regional cluster.CONTROL_PLANE_LOCATION: the Compute Engine region of the control plane of your cluster. Provide a region such as us-central1.COMPUTE_ZONE: the zone for your node pool, such as us-central1-a. The zone must be in the same region as the cluster control plane.CHANNEL: the type of release channel, which can be one of rapid, regular, stable, or None. By default, the cluster is enrolled in the regular release channel unless at least one of the following flags is specified: --cluster-version, --release-channel, --no-enable-autoupgrade, and --no-enable-autorepair.VERSION: the version you want to specify for your cluster.We strongly recommend that you specify a minimally-privileged IAM service account that your nodes can use instead of the Compute Engine default service account. To learn how to create a minimally-privileged service account, see Use a least privilege service account.
To specify a custom service account in the gcloud CLI, add the following flag to your command:
--service-account=SERVICE_ACCOUNT_NAME@PROJECT_ID.iam.gserviceaccount.com
Replace SERVICE_ACCOUNT_NAME with the name of your minimally-privileged service account.
Caution: You can't modify the service account on an existing node pool after creation.Using a specific release channel:
To create a new cluster using a specific release channel, run the following command:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--node-locations COMPUTE_ZONE \
--release-channel CHANNEL
Using a specific version:
To create a new cluster using a specific cluster version, run the following command:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--node-locations COMPUTE_ZONE \
--cluster-version VERSION
Using the default version for clusters not enrolled in a release channel:
To create a new cluster using the default version for clusters not enrolled in a release channel, you don't need to specify a cluster version, but you do need to set the release channel to None:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--node-locations COMPUTE_ZONE \
--release-channel None
Example
The following command creates a regional cluster enrolled in the regular release channel (default), with three nodes (default) in the us-west1-c zone:
gcloud container clusters create my-regional-cluster \
--location us-west1 \
--node-locations us-west1-c
Example
The following command creates a regional cluster enrolled in the regular release channel (default), with two nodes located in the us-west1-c zone:
gcloud container clusters create my-regional-cluster \
--location us-west1 \
--node-locations us-west1-c \
--num-nodes 2
In the Google Cloud console, go to the Create a Kubernetes cluster page.
In the Cluster basics section, complete the following:
Choose a release channel. You can, optionally, select No channel from the drop-down list, however we recommend that you review the comparison between clusters enrolled and not enrolled in a release channel before choosing this option. GKE automatically upgrades clusters not in a release channel with versions from the Stable channel.
Optional: Specify a control plane version from the Version drop-down list.
Optional: Configure other settings for your new cluster.
Optional (available with GKE Enterprise): If you want to register your new cluster to a fleet, go to the Fleet registration section, and follow the Google Cloud console instructions for Create and register a new cluster to complete your cluster registration.
From the navigation pane, under Node Pools, click default-pool.
In the Node pool details section, complete the following:
From the navigation pane, under Node Pools, click Nodes.
From the Image type drop-down list, select the node image.
Choose the default Machine configuration to use for the instances. Each machine type is billed differently. The default machine type is e2-medium. For machine type pricing information, refer to the machine type price sheet.
From the Boot disk type drop-down list, select the disk type.
Enter the Boot disk size.
Optional: From the navigation pane, under Node Pools, click Security.
We strongly recommend that you specify a minimally-privileged IAM service account that your nodes can use instead of the Compute Engine default service account. To learn how to create a minimally-privileged service account, see Use a least privilege service account.
Click Create.
To create a regional cluster with a single-zone node pool using Terraform, refer to the following example:
To learn more about using Terraform, see Terraform support for GKE.
Interact with a cluster using kubectlAfter you create a cluster, you need to configure kubectl before you can interact with the cluster from the command line.
The following instructions show you how to create a regional cluster with a multi-zone node pool, which is the default set up. The cluster's control plane and nodes are replicated across multiple zones in the specified region.
You can use the gcloud CLI, Google Cloud console, or Terraform to create the cluster.
If you're developing GKE applications with Visual Studio Code, try creating clusters with Cloud Code.
gcloudTo create a regional cluster with the gcloud CLI, use one of the following commands and replace the following variables:
CLUSTER_NAME: the name of your new regional cluster.CONTROL_PLANE_LOCATION: the Compute Engine region of the control plane of your cluster. Provide a region such as us-central1.CHANNEL: the type of release channel, which can be one of rapid, regular, stable, or None. By default, the cluster is enrolled in the regular release channel if the following flags aren't specified: --cluster-version, --release-channel, --no-enable-autoupgrade, and --no-enable-autorepair.VERSION: the version you want to specify for your cluster.--node-locations flag to override the default zones in which the nodes are replicated.We strongly recommend that you specify a minimally-privileged IAM service account that your nodes can use instead of the Compute Engine default service account. To learn how to create a minimally-privileged service account, see Use a least privilege service account.
To specify a custom service account in the gcloud CLI, add the following flag to your command:
--service-account=SERVICE_ACCOUNT_NAME@PROJECT_ID.iam.gserviceaccount.com
Replace SERVICE_ACCOUNT_NAME with the name of your minimally-privileged service account.
Using a specific release channel:
To create a new cluster using a specific release channel, run the following command:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--release-channel CHANNEL
Using a specific version:
To create a new cluster using a specific cluster version, run the following command:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--cluster-version VERSION
Using the default version for clusters not enrolled in a release channel:
To create a new cluster using the default version for clusters not enrolled in a release channel, you don't need to specify a cluster version, but you do need to set the release channel to None:
gcloud container clusters create CLUSTER_NAME \
--location CONTROL_PLANE_LOCATION \
--release-channel None
Example
The following command creates a regional cluster enrolled in the regular release channel, with nine nodes in us-west1 (three zones with three nodes each, which is default):
gcloud container clusters create my-regional-cluster --location us-west1
Example
The following command creates a regional cluster enrolled in the regular release channel, with six nodes (three zones with two nodes each, specified by --num-nodes):
gcloud container clusters create my-regional-cluster \
--location us-west1 \
--num-nodes 2
Example
The following command creates a regional cluster enrolled in the regular release channel, with six nodes in two zones (two zones, specified by --node-locations, with three nodes each):
gcloud container clusters create my-regional-cluster \
--location us-central1 \
--node-locations us-central1-b,us-central1-c
In the Google Cloud console, go to the Create a Kubernetes cluster page.
In the Cluster basics section, complete the following:
Choose a release channel. You can, optionally, select No channel from the drop-down list, however we recommend that you review the comparison between clusters enrolled and not enrolled in a release channel before choosing this option. GKE automatically upgrades clusters not in a release channel with versions from the Stable channel.
Optional: Specify a control plane version from the Version drop-down list.
Optional: Configure other settings for your new cluster.
Optional (available with GKE Enterprise): If you want to register your new cluster to a fleet, go to the Fleet registration section, and follow the Google Cloud console instructions for Create and register a new cluster to complete your cluster registration.
From the navigation pane, under Node Pools, click default-pool.
In the Node pool details section, complete the following:
From the navigation pane, under Node Pools, click Nodes.
From the Image type drop-down list, select the node image.
Choose the default Machine configuration to use for the instances. Each machine type is billed differently. The default machine type is e2-medium. For machine type pricing information, refer to the machine type price sheet.
From the Boot disk type drop-down list, select the disk type.
Enter the Boot disk size.
Optional: From the navigation pane, under Node Pools, click Security.
We strongly recommend that you specify a minimally-privileged IAM service account that your nodes can use instead of the Compute Engine default service account. To learn how to create a minimally-privileged service account, see Use a least privilege service account.
Click Create.
To create a regional cluster with a multi-zone node pool using Terraform, refer to the following example:
To learn more about using Terraform, see Terraform support for GKE.
Interact with a cluster using kubectlAfter you create a cluster, you need to configure kubectl before you can interact with the cluster from the command line.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4