search

GoogleCloudPlatform / pubsec-declarative-toolkit

The GCP PubSec Declarative Toolkit is a collection of declarative solutions to help you on your Journey to Google Cloud. Solutions are designed using Config Connector and deployed using Config Controller.
Apache License 2.0
31 stars 28 forks source link

Make setup-kcc.sh -p the default - to enable the GKE cluster public endpoint #541

Open fmichaelobrien opened 1 year ago

fmichaelobrien commented 1 year ago

see -p flag introduced to switch from default public to default private https://github.com/ssc-spc-ccoe-cei/gcp-tools/pull/53

shadow https://github.com/ssc-spc-ccoe-cei/gcp-tools/issues/48

Following triage of

534

and

539

something off with my clean KCC env obrien.industries (will check the diffs on setup-kcc.sh) - as my older 6 week kcc.landing.systems - even with the admission errors will edit the yaml no problem

root_@cloudshell:~ (kcc-kls-cluster3)$ kubectl edit validatingwebhookconfiguration/gatekeeper-validating-webhook-configuration
Edit cancelled, no changes made.
root_@cloudshell:~ (kcc-kls-cluster3)$
Screenshot 2023-09-28 at 3 36 00 PM

Triaging connection older server working has 35 address in .kube/config

    server: https://35.203.120.71
  name: gke_kcc-kls-cluster3_northamerica-northeast1_krmapihost-kcc-kls3

newer server has private address

    server: https://172.16.0.130
  name: gke_kcc-oi-cluster_northamerica-northeast1_krmapihost-kcc-oi

Found above issue - forgot to add -p for public endpoint

ran./setup-kcc.sh -af kcc.env

for

https://github.com/ssc-spc-ccoe-cei/gcp-tools/commit/941d542e5024144b541136e19700b50cd8eaf895

fmichaelobrien commented 1 year ago

fix

michael@cloudshell:~/kcc-oi/github/gcp-tools/scripts/bootstrap (kcc-oi)$ ./setup-kcc.sh -afp kcc.env
aiting for operation [projects/kcc-oi2-cluster/locations/northamerica-northeast1/operations/operation-1695933801715-606715bd057e8-f452780e-92d1cb2e] to complete...done.                                    
Created instance [kcc-oi2].
Fetching cluster endpoint and auth data.
kubeconfig entry generated for krmapihost-kcc-oi2.

##INFO - Config controller get credentials

Fetching cluster endpoint and auth data.
kubeconfig entry generated for krmapihost-kcc-oi2.

##WARNING - configure-kcc-access.sh script should be run once connectivity to the cluster is established using bastion host / proxy.
ichael@cloudshell:~/kcc-oi/github/gcp-tools/scripts/bootstrap (kcc-oi2-cluster)$ kubectl get nodes
NAME                                                STATUS   ROLES    AGE     VERSION
gk3-krmapihost-kcc-oi2-default-pool-6fc83c0e-ss20   Ready    <none>   9m12s   v1.27.3-gke.100
gk3-krmapihost-kcc-oi2-pool-1-28f0e374-tzw8         Ready    <none>   3m43s   v1.27.3-gke.100
gk3-krmapihost-kcc-oi2-pool-1-ae2f0850-4kmt         Ready    <none>   7m32s   v1.27.3-gke.100
gk3-krmapihost-kcc-oi2-pool-1-c9c2a582-9sdc         Ready    <none>   2m47s   v1.27.3-gke.100
fmichaelobrien commented 1 year ago

fix 755

michael@cloudshell:~/_t (duet-ai-old)$ git clone https://github.com/ssc-spc-ccoe-cei/gcp-tools.git
Cloning into 'gcp-tools'...
remote: Enumerating objects: 337, done.
remote: Counting objects: 100% (192/192), done.
remote: Compressing objects: 100% (147/147), done.
remote: Total 337 (delta 88), reused 84 (delta 37), pack-reused 145
Receiving objects: 100% (337/337), 1.56 MiB | 19.76 MiB/s, done.
Resolving deltas: 100% (115/115), done.
michael@cloudshell:~/_t (duet-ai-old)$ cd gcp-tools/
devcontainer/     .git/             .github/          pipeline-samples/ scripts/          
michael@cloudshell:~/_t (duet-ai-old)$ cd gcp-tools/scripts/bootstrap/
michael@cloudshell:~/_t/gcp-tools/scripts/bootstrap (duet-ai-old)$ ls
configure-kcc-access.sh  README.md  setup-kcc.sh
michael@cloudshell:~/_t/gcp-tools/scripts/bootstrap (duet-ai-old)$ ls -la
total 28
drwxr-xr-x 2 michael michael 4096 Oct  1 22:40 .
drwxr-xr-x 6 michael michael 4096 Oct  1 22:40 ..
-rw-r--r-- 1 michael michael 2043 Oct  1 22:40 configure-kcc-access.sh
-rw-r--r-- 1 michael michael  726 Oct  1 22:40 .env.sample
-rw-r--r-- 1 michael michael 2993 Oct  1 22:40 README.md
-rw-r--r-- 1 michael michael 8151 Oct  1 22:40 setup-kcc.sh
michael@cloudshell:~/_t/gcp-tools/scripts/bootstrap (duet-ai-old)$ chmod 755 setup-kcc.sh 
michael@cloudshell:~/_t/gcp-tools/scripts/bootstrap (duet-ai-old)$ ls -la
total 28
drwxr-xr-x 2 michael michael 4096 Oct  1 22:40 .
drwxr-xr-x 6 michael michael 4096 Oct  1 22:40 ..
-rw-r--r-- 1 michael michael 2043 Oct  1 22:40 configure-kcc-access.sh
-rw-r--r-- 1 michael michael  726 Oct  1 22:40 .env.sample
-rw-r--r-- 1 michael michael 2993 Oct  1 22:40 README.md
-rwxr-xr-x 1 michael michael 8151 Oct  1 22:40 setup-kcc.sh