obriensystems
commented
1 year ago Create bootstrap project
Optionally create a folder to hold the landing zone or the script will do this for you Create a bootstrap project and clone the landing zone repo https://console.cloud.google.com/cloud-resource-manager
Use a unique project name/id - here I add kcc- and add my email + domain first letters in sequence
kcc-dcnoNavigate to the cloud shell and switch to your project
https://shell.cloud.google.com/?pli=1&show=ide%2Cterminal
Welcome to Cloud Shell! Type "help" to get started.
To set your Cloud Platform project in this session use “gcloud config set project [PROJECT_ID]”
dev@cloudshell:~$ history
1 history
dev@cloudshell:~$ ls
README-cloudshell.txt
dev@cloudshell:~$ gcloud config set project kcc-dcno
Updated property [core/project].
dev@cloudshell:~ (kcc-dcno)$
OCI/GitOps version at #766
Minimal Landing Zone from a clean GCP organization using a single script - use for development or CI/CD
FinOps: PAYG + GKE + GCE costs will be $80/day above the normal $10/day for the GKE cluster alone.
This jira will document standing up a subset of the full landing zone consisting of the following 2 packages in a clean org References
446
258
See ongoing documentation in https://github.com/GoogleCloudPlatform/pubsec-declarative-toolkit/wiki/DevOps#landing-zone-user-procedures
Clean Organization
Clean super admin
The super admin account will have the organization administrator role and be able to create projects through the project creator role on the organization (all users inherit this and we will lock it down later)
Launch shell.cloud.google.com
navigate to https://shell.cloud.google.com
By default the user is an Organization Administrator We will add required roles to get the point of creating a bootstrap project and then let the landing zone setup script take over adding roles required for LZ bootstrap.
For those customers on direct billing - activate your credits
5 billing projects required
Prepare for increasing billing quota above 5 projects by paying early $50 and asking for a billing quota increase 2 days later - for how use shared billing to go past 5. For the purposes of the core-landing-zone and hub-env you need 1 bootstrap project, 1 config controller project, a logging and dns project and a hub project. Therefore disable billing on "My first project" to have all 5 for now.
follow instructions to increase your billing account quota to above 10 (I asked for 10 in addition to the default 5) using our instructions below
https://github.com/GoogleCloudPlatform/pubsec-declarative-toolkit/wiki/Onboarding#billing-quota fill out https://support.google.com/code/contact/billing_quota_increase
Usually you are approved within 60 seconds
licence key config https://github.com/fortinetsolutions/terraform-modules/blob/master/GCP/modules/fortigate_byol/main.tf#L33