Google Kubernetes Engine (GKE)

Use the GKE integration in Fylamynt to manage the clusters deployed in Google infrastructure.

Overview

Google Kubernetes Engine (GKE) provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure.

With the integration between Fylamynt and GKE, you can build and manage container based applications in Google Cloud Platform. The integration provides an abstraction layer over the Kubernetes API server and expose meaningful actions like "Get Overloaded Nodes", "Kill Overloaded Nodes" for automation.

Use Cases

Configure GKE in Fylamynt

  • Navigate to Settings > Integrations > Google Kubernetes Engine.

  • Configure a new integration instance.

Follow the steps listed below on your GCP Account and complete the integration setup by configuring Service Account Key.

Details needed to set up GKE instance in Fylamynt:

To register Fylamynt application in GCP and grant access to a project's Kubernetes engine account to manage cluster resources from Fylamynt, you need to follow the steps below.

Create a Service Account (Ignore if you already have one)

  1. In the Cloud Console, go to the Service accounts page. Go to the Service accounts page

  2. Select a project.

  3. Click Create service account.

  4. Enter a service account name to display in the Cloud Console.

    The Cloud Console generates a service account ID based on this name. Edit the ID if necessary. You cannot change the ID later.

  5. Optional: Enter a description of the service account.

  6. If you do not want to set access controls now, click Done to finish creating the service account.

    To set access controls now, click Create and continue and continue to the next step.

  7. Choose the IAM role -> (Kubernetes Engine Service Agent) to manage cluster resources and to grant access to the service account on the project.

  8. When you are done adding roles, click Continue.

  9. Optional: In the Service account users role field, add members that can impersonate the service account.

  10. Optional: In the Service account admins role field, add members that can manage the service account.

  11. Click Done to finish creating the service account.

Grant this service account access to project and include Kubernetes Engine Service Agent role.

  1. If you did not follow step 7 while creating the service account or you already had a service account and missed adding the IAM role - Kubernetes Engine Service Agent, please go to the permissions tab for the specific service account and include the role.

  2. Kubernetes Engine Service Agent role - Gives Kubernetes Engine account access to manage cluster resources. Includes access to service accounts.

Create service account key and add it to Fylamynt right panel to complete the integration setup

  1. Select the same Service Account used

  2. Click the Keys tab.

  3. Click the Add key drop-down menu, then select Create new key.

  4. Select JSON as the Key type and click Create.

Clicking Create downloads a service account key file. After you download the key file, you cannot download it again.

The downloaded key has the following format, where private-key is the private portion of the public/private key pair:

{
  "type": "service_account",
  "project_id": "project-id",
  "private_key_id": "key-id",
  "private_key": "-----BEGIN PRIVATE KEY-----\nprivate-key\n-----END PRIVATE KEY-----\n",
  "client_email": "service-account-email",
  "client_id": "client-id",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
}

Add Service Account Key JSON to Fylamynt

  1. Copy the JSON and add it to Fylamynt right integration panel where you see the field name Service Account Key.

  2. Click on Authorize and you are all set to use the integration.

Last updated