GKE is the managed Kubernetes of Google Cloud services. It offers easy way to get started with Kubernetes but leaves room for improvement, especially on monitorability and operability with the clusters. And that's where Kontena Lens comes in and fills in the blind spots.

In this tutorial we’re going to set up Kontena Lens on top of Google GKE managed Kubernetes cluster.

Step 1. Install needed client tooling

We'll be setting up our test GKE cluster with gcloud so let's set that up first. Just follow the steps in the gcloud setup quickstart to get it installed on your OS. Make sure you run all the gcloud initialization commands succesfully as it will get you the needed Google Cloud authentication details locally and connect the CLI tool to correct project on Google Cloud.

If you do not have kubectl already setup you can do that with gcloud components install kubectl.

Let's also setup our new kubectl plugin called kubectl-lens. This plugin will help you work with the Lens enabled clusters. Just follow the instalation instructions for your OS. E.g. on MacOS you could just run:

sudo curl -L# -o /usr/local/bin/kubectl-lens "https://kubectl-lens.kontena.io/latest/kubectl-lens-macos" && \
sudo chmod +x /usr/local/bin/kubectl-lens

Step 2. Provision GKE cluster

Once you've setup the local gcloud CLI tool succesfully, it's super easy to create a fresh Kubernetes cluster.

$ gcloud container clusters create test-cluster

It takes few minutes to spin up the cluster. In the end you should see some detail of the cluster:

test-cluster  europe-north1-a  1.12.8-gke.10  n1-standard-1  1.12.8-gke.10  3          RUNNING

Next step is to get your local kubectl connected to the new cluster. It can be easily done via gcloud container clusters get-credentials test-cluster. After that succeeds, you should be able to talk to the cluster with plain kubectl. Test the access with:

$ kubectl get node
NAME                                          STATUS   ROLES    AGE   VERSION
gke-test-cluster-default-pool-05331ab8-3zf2   Ready    <none>   14m   v1.12.8-gke.10
gke-test-cluster-default-pool-05331ab8-jmcp   Ready    <none>   14m   v1.12.8-gke.10
gke-test-cluster-default-pool-05331ab8-tkd3   Ready    <none>   14m   v1.12.8-gke.10

Step 3. Install Kontena Lens

First we need to download Kontena Lens installer manifests for Google Cloud GKE. I’m using wget but you can use your favorite tooling.

$ wget https://lens-installer.kontena.io/latest/gke.yaml

To get started, the only thing you need to configure is the email address for the Ingress TLS. That will be used as the notification email registered with Let's Encrypt certificates. So in the end, the ConfigMap for the installer should look something like:

apiVersion: v1
kind: ConfigMap
  name: kontena-lens-installer
  namespace: kube-system
    k8s-app: kontena-lens-installer
  lens.yml: |-
    name: gke-lens
        enabled: true
        email: you@yourdomain.com
      enabled: true
      storage_class: standard
      replicas: 2
        enabled: true
        storage_class: standard
        size: 20Gi
        enabled: true
        enabled: true

As there's no hostname mapped to Lens ingress rules, the installer will automatically assign .nip.io domain as the hostname. You can configure your custom domain too, refer to configuration reference for details on this and other options to customize the installation.

There’s no need to modify other parts of the manifests.

To initiate Kontena Lens installation, simply apply the manifest:

$ kubectl apply -f gke.yaml

The installation runs as a job within the cluster and might take a minute or two to finish. Check that the job has completed without any errors:

$ kubectl -n kube-system get job kontena-lens-installer
NAME                     COMPLETIONS   DURATION   AGE
kontena-lens-installer   1/1           22s        106s

Once the installation job has finished, it’ll take a few minutes to bootstrap all of the components in the cluster. You can check the progress and status with:

$ kubectl get pod --all-namespaces

You’ll see that there are a couple of additional namespaces created for Lens components and quite a few pods running the additional functionality for monitorability.

Step 4. Accessing Lens dashboard

Typically accessing services on managed Kubernetes, such as EKS in this case, is bit difficult as the authentication is tied into cloud providers authentication mechanism. For this reason we'll be using our new kubectl-lens plugin to handle all the authentication details for us automatically.

To open the Lens dashboard just run:

kubectl lens open

The kubectl lens open command start a local transparent proxy that handles the authentication to the cluster using Kubernetes client configuration tied into the cloud provider IAM solution. So you'll be automatically using the IAM identity when accessing the cluster. It will also automatically open your browser to the dashboard, slick eh'. :)

See more details at the Lens plugin release blog post.


Step 5. Obtain a license

Kontena Lens comes with an evaluation license valid for 14 days with full functionality. After you have evaluated Lens and want to purchase a valid license, navigate to https://account.kontena.io/licenses. Once you have purchased a valid license, you can assign it to the cluster by using the “Assign License” button on cluster overview. Just copy-paste the license key you got when purchasing the license.


What's next

We're always super happy to hear any feedback regarding Lens, so go ahead and join the discussion on our Slack channel. If you hit any snags during the installation, give us a shout on the Slack and we'll help you out.

Not using Google Cloud GKE? That's alright. Kontena Lens works on any K8S distro with some tweaking. Please contact us so we can make tutorial that works for you!