GKE is the managed Kubernetes of Google Cloud services. It offers easy way to get started with Kubernetes but leaves room for improvement, especially on monitorability and operability with the clusters. And that's where Kontena Lens comes in and fills in the blind spots.
In this tutorial we’re going to set up Kontena Lens on top of Google GKE managed Kubernetes cluster.
Step 1. Install needed client tooling
We'll be setting up our test GKE cluster with
gcloud so let's set that up first. Just follow the steps in the
gcloud setup quickstart to get it installed on your OS. Make sure you run all the
gcloud initialization commands succesfully as it will get you the needed Google Cloud authentication details locally and connect the CLI tool to correct project on Google Cloud.
If you do not have
kubectl already setup you can do that with
gcloud components install kubectl.
Let's also setup our new kubectl plugin called
kubectl-lens. This plugin will help you work with the Lens enabled clusters. Just follow the instalation instructions for your OS. E.g. on MacOS you could just run:
sudo curl -L# -o /usr/local/bin/kubectl-lens "https://kubectl-lens.kontena.io/latest/kubectl-lens-macos" && \ sudo chmod +x /usr/local/bin/kubectl-lens
Step 2. Provision GKE cluster
Once you've setup the local
gcloud CLI tool succesfully, it's super easy to create a fresh Kubernetes cluster.
$ gcloud container clusters create test-cluster
It takes few minutes to spin up the cluster. In the end you should see some detail of the cluster:
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS test-cluster europe-north1-a 1.12.8-gke.10 22.214.171.124 n1-standard-1 1.12.8-gke.10 3 RUNNING
Next step is to get your local
kubectl connected to the new cluster. It can be easily done via
gcloud container clusters get-credentials test-cluster. After that succeeds, you should be able to talk to the cluster with plain
kubectl. Test the access with:
$ kubectl get node NAME STATUS ROLES AGE VERSION gke-test-cluster-default-pool-05331ab8-3zf2 Ready <none> 14m v1.12.8-gke.10 gke-test-cluster-default-pool-05331ab8-jmcp Ready <none> 14m v1.12.8-gke.10 gke-test-cluster-default-pool-05331ab8-tkd3 Ready <none> 14m v1.12.8-gke.10
Step 3. Install Kontena Lens
First we need to download Kontena Lens installer manifests for Google Cloud GKE. I’m using
wget but you can use your favorite tooling.
$ wget https://lens-installer.kontena.io/latest/gke.yaml
To get started, the only thing you need to configure is the email address for the Ingress TLS. That will be used as the notification email registered with Let's Encrypt certificates. So in the end, the
ConfigMap for the installer should look something like:
apiVersion: v1 kind: ConfigMap metadata: name: kontena-lens-installer namespace: kube-system labels: k8s-app: kontena-lens-installer data: lens.yml: |- name: gke-lens ingress: tls: enabled: true email: firstname.lastname@example.org persistence: enabled: true storage_class: standard metrics: replicas: 2 persistence: enabled: true storage_class: standard size: 20Gi addons: cert-manager: enabled: true ingress-nginx: enabled: true
As there's no hostname mapped to Lens ingress rules, the installer will automatically assign
.nip.io domain as the hostname. You can configure your custom domain too, refer to configuration reference for details on this and other options to customize the installation.
There’s no need to modify other parts of the manifests.
To initiate Kontena Lens installation, simply apply the manifest:
$ kubectl apply -f gke.yaml
The installation runs as a job within the cluster and might take a minute or two to finish. Check that the job has completed without any errors:
$ kubectl -n kube-system get job kontena-lens-installer NAME COMPLETIONS DURATION AGE kontena-lens-installer 1/1 22s 106s
Once the installation job has finished, it’ll take a few minutes to bootstrap all of the components in the cluster. You can check the progress and status with:
$ kubectl get pod --all-namespaces
You’ll see that there are a couple of additional namespaces created for Lens components and quite a few pods running the additional functionality for monitorability.
Step 4. Accessing Lens dashboard
Typically accessing services on managed Kubernetes, such as EKS in this case, is bit difficult as the authentication is tied into cloud providers authentication mechanism. For this reason we'll be using our new
kubectl-lens plugin to handle all the authentication details for us automatically.
To open the Lens dashboard just run:
kubectl lens open
kubectl lens open command start a local transparent proxy that handles the authentication to the cluster using Kubernetes client configuration tied into the cloud provider IAM solution. So you'll be automatically using the IAM identity when accessing the cluster. It will also automatically open your browser to the dashboard, slick eh'. :)
See more details at the Lens plugin release blog post.
Step 5. Obtain a license
Kontena Lens comes with an evaluation license valid for 14 days with full functionality. After you have evaluated Lens and want to purchase a valid license, navigate to https://account.kontena.io/licenses. Once you have purchased a valid license, you can assign it to the cluster by using the “Assign License” button on cluster overview. Just copy-paste the license key you got when purchasing the license.
We're always super happy to hear any feedback regarding Lens, so go ahead and join the discussion on our Slack channel. If you hit any snags during the installation, give us a shout on the Slack and we'll help you out.
Not using Google Cloud GKE? That's alright. Kontena Lens works on any K8S distro with some tweaking. Please contact us so we can make tutorial that works for you!