Deploy a Kubernetes cluster on Google Cloud Platform for dictyBase applications.
- Install asdf
- Install just: Follow the installation instructions at https://just.systems/man/en/chapter_1.html You can install using package managers, pre-built binaries, or other methods as described in the documentation.
- Install direnv: Install using your system's package manager or download directly Important: Hook direnv into your shell after installation
- Install required tools:
This installs: kubectl, kops, gcloud, pulumi, velero, and mc.
just install-asdf-plugins
# 1. Get sa-manager.json key from GCP project owner and save to ./credentials/
just set-env-var GOOGLE_APPLICATION_CREDENTIALS "${PWD}/credentials/sa-manager.json"
# 2. Create cluster with single command
just init-kops-cluster <project_id> <bucket_name>If needed, perform steps individually:
-
Enable/disable APIs:
just gcp-api enable-apis <project_id> gcs-files/apis/enabled_apis.txt just gcp-api disable-apis <project_id> gcs-files/apis/disable_enabled_apis.txt
-
Create kops service account:
just gcp-sa create-sa <project_id> kops-cluster-creator gcs-files/roles-permissions/kops-cluster-creator-roles.txt credentials/kops-cluster-creator.json just set-env-var GOOGLE_APPLICATION_CREDENTIALS "${PWD}/credentials/kops-cluster-creator.json"
-
Initialize cluster:
just create-kops-cluster <project_id> <bucket_name>
# Initialize Pulumi environment and deploy the initial required resources in one command
just pulumi-init-and-deploy <stack> <from-stack> <project_id> <keyring_name> <key_name> <bucket_name> [location]If needed, perform steps individually:
-
Create Pulumi Manager Service Account:
just gcp-sa create-sa <project_id> pulumi-manager gcs-files/roles-permissions/pulumi-manager-roles.txt credentials/pulumi-manager.json
-
Set the PULUMI_GCP_CREDENTIALS environment variable:
just set-env-var PULUMI_GCP_CREDENTIALS "${PWD}/credentials/pulumi-manager.json" -
Create Key Ring and Key for Pulumi secrets:
just gcp-kms create-keyring-and-key <project_id> <keyring_name> <key_name> credentials/pulumi-manager.json [location]
-
Initialize Pulumi State Store:
just gcp-pulumi pulumi-gcs-setup credentials/pulumi-manager.json <bucket_name> "" [location]
-
Initialize Project Stack:
# Set the PULUMI_SECRET_PROVIDER environment variable export PULUMI_SECRET_PROVIDER="gcpkms://projects/<project_id>/locations/<location>/keyRings/<keyring_name>/cryptoKeys/<key_name>" # Initialize a new stack from an existing one just gcp-pulumi new-stack-from <folder> <stack> <from-stack>
-
Create Pulumi Resources:
just gcp-pulumi create-resource <folder> <stack>