- Create all K8S components in the project folder
- Create a new project on Google Cloud
- Link a billing account to the created project, next steps will be handled inside this project
- Go to Compute →Kubernetes Engine and enable billing (KE charges money!)
- Create a new cluster inside KE
- Install Google Cloud to Travis Virtual Machine
sudo: requiredservices:- dockerbefore_install:- curl https://sdk.cloud.google.com | bash > /dev/null;- source $HOME/google-cloud-sdk/path.bash.inc- gcloud components update kubectl- gcloud auth activate-service-account --key-file service-account.json
- Create a new Service Account on Google Cloud 👉 IAM →Service Accounts
— —
— —
— — —
— — —
— —
❗If deployment gives 403 error when deploying, change the “Service account user role” part with some roles from side permission bar
- Download the service account key as json format
- Install travis
Check terminal if you have travis, if don’t install it.
sudo gem install travis- Put service-account.json file inside project folder and encrypt this file
Generate or get your personal github token from github under settings.
travis login --github-token PERSONAL_GITHUB_TOKEN --comand
travis encrypt-file service-account.json -r USERNAME/REPO --proThis encrypt command will output something like;
openssl aes-256-cbc -K $encrypted_9f3b5599b056_key -iv $encrypted_9f3b5599b056_iv -in service-account.json.enc -out service-account.json -d
add this stuff to travis file before_install section. This will allow travis file to decrypt encrypted service-account.json file
❗After generating encrypted service account file, travis will generate a new file like “service-account.json.enc”. Keep this file and push to github but NEVER NEVER push original service-account.json file. It contains all the personal google account keys
✅ When you push “service-account.json.enc” file, travis will generate two extra environment variable related to service account.
- Add Google Cloud project informations to Travis file (before_install)
This commands will allow travis file to identify which project we’re currently setting up. We’re going to add these informations to before_install section of travis-yml.
- gcloud config set project PROJECT_ID- gcloud config set compute/zone PROJECT_ZONE- gcloud container clusters get-credentials PROJECT_NAME
- Add Docker information to Travis file (before_install)
❗Don’t forget to add DOCKER_PASSWORD and DOCKER_USERNAME environments to project travis file
- echo “$DOCKER_PASSWORD” | docker login -u “$DOCKER_USERNAME
--password-stdin- Build allproject test images on Travis(before_install)
- Create “script” section on Travis and run all tests
- Create “deploy” section on Travis file
In this section, instead of giving all the deployment scripts, we’ll create a bash file called “deploy.sh” and we’ll run all bash scripts there.
- Create “env” section on Travis file
We’re going to give some environment variables.
SHA=$(git rev-parse HEAD) → Unique identifier for each docker image tag. We get from latest git commit
CLOUDSDK_CORE_DISABLE_PROMPTS=1 →Don’t show any promtp on gcloud
— — — — — -
Here’s the finished travis file;
- Create “deploy.sh” file
This file will contain;
- Building Docker image phase
We’ll be using two image tags when we’re generating images. This’ll allow k8s deployments to use up-to-date images from docker
2. Pushing images to Docker Hub
3. Applying all kubernetes yaml files
4. Setting all deployments with up-to-date docker images
Here’s the latest version of deploy file
- Define project information on Google Cloud shell
Open GC interactive shell and run these commands. This’ll tell GC to which project we’re currently working
- gcloud config set project PROJECT_ID- gcloud config set compute/zone PROJECT_ZONE- gcloud container clusters get-credentials PROJECT_NAME
- Run Secret component scripts on Google Cloud
❗ Don’t forget to run Secret environment variables on GC shell (like pgpassword)
Example script;
kubectl create secret generic pgpassword --from-literal PGPASSWORD=12345asdf- Install Helm on Google Cloud shell
- curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3- chmod 700 get_helm.sh- ./get_helm.sh
- Install ingress-nginx on Google Cloud shell
- helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx- helm install my-release ingress-nginx/ingress-nginx
