# Enable Kubectl Shell for GKE Enabling `kubectl` shell access in GCP is part of a one-time DuploCloud Portal setup process. ## Prerequisite **Ensure a Node Pool Exists:** Before creating the `k8s-shell` service, make sure that your GKE tenant has at least one node pool. To check: 1. Go to **Kubernetes → Nodes** in the DuploCloud Portal. 2. If no nodes are listed, navigate to **Kubernetes → Node Pools** and click **Add** to create a new node pool. * Choose an appropriate **Instance Type** and **Node Count** (you can scale it down later). * Submit and wait for the nodes to become active. Once a node pool is available, proceed to create the shell service. ## Step 1. Create a DuploCloud Service 1. From the **Tenant** list box, select the correct Tenant. 2. Navigate to **Kubernetes** -> **Services**. 3. Click **Add**. The **Add Service** page displays. 4. Fill in the fields below. Leave any fields not listed at their default values.

Add Service page field	Value
Name	`k8s-shell`
Cloud	`Google`
Platform	`GKE Linux`
Docker Image	`duplocloud/shell:terraform-kubectl-latest`

5. Enter the following in the **Environmental Variables** field: ``` - Name: FLASK_APP_SECRET Value: b33d13ab-5b46-443d-a19d-asdfsd443 - Name: DUPLO_AUTH_URL Value: https://.duplocloud.net ``` 6. Click **Next**, and then **Create**. ## Step 2: Create a Load Balancer 1. From the DuploCloud Portal, navigate to **Kubernetes** -> **Services.** 2. From the **NAME** column, select the `k8s-shell` Service you created in the previous step. 3. Select the **Load Balancers** tab, and click **Configure Load Balancer**. 4. Fill in the fields below. Leave any fields not listed at their default values.


Type	`Application LB`
Container port	`80`
Health Check	`/duplo_auth`
Certificate	Select your certificate from the list box. If none are present, you will need to configure a certificate.
External port	`443`
Visibility	`Public`
Application mode	`Docker mode`
Health Check	`/duplo_auth`
Backend Protocol	`http`

5. Click **Add**. ## Step 3: Add the DNS Name to System Settings 1. Navigate to **Administrator** -> **Systems Settings**. 2. Select the **System Config** tab, and click **Add**. The **Add Config** pane displays. 3. Fill in the fields below.


Config Type	`AppConfig`
Key	`Other`
Key	`DuploShellFqdn`
Value	Paste the fully qualified DNS name* of your kubectl shell ingress/Load Balancer. Example: `https://k8s-shell.example.duplocloud.net`

{% hint style="info" %} To find the DNS name, go to **Kubernetes** → **Services**, select the `k8s-shell` Service, then select the **Load Balancers** tab. Click the name of the Load Balancer, and copy the DNS name from the **DNS Name box**. {% endhint %} 4. Click **Submit**. Access to the `kubectl` shell is enabled. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.duplocloud.com/docs/automation-platform/kubernetes-overview/kubectl/kubectl-shell/enable-kubectl-shell-for-gke.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.