# Enable Kubectl Shell Enabling kubectl shell access in GCP is part of a one-time DuploCloud Portal setup process. ## Step 1: Create a Node Pool 1. In the **Tenant** list box, select the **Tools** Tenant. 2. Navigate to **Kubernetes** -> **Nodes**. 3. Select the **Node Pool** tab, and click **Add.**

4. Complete the required fields, and click **Create**. 5. Once the node pool is complete, it will display on the **GCP VM** tab with a status of **Running**.

The **GCE VM** tab in the DuploCloud Portal

## Step 2. Create a DuploCloud Service 1. In the **Tenant** list box, select the **Tools** Tenant. 2. Navigate to **Kubernetes** -> **Services**. 3. Click **Add**. The **Add Service** page displays. 4. From the table below, enter the values that correspond to the fields on the **Add Service** page. Accept default values for fields not specified. | Add Service page field | Value | | ---------------------- | ---------------------------------------- | | **Name** | `kubectl` | | **Cloud** | `Google` | | **Platform** | `GKE Linux` | | **Docker Image** | `duplocloud/shell:terraform_kubectl_v15` | 4. In the **Environment Variables** field, enter the following YAML. Replace the flask app secret (b33d13ab-5b46-443d-a19d-asdfsd443 in this example) with a string of random numbers and letters in the same format and replace ***CUSTOMER\_PREFIX*** with your customer URL prefix. ```yaml - Name: FLASK_APP_SECRET Value: b33d13ab-5b46-443d-a19d-asdfsd443 - Name: DUPLO_AUTH_URL Value: https://.duplocloud.net ``` 4. Click **Next**. The **Advanced Options** page displays. 5. Click **Create**. The Service is created. ## Step 3: Create a Load Balancer 1. Navigate to **Kubernetes** -> **Services**. 2. Select the **kubectl** Service from the **NAME** column. 3. Select the **Load Balancers** tab, and click **Configure Load Balancer**. The **Add Load Balancer Listener** pane displays. 4. In the **Select Type** list box, select **K8s Cluster IP**. 5. In the **Container port** and **External port** fields, enter **80**. 6. In the **Health Check** field, enter **/duplo\_auth**. 7. In the **Backend Protocol** list box, select **TCP** 8. Select **Advanced Kubernetes settings** and **Set HealthCheck annotations for Ingress.** 9. Click **Add**. The Load Balancer listener is added.

## Step 4: Add an Ingress 1. In the **Tenant** list box, select the **Tools** Tenant. 2. Navigate to **Kubernetes** -> **Ingress**. 3. Click **Add**. The **Add Kubernetes Ingress** page displays. 4. In the **Ingress Name** field, enter `kubect-shell`. 5. From the **Ingress Controller** list box, select **gce**. 6. In the **Visibility** list box, select **Public**. 7. In the **DNS Prefix** field**,** enter the DNS name prefix. 8. In the **Certificate ARN** list box, select the ARN added to the Plan in the **Certificate for Load Balancer and Ingress** step.

9. Click **Add Rule**. The **Add Ingress Rule** pane displays. 10. In the **Path** field, enter (**/**) 11. In the **Service Name** list box, select the Service previously created (**kubectl:80**) 12. Click **Add Rule**. A rule directing all traffic to the **kubectl** Service is created.

\ 13\. On the **Add Kubernetes Ingress** page, click **Add**. The Ingress is created. ## Step 5: Add the DNS name to System Settings 1. Navigate to **Administrator** -> **Systems Settings**. 2. Select the **System Config** tab, and click **Add**. The **Add Config** pane displays.

3. From the **Config Type** list box, select **AppConfig**. 4. From the **Key** list box, select **Other**. 5. In the second **Key** field, enter **DuploShellfqdn** 6. In the **Value** field, paste the Ingress DNS. To find the Ingress DNS, navigate to **Kubernetes** -> **Ingress**, and copy the DNS from the **DNS** column.

7. Click **Submit**. `kubectl` shell access is enabled.