Enable Kubectl Shell for GKE

Enabling kubectl shell access in GCP is part of a one-time DuploCloud Portal setup process.

Step 1: Create a Node Pool

1. In the Tenant list box, select the correct Tenant.

2. Navigate to Kubernetes -> Nodes.

3. Select the Node Pool tab, and click Add.

1. Complete the required fields, and click Create. Once the node pool is complete, it will display on the GCP VM tab with a status of Running.

Step 2. Create a DuploCloud Service

1. In the Tenant list box, select the correct Tenant.

2. Navigate to Kubernetes -> Services.

3. Click Add. The Add Service page displays.

4. From the table below, enter the values that correspond to the fields on the Add Service page. Accept default values for fields not specified.

1. In the Environment Variables field, enter the following YAML. Replace the flask app secret (b33d13ab-5b46-443d-a19d-asdfsd443 in this example) with a string of random numbers and letters in the same format and replace CUSTOMER_PREFIX with your customer URL prefix.

- Name: FLASK_APP_SECRET
 Value: b33d13ab-5b46-443d-a19d-asdfsd443
- Name: DUPLO_AUTH_URL
 Value: https://<CUSTOMER_PREFIX>.duplocloud.net

1. Click Next. The Advanced Options page displays.

2. Click Create. The Service is created.

Step 3: Create a Load Balancer

1. Navigate to Kubernetes -> Services.

2. Select the kubectl Service from the NAME column.

3. Select the Load Balancers tab, and click Configure Load Balancer. The Add Load Balancer Listener pane displays.

4. In the Select Type list box, select K8s Cluster IP.

5. In the Container port and External port fields, enter 80.

6. In the Health Check field, enter /duplo_auth.

7. In the Backend Protocol list box, select TCP

8. Select Advanced Kubernetes settings and Set HealthCheck annotations for Ingress.

9. Click Add. The Load Balancer listener is added.

Step 4: Add an Ingress

1. In the Tenant list box, select the correct Tenant.

2. Navigate to Kubernetes -> Ingress.

3. Click Add. The Add Kubernetes Ingress page displays.

4. In the Ingress Name field, enter kubect-shell.

5. From the Ingress Controller list box, select gce.

6. In the Visibility list box, select Public.

7. In the DNS Prefix field, enter the DNS name prefix.

8. In the Certificate ARN list box, select the ARN added to the Plan in the Certificate for Load Balancer and Ingress step.

1. Click Add Rule. The Add Ingress Rule pane displays.

2. In the Path field, enter (/)

3. In the Service Name list box, select the Service previously created (kubectl:80)

4. Click Add Rule. A rule directing all traffic to the kubectl Service is created.

13. On the Add Kubernetes Ingress page, click Add. The Ingress is created.

Step 5: Add the DNS Name to System Settings

1. Navigate to Administrator -> Systems Settings.

2. Select the System Config tab, and click Add. The Add Config pane displays.
3. From the Config Type list box, select AppConfig.

4. From the Key list box, select Other.

5. In the second Key field, enter DuploShellfqdn

6. In the Value field, paste the Ingress DNS. To find the Ingress DNS, navigate to Kubernetes -> Ingress, and copy the DNS from the DNS column.
7. Click Submit. kubectl shell access is enabled.