This document shows how to create an admin workstation for Google Distributed Cloud that you can use to create clusters.
The instructions here are part of a quickstart. For full instructions on how to create an admin workstation, see Creating an admin workstation.
Before you begin
Create a Google Cloud project (quickstart).
Create a service account (quickstart).
Know your vCenter server address and your CA cert path.
Generate templates for your configuration files
The steps in this document use the gkeadm
command-line tool, which is
available for 64-bit Linux, Windows 10, Windows Server 2019, and macOS 10.15
and higher.
Download gkeadm
to your current directory.
Generate templates:
./gkeadm create config
The preceding command created these files in your current directory:
credential.yaml
admin-ws-config.yaml
Fill in credential.yaml
In credential.yaml
, fill in your vCenter username and password. For example:
kind: CredentialFile items: - name: vCenter username: "my-account-name" password: "AadmpqGPqq!a"
Fill in admin-ws-config.yaml
The following fields are filled in for you:
vCenter: credentials: fileRef: path: credential.yaml entry: vCenter adminWorkstation: name: gke-admin-ws-... cpus: 4 memoryMB: 8192 diskGB: 50 dataDiskName: gke-on-prem-admin-workstation-data-disk,,,.vmdk dataDiskMB: 512 network: ntpServer: ntp.ubuntu.com
Fill in the following required fields. For information on how to fill in the fields, see Admin workstation configuration file.
gcp: whitelistedServiceAccountKeyPath: "Fill in" vCenter: credentials: address: "Fill in" datacenter: "Fill in" datastore: "Fill in" cluster: "Fill in" network: "Fill in" resourcePool: "Fill in" caCertPath: "Fill in" network: hostConfig: ipAllocationMode: Fill in. Set to "static". ip: "Fill in" gateway: "Fill in" netmask: "Fill in"
If necessary, fill in the
proxyURL
field.
adminWorkstation: proxyURL: "Fill in"
Create your admin workstation
Create your admin workstation, and automatically create service accounts:
./gkeadm create admin-workstation --auto-create-service-accounts
The output gives detailed information about the creation of your admin workstation:
... Getting ... service account... Creating other service accounts and JSON key files... - connect-agent-sa-2007081316 - connect-register-sa-2007081316 - log-mon-sa-2007081316 ******************************************************************** Admin workstation is ready to use. Admin workstation information saved to /usr/local/google/home/me/my-admin-workstation This file is required for future upgrades SSH into the admin workstation with the following command: ssh -i /usr/local/google/home/me/.ssh/gke-admin-workstation ubuntu@172.16.5.1 ********************************************************************
Getting an SSH connection to your admin workstation
Near the end of the preceding output there is a command you can use to get an SSH connection to your admin workstation. Enter that command now. For example:
ssh -i /usr/local/google/home/me/.ssh/gke-admin-workstation ubuntu@172.16.5.1
List the files on your admin workstation:
ls -1
In the output, you can see two cluster configuration files, your CA certificate file, and the JSON key files for your service accounts:
admin-cluster.yaml connect-agent-sa-2007081316.json connect-register-sa-2007081316.json log-mon-sa-2007081316.json user-cluster.yaml vcenter-ca-cert.pem component-access-key.json
What's next
Seesaw load balancer (quickstart)