Setting up Anthos attached clusters

This page shows you how to attach conformant Kubernetes clusters to Anthos. Attaching clusters lets you view your existing Kubernetes clusters in Anthos along with your Anthos GKE clusters, and enable a subset of Anthos features on them, including configuration with Anthos Config Management. You can attach any cluster that meets our prerequisites, with more supported Kubernetes implementations coming soon.

Prerequisites

You can attach the following cluster types to Anthos:

Amazon Elastic Kubernetes Service (Amazon EKS) on Kubernetes versions 1.16, 1.17
Microsoft Azure Kubernetes Service (Microsoft AKS) on Kubernetes versions 1.16, 1.17

Before you start

Sign in to your Google Account.
If you don't already have one, sign up for a new account.
In the Cloud Console, on the project selector page, select or create a Cloud project.

Go to the project selector page
Make sure that billing is enabled for your Google Cloud project. Learn how to confirm billing is enabled for your project.
Enable the Anthos API.
Enable the API

Install and initialize the Cloud SDK.

Registering attached clusters

Regardless of where your clusters are, you need to register any clusters that you want to use with Anthos with your project's environ by using Connect. An environ provides a unified way to view and manage multiple clusters and their workloads as part of Anthos. You can find out more about environs and the functionality that they enable in our Environs guide.

You don't need to register all your clusters at once, but you need to do so each time that you create a new cluster to make sure that it's visible on your Anthos Clusters page in the Cloud Console, and so that you can use all Anthos features. Anthos charges apply only to your registered clusters.

Using the gcloud command-line tool provides you with some more advanced cluster registration options that are not available in the Cloud Console, including downloading and applying the Connect Agent manifest yourself. To find out more about these options, see advanced registration options in the Connect documentation.

Check the Connect prerequisites before registering your cluster to ensure that you have the relevant permissions and enabled APIs to register a cluster.

Console

To register a cluster:

In the Google Cloud Console, go to the Anthos Clusters page. This page shows all your registered clusters.

Go to the Anthos Clusters page
Click Register existing cluster.
Click Add external cluster.

Note: You can also access the same functionality by clicking Register cluster on your GKE dashboard if you're an Anthos user.
Enter the name of the cluster that you want to register in the Cluster name field.
Optional: Add Google Cloud labels to your cluster.
Click Generate registration command.
In Cloud Shell or wherever you have saved your service account credentials, edit and run the gcloud command that is displayed on the page. You need to specify the following values:
- The CLUSTER_CONTEXT is the cluster's context as it appears in the kubeconfig file. You can get this value from the command line by running kubectl config current-context.
- The KUBECONFIG_PATH is the local filepath where your kubeconfig file is stored. This defaults to $KUBECONFIG if that environment variable is set; otherwise, it defaults to $HOME/.kube/config.
- The LOCAL_KEY_PATH is the path to your service account key file.
Running this command deploys the Connect Agent in your user cluster. When the Connect Agent connects to Google Cloud and your cluster is registered, a success message is displayed on the page.
Click Set labels, or click Skip if you didn't set any labels.

gcloud

Run the following command:

 gcloud container hub memberships register MEMBERSHIP_NAME \
   --context=KUBECONFIG_CONTEXT \
   --kubeconfig=KUBECONFIG_PATH \
   --service-account-key-file=SERVICE_ACCOUNT_KEY_PATH

Replace the following:

MEMBERSHIP_NAME: the membership name that you choose and that is used to uniquely represent the cluster being registered on the Hub.
SERVICE_ACCOUNT_KEY_PATH: the local filepath to the service account's private key JSON file downloaded as part of Prerequisites. This service account key is stored as a secret named creds-gcp in the gke-connect namespace.
KUBECONFIG_CONTEXT: the cluster context of the cluster being registered as it appears in the kubeconfig file. You can get this value from the command line by running kubectl config current-context.
KUBECONFIG_PATH: the local filepath where your kubeconfig containing an entry for the cluster being registered is stored. This defaults to $KUBECONFIG if that environment variable is set; otherwise, this defaults to $HOME/.kube/config.

Enabling Anthos features on attached clusters

After you register your clusters, use the following guides to enable additional Anthos features for your applications. You can see the currently supported versions for each deployment option in Anthos version and upgrade support. For complete documentation sets for all Anthos components, including tutorials, reference material, and more, see Anthos components.

Anthos Service Mesh:
- Installing Anthos Service Mesh on attached clusters
Anthos Config Management: