Setting up Anthos attached clusters

This page shows you how to attach conformant Kubernetes clusters to Anthos. Attaching clusters lets you view your existing Kubernetes clusters in the Google Cloud Console along with your Anthos clusters, and enable a subset of Anthos features on them, including configuration with Anthos Config Management.

Prerequisites

You can attach any conformant Kubernetes cluster to Anthos and view it in the Cloud Console with your Anthos clusters.

The following cluster types and versions have been validated by Google, including the use of additional supported Anthos features:

Amazon Elastic Kubernetes Service (Amazon EKS) on Kubernetes versions 1.16, 1.17, 1.18
Microsoft Azure Kubernetes Service (Microsoft AKS) on Kubernetes versions 1.16, 1.17, 1.18
Red Hat OpenShift Kubernetes Engine (OKE) version 4.4
Red Hat OpenShift Container Platform (OCP) version 4.4

See the Enabling Anthos features section below for more details.

Before you start

Sign in to your Google Account.
If you don't already have one, sign up for a new account.
In the Google Cloud Console, on the project selector page, select or create a Google Cloud project.

Go to the project selector page
Make sure that billing is enabled for your Cloud project. Learn how to confirm that billing is enabled for your project.
Enable the Anthos API.
Enable the API

Install and initialize the Cloud SDK.

Registering attached clusters

Regardless of where your clusters are, you need to register any clusters that you want to use with Anthos with your project's environ by using Connect. An environ provides a unified way to view and manage multiple clusters and their workloads as part of Anthos. You can find out more about environs and the functionality that they enable in our Environs guide.

You don't need to register all your clusters at once, but you need to do so each time that you create a new cluster to make sure that it's visible on your Anthos Clusters page in the Cloud Console, and so that you can use all Anthos features. Anthos charges apply only to your registered clusters.

Using the gcloud command-line tool provides you with some more advanced cluster registration options that are not available in the Cloud Console, including downloading and applying the Connect Agent manifest yourself. To find out more about these options, see advanced registration options in the Connect documentation.

Check the Connect prerequisites before registering your cluster to ensure that you have the relevant permissions and enabled APIs to register a cluster.

Console

To register a cluster:

In the Google Cloud Console, go to the Anthos Clusters page. This page shows all your registered clusters.

Go to the Anthos Clusters page
Click Register existing cluster.
Click Add external cluster.

Note: You can also access the same functionality by clicking Register cluster on your GKE dashboard if you're an Anthos user.
Enter the name of the cluster that you want to register in the Cluster name field.
Optional: Add Google Cloud labels to your cluster.
Click Generate registration command.
In Cloud Shell or wherever you have saved your service account credentials, edit and run the gcloud command that is displayed on the page. You need to specify the following values:
- The CLUSTER_CONTEXT is the cluster's context as it appears in the kubeconfig file. You can get this value from the command line by running kubectl config current-context.
- The KUBECONFIG_PATH is the local filepath where your kubeconfig file is stored. This defaults to $KUBECONFIG if that environment variable is set; otherwise, it defaults to $HOME/.kube/config.
- The LOCAL_KEY_PATH is the path to your service account key file.
Running this command deploys the Connect Agent in your user cluster. When the Connect Agent connects to Google Cloud and your cluster is registered, a success message is displayed on the page.
Click Set labels, or click Skip if you didn't set any labels.

gcloud

Run the following command:

 gcloud container hub memberships register MEMBERSHIP_NAME \
   --context=KUBECONFIG_CONTEXT \
   --kubeconfig=KUBECONFIG_PATH \
   --service-account-key-file=SERVICE_ACCOUNT_KEY_PATH

Replace the following:

MEMBERSHIP_NAME: the membership name that you choose and that is used to uniquely represent the cluster being registered on the Hub.
SERVICE_ACCOUNT_KEY_PATH: the local filepath to the service account's private key JSON file downloaded as part of Prerequisites. This service account key is stored as a secret named creds-gcp in the gke-connect namespace.
KUBECONFIG_CONTEXT: the cluster context of the cluster being registered as it appears in the kubeconfig file. You can get this value from the command line by running kubectl config current-context.
KUBECONFIG_PATH: the local filepath where your kubeconfig containing an entry for the cluster being registered is stored. This defaults to $KUBECONFIG if that environment variable is set; otherwise, this defaults to $HOME/.kube/config.

Enabling Anthos features on attached clusters

After you register your clusters, you can enable available Anthos features on them for your applications. These features are supported only on our validated cluster types. You can see the current feature versions supported on these types in Version and upgrade support.

The following guides show you how to enable supported features on your clusters:

Anthos Config Management:

For complete documentation sets for all Anthos components, including tutorials, reference material, and more, see Anthos components.

What's next?

Learn how to set up logging and monitoring for attached clusters.