This documentation is for the Latest version of Knative serving, which uses fleets and Anthos Service Mesh. Learn more.

The past version (Cloud Run for Anthos) has been archived but the documentation remains available for existing users.

Available versions

Latest
Archive

Customizing your Google Cloud installation

Learn how to install Knative serving in your GKE clusters on Google Cloud. Knative serving now uses Anthos Service Mesh and GKE Enterprise fleets. Learn what's new and changed with Knative serving fleet installations.

Use this page to customize a new installation or to configure an existing fleet installation of Knative serving. For example, you can configure for private clusters or set Cloud Monitoring credentials.

The default installation steps automatically deploy the following CloudRun custom resource which enables metrics on GKE Enterprise on Google Cloud clusters:

  apiVersion: operator.run.cloud.google.com/v1alpha1
  kind: CloudRun
  metadata:
    name: cloud-run

To learn about custom resources in general, see custom resources.

Before you begin

You must ensure that you meet the installation prerequisites.
If Knative serving is installed in your cluster, you must ensure that the "GKE add-on" does not exist before you perform these fleet component installation steps. If you have the "add-on" installed, you must instead follow the steps for upgrading to GKE Enterprise fleets.
Check if the "GKE add-on" is installed.

To check if your installation of Knative serving is the "GKE add-on", run the following command:
```
gcloud container clusters describe \
CLUSTER_NAME \
--region CLUSTER_LOCATION \
--project PROJECT_ID --format='get(addonsConfig.cloudRunConfig)'
```
Replace:
- CLUSTER_NAME with the name of your cluster.
- CLUSTER_LOCATION with the location where your cluster is located.
- PROJECT_ID with the ID of your Google Cloud project.
Results:
- "GKE add-on" not installed:
  - Nothing is returned to your terminal if the add-on was never installed.
  - disabled=true is returned if the add-on was previously uninstalled.
- "GKE add-on" is installed: If the add-on is installed in your cluster, the configuration details for the add-on are returned. Example: loadBalancerType=LOAD_BALANCER_TYPE_EXTERNAL
Example:
The following example demonstrates that Knative serving was installed in the my-addon-cluster cluster through the "GKE add-on", which is configured to handle external traffic:
gcloud container clusters describe my-addon-cluster \ --region us-central1-c --project my-gcp-project \ --format='get(addonsConfig.cloudRunConfig)'

Response:

loadBalancerType=LOAD_BALANCER_TYPE_EXTERNAL

Configure your `CloudRun` custom resource

You need to manually create and configure the CloudRun custom resource to configure your installation.

To manually create a CloudRun custom resource for GKE clusters on Google Cloud:

Create a YAML file and include the default configuration, for example cloudrunanthos.yaml:

apiVersion: operator.run.cloud.google.com/v1alpha1
kind: CloudRun
metadata:
  name: cloud-run

In cloudrunanthos.yaml, you customize the installation by configuring one or more of the following attributes under a spec section:
- Private clusters: You must add the clusterConfig and isPrivate set of attributes to install Knative serving on a private clusters on Google Cloud.
  
  The clusterConfig and isPrivate attributes:
```
spec:
  clusterConfig:
    isPrivate: true
```
  Note that this setting disables Managed TLS because private clusters are not able to communicate with the certificate authority by default.
- Metrics: Add the metricscollector set of attributes to configure Cloud Monitoring. By default, metrics are enable for GKE Enterprise on Google Cloud clusters.
```
spec:
  metricscollector:
    stackdriver:
      projectid: PROJECT_ID
      gcpzone: CLUSTER_LOCATION
      clustername: CLUSTER_NAME
      secretname: SECRET_NAME
      secretkey: SECRET_KEY
```
  Replace the following:
  - PROJECT_ID with the ID of your Google Cloud project.
  - CLUSTER_LOCATION with the region or zone in which your cluster is located.
  - CLUSTER_NAME with the ID of your cluster or the fully qualified identifier for the cluster.
  - SECRET_NAME with the name of the Secret for the service account of the knative-serving namespace.
  - SECRET_KEY with the key of the Secret for the service account of the knative-serving namespace. For example: key.json
    
    For details about service accounts, see:
    - Creating service accounts
    - Creating service account keys

Example

In this example CloudRun custom resource, the configuration details for Cloud Monitoring are specified to use the my-gcp-logging-secret secret and key.json key:

 apiVersion: operator.run.cloud.google.com/v1alpha1
 kind: CloudRun
 metadata:
   name: cloud-run
 spec:
   metricscollector:
     stackdriver:
       projectid: my-gcp-project-id
       gcpzone: us-central1-c
       clustername: my-anthos-cluster-name
       secretname: my-gcp-logging-secret
       secretkey: key.json
 ```

Enable and install Knative serving

Enable the Knative serving component in your GKE Enterprise fleet and then deploy your CloudRun custom resource:

Enable Knative serving in your fleet:
```
gcloud container fleet cloudrun enable --project=PROJECT_ID
```
Replace PROJECT_ID with the ID of your Google Cloud project.

For details and additional options, see the gcloud container fleet cloudrun enable reference.
Optional: Verify that the Knative serving feature component is enabled:
Console
View if the Knative serving component is Enabled in the Google Cloud console:

Go to GKE Enterprise features
Command line
View if the appdevexperience state is ACTIVE:
```
gcloud container fleet features list  --project=PROJECT_ID
```
Replace PROJECT_ID with the ID of your Google Cloud project.

For details and additional options, see the gcloud container fleet features list reference.

Result:
```
NAME               STATE
appdevexperience   ACTIVE
```
For each GKE Enterprise cluster where you want to install Knative serving, you must deploy your CloudRun custom resource:
gcloud
```
gcloud container fleet cloudrun apply --gke-cluster=CLUSTER_LOCATION/CLUSTER_NAME --config=CONFIG_FILE
```
Replace the following:
- CLUSTER_LOCATION with the region or zone in which your cluster is located.
- CLUSTER_NAME with the ID of your cluster or the fully qualified identifier for the cluster.
- CONFIG_FILE with the filename relative path to your cloudRun custom resource. Example cloudrunanthos.yaml.
For details and additional options, see the gcloud container fleet cloudrun apply reference.
kubectl
```
kubectl apply --kubeconfig=KUBECONFIG --filename CONFIG_FILE
```
Replace the following:
- KUBECONFIG with the absolute path to your kubectl config file.
- CONFIG_FILE with the filename and relative path to your cloudRun custom resource. Example cloudrunanthos.yaml.
For details and additional options, see the kubectl apply reference.
Verify that Knative serving has been enabled in your cluster:
1. Open the Google Cloud console:
  
  Go to GKE Enterprise clusters
2. Click on the name of your cluster to open the details pane.
3. Run this command to check if you can see the Knative serving version details: kubectl get namespace knative-serving -o 'go-template={{index .metadata.labels "serving.knative.dev/release"}}'
4. Verify that all Knative serving specific deployments are in running status under knative-serving and appdevexperience namespaces.

What's next

Set up your installation of Knative serving.

Customizing your Google Cloud installation

Before you begin

Check if the "GKE add-on" is installed.

Configure your CloudRun custom resource

Enable and install Knative serving

Console

Command line

gcloud

kubectl

What's next

Configure your `CloudRun` custom resource