Configuring a processing cluster

This topic describes how to set up a Google Kubernetes Engine cluster as a processing cluster. You'll use the processing cluster to generate migrated container artifacts, operate and monitor the migration.

Before you begin

Before creating a processing cluster, you'll need:

  • A user with GKE Administrator privileges. These privileges are only necessary for the setup portion.
  • Prerequisites for migration. See Migration prerequisites for more.

  • Firewall rules to support traffic between Migrate for Anthos and Migrate for Compute Engine.

    If you're migrating from a source platform other than Compute Engine, you'll need to create two firewall rules for subnets that hold GKE clusters with your workloads. Add the following firewall rules on the Cloud Console.

    Type Source Targets Protocol Port
    Ingress VPN subnet or cluster network tag. For example, this might be fw-workload, as described in the Migrate for Compute Engine networking setup. This is for the GKE cluster nodes. Migrate for Compute Engine Cloud Extension Subnet on Google Cloud or Cloud Extension nodes network tag. For example, fw-migration-cloud-extension, as described in Migrate for Compute Engine networking setup. iSCSI TCP/3260
    Ingress VPN subnet or cluster network tag. For example, this might be fw-workload, as described in the Migrate for Compute Engine networking setup. This is for the GKE cluster nodes.

    For this rule or as an additional rule, also add as a network source the Pod IP ranges as configured on the GKE cluster.

    Migrate for Compute Engine (formerly Velostrata) Manager Subnet on Google Cloud or network tag. For example, fw-migration-manager, as described in Migrate for Compute Engine networking setup. HTTPS TCP/443

Creating a GKE cluster

Before you start, make sure you have performed the following tasks:

Set up default gcloud settings using one of the following methods:

  • Using gcloud init, if you want to be walked through setting defaults.
  • Using gcloud config, to individually set your project ID, zone, and region.

Using gcloud init

  1. Run gcloud init and follow the directions:

    gcloud init

    If you are using SSH on a remote server, use the --console-only flag to prevent the command from launching a browser:

    gcloud init --console-only
  2. Follow the instructions to authorize gcloud to use your Google Cloud account.
  3. Create a new configuration or select an existing one.
  4. Choose a Google Cloud project.
  5. Choose a default Compute Engine zone.

Using gcloud config

  • Set your default project ID:
    gcloud config set project project-id
  • If you are working with zonal clusters, set your default compute zone:
    gcloud config set compute/zone compute-zone
  • If you are working with regional clusters, set your default compute region:
    gcloud config set compute/region compute-region
  • Update gcloud to the latest version:
    gcloud components update

Create the cluster

Use the command described here to create a zonal cluster for use as a processing cluster.

Be sure to use VPCs that are running your Migrate for Anthos installation or connected through a shared VPC.

Migrate for Anthos supports only certain operating systems for nodes. Use the Ubuntu node image if your nodes require support for XFS, CephFS, or Debian packages.

Use the following command to create and launch a GKE cluster. Edit the parameters in the command example here to match your own needs, such as your project and zone. An example for machine-type is "n1-standard-4".

gcloud container --project project-name \
  clusters create gke-cluster-name --zone gcp-zone \
  --username "admin" \
  --machine-type "machine-type"  \
  --image-type "UBUNTU" \
  --num-nodes number-of-nodes \
  --scopes "cloud-platform" \
  --enable-stackdriver-kubernetes
  --tags="fw-workload"

The gcloud container clusters create command offers many configuration options that you might want to set. These include choosing node machine types, specifying the --network and --subnetwork, and enabling Alias IP addresses.

Next Steps