Setting up a GKE cluster

This page explains how to set up an existing GKE cluster with the options required by Anthos Service Mesh. If you want to add clusters from different Google Cloud projects to Anthos Service Mesh, the clusters must be in a Shared Virtual Private Cloud (VPC). See Setting up clusters with Shared VPC for more information.

< Previous

Before you begin

Before you start setting up a cluster, make sure that you have:

Reviewed the cluster requirements.
Set up your environment to install the tools that you need.
Set up your project to create environment variables, enable the required APIs, and set permissions.

Setting up an existing cluster

Create the following environment variables:

Set the cluster name:
```
export CLUSTER_NAME=YOUR_CLUSTER_NAME
```
Set the CLUSTER_LOCATION to either your cluster zone or cluster region:
```
export CLUSTER_LOCATION=YOUR_ZONE_OR_REGION
```

Set the workload pool:

export WORKLOAD_POOL=${PROJECT_ID}.svc.id.goog

Set the mesh ID:

export MESH_ID="proj-${FLEET_PROJECT_NUMBER}"

Set the default zone or region for the Google Cloud CLI. If you don't set the default here, be sure to specify either the --zone or --region option in the gcloud container clusters commands on this page.
- If you have a single-zone cluster, set the default zone:
```
gcloud config set compute/zone ${CLUSTER_LOCATION}
```
- If you have a regional cluster, set the default region:
```
gcloud config set compute/region ${CLUSTER_LOCATION}
```
Tip: To make setting up your shell environment easier in the future, you can copy and paste the export statements for each environment variable to a simple shell script that you source when you start a new shell. You can also add the gcloud commands that set default values to the script. Or you can use gcloud init to create and activate a named gcloud configuration.
Set the mesh_id label on the cluster, which is required for metrics to get displayed on the Anthos Service Mesh dashboard in the Google Cloud console. If your cluster has existing labels that you want to keep, you must include those labels when adding the mesh_id label.
1. To see if your cluster has existing labels:
```
gcloud container clusters describe ${CLUSTER_NAME} \
  --project ${PROJECT_ID}
```
  Look for the resourceLabels field in the output. Each label is stored on a separate line under the resourceLabels field, for example:
```
resourceLabels:
  csm: ''
  env: dev
  release: stable
```
  If the csm label is in the output, you don't need to preserve it. The mesh_id label replaces the csm label.
  
  For convenience, you can add the labels to an environment variable. In the following, replace YOUR_EXISTING_LABELS with a comma-separated list of the existing labels on your cluster in the format KEY=VALUE, for example: env=dev,release=stable
```
export EXISTING_LABELS="YOUR_EXISTING_LABELS"
```
2. Set the mesh_id label:
  - If your cluster has existing labels that you want to keep, update the cluster with the mesh_id and the existing labels:
```
gcloud container clusters update ${CLUSTER_NAME} \
  --project ${PROJECT_ID} \
  --update-labels=mesh_id=${MESH_ID},${EXISTING_LABELS}
```
  - If you cluster doesn't have any existing labels, update the cluster with only the mesh_id label:
```
gcloud container clusters update ${CLUSTER_NAME} \
  --project=${PROJECT_ID} \
  --update-labels=mesh_id=${MESH_ID}
```

Enable Workload Identity:

gcloud container clusters update ${CLUSTER_NAME} \
   --project=${PROJECT_ID} \
   --workload-pool=${WORKLOAD_POOL}

Enabling Workload Identity can take up to 10 to 15 minutes.

Enable Cloud Monitoring and Cloud Logging on GKE:

gcloud container clusters update ${CLUSTER_NAME} \
   --project=${PROJECT_ID} \
   --enable-stackdriver-kubernetes

Setting up a GKE cluster

Before you begin

Setting up an existing cluster

What do you want to do next?