Setting up your project

This page explains how to prepare your Google Cloud project before you install Anthos Service Mesh.

Before you begin

Before you start setting up your project, make sure that you have set up your environment.

Setting up your project:

  1. Get the project ID for the project that the cluster was created in and the project number for the fleet host project.


    Run the following command:

    gcloud projects list


    1. Go to the Dashboard page in the Google Cloud console.

      Go to the Dashboard page

    2. Click the Select from drop-down list at the top of the page. In the Select from window that appears, select your project.

      The project ID is displayed on the project Dashboard Project info card.

  2. Create an environment variable for the project ID of the project that the cluster was created in:


  3. Create an environment variable for the project number of the fleet host project. If you are setting up only one cluster, or if all of your clusters that you are setting up for Anthos Service Mesh are in the same project, you can use the project number that the cluster was created in.


  4. Set the required Identity and Access Management (IAM) roles. If you are a Project Owner, you have all the necessary permissions to complete the installation and register your cluster with your fleet. If you aren't a Project Owner, you need someone who is to grant you the following specific IAM roles. In the following command, change GCP_EMAIL_ADDRESS to the account that you use to log in to Google Cloud.

    gcloud projects add-iam-policy-binding ${PROJECT_ID} \
        --member 'user:GCP_EMAIL_ADDRESS' \
        --role=roles/editor \
        --role=roles/compute.admin \
        --role=roles/container.admin \
        --role=roles/resourcemanager.projectIamAdmin \
        --role=roles/iam.serviceAccountAdmin \
        --role=roles/iam.serviceAccountKeyAdmin \

    To learn more about how to grant IAM roles, refer to Granting, changing, and revoking access to resources. For a description of these roles, see Permissions required to install Anthos Service Mesh.

  5. Enable the following APIs:

    gcloud services enable \
        --project=${PROJECT_ID} \ \ \ \ \ \ \ \ \ \ \ \

    Enabling the APIs can take a minute or more to complete. When the APIs are enabled, you see output similar to the following:

    Operation "operations/acf.601db672-88e6-4f98-8ceb-aa3b5725533c" finished