Keeping configurations sane for multiple projects on Google Container Engine
In my previous post, I present the easist and most secure way to get kubectl
working for one project. But what about mutiple projects? Juggle mutiple projects on Google Container Engine (GKE) can be hard, especially when its configurations are admittedly quirky. This post describes the best practice, in my opinion, to keep configurations sane and easy to switch.
Problem
Suppose you have an awesome app that runs on GKE. You probably want to have two different environments staging
and production
, and the environments should be completely isolated. So you create two projects on GKE, awesome-app-staging
and awesome-app-production
, and provisioned resources for each. Now the question is how to effectively switch between the two projects on command line without repeating these commands over and over again.
Solution
Assuming gcloud
and kubectl
are installed, but not configured,
1. Create a configuration for each project
Create an empty configuration. Don't use default
gcloud config configurations create awesome-app-staging
gcloud auth activate-service-account --key-file /path/to/your/key.json
Set project
gcloud config set project awesome-app-staging
It's good to set DEFAULT_ZONE
and DEFAULT_REGION
too.
gcloud config set compute/region ${REGION}
gcloud config set compute/zone ${ZONE}
Verify that your newly-created configuration has correct values
gcloud config configurations describe awesome-app-staging
gcloud
is ready.
Get kubectl
ready by getting GKE credentials for the project
gcloud container clusters get-credentials ${CLUSTER} --zone ${ZONE} --project awesome-app-staging
This will insert auth data and project info in ~/.kube/config
. Verify your context is correct
kubectl config current-context
It should return a string which consists of project, zone and cluster.
Repeat the above process for each project.
2. Switch projects
Once configurations are created for all projects, switching is easy.
List all contexts
kubectl config get-contexts
Switch to a context
kubectl config use-context ${CONTEXT}
See current context
kubectl config current-context
Please note that switching context in kubectl
does NOT automatically switch the corresponding gcloud
configuration. This means that unless you instruct gcloud
and kubectl
to work on the same project, they can work on completely differnt projects. Therefore, as a good practice, remember to switch gcloud
configuration whenever you switch kubectl
context and vice versa, unless you know what you're doing.
Activate configuration
gcloud config configurations activate ${CONFIGURATION}
Summary
This is a very simple and elegant solution to manage multiple projects on GKE. If you have better ideas, please let me know.
Happy switching!