Skip to main content
Skip table of contents

Google Cloud

Kubedna now supports Google Cloud, making it easy to deploy and manage your Kubernetes clusters on the Google Cloud Platform (GCP). This guide provides step-by-step instructions for configuring your project, setting up authentication via a service account, and designing your Kubernetes cluster with the required IAM permissions.

Subscription Tier Selection

Start by selecting the subscription tier that best fits your requirements. Choose one of the following tiers:

  • Nucleus (Standard)

  • Genome (Business)

  • Biom (Enterprise)


Project Configuration

Provide the following details to configure your project:

  • Project Name: A unique name to identify your project.

  • Project Description: A brief overview of the project’s purpose and requirements.


GCP Project & Region Setup

Next, specify your Google Cloud environment details:

  • GCP Project: Ensure that you have an active GCP project with billing enabled.

  • Region: Select the region where you want to deploy your resources. (Note: All nodes within your Kubernetes cluster must reside in the same region.)


Service Account & Permission Configuration

Kubedna requires a Google Cloud service account with a set of IAM permissions to manage your resources. Create a service account and attach an IAM policy that includes the following permissions:

Google Cloud Permission Mapping

  • Create Load Balancers:

    • GCP Permissions:

      • compute.forwardingRules.create

      • compute.targetPools.create (or compute.backendServices.create for modern load balancing)

    • Allows provisioning and managing load balancer resources.

  • Create Virtual Machines:

    • GCP Permissions:

      • compute.instances.create

      • compute.instances.get

    • Enables deploying and managing Compute Engine instances.

  • Allocate IP Addresses:

    • GCP Permissions:

      • compute.addresses.create

      • compute.addresses.get

    • Grants rights to reserve and manage static external or internal IP addresses.

  • Create and Edit Firewall Rules:

    • GCP Permissions:

      • compute.firewalls.create

      • compute.firewalls.update

      • compute.firewalls.get

    • Enables managing firewall configurations (security rules) for your network.

  • Create and Edit Networks:

    • GCP Permissions:

      • compute.networks.create

      • compute.networks.update

      • compute.networks.get

    • Allows provisioning and modifying Virtual Private Cloud (VPC) networks.

  • Create and Edit NAT:

    • GCP Permissions:

      • compute.routers.create

      • compute.routers.update

      • compute.cloudNATs.create

    • Enables managing Cloud NAT configurations for outbound connectivity.

  • Create and Edit INTERNET NETWORK:

    • GCP Permissions:

      • compute.internetGateways.create (Note: In GCP, internet access is managed via routing and external IP assignments rather than dedicated gateways.)

      • compute.routes.create

    • Grants permissions to configure public internet access for your resources.

Note: In Google Cloud, these permissions are typically assigned via custom IAM roles or by granting one of the broader roles (e.g., Compute Admin or Network Admin) if that aligns with your security posture. For more details on IAM and permissions, refer to the Google Cloud IAM documentation and the Google VPC documentation .


Designing Your Kubernetes Cluster

After configuring your project and authenticating with the appropriate service account, design your Kubernetes cluster on Google Cloud using GKE (Google Kubernetes Engine).

1. Adding the Control Plane Node Group

  • Purpose: Hosts the Kubernetes control plane (managed by GKE).

  • Steps:

    • Select Region: Choose the same region as your other resources.

    • Node Configuration: Choose an appropriate machine type and configuration for the control plane nodes.

    • Note: In GKE, the control plane is managed by Google, but you configure the node pools accordingly.

2. Adding the Workernode Group

  • Purpose: Runs your containerized applications.

  • Steps:

    • Select Region: Ensure all nodes are in the same region.

    • Node Configuration: Pick a machine type that meets your workload requirements.

    • Important: All nodes (control plane and worker nodes) must reside in the same region for proper cluster operation.


Finalizing Cluster Initialization

Once your cluster design is complete:

  • Initialize Cluster: Click the Initialize button in Kubedna to deploy your GKE cluster.

  • Status Notification: You will receive an email with the cluster status and further instructions once the deployment is complete.


7. Additional Resources

For further assistance or advanced configuration options, please refer to these resources:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.