1. Home
    2. CN-Series
    3. Version 11.0
    4. CN-Series Deployment Guide
    5. Secure Kubernetes Workloads with CN-Series
    6. Deploy the CN-Series Firewalls
    7. Deploy CN-Series Firewalls with a Template
    8. Deploy CN-Series Firewall with Terraform Templates
    9. Deploy a GKE Cluster

    Deploy a GKE Cluster

    Use Terraform to deploy a GKE cluster.
    The Terraform repository
    /gke
     folder contains a Terraform plan that deploys a Kubernetes cluster in Google Kubernetes Engine (GKE). This cluster meets the minimum requirements to support a CN-Series Next-Generation firewall and will deploy regionally to span multiple availability zones for maximum redundancy and scalability.
    Follow these steps to define and configure the GCP project.
    1. Define and configure the GCP project.
      1. Log into Google Cloud Platform using its CLI interface.
        $ gcloud auth login
      2. Create a new project in Google Cloud Platform and set it as your default project.
        $ gcloud projects create <your-project-ID>
        Create in progress for https://cloudresourcemanager.googleapis.com/
  v1/projects/cnseries-deployment].
Waiting for [operations/cp.8399975532101480302] to finish...done.
Enabling service [cloudapis.googleapis.com]
  on project [cnseries-deployment]...
Operation "operations/acf.7db11421-7961-43d0-94c3-9063cadc40c9" finished successfully.
        $ gcloud config set project <your-project-ID>
        Updated property [core/project].
      3. Map the newly defined project to your billing account.
        $ gcloud beta billing accounts list
        ACCOUNT_ID            NAME                OPEN  MASTER_ACCOUNT_ID
012356-A12345-B12345  My Billing Account  True
        Enter this command on a single line:
        $ gcloud beta billing projects link cnseries-deployment
          
         --billing-account=012356-A12345-B12345
        billingAccountName: billingAccounts/012356-A12345-B12345
billingEnabled:     true
name:               projects/cnseries-deployment/billingInfo
projectId:          cnseries-deployment
    2. In your cloned repository, change to the
      \gke
       directory.
      cd gke
    3. Deploy the cluster using Terraform.
      1. Create a
        terraform.tfvars
         file and add the following variables and their associated values.
        project  =  "" # The GCP project 
IDregion =  "" # The GCP region
      2. Initialize the Terraform providers.
        $ terraform init
      3. Validate the Terraform plan.
        $ terraform plan
      4. Apply the Terraform plan.
        $ terraform apply
    4. Update the kubeconfig file with the new cluster's information.
      Enter the following command on one line:
      $ gcloud container clusters
        get-credentials $(terraform output cluster_name)
        --region $(terraform output cluster_location)
        --project $(terraform output cluster_project)
    5. Verify the cluster nodes have been built and the status is Ready.
      $ kubectl get nodes
      NAME                                               STATUS  ROLES   AGE  VERSION
gke-cnseries-testing-cnseries-testing-1e1ebbe6-6d3s Ready  <none>  7m21s   v1.14.10-gke.36
gke-cnseries-testing-cnseries-testing-c89de143-0710 Ready  <none>  7m53s   v1.14.10-gke.36
gke-cnseries-testing-cnseries-testing-d320cbc7-rtm2 Ready  <none>  7m51s   v1.14.10-gke.36

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo