# Deploying to Google Cloud
It's quite straightforward to push Docker images to Google Container Registry and deploy to GKE clusters with rok8s-scripts.
# Google Cloud Credentials
To connect to Google Cloud from a CI workflow, a GCP service account (opens new window) is recommended. To create a service account:
- Go to the service accounts page (opens new window)
- Choose a name for the account (e.g.
rok8s-scripts) and hit "Create"
- For "Service account permissions", choose
Kubernetes Engine Developerand hit "continue"
- Click "Create Key" and choose "JSON"
To load the JSON credentials into a rok8s-scripts CI workflow, they'll need to be base64 encoded. This can be accomplished with a command like this:
cat downloaded_google_credentials.json | base64 -w 0
With those credentials in base64 format, you'll need to add them as a protected environment variable in your CI tool of choice. This environment variable needs to be named
GCLOUD_KEY, and contain a base64 encoded copy of GCP Service Account credentials. It's important that this value is not checked into your codebase, as the credentials could potentially provide a great deal of access into your systems.
# Google Cloud Configuration
With the credentials properly configured, there are a few more environment variables that need to be set:
GCP_PROJECTThe Google Cloud project that you'll be working with.
GOOGLE_APPLICATION_CREDENTIALSA path for the decoded
$GCLOUD_KEYto be stored. A simple value like
/tmp/gcloud_key.jsonis generally sufficient here.
# Google Kubernetes Engine Configuration
The configuration above is sufficient to connect to a GCP project and pull or push images, but more configuration is required to connect to a GKE cluster.
CLUSTER_NAMEThe name of the GKE cluster to connect to.
# Regional Clusters
GCP_REGIONAL_CLUSTERSet this variable to
trueif the cluster to connect to is regional.
GCP_REGIONThe GCP region the cluster is in.
# Zonal Clusters
GCP_ZONEThe GCP zone the cluster is in.
# Connecting to Google Cloud
With the above environment variables in place, it's time to run a script to pull it all together and configure the Google Cloud CLI: