You want to use Google’s Autopilot for your gitlab runners, but your job/builds fail because of low resources (ie ephemeral storage).
You can use a limit range to increase the limits for ephemeral storage or/and memory that will make Google’s autopilot to use them and scale them appropriately.
Create a limit range file like:
And then apply it to your cluster
kubectl -n namespace apply -f limit_range.yaml
Trying to create an auto-cluster either using terraform or gcloud cli, and specifying the region name returns the error that ‘Autopilot clusters must be regional clusters.
So with gcloud this is the command and output
kosmas: (master %)$ gcloud container clusters create-auto test-cluster --region=europe-west6-b
Note: The Pod address range limits the maximum size of the cluster. Please refer to https://cloud.google.com/kubernetes-engine/docs/how-to/flexible-pod-cidr to learn how to optimize IP address allocation.
ERROR: (gcloud.container.clusters.create-auto) ResponseError: code=400, message=Autopilot clusters must be regional clusters.
Using the actual region name (that can be taken from the list of available zones/regions)
gcloud compute zones list
NAME REGION STATUS NEXT_MAINTENANCE TURNDOWN_DATE
us-east1-b us-east1 UP
us-east1-c us-east1 UP
europe-west6-b europe-west6 UP
And using the correct region name (without the b)
gcloud container clusters create-auto test-cluster --region=europe-west6 --verbosity debug
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
test-cluster europe-west6 1.21.6-gke.1503 xxx.xxx.xxx.xxx e2-medium 1.21.6-gke.1503 3 RUNNING
When you are trying to add the contents of the Google Cloud credentials json file as a variable in Terraform Cloud you get the error that it cannot contain new lines. In this case you have to use the jq -c option as in:
cat credentials.json | jq -c
You want to create a GKE cluster in Google using Terraform Cloud and the instructions provided https://registry.terraform.io/providers/hashicorp/google/4.3.0/docs/guides/getting_started#using-terraform-cloud-as-the-backend
You are creating a service account in Google Service Accounts and you have set up the environment variable GOOGLE_CREDENTIALS (after removing the new lines from the json file with
tr -d '\n' < original_google_file.json > no_newlines_google_file.json.
But when trying to create the GKE cluster you get the following error in Terraform
Required 'compute.networks.create' permission
The default permissions when creating the Service Account are not enough.
Add the Editor role to your service account, by going to IAM, Permissions for Project, as it does not seem possible to add this permission by editing the Service Account.