Roost-Tufin Create Cluster on GCP
Objective
To create a cluster on Google Cloud Platform using Roost enabled automation.
Features
The solution allows the end-user to
Create 1 or more GCP Clusters
View list of clusters so far
Stop any cluster on-demand
Connect to the cluster using Roost Website
Execute “kubectl” and “docker” commands using integrated terminal provision.
Steps to spawn a cluster
Open a browser and visit the web page app.roost.io/dashboard.
Click on the “Create New Cluster” button above the partner dashboard table.
This button will trigger a window with auto-filled values required for spawning the cluster.
Field | Default Value (pre-filled) | Description | Special Notes | |
---|---|---|---|---|
1 | Customer Email* | roost signed in email | User Email | Mandatory |
2 | Customer Token* | random string | Customer token used to access the cluster from “My Cluster” tab. | Mandatory; Token has to be unique for each cluster |
3 | Region | Any[Region is picked randomly] | Region where the cluster needs to be launched. | If VM quota limit is exceeded for the region specified then the cluster creation will fail. |
4 | K8s Version | 1.18.1 | Cluster K8s version. |
|
5 | Instance Type | e2-small | Instance type of the cluster nodes | CPU cores and memory per cluster node depend on the instance type |
6 | Install Script | Scripts [clone.sh and deploy.sh] added | Scripts to be executed once the cluster is created. | Cluster might fail if there is an error in user provided script |
7 | Uninstall Script | Scripts [uninstall.sh] added | Scripts to be executed before the cluster is deleted. |
|
8 | Cluster Expires in (hours): | 8 | Number of hours the cluster needs to be running [0 indicates no expiry] | Cluster Expiry hrs can be later incremented from the partner dashboard. |
9 | Number of workers | 2 | Number of worker nodes for the cluster [Minimum value is 1] |
|
10 | Create Multiple clusters | 1
| To launch multiple clusters at once with same configuration [Minimum value is 1] | In case of multiple clusters, the customer token will have an auto-generated sequential suffix (like demo_1, demo_2). |
11 | Preemptible | true | Preemptible instance is similar to normal instance but available at a lower cost since the Cloud Provider is trying to use spare capacity. It, however, is reclaimed by the Cloud Provider after 24 hours and sometimes even before the 24 hours. | Preemptible instances limitations:
|
Wizard for cluster options
Steps to stop the Cluster
Open a browser and visit the web page app.roost.io/dashboard.
In the table, you will see all the running/stopped clusters.
In the last column, the user will get a button to stop the cluster.
Steps to Connect the Cluster for End-User
Click on My Cluster or open a browser and visit the web page roost.io/tufin
Enter the email and token provided by the admin or pick the cluster access token from the partner dashboard for the launched cluster
This will open a terminal on the web page with the public IP of the cluster displayed on the top.
End-users can run Kubernetes and Docker commands
Steps to Connect the Cluster using an external terminal
Click on My Cluster page or open a browser and visit the web page roost.io/tufin
Use External Terminal for getting the cluster connection details (SSH key and connection string).
Click on “Use External Terminal” and select “download ssh file”, this will download the file based on user browser preference. If the user has decided the download folder as default, it won't prompt for saving window and if the browser has the preference of “ask every time”, it will open the save window.
After downloading the ssh file, follow the steps to change the file permissions for SSH key file and execute the SSH command on any terminal of your choice.
Admin Page
“Tufin Admin” tab is visible only for users with admin privileges.
Admin can either add or replace GCP key and can invite new users through “Invite Rooster” button.
Users Tab
The Admin will be able to view all the users and each user’s total ,active and stopped clusters.
Clusters Tab
The Admin will be able to view all the clusters created by the users and specific details of each clusters like cluster created time, stopped time, email and token used for cluster creation.
Licenses Tab
Admin will be able to revoke / grant cluster create access to users.
Admin can promote other users to admin.