Roost-Tufin Create Cluster on GCP

Owned by Harish Agrawal
Nov 24, 2021
4 min read

Objective

To create a cluster on Google Cloud Platform using Roost enabled automation.

Features

The solution allows the end-user to

  • Create 1 or more GCP Clusters 

  • View list of clusters so far

  • Stop any cluster on-demand

  • Connect to the cluster using Roost Website

  • Execute “kubectl” and “docker” commands using integrated terminal provision.

Steps to spawn a cluster

  • Open a browser and visit the web page app.roost.io/dashboard.

  • Click on the “Create New Cluster” button above the partner dashboard table.

Create Cluster button

 

  • This button will trigger a window with auto-filled values required for spawning the cluster.

Create Cluster Window

 

Field

Default Value (pre-filled)

Description

Special Notes

Field

Default Value (pre-filled)

Description

Special Notes

1

Customer Email*

roost signed in email

User Email

Mandatory

2

Customer Token*

random string

Customer token used to access the cluster from “My Cluster” tab.

Mandatory; Token has to be unique for each cluster

3

Region

Any[Region is picked randomly]

Region where the cluster needs to be launched.

If VM quota limit is exceeded for the region specified then the cluster creation will fail.

4

K8s Version

1.18.1

Cluster K8s version.

 

5

Instance Type

e2-small

Instance type of the cluster nodes

CPU cores and memory per cluster node depend on the instance type

6

Install Script

Scripts [clone.sh and deploy.sh] added

Scripts to be executed once the cluster is created.

Cluster might fail if there is an error in user provided script

7

Uninstall Script

Scripts [uninstall.sh] added

Scripts to be executed before the cluster is deleted.

 

8

Cluster Expires in (hours):

8

Number of hours the cluster needs to be running [0 indicates no expiry]

Cluster Expiry hrs can be later incremented from the partner dashboard.

9

Number of workers

2

Number of worker nodes for the cluster [Minimum value is 1]

 

10

Create Multiple clusters

1

 

To launch multiple clusters at once with same configuration [Minimum value is 1]

In case of multiple clusters, the customer token will have an auto-generated sequential suffix (like demo_1, demo_2).

11

Preemptible

true

Preemptible instance is similar to normal instance but available at a lower cost since the Cloud Provider is trying to use spare capacity. It, however, is reclaimed by the Cloud Provider after 24 hours and sometimes even before the 24 hours.

Preemptible instances limitations:

  • Google Compute Engine might stop preemptible instances at any time due to system events. The probability of stopping it for a system event is generally low, but might vary from day to day and from zone to zone depending on current conditions.

  • Preemptible instances are always stopped by Google Compute Engine after they run for 24 hours. For more details on preemptible.
    Preemptible VM instances

Wizard for cluster options

Steps to stop the Cluster

  • Open a browser and visit the web page app.roost.io/dashboard.

  • In the table, you will see all the running/stopped clusters.

  • In the last column, the user will get a button to stop the cluster.

Steps to Connect the Cluster for End-User

  • Click on My Cluster or open a browser and visit the web page roost.io/tufin

  • Enter the email and token provided by the admin or pick the cluster access token from the partner dashboard for the launched cluster

  • This will open a terminal on the web page with the public IP of the cluster displayed on the top.

  • End-users can run Kubernetes and Docker commands

Steps to Connect the Cluster using an external terminal

  • Click on My Cluster page or open a browser and visit the web page roost.io/tufin

  • Use External Terminal for getting the cluster connection details (SSH key and connection string).

  • Click on “Use External Terminal” and select “download ssh file”, this will download the file based on user browser preference. If the user has decided the download folder as default, it won't prompt for saving window and if the browser has the preference of “ask every time”, it will open the save window.

  • After downloading the ssh file, follow the steps to change the file permissions for SSH key file and execute the SSH command on any terminal of your choice.

Admin Page

  • “Tufin Admin” tab is visible only for users with admin privileges.

  • Admin can either add or replace GCP key and can invite new users through “Invite Rooster” button.

Users Tab

  • The Admin will be able to view all the users and each user’s total ,active and stopped clusters.

Clusters Tab

  • The Admin will be able to view all the clusters created by the users and specific details of each clusters like cluster created time, stopped time, email and token used for cluster creation.

Licenses Tab

  • Admin will be able to revoke / grant cluster create access to users.

  • Admin can promote other users to admin.