Compliance Oriented Kubernetes Setup for Google Cloud.
brew install kubectl kubernetes-helm google-cloud-sdk terraform
gcloud auth activate-service-account --key-file=./account.json
terraform init && terraform get -update && terraform apply
gcloud config set account [email protected] # Set account name
gcloud container clusters get-credentials <clustername> --region us-central1
| Name | Version |
|---|---|
| n/a | |
| helm | n/a |
| http | n/a |
| null | n/a |
| random | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cluster_version | The minimum version of the master | string |
"1.27" |
no |
| csi_secrets_store_enabled | Specify whether the CSI driver is enabled | bool |
true |
no |
| environment_name | The name of the environment to create resources | string |
n/a | yes |
| project | The Google Project that will host the cluster | string |
n/a | yes |
| redis_enabled | Specify whether the redis cluster is enabled | bool |
false |
no |
| redis_ha_enabled | Specify whether HA is enabled for redis | bool |
false |
no |
| redis_memory_in_gb | Redis memory size in GiB | number |
1 |
no |
| region | The location (region or zone) in which the cluster master will be created | string |
"us-central1" |
no |
| sql_enabled | Specify whether the sql instance is enabled | bool |
false |
no |
| sql_engine | The sql version to use | string |
"POSTGRES_15" |
no |
| sql_instance_class | The machine type to use | string |
"db-f1-micro" |
no |
| sql_master_password | The password for the db user | string |
"" |
no |
| sql_master_username | The name of the db user | string |
"" |
no |
| tags | Terraform map to create custom tags for the Google resources | map |
{} |
no |
| Name | Type |
|---|---|
| google_compute_global_address.private_ip_address | resource |
| google_compute_network.network | resource |
| google_compute_subnetwork.subnet | resource |
| google_container_cluster.cluster | resource |
| google_kms_crypto_key.key | resource |
| google_kms_key_ring.keyring | resource |
| google_redis_instance.cache | resource |
| google_service_networking_connection.private_vpc_connection | resource |
| google_sql_database_instance.default | resource |
| google_sql_user.user | resource |
| helm_release.csi_secrets_store | resource |
| null_resource.csi_secrets_store_aws_provider | resource |
| null_resource.sql_vpc_lock | resource |
| random_id.server | resource |
| google_client_config.current | data source |
| http_http.csi_secrets_store_gcp_provider | data source |
| Name | Description |
|---|---|
| private_vpc_network | n/a |
| sql_database | n/a |
Since 2016 opsZero has been providing Kubernetes expertise to companies of all sizes on any Cloud. With a focus on AI and Compliance we can say we seen it all whether SOC2, HIPAA, PCI-DSS, ITAR, FedRAMP, CMMC we have you and your customers covered.
We provide support to organizations in the following ways:
- Modernize or Migrate to Kubernetes
- Cloud Infrastructure with Kubernetes on AWS, Azure, Google Cloud, or Bare Metal
- Building AI and Data Pipelines on Kubernetes
- Optimizing Existing Kubernetes Workloads
We do this with a high-touch support model where you:
- Get access to us on Slack, Microsoft Teams or Email
- Get 24/7 coverage of your infrastructure
- Get an accelerated migration to Kubernetes
Please schedule a call if you need support.
