$ gcloud services enable container.googleapis.com && \
gcloud container clusters create $CLUSTER_NAME \
--zone $ZONE \
--project $PROJECT_ID
更多选项请参阅 Google 云SDK 文档, 或者通过 云控制台 创建集群以获取更多交互体验。
Sidecar injection will not work for private clusters without extra steps. An automatically created firewall rule for master access does not open port 4000. This is needed for Dapr sidecar injection.
审查相关防火墙规则:
$ gcloud compute firewall-rules list --filter="name~gke-${CLUSTER_NAME}-[0-9a-z]*-master"
要替换现有的规则并允许Kubernetes主访问端口4000:
$ gcloud compute firewall-rules update <firewall-rule-name> --allow tcp:10250,tcp:443,tcp:4000
kubectl
的凭据$ gcloud container clusters get-credentials $CLUSTER_NAME \
--zone $ZONE \
--project $PROJECT_ID
注意: 最新的 Dapr helm chart 不再支持 Helm v2。 请按照这篇文章 Helm 迁移指南 从Helm v2 迁移到Helm v3。
kubectl create clusterrolebinding kubernetes-dashboard -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard