The example below creates a Kubernetes cluster with 4 worker node Virtual Machines and a master Virtual Machine (i.e. 5 VMs in your cluster). This cluster is set up and controlled from your workstation (or wherever you find convenient).
If you want a simplified getting started experience and GUI for managing clusters, please consider trying Google Container Engine (GKE) for hosted cluster installation and management.
If you want to use custom binaries or pure open source Kubernetes, please continue with the instructions below.
gcloudcan be installed as a part of the Google Cloud SDK.
gcloud config list projectand change it via
gcloud config set project <project-id>.
You can install a client and start a cluster with either one of these commands (we list both in case only one is installed on your machine):
curl -sS https://get.k8s.io | bash
wget -q -O - https://get.k8s.io | bash
Once this command completes, you will have a master VM and four worker VMs, running as a Kubernetes cluster.
The script run by the commands above creates a cluster with the name/prefix “kubernetes”. It defines one specific cluster config, so you can’t run it more than once.
Alternately, you can download and install the latest Kubernetes release from this page, then run the
<kubernetes>/cluster/kube-up.sh script to start the cluster:
cd kubernetes cluster/kube-up.sh
If you want more than one cluster running in your project, want to use a different name, or want a different number of worker nodes, see the
<kubernetes>/cluster/gce/config-default.sh file for more fine-grained configuration before you start up your cluster.
The next few steps will show you:
The cluster startup script will leave you with a running cluster and a
kubernetes directory on your workstation.
The next step is to make sure the
kubectl tool is in your path.
The kubectl tool controls the Kubernetes cluster manager. It lets you inspect your cluster resources, create, delete, and update components, and much more. You will use it to look at your new cluster and bring up example apps.
Add the appropriate binary folder to your
PATH to access kubectl:
# OS X export PATH=<path/to/kubernetes-directory>/platforms/darwin/amd64:$PATH # Linux export PATH=<path/to/kubernetes-directory>/platforms/linux/amd64:$PATH
Note: gcloud also ships with
kubectl, which by default is added to your path.
However the gcloud bundled kubectl version may be older than the one downloaded by the
get.k8s.io install script. We recommend you use the downloaded binary to avoid
potential issues with client/server version skew.
You may find it useful to enable
kubectl bash completion:
$ source ./contrib/completions/bash/kubectl
Note: This will last for the duration of your bash session. If you want to make this permanent you need to add this line in your bash profile.
Alternatively, on most linux distributions you can also move the completions file to your bash_completions.d like this:
$ cp ./contrib/completions/bash/kubectl /etc/bash_completion.d/
but then you have to update it when you update kubectl.
kubectl is in your path, you can use it to look at your cluster. E.g., running:
$ kubectl get --all-namespaces services
should show a set of services that look something like this:
NAMESPACE NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE default kubernetes 10.0.0.1 <none> 443/TCP <none> 1d kube-system kube-dns 10.0.0.2 <none> 53/TCP,53/UDP k8s-app=kube-dns 1d kube-system kube-ui 10.0.0.3 <none> 80/TCP k8s-app=kube-ui 1d ...
Similarly, you can take a look at the set of pods that were created during cluster startup. You can do this via the
$ kubectl get --all-namespaces pods
You’ll see a list of pods that looks something like this (the name specifics will be different):
NAMESPACE NAME READY STATUS RESTARTS AGE kube-system fluentd-cloud-logging-kubernetes-minion-63uo 1/1 Running 0 14m kube-system fluentd-cloud-logging-kubernetes-minion-c1n9 1/1 Running 0 14m kube-system fluentd-cloud-logging-kubernetes-minion-c4og 1/1 Running 0 14m kube-system fluentd-cloud-logging-kubernetes-minion-ngua 1/1 Running 0 14m kube-system kube-dns-v5-7ztia 3/3 Running 0 15m kube-system kube-ui-v1-curt1 1/1 Running 0 15m kube-system monitoring-heapster-v5-ex4u3 1/1 Running 1 15m kube-system monitoring-influx-grafana-v1-piled 2/2 Running 0 15m
Some of the pods may take a few seconds to start up (during this time they’ll show
Pending), but check that they all show as
Running after a short period.
Then, see a simple nginx example to try out your new cluster.
To remove/delete/teardown the cluster, use the
cd kubernetes cluster/kube-down.sh
kube-up.sh in the same directory will bring it back up. You do not need to rerun the
wget command: everything needed to setup the Kubernetes cluster is now on your workstation.
The script above relies on Google Storage to stage the Kubernetes release. It
then will start (by default) a single master VM along with 4 worker VMs. You
can tweak some of these parameters by editing
You can view a transcript of a successful cluster creation
You need to have the Google Cloud Storage API, and the Google Cloud Storage JSON API enabled. It is activated by default for new projects. Otherwise, it can be done in the Google Cloud Console. See the Google Cloud Storage JSON API Overview for more details.
Also ensure that– as listed in the Prerequsites section– you’ve enabled the
Compute Engine Instance Group Manager API, and can start up a GCE VM from the command line as in the GCE Quickstart instructions.
If the Kubernetes startup script hangs waiting for the API to be reachable, you can troubleshoot by SSHing into the master and node VMs and looking at logs such as
Once you fix the issue, you should run
kube-down.sh to cleanup after the partial cluster creation, before running
kube-up.sh to try again.
If you’re having trouble SSHing into your instances, ensure the GCE firewall
isn’t blocking port 22 to your VMs. By default, this should work but if you
have edited firewall rules or created a new non-default network, you’ll need to
gcloud compute firewall-rules create default-ssh --network=<network-name>
--description "SSH allowed from anywhere" --allow tcp:22
Additionally, your GCE SSH key must either have no passcode or you need to be
The instances must be able to connect to each other using their private IP. The
script uses the “default” network which should have a firewall rule called
“default-allow-internal” which allows traffic on any port on the private IPs.
If this rule is missing from the default network or if you change the network
being used in
cluster/config-default.sh create a new rule with the following
|IaaS Provider||Config. Mgmt||OS||Networking||Docs||Conforms||Support Level|
For support level information on all solutions, see the Table of solutions chart.
Please see the Kubernetes docs for more details on administering and using a Kubernetes cluster.