GKE - Google Kubernetes Engine

GKE Deployment and Administration

Demo Install kubectl and configure cluster access

In this guide, you’ll learn how to install the Kubernetes CLI (kubectl), set up the GKE authentication plugin, and configure access to your Google Kubernetes Engine (GKE) cluster. By the end, you’ll verify your setup and deploy a sample Nginx application.


Prerequisites

  • A Google Cloud project with GKE API enabled.
  • gcloud CLI installed and authenticated (gcloud init).
  • A GKE cluster created (e.g., name: gke-deep-dive, region/zone: us-west1).

1. Install or Verify kubectl

Note

If you’re using Google Cloud Shell, kubectl comes pre-installed. You can skip directly to verifying its version.

Update your package list and install kubectl:

sudo apt-get update
sudo apt-get install -y kubectl

Confirm the installation:

kubectl version --client --short

Example output:

Client Version: v1.27.4
Kustomize Version: v5.0.1

2. Install the GKE Authentication Plugin

GKE clusters require gke-gcloud-auth-plugin to retrieve authentication tokens for kubectl. Choose one of the methods below:

MethodCommandWhen to Use
A. gcloud Componentsgcloud components install gke-gcloud-auth-pluginDefault if component manager is enabled in Cloud SDK.
B. apt-getsudo apt-get install -y google-cloud-sdk-gke-gcloud-auth-pluginUse if component manager is disabled or on Linux distros.

Warning

If you see

ERROR: You cannot perform this action because the Google Cloud CLI component manager is disabled

switch to Method B.

Verify the plugin installation:

gke-gcloud-auth-plugin --version

Sample output:

Kubernetes v1.27.1-alpha+06fe8a86d471...

3. Configure GKE Cluster Credentials

Fetch and merge your cluster’s credentials into your local kubeconfig:

gcloud container clusters get-credentials gke-deep-dive --region us-west1

This updates ~/.kube/config with the cluster’s API endpoint, certificates, and user context.


4. Verify kubectl Configuration

4.1 List All Namespaces

kubectl get namespaces

Expected output:

NAME              STATUS   AGE
default           Active   10m
kube-system       Active   10m
kube-public       Active   10m
...

4.2 Inspect Full Kubeconfig

kubectl config view

A typical snippet:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://34.83.189.58
  name: gke_myproject_us-west1_a_gke-deep-dive
contexts:
- context:
    cluster: gke_myproject_us-west1_a_gke-deep-dive
    user: gke_myproject_us-west1_a_gke-deep-dive
  name: gke_myproject_us-west1_a_gke-deep-dive
current-context: gke_myproject_us-west1_a_gke-deep-dive
kind: Config
users:
- name: gke_myproject_us-west1_a_gke-deep-dive
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      command: gke-gcloud-auth-plugin
      interactiveMode: IfAvailable
      provideClusterInfo: true

Tip

Your context and cluster names are prefixed with your project and location. Use these exact identifiers with flags like --cluster or --context.


5. Deploy a Sample Nginx Application

Run an Nginx pod using the Google Cloud Marketplace image:

kubectl run my-sample-app \
  --image=gcr.io/cloud-marketplace/google/nginx1:latest \
  --restart=Never

Check the pod status:

kubectl get pods

You should see:

NAME            READY   STATUS    RESTARTS   AGE
my-sample-app   1/1     Running   0          30s

Congratulations! You’ve successfully installed kubectl, configured GKE authentication, and deployed your first application.


Watch Video

Watch video content

Previous
Prepare the cluster for accessibility and management