建立基本k8s clusters 並註冊至Anthos

# 建立基本k8s clusters 並註冊至Anthos ## 參考官方文件 https://cloud.google.com/anthos/clusters/docs/bare-metal/latest/quickstart 1. 在您的項目中啟用 API： ``` gcloud services enable \ --project pic-project-k8s \ gkeonprem.googleapis.com ``` 3. 初始化該 API ``` gcloud beta container bare-metal clusters query-version-config \ --project=pic-project-k8s \ --location="us-central1" ``` 5. 建立 RBAC kubectl create role anthos-cluster-admin --verb=create --resource=pods kubectl create rolebinding bind-anthos-cluster-admin --role=anthos-cluster-admin --user=anthos-admin --namespace=default 查詢RBAC kubectl get roles kubectl get rolebindings 刪除RBAC: kubectl describe role <role-name> kubectl describe rolebinding <binding-name> 或全部刪除 kubectl delete roles --all kubectl delete rolebindings --all Azure ROLE https://cloud.google.com/anthos/clusters/docs/multi-cloud/azure/how-to/create-azure-role-assignments CREATE ca https://cloud.google.com/anthos/clusters/docs/multi-cloud/azure/how-to/create-azure-client Create ssh key 範例https://cloud.google.com/anthos/clusters/docs/multi-cloud/azure/how-to/create-ssh-keypair 或以下參照我建OCP時的做法, 先要有CA憑證檔 # set CA and ssh-keyget to install-config.yaml copy CA file to /etc/pki/ca-trust/source/anchors/ update-ca-trust extract ssh-keygen -t ed25519 -N '' -f <path>/<file_name> ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_rsa cat ~/.ssh/id_rsa.pub 以上KEY測試失敗我要註冊k8s cluster 至 anthos gcloud container fleet memberships register $MEMBERSHIP_NAME \ --context=$KUBECONFIG_CONTEXT \ --kubeconfig=$KUBECONFIG_PATH \ --service-account-key-file=$SERVICE_ACCOUNT_KEY_PATH 其中SERVICE_ACCOUNT_KEY_PATH="~/.ssh/id_rsa.pub"