Complete the following prerequisites before installing MKE on GCP.
Verify that the maximum transmission unit (MTU) is set to
1500on the VPC where your instances will be created. For instructions on how to change the MTU on an existing VPC, refer to Change the MTU setting of a VPC network in the Google Cloud VPC documentation.
Verify that your instances have the appropriate authorization for managing cloud resources. Appropriate authorization is required when using cloud provider integration through the setting of
--cloud-provider gceduring installation.
GCP uses service accounts, roles, and access scopes to define authorization. Refer to Service accounts in the GCP documentation for instructions and best practices on configuring the appropriate authorization for your instances.
An example of a very permissible role for a service account is
roles/owner. And an example of an access scope that provides access to most Google services is
https://www.googleapis.com/auth/cloud-platform. It is a best practice to define a broad access scope such as this to an instance and then restrict access using roles. Refer to OAuth 2.0 Scopes for Google APIs for a list of available scopes and Understanding roles for a list of available roles.
Verify that all your instances include the same prefix.
Tag each instance with the prefix of its associated instance names. For example, if the instance names are
testcluster-m2, tag the associated instance with