Setup in Google GCP (GKE Creation)

This guide walks through deploying Capacity Private Cloud on Google Kubernetes Engine (GKE). It covers cluster creation, service mesh installation, ingress configuration, TLS setup, and Helm chart deployment. The instructions are intended for administrators provisioning a production or test environment in Google Cloud Platform and assume familiarity with the GCP Console and basic Kubernetes concepts.

Create Kubernetes Cluster

Begin by creating a new GKE cluster in the Google Cloud Console. The DNS name associated with the cluster can be noted for use in API calls to the platform.

Set Up Cluster Basics

Provide a cluster name and configure networking options (e.g., whether the cluster will be publicly accessible). Kubernetes version 1.33 is currently recommended. Refer to the lumenvox/helm-charts GitHub repository for the latest minimum version requirements.

View full size

Set Up Node Pool Details

Configure the node pool that will host your pods. The number of nodes required will depend on your expected call volumes and the speech products in use. The default values shown in the GCP Console are a reasonable starting point but should be adjusted to meet your specific requirements.

View full size

Set Up Node Configurations

Select the operating system and machine type for your nodes. The recommended minimum is 8 vCPUs and 32 GB memory per node. Choose the operating system that best suits your operational requirements.

View full size

Set Up Node Security

Review the default security settings for your node pool. The defaults are generally suitable, but should be adjusted based on your organization's security policies and requirements.

View full size

Set Up Node Networking

Configure networking for the node pool. A public cluster network is recommended for simplicity, though private clusters are supported if your security requirements demand them. Adjust settings as needed for your environment.

View full size

Create VPC Firewall Rule for RabbitMQ

GCP does not automatically create the firewall rule required for RabbitMQ communication. You must manually add a VPC firewall rule to allow the necessary traffic between nodes. View full size

Add Persistent Storage

Configure persistent storage for the cluster. The default values are a reasonable starting point but should be adjusted based on your data retention and storage requirements. View full size

Install Google Cloud CLI

Install the Google Cloud CLI on the machine you will use to manage the cluster. The CLI includes kubectl, which is required for all subsequent steps.

Download from: https://cloud.google.com/sdk/docs/install

Connect to the Cluster

Configure kubectl to communicate with your new GKE cluster. Run this command on your local machine or remote management workstation:

gcloud container clusters get-credentials <cluster-name> --zone <zone> --project <project-id>

Install Linkerd CLI

Linkerd is the supported service mesh for Capacity Private Cloud. Install the Linkerd CLI on your local machine. Only versions up to Linkerd edge-24.5.5 are supported.

curl --proto '=https' --tlsv1.2 -sSfL https://run.linkerd.io/install | sh

Add the Linkerd CLI to Your Path

export PATH=$PATH:$HOME/.linkerd2/bin

Install Linkerd

linkerd check --pre
linkerd install --crds | kubectl apply -f -
linkerd install | kubectl apply -f -
linkerd check

Install Jaeger

linkerd jaeger install | kubectl apply -f -

Install Linkerd Dashboard

linkerd viz install | kubectl apply -f -

Uninstall Linkerd

If you need to uninstall Linkerd for troubleshooting purposes (e.g., resolving issues with Linkerd sidecars or decommissioning a cluster), use the following commands in order:

linkerd viz uninstall | kubectl delete -f -
linkerd jaeger uninstall | kubectl delete -f -
linkerd uninstall | kubectl delete -f -

Install Helm

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh

Install nginx Ingress

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
kubectl create ns ingress-nginx
helm upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
  -n ingress-nginx \
  --create-namespace \
  --set controller.hostNetwork=true \
  --set controller.allowSnippetAnnotations=true

Create the Namespace

kubectl create namespace lumenvox

Set the Active Namespace

kubectl config set-context --current --namespace=lumenvox

Set Up TLS for Ingress

Generate a self-signed TLS certificate for the ingress controller. The example below shows guideline values. Adjust the certificate validity period and Subject Alternative Names (SANs) to match your environment. Replace <hostnameSuffix> with the value configured in your Helm chart's values.yaml.

openssl genrsa -out server.key 2048

openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650 \
  -addext "subjectAltName = DNS:lumenvox-api.<hostnameSuffix>, \
  DNS:biometric-api.<hostnameSuffix>, \
  DNS:management-api.<hostnameSuffix>, \
  DNS:reporting-api.<hostnameSuffix>, \
  DNS:admin-portal.<hostnameSuffix>, \
  DNS:deployment-portal.<hostnameSuffix>"

kubectl create secret tls speech-tls-secret --key server.key --cert server.crt

Apply Secrets File

kubectl apply -f lumenvox-secrets.yaml

Deploy the Helm Chart

helm install lumenvox lumenvox/lumenvox -f speech-values.yaml -n lumenvox

Complete the Installation

After the Helm chart has been deployed, proceed to set up your deployment configuration. See Setting up a Deployment for the final steps required to complete the installation.

Related Articles

• Kubernetes Installation Steps
• Setting up a Deployment
• Setup in Amazon Kubernetes Services (EKS)
• Setup of MRCP API Server
• Setup via Quick Start (kubeadm)
• Installing in Air-Gapped RHEL Environments
• Installing in Air-Gapped Ubuntu Environments