kcc platform-admin

Create Memorystore

Platform Admin Platform Admin Duration: 10 min | Persona: Platform Admin

In this section, you will create a Memorystore (Redis) instance for the Online Boutique’s cartservice app to connect to. We will also create a second Memorystore (Redis) with TLS enabled which will be leveraged in another section.

Initialize variables:

WORK_DIR=~/
source ${WORK_DIR}acm-workshop-variables.sh
echo "export REDIS_NAME=cart" >> ${WORK_DIR}acm-workshop-variables.sh
echo "export REDIS_TLS_NAME=cart-tls" >> ${WORK_DIR}acm-workshop-variables.sh
source ${WORK_DIR}acm-workshop-variables.sh

Define Memorystore (Redis)

Define the Memorystore (Redis) resource:

cat <<EOF > ${WORK_DIR}$TENANT_PROJECT_DIR_NAME/$ONLINEBOUTIQUE_NAMESPACE/memorystore.yaml
apiVersion: redis.cnrm.cloud.google.com/v1beta1
kind: RedisInstance
metadata:
  annotations:
    cnrm.cloud.google.com/project-id: ${TENANT_PROJECT_ID}
    config.kubernetes.io/depends-on: compute.cnrm.cloud.google.com/namespaces/${TENANT_PROJECT_ID}/ComputeNetwork/${GKE_NAME}
  name: ${REDIS_NAME}
  namespace: ${TENANT_PROJECT_ID}
spec:
  authorizedNetworkRef:
    name: ${GKE_NAME}
  memorySizeGb: 1
  redisVersion: REDIS_6_X
  region: ${GKE_LOCATION}
  tier: BASIC
EOF

Define Memorystore (Redis) with TLS enabled

Define the Memorystore (Redis) resource with TLS enabled:

cat <<EOF > ${WORK_DIR}$TENANT_PROJECT_DIR_NAME/$ONLINEBOUTIQUE_NAMESPACE/memorystore-tls.yaml
apiVersion: redis.cnrm.cloud.google.com/v1beta1
kind: RedisInstance
metadata:
  annotations:
    cnrm.cloud.google.com/project-id: ${TENANT_PROJECT_ID}
    config.kubernetes.io/depends-on: compute.cnrm.cloud.google.com/namespaces/${TENANT_PROJECT_ID}/ComputeNetwork/${GKE_NAME}
  name: ${REDIS_TLS_NAME}
  namespace: ${TENANT_PROJECT_ID}
spec:
  authorizedNetworkRef:
    name: ${GKE_NAME}
  memorySizeGb: 1
  redisVersion: REDIS_6_X
  region: ${GKE_LOCATION}
  tier: BASIC
  transitEncryptionMode: SERVER_AUTHENTICATION
EOF

Deploy Kubernetes manifests

cd ${WORK_DIR}$TENANT_PROJECT_DIR_NAME/
git add . && git commit -m "Memorystore (Redis) instance" && git push origin main

Check deployments

graph TD;
  RedisInstance-.->Project
  RedisInstance-.->ComputeNetwork
  RedisInstance-.->Project
  RedisInstance-.->ComputeNetwork

List the Kubernetes resources managed by Config Sync in Config Controller for the Tenant project configs repository:

Run this command and click on this link:

echo -e "https://console.cloud.google.com/kubernetes/config_management/packages?project=${HOST_PROJECT_ID}"

Wait until you see the Sync status column as Synced and the Reconcile status column as Current.

Run this command:

gcloud alpha anthos config sync repo describe \
    --project $HOST_PROJECT_ID \
    --managed-resources all \
    --sync-name repo-sync \
    --sync-namespace $TENANT_PROJECT_ID

Wait and re-run this command above until you see "status": "SYNCED". All the managed_resources listed should have STATUS: Current too.

Note

The creation of the RedisInstance can take ~10 mins.

List the GitHub runs for the Tenant project configs repository:

cd ${WORK_DIR}$TENANT_PROJECT_DIR_NAME && gh run list

List the Google Cloud resources created:

gcloud redis instances list \
    --region=$GKE_LOCATION \
    --project=$TENANT_PROJECT_ID