Anthos Config Management + Cloud Source Repositories + MicroK8s

Deploying to Microk8s with Anthos Config Management

Anthos Config Management enables you to automate policy and security at scale for your hybrid and multi-cloud Kubernetes deployments. At a high level, you commit your Kubernetes code to a central Git repository and Anthos Config Management deploys the code to all of the registered clusters. In short, Anthos Config Management allows you to bring GitOps practices to the world of multi-cloud container management.

Anthos Config Management is supported on GKE-based clusters and also on Anthos attached clusters, a deployment option that extends Anthos’ reach into Kubernetes clusters running in other cloud environments. While I normally work with GKE clusters, I decided to experiment with attaching a Microk8s cluster to Anthos. Microk8s is a Kubernetes platform that is seen in IoT and edge environments. While Microk8s itself is not an officially supported Anthos platform, you can, however, experiment with MicroK8s to learn more about Anthos Config Management and see how it can benefit organizations.

This project uses the the following Google Cloud services:

  • Compute Engine provides an Ubuntu instance for a single-node Microk8s cluster. Ubuntu will use cloud-init to install Microk8s and generate shell scripts and other files to save time.
  • Cloud Source Repositories will provide the Git-based repository to which we will commit our workload.
  • Anthos Config Management will perform the deployment from the repository to the Microk8s cluster.

Let’s start with a picture

Here’s a diagram of how these components fit together.

High Level Design showing workstation and Microk8s instances
  • A workstation instance is created from which Terraform is used to deploy four things: (1) an IAM service account, (2) a Google Compute Engine Instance with Microk8s using permissions provided by the service account, (3) a Kubernetes configuration repo provided by Cloud Source Repositories, and (4) a public/private key pair.
  • The GCE instance will use the service account key to register the Microk8s cluster with the GKE Hub. Even though we will be using Microk8s rather than GKE for this walkthrough, the GKE Hub serves as a registration point for making clusters available to Anthos.
  • The public key from the public/private key pair will be registered to the repository while the private key will be registered with the Microk8s cluster.
  • Anthos Config Management will be configured to point to the repository and branch to poll for updates.
  • When a Kubernetes YAML document is pushed to the appropriate branch of the repository, Anthos Config Management will use the private key to connect to the repository, detect that a commit has been made against the branch, fetch the files and apply the document to the Microk8s cluster.

If you would like to learn more, check out this repository. You will find instructions on how to build out the infrastructure shown above and deploy an application to Microk8s using Anthos Config Management.

A few closing words

Anthos Config Management enables you to deploy code from a Git repository to Kubernetes clusters that have been registered with Anthos. Google Cloud currently supports GKE, AKS, and EKS clusters, but you can experiment with other conformant clusters including Microk8s as well.

This example shows how to register a single Microk8s cluster to receive deployments from a repository provided by Cloud Source Repositories. You can scale this to larger numbers of clusters all of which can receive updates from commitments to the repository. In short, Anthos Config Management allows you to bring Git-ops practices to the world of Kubernetes deployments.




A collection of technical articles and blogs published or curated by Google Cloud Developer Advocates. The views expressed are those of the authors and don't necessarily reflect those of Google.

Recommended from Medium

Code Review Guidelines

Jenkins on Kubernetes: Part-1

Creating an ECS Cluster using a CentOS Image from Docker with Terraform

How to enable serverless computing in Kubernetes

Amazon Certificate Manager (ACM) Basics— Create and use TLS Certificate

The Best of Programming on Medium (October 2021)

CCIE L3 Pck3t.v4

Breaking News: Early Access to The Global Launch of KeplerSwap

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jeffrey S. Levine

Jeffrey S. Levine

I am a Customer Engineer for Google. I help organizations evaluate and adopt Google Cloud. These articles reflect my views and not those of my employer.

More from Medium

Google Cloud: Managed Microsoft Active Directory

Cloud Bigtable: What is it? For what is it suitable? And what does it cost?

Google Cloud Platform — Technology Nuggets — January 16–31, 2022 Edition

Protect sensitive info in logs using Google Cloud