Follow this procedure to prepare to deploy Tanzu Postgres to TKGi, running on Google Cloud Platform (GCP).

Cluster Requirements

This procedure requires that TKGi on GCP is installed and running, along with all prerequisite software and configurations.

In the TKGi tile under Kubernetes Cloud Provider, ensure that the service accounts that are listed under GCP Master Service Account ID and GCP Worker Service Account ID have permission to pull images from the GCS bucket named artifacts.<project-name>

Obtain a Kubernetes service account key (a key.json file) for an account that has read access (storage.objectViewer role) to the Google Cloud Registry. You will need to identify this file in your configuration to pull Tanzu Postgres docker images from the remote registry. For example:

  1. If necessary, create a new service account to use for Tanzu Postgres. These example commands create a new account named postgres-image-pull in your current GCP project:

    $ export GCP_PROJECT=$(gcloud config get-value core/project)
    $ gcloud iam service-accounts create postgres-image-pull
  2. Assign the required storage.objectViewer role to the new account:

    $ gcloud projects add-iam-policy-binding $GCP_PROJECT \
    --member serviceAccount:postgres-image-pull@$ \
    --role roles/storage.objectViewer
  3. Create the key for the account:

    $ gcloud iam service-accounts keys create \
    --iam-account "postgres-image-pull@$" \

Copy the key.json file to the operator directory of your Tanzu Postgres installation. See Installing Tanzu Postgres for complete instructions.

Before you deploy Postgres, ensure that the target cluster is available. Execute the following command to make sure that the target cluster displays in the output:

pks list-clusters

Note: The pks login cookie typically expires after a day or two.

Note: If any problems occur during deployment, retry deploying Postgres by first removing the previous deployment.

check-circle-line exclamation-circle-line close-line
Scroll to top icon