Follow this procedure to prepare to deploy Tanzu Postgres to TKGi, running on Google Cloud Platform (GCP).
This procedure requires that TKGi on GCP is installed and running, along with all prerequisite software and configurations.
In the TKGi tile under Kubernetes Cloud Provider, ensure that the service accounts that are listed under GCP Master Service Account ID and GCP Worker Service Account ID have permission to pull images from the GCS bucket named
Obtain a Kubernetes service account key (a
key.json file) for an account that has read access (
storage.objectViewer role) to the Google Cloud Registry. You will need to identify this file in your configuration to pull Tanzu Postgres docker images from the remote registry. For example:
If necessary, create a new service account to use for Tanzu Postgres. These example commands create a new account named
postgres-image-pull in your current GCP project:
$ export GCP_PROJECT=$(gcloud config get-value core/project) $ gcloud iam service-accounts create postgres-image-pull
Assign the required
storage.objectViewer role to the new account:
$ gcloud projects add-iam-policy-binding $GCP_PROJECT \ --member serviceAccount:postgres-image-pull@$GCP_PROJECT.iam.gserviceaccount.com \ --role roles/storage.objectViewer
Create the key for the account:
$ gcloud iam service-accounts keys create \ --iam-account "postgres-image-pull@$GCP_PROJECT.iam.gserviceaccount.com" \ ~/key.json
key.json file to the
operator directory of your Tanzu Postgres installation. See Installing a Postgres Operator for complete instructions.
Before you deploy Postgres, ensure that the target cluster is available. Execute the following command to make sure that the target cluster displays in the output:
pks login cookie typically expires after a day or two.
Note: If any problems occur during deployment, retry deploying Postgres by first removing the previous deployment.