docs: Improve GKE instructions (#315)

This change improves GKE cluster creation instructions by adding a
custom service account and new VPC network. It also integrates those
instructions into the overall install instructions.

README.md

@@ -1,32 +1,28 @@
-# kf
+# Kf
 
 [![knative.slack.com][slack-badge]][kf-slack]
 
-`kf` provides a `cf` like experience on top of Knative.
+`kf` provides a `cf`-like experience on top of Knative.
 
-`kf` aims to be fully compatible with CF applications and lifecycle; it supports
+`kf` aims to be fully compatible with CF applications and lifecycle. It supports
 logs, buildpacks, app manifests, routing, service brokers, and injected services.
 
 At the same time, it aims to improve the operational experience by supporting
 git-ops, self-healing infrastructure, containers, a service mesh, autoscaling,
 scale-to-zero, improved quota management and does it all on Kubernetes using
-industry-standard OSS tools (Knative, Istio, and Tekton).
+industry-standard OSS tools including Knative, Istio, and Tekton.
 
 ## Getting started
 
-Build a `kf` binary and follow our [install instructions](docs/install.md)
-for Knative.
+Follow the [install instructions](docs/install.md) to create a GKE cluster, install Kf into it, and deploy an app with the `kf` CLI.
 
 ## How to build
 
-**Dependencies:**
-
-[go mod](https://github.com/golang/go/wiki/Modules#quick-start)
-is used and required for dependencies
-
 **Requirements:**
 
-  - Golang `1.12`
+  - Golang `1.12` ([go mod](https://github.com/golang/go/wiki/Modules#quick-start)
+is used and required for dependencies)
+
 
 **Building:**
 
@@ -36,7 +32,7 @@ $ ./hack/build.sh
 
 **Notes:**
 
-- `kf` CLI must be built outside of the `$GOPATH` folder unless
+- The `kf` CLI must be built outside of the `$GOPATH` folder unless
 you explicitly use `export GO111MODULE=on`.
 
 ## Development and releasing

docs/install.md

@@ -1,17 +1,12 @@
+# Install Kf
 
 ## Pre-requisites
 
 This guide is intended to provide you with all the commands you'll
-need to install `kf` into an existing Kubernetes cluster.
+need to install and use `kf`. It includes instructions for provisioning a new
+GKE cluster, as well as instructions for using an existing Kubernetes cluster.
 
-It assumes you have:
-
-* A Kubernetes cluster that:
-  * Can run containers as root.
-  * Has at least 12 vCPUs.
-  * Has at least 45G of memory.
-  * Has a minimum of three nodes.
-* A Docker compatible container registry that you can write to.
+You must have a Docker-compatible container registry that you can push to.
 
 ## Configure your registry
 
@@ -20,94 +15,73 @@ store your Docker registry details in an environment variable. This
 install guide uses Google Container Registry (GCR) on GKE.
 
 ```
-export KF_REGISTRY=<your-container-registry>
-e.g: export KF_REGISTRY=gcr.io/<PROJECT_ID>
+export KF_REGISTRY=gcr.io/<PROJECT_ID>
 ```
 
 ## Install `kf` CLI
 
 The `kf` CLI is built nightly from the master branch. It can be downloaded
 from the following URLs:
 
-### linux
+### Linux
 > https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/cli/kf-linux-latest
 ```sh
 wget https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/cli/kf-linux-latest -O kf
 chmod +x kf
 sudo mv kf /usr/local/bin
 ```
 
-### mac
+### Mac
 > https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/cli/kf-darwin-latest
 ```sh
 wget https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/cli/kf-darwin-latest -O kf
 chmod +x kf
 sudo mv kf /usr/local/bin
 ```
 
-### windows
+### Windows
 > https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/cli/kf-windows-latest.exe
 
-## Install dependencies
+## Create a Kubernetes cluster
 
-`kf` uses Istio to route HTTP requests to the running applications and Knative
-to deploy and scale applications.
+* Google Cloud: [Create a GKE cluster](/docs/install/gke.md). Knative Serving and Istio will be installed with this cluster.
+* Existing: [Use an existing cluster](/docs/install/existing-cluster.md)
 
-> Note: Installing Istio and Knative Serve can be skipped if you are [using
-> Cloud Run on GKE](./install/Kf-with-CloudRun-on-GKE.md).
+## Install dependencies
 
-Install Istio:
+### Knative Build:
 
 ```.sh
-kubectl apply --filename https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/istio-1.1.3/istio-crds.yaml && \
-kubectl apply --filename https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/istio-1.1.3/istio.yaml && \
-kubectl label namespace default istio-injection=enabled
+kubectl apply --filename https://github.com/knative/build/releases/download/v0.6.0/build.yaml
 ```
 
-Install Knative Serve:
+> If you want more information about installing Knative, see [their docs][knative].
 
-```.sh
-kubectl apply --filename https://github.com/knative/serving/releases/download/v0.6.1/serving.yaml \
---filename https://github.com/knative/serving/releases/download/v0.6.1/monitoring.yaml \
---filename https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/config/build/clusterrole.yaml
-```
-
-Install Knative Build:
+### Service Catalog:
 
 ```.sh
-kubectl apply --filename https://github.com/knative/build/releases/download/v0.6.0/build.yaml
+kubectl apply -R -f third_party/service-catalog/manifests/catalog/templates
 ```
 
-> If you want to go more in depth installing Knative check out [their docs][knative].
+## Install Kf
 
-## Install kf
-
-kf has controllers, reconcilers and webhooks that must be installed. The kf
-containers and YAML are built nightly from the master branch. It can be
-installed using the following:
+Kf has controllers, reconcilers and webhooks that must be installed. The Kf
+containers and YAML are built nightly from the master branch. Install the latest
+nightly snapshot (note: it does not offer an upgrade path) with:
 
 ```sh
 kubectl apply -f https://storage.googleapis.com/artifacts.kf-releases.appspot.com/nightly-builds/releases/release-latest.yaml
 ```
 
-## Install the service catalog
-
-You can install the service catalog from the `third_party` directory included
-in this repo:
-
-```.sh
-kubectl apply -R -f third_party/service-catalog/manifests/catalog/templates
-```
-
-You should be able to see an empty marketplace at this point by running.
+You should be able to see an empty marketplace at this point by running:
 
 ```.sh
 kf marketplace
 ```
 
 ## Test your installation
 
-At this point, your installation is set up and ready for use with `kf`.
+Your installation is set up and ready for use with `kf`.
 
 Run `kf doctor` to validate it. You should see output like the following:
 
@@ -135,6 +109,14 @@ PASS
 
 If the result is a failure, re-run the commands in the previous sections.
 
+## Create and target a space
+
+```sh
+kf create-space demo \
+  --container-registry $KF_REGISTRY
+kf target -s demo
+```
+
 ## Push your first app
 
 Now you can deploy your first app using `kf`.

docs/install/existing-cluster.md

@@ -0,0 +1,45 @@
+# Use an existing Kf cluster
+
+To use an existing cluster, it is assumed your cluster has the following:
+
+* Can run containers as root.
+* Has at least 12 vCPUs.
+* Has at least 45G of memory.
+* Has a minimum of three nodes.
+
+## Install dependencies
+
+`kf` uses Istio to route HTTP requests to the running applications and Knative
+to deploy and scale applications.
+
+> Note: Installing Istio and Knative Serve can be skipped if you are [using
+> Cloud Run on GKE](/docs/install/existing-cluster.md).
+
+Install Istio:
+
+```.sh
+kubectl apply --filename
+https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/istio-1.1.3/istio-crds.yaml
+&& \
+kubectl apply --filename
+https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/istio-1.1.3/istio.yaml
+&& \
+kubectl label namespace default istio-injection=enabled
+```
+
+Install Knative Serve:
+
+```.sh
+kubectl apply --filename
+https://github.com/knative/serving/releases/download/v0.6.1/serving.yaml \
+--filename
+https://github.com/knative/serving/releases/download/v0.6.1/monitoring.yaml \
+--filename
+https://raw.githubusercontent.com/knative/serving/v0.6.1/third_party/config/build/clusterrole.yaml
+
+## Confirm kubeconfig
+The workstation you install `kf` on must have a valid `kubectl` configuration
+located at `$HOME/.kube/config`.
+
+### Next steps
+Continue with the [install docs](docs/install.md) to install Kf into the cluster you just created.

docs/install/gke.md

@@ -0,0 +1,86 @@
+# Prepping GKE for KF
+
+This guide walks you through the installation of GKE with Cloud Run with the
+intent of using it with `kf`.
+
+> Note: Installing Cloud Run is equivalent to installing Knative Serve and
+> Istio. Therefore, only Knative Build is required after.
+
+## Before you begin
+
+This guide assumes you are using `bash` in a Mac or Linux environment; some
+commands will need to be adjusted for use in a Windows environment.
+
+### Install Cloud SDK
+
+1. If you already have `gcloud` installed you can skip these steps.
+1. Download and install the gcloud command line tool:
+   https://cloud.google.com/sdk/install
+1. Authorize `gcloud`:
+   ```sh
+   gcloud auth login
+   ```
+
+### Setup environment variables
+
+We will use these environment variables to simplify the installation.
+
+```
+export CLUSTER_NAME=[REPLACE]
+export ZONE=[REPLACE]
+export PROJECT_ID=[REPLACE]
+export SERVICE_ACCOUNT=$CLUSTER_NAME@$PROJECT_ID.iam.gserviceaccount.com
+export NETWORK=projects/$PROJECT_ID/global/networks/$CLUSTER_NAME
+```
+
+*NOTE: Replace the `[REPLACE]` value with the according values.*
+
+### Create a service account and give it `roles/storage.admin` on your project:
+
+```sh
+gcloud iam service-accounts create $CLUSTER_NAME
+gcloud projects add-iam-policy-binding $PROJECT_ID \
+  --member=serviceAccount:$SERVICE_ACCOUNT \
+  --role="roles/storage.admin"
+```
+
+### Create a network
+
+If you have an existing network you wish to use, customize the `NETWORK` env var set previously to point to your network and skip this step.
+
+```sh
+gcloud compute networks create $CLUSTER_NAME
+```
+
+### Create the Kubernetes cluster
+
+```sh
+gcloud beta container clusters create $CLUSTER_NAME \
+  --zone $ZONE \
+  --no-enable-basic-auth \
+  --cluster-version "1.13.6-gke.13" \
+  --machine-type "n1-standard-1" \
+  --image-type "COS" \
+  --disk-type "pd-standard" \
+  --disk-size "100" \
+  --metadata disable-legacy-endpoints=true \
+  --service-account $SERVICE_ACCOUNT \
+  --num-nodes "3" \
+  --enable-stackdriver-kubernetes \
+  --enable-ip-alias \
+  --network $NETWORK \
+  --default-max-pods-per-node "110" \
+  --addons HorizontalPodAutoscaling,HttpLoadBalancing,Istio,CloudRun \
+  --istio-config auth=MTLS_PERMISSIVE \
+  --enable-autoupgrade \
+  --enable-autorepair
+```
+
+### Target your cluster:
+
+```sh
+gcloud container clusters get-credentials $CLUSTER_NAME
+```
+
+### Next steps
+Continue with the [install docs](/docs/install.md) to install Kf into the cluster you just created.