Wednesday, December 6, 2017

Adding Google Cloud Package to your apt sources via cloud-init

Install kubectl from Google via cloud-init

Quick-answer:

You need to add this to your cloud-init:
 sources:
    google.list:
      source: deb http://apt.kubernetes.io/ kubernetes-xenial main
      keyid: BA07F4FB

      keyserver: pgp.mit.edu

The TL;DR Story

Like you, I am a fan of cloud-init.  It is a very straight forward way to handle sending metadata to cloud provider instances.   A lot of changes have been made to cloud-init over the past few years so I took some time to look into a few of them.  I needed to install Kubernetes (k8s) tools and I wanted to use the Google Cloud Package deb repository as the source.

I could have used one of the many  curl methods to install k8s, or some other manual method with bash, but I wanted to do it a clean cloud-init way.   I also tried installing the GCE tools and using gcloud to install kubectl, but I am an AWS user and that did not seem to work well on my ec2 instance (hung with dpkg and did not do anything).

Here is what I found as clean approach to my problem:

Setup the cloud-init apt: configs

My cloud-init YAML for apt looks like the image below.  I'll try to explain each of the major pieces needed for adding the Google repo. Note, I stopped using the older format of apt-sources: and switched to this format that is in cloud-init v17.x+

Image of apt config


  • google.list:  This is the source that will get added to the /etc/apt/sources.list.d path on your Ubuntu instance.
  • source:  This is the deb repo path.  I obtained this path from this guy.
  • keyid:  This was the tricky part.  I used my gpg-keychain app on my Mac to search for the Google Cloud Packages Automatic Signing Key.   I knew I had to find this key because of these documents.  Once I found Google's entry in gpg-keychain, I got the Key ID like shown below.  I then stuffed it into this field in my cloud-init.
    gpg-keychain showing the entry for Google Cloud Package key
  • keyserver:  I added this for good measure to make sure that cloud-init could find the key, since that is where my gpg-keychain app had found it.  I probably did not need this. 

Making sure kubectl (Kubernetes) was installed

Simply adding the item to the cloud-init packages: list made sure it was installed.  The below list of packages is more than just for k8s; I shared my whole list for reference.
cloud-init package: config example

Logs to prove it

Here you can see that my repo was found and my packages were installed
show logs of proof that my Google apt repo was found and used

Posted by at 2 comments:
Labels: , , ,
Location: MI
Subscribe to: Posts (Atom)