:orphan: .. _gcpmesh: Steps to provision managed Cloud Service Mesh ============================================= * Create fleet for your project, if it does not exist via the GCP dashboard or gcloud command **gcloud alpha container fleet create --display-name=** * Using GCP dashboard * Click of cluster that you created and register it with the fleet (Actions --> Register) * Enable GKE Enterprise and Anthos * Fleet level settings * Create mesh.yaml role that only contains the single line as shown below **echo "management: automatic" > mesh.yaml** * Enable cloud service mesh for your fleet **gcloud container fleet mesh enable --project --fleet-default-member-config mesh.yaml** * Network-level settings * If the VPC for fleet and project are different please follow GCP documentation https://cloud.google.com/service-mesh/docs/onboarding/provision-control-plane#gcloud * Cluster-level settings * Create cluster to use the service mesh **gcloud container clusters create-auto --fleet-project --location=** * Enable mesh api **gcloud services enable mesh.googleapis.com --project=** * Register cluster to a fleet **gcloud container clusters update --location --fleet-project ** * Verify cluster is registered **gcloud container fleet memberships list --project ** * Enable automatic management **gcloud container fleet mesh update \ --management automatic \ --memberships \ --project \ --location ** * Verify control plane has been provisioned **gcloud container fleet mesh describe --project ** * Apply injection label to the namespace **kubectl label namespace istio.io/rev- istio-injection=enabled --overwrite** * Validate injection is enabled **kubectl get namespace -L istio-injection**