Running Firecracker on Google Kubernetes Engine

I wonder would it be possible to abandon DigitalOcean Kubernetes and switch over to GKE. At least from what I’m reading, it supports out-of-the box containerd, so hopefully, I can run Kata containers and Firecracker. Let’s give it a try.

GKE is offering $300 credits for the first three months for new customers, so this experiment won’t cost me a penny.

Install Google Cloud SDK:

$ echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
$ curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
$ sudo apt update
$ sudo apt install google-cloud-sdk

Initialize the cloud environment:

$ gcloud init

Follow the setup wizard. You’ll have to open the URL link provided and login via your Google account.

Connect to the cluster:

$ gcloud container clusters get-credentials <cluster> --zone <zone> --project <project_id>

Confirm that it’s connected:

$ kubectl get nodes
NAME                                       STATUS   ROLES    AGE   VERSION
gke-cluster-1-default-pool-34f33e37-n7bs   Ready    <none>   11m   v1.18.12-gke.1210
gke-cluster-1-default-pool-34f33e37-n99g   Ready    <none>   11m   v1.18.12-gke.1210
gke-cluster-1-default-pool-34f33e37-nzgc   Ready    <none>   11m   v1.18.12-gke.1210

Follow the steps from this post to install Kata containers.

I’m happy with GKE user interface, and it feels intuitive and powerful enough.

However, at this time, I wasn’t even able to deploy kata-containers with the following error:

MountVolume.SetUp failed for volume "kata-artifacts" : mkdir /opt/kata/: read-only file system

I’m afraid I need someone to explain to me how to configure GKE properly.