provider-gcp
provider-gcp copied to clipboard
GKECluster kubeconfig relies on deprecated basic auth
Creating kubeconfig from the GKECluster
does not work without masterAuth
set. It creates kubeconfig without a user. However, when masterAuth
is defined, creation of a GKE cluster fails with newer versions of Kubernetes since the basic authentication is removed in GKE cluster versions >= 1.19. The process of generating kubeconfig should be solved in a different way.
What happened?
Created a GKE cluster with spec.forProvider.masterAuth.username
. The output of kubectl describe
is as follows.
Warning CannotCreateExternalResource 58s (x19 over 14m) managed/gkecluster.container.gcp.crossplane.io cannot create GKE cluster: googleapi: Error 400: Basic authentication was removed for GKE cluster versions >= 1.19. The cluster cannot be created with basic authentication enabled. Instructions for choosing an alternative authentication method can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication., badRequest
How can we reproduce it?
Create a GKECluster resource with spec.forProvider.masterAuth.username
and spec.forProvider.initialClusterVersion
set to latest
or any k8s version equal to or higher then 1.19.
What environment did it happen in?
Crossplane version:
kubectl crossplane --version
v1.0.0
Kubernetes version: latest available in GKECluster.