Home > Enterprise >  Connect to GKE via kubectl from local machine (mac)
Connect to GKE via kubectl from local machine (mac)

Time:12-21

Weirdly, I am unable to connect to GKE cluster from Local (Mac) via Kubectl, But I can connect from the Google cloud shell? I have fetch the K8s creds which I can see the kubeconfig file, still I am getting timeout. Any suggestions what might be wrong?

$ gcloud components install kubectl


Your current Cloud SDK version is: 367.0.0
Installing components from version: 367.0.0

┌─────────────────────────────────────────────┐
│     These components will be installed.     │
├────────────────────────┬─────────┬──────────┤
│          Name          │ Version │   Size   │
├────────────────────────┼─────────┼──────────┤
│ gke-gcloud-auth-plugin │   0.1.1 │  3.4 MiB │
│ kubectl                │  1.20.8 │ 89.0 MiB │
│ kubectl                │  1.20.8 │  < 1 MiB │
└────────────────────────┴─────────┴──────────┘

For the latest full release notes, please visit:
  https://cloud.google.com/sdk/release_notes

Do you want to continue (Y/n)?  Y

╔════════════════════════════════════════════════════════════╗
╠═ Creating update staging area                             ═╣
╠════════════════════════════════════════════════════════════╣
╠═ Installing: gke-gcloud-auth-plugin                       ═╣
╠════════════════════════════════════════════════════════════╣
╠═ Installing: gke-gcloud-auth-plugin                       ═╣
╠════════════════════════════════════════════════════════════╣
╠═ Installing: kubectl                                      ═╣
╠════════════════════════════════════════════════════════════╣
╠═ Installing: kubectl                                      ═╣
╠════════════════════════════════════════════════════════════╣
╠═ Creating backup and activating new installation          ═╣
╚════════════════════════════════════════════════════════════╝

Performing post processing steps...done.

Update done!


$ gcloud auth login
Your browser has been opened to visit:

    https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=xxxxxxxxxxxxxxxxxxx
You are now logged in as [[email protected]].
Your current project is [test-dev-k8s].  You can change this setting by running:

$ gcloud container clusters get-credentials test-dev-k8s-cluster --region asia-south1 --project test-dev-k8s
Fetching cluster endpoint and auth data.
kubeconfig entry generated for test-dev-k8s-cluster.

$ kubectl get ns
Unable to connect to the server: dial tcp 34.93.111.251:443: i/o timeout

CodePudding user response:

Login to your GCP account first using the Google Cloud SDK

gcloud auth login 

https://cloud.google.com/sdk/gcloud/reference/auth/login

Then goto GCP Kubernetes Cluster page, Select your cluster, Click on Connect. Copy the connection string and paste it on your Google Cloud SDK Command Line on your local machine. Then try to use the kubectl commands.

CodePudding user response:

You might want to give a try to this complete cluster configuration access for kubectl, here you can find the steps needed to configure the kubectl in your kubernetes cluster.

If this does not work, here is a post to some other workarounds for the same connectivity issue in the cluster.

Just as information, are you using minikube, docker or just GKE in your deployment?

CodePudding user response:

NOTE You do not need to install kubectl with gcloud; any valid kubectl will do.

You can ensure that kubectl is looking in the intended location for the config file by prefixing the command with KUBECONFIG, e.g.:

KUBECONFIG=/path/to/.kube/config kubectl get nodes

Does the config file contain the correct entries for the GKE cluster?

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1C...
    server: https://${IP}
  name: gke_${PROJECT}_${LOCATION}_${NAME}
contexts:
- context:
    cluster: gke_${PROJECT}_${LOCATION}_${NAME}
    user: gke_${PROJECT}_${LOCATION}_${NAME}
  name: gke_${PROJECT}_${LOCATION}_${NAME}
current-context: gke_${PROJECT}_${LOCATION}_${NAME}
kind: Config
preferences: {}
users:
- name: gke_${PROJECT}_${LOCATION}_${NAME}
  user:
    auth-provider:
      config:
        access-token: ya29...
        cmd-args: config config-helper --format=json
        cmd-path: /path/to/gcloud
        expiry: "2021-12-20T00:00:00Z"
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp

Where gke_${PROJECT}_${LOCATION}_${NAME} values are replace appropriately.

Is current-context set?

Can you ping the cluster's IP (${IP}) from the Mac?

  • Related