ERROR: (gcloud.container.clusters.create) ResponseError: code=400, message=Failed

Question

Hi I am getting following error

ERROR: (gcloud.container.clusters.create) ResponseError: code=400, message=Failed precondition when calling the ServiceConsumerManager: tenantmanager::185014: Consumer 370525719069 should enable service:container.googleapis.com before generating a service account.

can someone help me ?

Answer 1

This error occurred when trying to create a Google Kubernetes Cluster on a Shared VPC. The Shared VPC host project was missing the container.googleapis.com API activation.

Activate the container.googleapis.com API on the Shared VPC host project to solve this issue.

Answer 2

You should enable API service - container.googleapis.com, execute command:

$ gcloud services enable container.googleapis.com

Please take a look at this intorduction especially: environment setup and cluster creation on GKE.

See more: gcp-enabling-disabling-services, troubleshooting-enabling-gcp-services, enabling-gcp-services-example.

Another option:

It hard to answer due to lack of important additional information (e.g. environment )but such error may indicate that you are working on some kind of multi-tenancy environment. Make sure that you have proper rights to create new clusters:

Assign roles using IAM
You can control access to Google Cloud resources through IAM policies. Start by identifying the groups needed for your organization and their scope of operations, then assign the appropriate IAM role to the group. Use Google Groups to efficiently assign and manage IAM for users.

See: enterprise-multitenancy-roles.

Also take a look on best practices how to set up multi-tenant-cluster-gke-enterprise.