Reputation: 585
Run kubectl command from GKE cronjob using workload identity
I'd like to run a kubectl command from within a cronjob pod, to change the min replicas on a HPA for a deployment at the same time every week, i.e. time based scaling. I've been playing around with using the official google-sdk image with gcloud and kubectl installed.
I know I need to authenticate to the GKE cluster before I can run commands to interact via kubectl, and I really wanted to steer away from mounting a service account key (via a secret) to the pod, as we already have workload identity enabled.
Normal gcloud commands work fine using this method e.g. gcloud compute instances list but when I run gcloud container clusters get-credentials.... it fails saying I need to run gcloud auth login - can't be done of course.
I've read this post, I don't really want to use cURL if I can avoid it, and also know that gcloud doesn't use GOOGLE_APPLICATION_CREDENTIALS (this post)
Does anyone know of a way I can use workload identity and get this working?
Upvotes: 0
Views: 879
Answers (1)
Reputation: 585
I found a way to get this authenticated, I had to use the following command before I tried to run kubectl commands from within the cronjob pod:
gcloud --account <account-name>
Upvotes: 1
Related Questions
- Run Job in GKE from a cloud function
- Monitor Cronjob running on GKE
- GKE Workload Identity PermissionDenied
- Google Kubernetes Api Cron Job
- How to properly do cron task in GKE
- How to run kubectl commands in a cron
- How to use kubectl from a CronJob in GKE?
- Kubernetes Run job using CronJob
- Kubernetes(GKE) cronjob not working
- GKE: Scheduled Jobs