crosbygw
commented
6 years ago Requested additional clarification added to readme's: https://github.com/F5Networks/f5-google-gdm-templates/tree/master/supported/standalone/2nic/existing_stack#service-discovery
The instructions for service discovery are vague. It doesn't tell you the complete format to use for the service discovery name nor does it tell you the required permissions anywhere in this github repo.
You need at least "Compute Viewer" or "Compute Engine - Read Only" for the service account assigned to the F5 VM in order to do service discovery. I suggested we add the required permissions to the github repo in order to clarify the level or permissions needed for the service account.
In addition, the service account should be the complete FQDN...not just the name. For example, my service account is called svc-mine. If I type only "svc-mine" into the GDM template and deploy, I will get an error basically saying the account doesn't exist...because it does NOT. You need to enter the whole FQDN of the service account like svc-mine@\<projectname>.iam.gserviceaccount.com.