search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.58k stars 5.35k forks source link

Argocd cluster add command issue in Gke #16066

Open asrathour12 opened 11 months ago

asrathour12 commented 11 months ago

Checklist:

Describe the bug

I'm trying to add another gke cluster in argocd but when I run argocd cluster add I'm getting below error :-Failed to create service account "argocd-manager" in namespace "kube-system": Post "https://34.xx.0.xx/api/v1/namespaces/kube-system/serviceaccounts": error executing access token command "/usr/lib64/google-cloud-sdk/bin/gcloud config config-helper --format=json": err=fork/exec /usr/lib64/google-cloud-sdk/bin/gcloud: no such file or directory output= stderr=Can someone please help what could be the issue here?

Note :- argo is running inside a pod

To Reproduce

1)Setup 2 Gke cluster 1 with argo with helm one without argo 2)On the system where Argo running, exec into argo container and run argocd cluster add 3)Most likely you will get below msg :-

Failed to create service account "argocd-manager" in namespace "kube-system": Post "https://34.xx.0.xx/api/v1/namespaces/kube-system/serviceaccounts": getting credentials: exec: executable gke-gcloud-auth-plugin not foundIt looks like you are trying to use a client-go credential plugin that is not installed.To learn more about this feature, consult the documentation available at: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

4)To overcome above issue, do following steps :-

Add in your .zshrc or .bashrc : export USE_GKE_GCLOUD_AUTH_PLUGIN=False
Run in you shell: gcloud compoents update
Also run in your shell: gcloud container clusters get-credentials {{your cluster}} --zone={{your zone}}

5)export kubeconfig in argo container and run argocd cluster add 6)You will get below msg :

Failed to create service account "argocd-manager" in namespace "kube-system": Post "https://34.xx.0.xx/api/v1/namespaces/kube-system/serviceaccounts": error executing access token command "/usr/lib64/google-cloud-sdk/bin/gcloud config config-helper --format=json": err=fork/exec /usr/lib64/google-cloud-sdk/bin/gcloud: no such file or directory output= stderr=

Version

argocd: v2.8.4+c279299 BuildDate: 2023-09-13T19:12:09Z GitCommit: c27929928104dc37b937764baf65f38b78930e59 GitTreeState: clean GoVersion: go1.20.6 Compiler: gc Platform: linux/amd64

themightylaz commented 7 months ago

I think I am having the same issue as asrathour12. I am running ArgoCD on-prem, and trying to add GKE. It boils down to that ArgoCD needs gke-gcloud-auth-plugin due to Important changes to Kubectl authentication are coming in GKE v1.26

I've googled a lot and found workarounds such as creating a custom ArgoCD image that includes gke-gcloud-auth-plugin but haven't tried it yet since it's not my preferred choice anyway.

Thus, how can I make gke-gcloud-auth-plugin available to ArgoCD?