Closed Miles-Ahead-Digital closed 3 years ago
Hi,
I can't get knative running on a cluster which is using workload Identities.
Could you provide documentation or a version of your tutorial which is based on a GKE using Workload Identities?!
Thanks in advance and best regards Stefan
PS: https://github.com/knative/serving/issues/10919
PPS: These are the parameters I used to create the cluster:
gcloud beta container clusters create "gke-$base" \ --metadata disable-legacy-endpoints=true \ --enable-autoscaling --service-account="$node_sa_email" \ --workload-metadata-from-node=GKE_METADATA_SERVER \ --shielded-integrity-monitoring --shielded-secure-boot \ --addons=HorizontalPodAutoscaling,NetworkPolicy,NodeLocalDNS \ --database-encryption-key="$key_id" --no-enable-basic-auth \ --enable-ip-alias --no-enable-legacy-authorization \ --enable-network-policy --enable-shielded-nodes \ --enable-stackdriver-kubernetes \ --identity-namespace="$base-cluster.svc.id.goog" \ --image-type=COS_CONTAINERD --no-issue-client-certificate \ --machine-type=e2-standard-2 --max-nodes=3 --min-nodes=1 \ --network="net-$base" --subnetwork="subnet-$base" \ --master-authorized-networks="$(curl -s https://icanhazip.com/)/32" \ --enable-private-nodes --master-ipv4-cidr="$mcidr" \
Hi,
I can't get knative running on a cluster which is using workload Identities.
Could you provide documentation or a version of your tutorial which is based on a GKE using Workload Identities?!
Thanks in advance and best regards Stefan
PS: https://github.com/knative/serving/issues/10919
PPS: These are the parameters I used to create the cluster:
gcloud beta container clusters create "gke-$base" \ --metadata disable-legacy-endpoints=true \ --enable-autoscaling --service-account="$node_sa_email" \ --workload-metadata-from-node=GKE_METADATA_SERVER \ --shielded-integrity-monitoring --shielded-secure-boot \ --addons=HorizontalPodAutoscaling,NetworkPolicy,NodeLocalDNS \ --database-encryption-key="$key_id" --no-enable-basic-auth \ --enable-ip-alias --no-enable-legacy-authorization \ --enable-network-policy --enable-shielded-nodes \ --enable-stackdriver-kubernetes \ --identity-namespace="$base-cluster.svc.id.goog" \ --image-type=COS_CONTAINERD --no-issue-client-certificate \ --machine-type=e2-standard-2 --max-nodes=3 --min-nodes=1 \ --network="net-$base" --subnetwork="subnet-$base" \ --master-authorized-networks="$(curl -s https://icanhazip.com/)/32" \ --enable-private-nodes --master-ipv4-cidr="$mcidr" \