I started to use the gke_config_v2 because I thought it is the newer version and can do everything what the gke_config can do. But after a while when I wanted to add a service account to the gke nodes, I realized that it is not longer possible. It was possible in the gke_config and it is a recommendation of google to add a service account. I am a little bit shocked. We want to use the service accounts for firewall rules, etc. and do not want to use the default service account.
Why is it not possible? Did I overlook something? Why was it possible and is not longer supported in v2? Was it forgotten?
The gke_config_v2 looks mostly like the original google resource. Isn't it possible to add the service account back to the nodepool config?
Google also recommends to create the node pools separate from the cluster so that you can add and remove nodepools to the cluster. This would also be a nice feature and should be considered as possible solution.
To create the cluster in gcp and import it later to Rancher is not an ideal solution since imported clusters are not controlled by rancher in the same way as far as I know.
I started to use the gke_config_v2 because I thought it is the newer version and can do everything what the gke_config can do. But after a while when I wanted to add a service account to the gke nodes, I realized that it is not longer possible. It was possible in the gke_config and it is a recommendation of google to add a service account. I am a little bit shocked. We want to use the service accounts for firewall rules, etc. and do not want to use the default service account.
Why is it not possible? Did I overlook something? Why was it possible and is not longer supported in v2? Was it forgotten?
The gke_config_v2 looks mostly like the original google resource. Isn't it possible to add the service account back to the nodepool config?
Google also recommends to create the node pools separate from the cluster so that you can add and remove nodepools to the cluster. This would also be a nice feature and should be considered as possible solution.
To create the cluster in gcp and import it later to Rancher is not an ideal solution since imported clusters are not controlled by rancher in the same way as far as I know.