search

txn2 / kubefwd

Bulk port forwarding Kubernetes services for local development.
https://imti.co/kubernetes-port-forwarding/
Apache License 2.0
3.78k stars 205 forks source link

Unable to forward to gke cluster. #267

Closed blainehansen closed 10 months ago

blainehansen commented 11 months ago 
kubefwd version
Kubefwd version: 1.22.5

gcloud --version
Google Cloud SDK 455.0.0
alpha 2023.11.10
beta 2023.11.10
bq 2.0.98
bundled-python3-unix 3.11.6
core 2023.11.10
gcloud-crc32c 1.0.0
gke-gcloud-auth-plugin 0.5.6
gsutil 5.27

Ubuntu 22.04.3 LTS

I'm trying to run this command:

sudo kubefwd svc -n staging -c ~/.kube/config

This is the output I get:

INFO[12:55:33]  _          _           __             _     
INFO[12:55:33] | | ___   _| |__   ___ / _|_      ____| |    
INFO[12:55:33] | |/ / | | | '_ \ / _ \ |_\ \ /\ / / _  |    
INFO[12:55:33] |   <| |_| | |_) |  __/  _|\ V  V / (_| |    
INFO[12:55:33] |_|\_\\__,_|_.__/ \___|_|   \_/\_/ \__,_|    
INFO[12:55:33]                                              
INFO[12:55:33] Version 1.22.5                               
INFO[12:55:33] https://github.com/txn2/kubefwd              
INFO[12:55:33]                                              
INFO[12:55:33] Press [Ctrl-C] to stop forwarding.           
INFO[12:55:33] 'cat /etc/hosts' to see all host entries.    
INFO[12:55:33] Loaded hosts file /etc/hosts                 
INFO[12:55:33] HostFile management: Original hosts backup already exists at /root/hosts.original 
F1121 12:55:34.168795  152069 cred.go:145] print credential failed with error: Failed to retrieve access token:: failure while executing gcloud, with args [config config-helper --format=json]: exit status 1 (err: ERROR: (gcloud.config.config-helper) Your current active account [redacted] does not have any valid credentials
Please run:

  $ gcloud auth login

to obtain new credentials.

For service account, please activate it first:

  $ gcloud auth activate-service-account ACCOUNT
)
FATA[12:55:34] Error connecting to k8s cluster: Get "https://redacted/version": getting credentials: exec: executable gke-gcloud-auth-plugin failed with exit code 1

All other kubernetes/gcloud commands work. I have already successfully authenticated with gcloud auth login, and am able to use commands like kubectl and k9s etc to see this cluster.

Here's what I think the most important piece of information is: When I run gke-gcloud-auth-plugin as myself, it works. However when I do so in a root shell after sudo su, I get the same error as above.

When I run sudo kubefwd svc -n staging without the -c ~/.kube/config portion I get this error (which makes sense):

FATA[13:04:05] Error connecting to k8s cluster: Get "http://localhost:8080/version": dial tcp 127.0.0.1:8080: connect: connection refused

Your help will be much appreciated!

blainehansen commented 10 months ago

I figured out a solution. By first logging into a root shell with sudo su and then performing gloud auth login, I've created credentials for my root user. Now my normal kubefwd command works properly from either my personal shell or the root shell.

blainehansen commented 10 months ago

However this likely should be added as a feature request. It would be nice if kubefwd used the gcloud credentials of the actual invoking user, not the root user.