New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OSDOCS-4341 GCP: Authenticate using Service Account on a GCP VM #52170
Conversation
🤖 Updated build preview is available at: Build log: https://circleci.com/gh/ocpdocs-previewbot/openshift-docs/4184 |
@patrickdillon PTAL at this PR for CORS-2260. Thank you |
LGTM |
@jianli-wei PTAL at this PR for VM service account authentication for GCP installs. Thank you |
@jianli-wei hello Jianli, have you had a chance to take a look at this PR? Thank you |
@bscott-rh @patrickdillon When I was testing the epic, it demands |
Manual credential mode is indeed required. |
083b436
to
8f31429
Compare
Thanks @jianli-wei and Patrick. I've updated the PR with a note about manual credentials mode. PTAL |
The service account key is required to create a cluster. | ||
[NOTE] | ||
==== | ||
If you use a virtual machine with an attached service account to create your cluster, you must set `credentialsMode: Manual` in the `install-config.yaml` file before installation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Better to tell what's needed when using credentialsMode: Manual
, e.g. https://docs.openshift.com/container-platform/4.11/installing/installing_gcp/manually-creating-iam-gcp.html. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @jianli-wei , I have added a reference to the "Manually create IAM" page immediately after this note. I would prefer not to detail the steps of manual IAM when we have an entire page dedicated to that. Does this look good to you?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
8f31429
to
d76d70b
Compare
/label peer-review-needed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just two small sentence suggestions you can take or leave. :)
d76d70b
to
61236e2
Compare
New changes are detected. LGTM label has been removed. |
/label merge-review-needed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/cherrypick enterprise-4.12 |
2 similar comments
/cherrypick enterprise-4.12 |
/cherrypick enterprise-4.12 |
@jldohmann: new pull request created: #53292 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
OSDOCS-4341 / CORS-2260
Applies to main and 4.12
Docs preview:
Configuring a GCP project
Generating SSH key pair (removed unnecessary steps)
Obtaining the installation program
GCP account limits
QE review: