Install Config Connector

Before installing the Bitpoke App from Google Cloud’s Marketplace, there are some prerequisites that need to be met.

Time required: 10 minutes

Connect to the cluster with Google Cloud Shell

Connect with Cloud Shell

Once the Cloud Shell has started, press enter to run the generated command, then click Authorize it to run GCP API calls.

Authorize Cloud Shell

Find your Project ID

You’ll need this for the following steps. Make sure to use the proper project ID instead of our sample, which is mumbai-341413. You can find your project ID (we’ll use the placeholder YOUR_PROJECT_ID instead) in the tab header of your Cloud Shell.

Find Project ID from Cloud Shell

Create an identity for Config Connector

First, create an IAM service account, by running in Cloud Shell:

gcloud iam service-accounts create cnrm-system

Second, give elevated permissions to the new service account:

gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \
    --member="serviceAccount:cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com" \
    --role="roles/owner"

Third, create an IAM policy binding between the IAM service account and the predefined Kubernetes service account that Config Connector runs:

gcloud iam service-accounts add-iam-policy-binding \
cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com \
    --member="serviceAccount:YOUR_PROJECT_ID.svc.id.goog[cnrm-system/cnrm-controller-manager]" \
    --role="roles/iam.workloadIdentityUser"

Set Config Connector

For this you need to edit with your favorite command-line text editor, vim or nano, the file configconnector.yaml:

# configconnector.yaml
apiVersion: core.cnrm.cloud.google.com/v1beta1
kind: ConfigConnector
metadata:
  # the name is restricted to ensure that there is only one
  # ConfigConnector resource installed in your cluster
  name: configconnector.core.cnrm.cloud.google.com
spec:
  mode: cluster
  googleServiceAccount: "cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com"

Save and run the following command:

kubectl apply -f configconnector.yaml

If you get the warning below, you can safely disregard it.

Warning: resource configconnectors/configconnector.core.cnrm.cloud.google.com is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.

For detailed usage and configuration of Config Connector, you can check the official Google Cloud documentation section here .

Previous Configuration Wizard