Install Config Connector
Before installing the Bitpoke App from Google Cloud’s Marketplace, there are some prerequisites that need to be met.
Time required: 10 minutes
Connect to the cluster with Google Cloud Shell
Once the Cloud Shell has started, press enter to run the generated command, then click Authorize it to run GCP API calls.
Find your Project ID
You’ll need this for the following steps. Make sure to use the proper project ID instead of our sample, which is
mumbai-341413. You can find your project ID (we’ll use the placeholder
YOUR_PROJECT_ID instead) in the tab header of your Cloud Shell.
Create an identity for Config Connector
First, create an IAM service account, by running in Cloud Shell:
gcloud iam service-accounts create cnrm-system
Second, give elevated permissions to the new service account:
gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \ --member="serviceAccount:cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com" \ --role="roles/owner"
Third, create an IAM policy binding between the IAM service account and the predefined Kubernetes service account that Config Connector runs:
gcloud iam service-accounts add-iam-policy-binding \ cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com \ --member="serviceAccount:YOUR_PROJECT_ID.svc.id.goog[cnrm-system/cnrm-controller-manager]" \ --role="roles/iam.workloadIdentityUser"
Set Config Connector
For this you need to edit with your favorite command-line text editor, vim or nano, the file
# configconnector.yaml apiVersion: core.cnrm.cloud.google.com/v1beta1 kind: ConfigConnector metadata: # the name is restricted to ensure that there is only one # ConfigConnector resource installed in your cluster name: configconnector.core.cnrm.cloud.google.com spec: mode: cluster googleServiceAccount: "cnrm-system@YOUR_PROJECT_ID.iam.gserviceaccount.com"
Save and run the following command:
kubectl apply -f configconnector.yaml
If you get the warning below, you can safely disregard it.
Warning: resource configconnectors/configconnector.core.cnrm.cloud.google.com is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
For detailed usage and configuration of Config Connector, you can check the official Google Cloud documentation section here .