Comments (3)
Your cluster should have a container engine service account to which you can attach the required permissions.
Alternatively you can create a separate service account with the needed permission, mount the token via (for example) a Secret
and point the GOOGLE_APPLICATION_CREDENTIALS
environment variable to the token file path.
If you want to use the GKE service account, you should be able to check whether gcloud dns
commands work after SSHing into the machine.
from kubernetes-letsencrypt.
Hi tazjin,
How can i find the container engine service account ?
how can i attach the required permissions to the container engine service account ?
Thanks for your reactivity
from kubernetes-letsencrypt.
It should be listed under your projects IAM configuration and marked "Container Engine service account", you can also SSH into container engine instances and check with the gcloud
utility (though I'm not sure what the exact command is, you'd have to look that up).
You can read more about service accounts on compute instances in the GCP documentation, but supporting it in detail is a bit out of the scope of what I can do - sorry!
from kubernetes-letsencrypt.
Related Issues (20)
- Allow single certificate for multiple services HOT 1
- Route 53 Split-horizon DNS HOT 8
- prepareDnsChallenge cleanup exception HOT 2
- Always determine authoritative NS from root
- Support ACME V2 API and wildcard certificates HOT 5
- Influence the cert filenames HOT 3
- Add support for ingress controller secret format HOT 2
- Error creating new authz :: too many currently pending authorizations HOT 5
- NullPointerException in DnsRecordObserver.findAuthoritativeNameservers HOT 4
- Transient error: "Must agree to subscriber agreement" HOT 1
- DnsException: Login Required HOT 6
- Exception in thread "Thread-23" HOT 2
- 403 Forbidden HOT 1
- create a chained cert for nginx as well HOT 7
- Exception: empty collection can't be reduced HOT 8
- Is this project still active? HOT 22
- No pom.xml? HOT 1
- hanging in fail-loop HOT 2
- Failed due to invalid challenge HOT 5
- LetsencryptException: No matching zone found. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes-letsencrypt.