Google Kubernetes Engine

​

Authentication

• service_account_json: The service account JSON with container.viewer role (required: True, sensitive: True)
• cluster_name: The name of the cluster (required: True, sensitive: False)
• region: The GKE cluster region (required: False, sensitive: False)

• roles/container.viewer: Read access to GKE resources (mandatory)
• pods:delete: Required to delete/restart pods (Documentation)
• deployments:scale: Required to scale deployments (Documentation)
• pods:list: Required to list pods (Documentation)
• pods:get: Required to get pod details (Documentation)
• pods:logs: Required to get pod logs (Documentation)

​

In workflows

steps:
    - name: Query gke
      provider: gke
      config: "{{ provider.my_provider_name }}"
      with:
        command_type: {value}  # Type of query to execute
        # Additional arguments will be passed to the query method

• gke.yml

​

Provider Methods

• get_pods List all pods in a namespace or across all namespaces (view, scopes: pods:list, pods:get)
• get_pvc List all PVCs in a namespace or across all namespaces (view, scopes: pods:list)
• get_node_pressure Get pressure metrics for all nodes (view, scopes: pods:list)
• exec_command Execute a command in a pod (action, scopes: pods:exec)
• restart_pod Restart a pod by deleting it (action, scopes: pods:delete)
• get_deployment Get deployment information (view, scopes: pods:list)
• scale_deployment Scale a deployment to specified replicas (action, scopes: deployments:scale)
• get_pod_logs Get logs from a pod (view, scopes: pods:logs)

​

Connecting with the Provider

1. Obtain Google Cloud credentials by following the steps in Google Cloud’s service account guide.
2. Ensure your service account has the necessary permissions to manage GKE clusters (roles/container.admin).
3. Provide the gcp_credentials, project_id, and zone in your provider configuration.

​

Usefull Links