Hi everyone, I have the following scenario and I don’t know how to solve it.
I have an Argocd deployment on a legacy cluster, this instance is used by the development environment. On the other side I have a GKE cluster with a private control plane and I can access it via vpn and authenticate whit the gcloud command adding --dns-endpoint. So my .kube/config looks like this:
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args: null
command: gke-gcloud-auth-plugin
env: null
installHint: Install the gke-gcloud-auth-plugin for use with kubectl from
Install kubectl and configure cluster access | Google Kubernetes Engine (GKE) | Google Cloud
interactiveMode: IfAvailable
provideClusterInfo: true
This is because we need the gke-gcloud-auth-plugin installed.
When I try to add the cluster with the argocd cli, I get the following error:
INFO[0002] ServiceAccount “argocd-manager” already exists in namespace “kube-system”.
INFO[0002] ClusterRole “argocd-manager-role” updated
INFO[0003] ClusterRoleBinding “argocd-manager-role-binding” updated
FATA[0008] rpc error: code = Unauthenticated desc = The server has requested credentials from the client.
Why does this fail? I can run kubectl commands on my laptop and see the response from the GKE cluster.
I have modified the image of the argocd-repo-server to add a service account from google, but I see the same error.
Please if anyone can give me a hand with this I`ll apreciate it.