K
Q

Why is it so hard to use gcloud commands from my host computer instead of the gcloud interactive shell?

4/17/2019

Maybe I'm just a bit confused, but basically I'm trying to establish my workflow with using the gcloud cli through my own host (Mac) terminal rather than the provided gcloud interactive shell.

I'm authenticating with an IAM member by running:

gcloud auth login

It takes me to the Google Cloud login page, which I successfully authenticate with and then I get the following in my shell:

You are now logged in as [MY_EMAIL@gmail.com].
Your current project is [myproperty-1537056464248].  You can change this setting by running:

  $ gcloud config set project PROJECT_ID

After this, I try to issue the following command:

gcloud container clusters create somename

And I get the following error message:

ERROR: (gcloud.container.clusters.create) ResponseError: code=400, message=Project "myproperty-1537056464248" has no network named "default".

My IAM user has the following roles:

  • Kubernetes Engine Cluster Admin
  • Owner

All I want to do is avoid using the gcloud interactive shell so I can:

  1. Create clusters through the command line
  2. Push docker builds to the Google Container Registry
  3. List clusters
  4. Create pods
  5. etc...

But these IAM policies aren't really working how I expect.

Should I be using a service account instead?

-- bob_cobb
gcloud
google-cloud-platform
kubernetes

Similar Questions

How to set RBAC for a user to submit Argo workflow in a specific namespace?
Make links in response relative to new path
Error to deploy the Kubernetes Dashboard on EKS using terraform
io.fabric8.kubernetes.client.KubernetesClientException Message: unable to parse requirement: invalid label value
Kubernetes PVC restored from VolumeSnapshot is empty
Execute commands with Spring Boot & Kubernetes
VS Code attach to container in k8s fails with mkdir: cannot create directory '/var/www': Permission denied
How to restrict the privilege of kubectl command

2 Answers

2/19/2020

New projects should come with a network called default but I somehow ended up with one that didn't have a any networks at all (which caused me to see the same error).

After creating one...

gcloud compute networks create default

I was able to create a GKE cluster like so:

gcloud container clusters create mattscluster --zone us-west2 --machine-type e2-standard-2
-- MatrixManAtYrService
Source: StackOverflow
4/17/2019

You hit two distinct errors:

  1. The 1st error message says your project is missing the 'default' network.

You can check your project's networks with:

$ gcloud compute networks list
NAME     SUBNET_MODE  BGP_ROUTING_MODE  IPV4_RANGE  GATEWAY_IPV4
default  AUTO         REGIONAL

If you create a fully new project it should have a 'default' network.

Or you can specify an existing network with:

gcloud container clusters create somename --network=put-existing-network-here
  1. The 2nd error is lack of permission 'compute.networks.get' in the project.

You can verify the actual roles in the project by using 'gcloud projects get-iam-policy PROJECT_ID'. Look for the role 'owner' for your IAM user, like this:

$ gcloud projects get-iam-policy PROJECT_ID
- members:
  - user:username@somedomain.com
  role: roles/owner
-- Everton
Source: StackOverflow