GCP provider
Install the GCP provider
Install the provider into the Kubernetes cluster with a Kubernetes configuration file.
The kind: Provider uses the Crossplane Provider Custom Resource Definition to connect your Kubernetes cluster to your cloud provider.
Verify the provider installed with kubectl get providers.
A provider installs their own Kubernetes Custom Resource Definitions (CRDs). These CRDs allow you to create GCP resources directly inside Kubernetes.
You can view the new CRDs with kubectl get crds. Every CRD maps to a unique GCP service Crossplane can provision and manage.
Create a Kubernetes secret for GCP
The provider requires credentials to create and manage GCP resources. Providers use a Kubernetes Secret to connect the credentials to the provider.
First generate a Kubernetes Secret from a Google Cloud service account JSON file and then configure the Provider to use it.
Generate a GCP service account JSON file
For basic user authentication, use a Google Cloud service account JSON file.
Save this JSON file as gcp-credentials.json
Create a Kubernetes secret with the GCP credentials
A Kubernetes generic secret has a name and contents. Use kubectl create secret to generate the secret object named gcp-secret in the crossplane-system namespace.
Use the --from-file= argument to set the value to the contents of the
gcp-credentials.json file.
View the secret with kubectl describe secret
Create a ProviderConfig
A ProviderConfig customizes the settings of the GCP Provider.
Apply the ProviderConfig . Include your GCP project ID in the ProviderConfig settings.
This attaches the GCP credentials, saved as a Kubernetes secret, as a secretRef .
The spec.credentials.secretRef.name value is the name of the Kubernetes secret containing the GCP credentials in the spec.credentials.secretRef.namespace .
Last updated