Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove master_auth fields from google_container_cluster resource #8032

Closed
upodroid opened this issue Dec 16, 2020 · 4 comments · Fixed by GoogleCloudPlatform/magic-modules#5372, #10441 or hashicorp/terraform-provider-google-beta#3794
Closed

Remove master_auth fields from google_container_cluster resource #8032

upodroid opened this issue Dec 16, 2020 · 4 comments · Fixed by GoogleCloudPlatform/magic-modules#5372, #10441 or hashicorp/terraform-provider-google-beta#3794
Assignees
@c2thorn
Labels
breaking-change size/s
Milestone
4.0.0

Comments

@upodroid
Copy link
Contributor

Upstream Kubernetes has deprecated and removed basic auth from kubernetes as of v1.19 . In the next major release of the provider, master_auth nested fields needs to be removed given that there are many breaking changes issues open against this resource.

https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication#legacy-auth
rancher/rancher#28673
@rileykarson rileykarson added this to the 4.0.0 milestone Dec 16, 2020
@rileykarson
Copy link
Collaborator

Note: This should only be removed if the lowest available GKE version has removed support for basic auth.

@melinath
Copy link
Collaborator

At this point our tests for this feature are consistently failing with:

Basic authentication was removed for GKE cluster versions >= 1.19. The cluster cannot be created with basic authentication enabled. Instructions for choosing an alternative authentication method can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication.

Previously they were failing with:

Clusters with minor version 1.18 and basic authentication enabled cannot migrate to rapid, regular or stable release channels. Basic authentication was removed for GKE cluster versions >= 1.19. To disable basic authentication use: gcloud container clusters update %s --no-enable-basic-auth. Instructions for choosing a new method can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication.

It's not exactly clear to me whether existing clusters might still be running 1.18, but it seems likely that creating new clusters now requires not using basic auth.

@rileykarson
Copy link
Collaborator

rileykarson commented Jul 30, 2021
edited
Loading

1.18.0, 1.19.0, and 1.20.0 are the currently supported GKE versions: https://cloud.google.com/kubernetes-engine/docs/release-notes

So we're one more version away from being able to do this.

@melinath melinath mentioned this issue Jul 30, 2021
Merged
5 tasks
This was referenced Jul 30, 2021
Merged
Merged
@c2thorn c2thorn self-assigned this Sep 28, 2021
@c2thorn c2thorn mentioned this issue Sep 30, 2021
Merged
This was referenced Oct 20, 2021
Merged
Merged
@c2thorn c2thorn mentioned this issue Oct 26, 2021
Merged
5 tasks
This was referenced Oct 29, 2021
Merged
Merged
@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 28, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@c2thorn c2thorn

Labels
breaking-change size/s
Projects
None yet
Milestone
4.0.0
4 participants
@melinath @rileykarson @c2thorn @upodroid