This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Google's tweaked kubectl command making too many connections

Posted on 12-04-2024 01:29 PM
njw
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We're running both GKE clusters and on-prem k8s clusters. We've discovered that the kubectl command installed via the kubectl package in the apt repository at https://packages.cloud.google.com/apt reaches out to a cluster - I think the current default context - for every command. The Release Notes have this:
https://cloud.google.com/sdk/docs/release-notes#kubernetes_engine_170

Update Google Container Engine's kubectl so that it now first attempts to match the API server version. If successful, the kubectl will delegate to the matching version of kubectl.

However, this is even done for commands like "kubectl completion bash", which we tell people to put in their ~/.bashrc (as "source <(kubectl completion bash)".

If their current context is not a GKE cluster when they start a new shell (new terminal window, ssh'ing in, etc) then it attempts to authenticate to the on-prem cluster, which for us involves OIDC login through a browser, which is disruptive at best and can hang the login shell if it fails at worst. 

Is there a way to disable this in the Google kubectl package? 

0 1 123
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
nmagcalengjr
Staff
Reply posted on --/--/---- --:-- AM

Hi @njw,

It appears that a more thorough investigation of your project is necessary. For more detailed insights you may reach out to Google Cloud Support for assistance.

0 Likes
Top Labels in this Space