Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
GCP uses it's own magic mechanism, EKS uses IAM, so using Kubeconfig is out the window.
Some possible solutions:
- Use the in-cluster authentication mechanism and run the log collection as some form of job (less work handles everything)
- Work out how to integrate the cloud specific authentication plugins (more work needs intervention with every new service provider)
Attachments
Issue Links
- is triggering
-
K8S-661 Handle AWS IAM in cbopinfo
-
- Closed
-
Note: using config maps as log storage is limited to 1M as that's etcd's biggest document size. Essentially if we used the in-cluster approach we'd need to have a pod which is alive while we collect, then extract the logs before killing it. The other option is to upload to s3, but that puts a burden on the customer to start using AWS, so no go.