Skip to Content
Technical Articles
Author's profile photo Frank Schuler

Troubleshoot Gardener with gardenctl

Since I did Install Gardener on Rancher, it has become my Kubernetes platform of choice.

Lately, I ran into an issue creating new clusters leveraging Cloudflare though:

To troubleshoot this, I install gardenctl in 4 steps:

  1. Package Manager
  2. kubectl
  3. kubelogin
  4. gardenctl

Package Manager

Working on Windows, I leverage Chocolatey:

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(''))


To start with, I copy the configuration file from when I did Prepare your SAP Data Intelligence installation with Rancher:

choco install kubernetes-cli
mkdir ~/.kube
cp config ~/.kube/config 


I need to put the kubelogin binary on mypath under the name kubectl-oidc_login so that the kubectl plugin mechanism can find it when I invoke kubectl oidc-login:

choco install kubelogin
cp C:\ProgramData\chocolatey\bin\kubectl.exe C:\ProgramData\chocolatey\bin\kubectl-oidc_login.exe


gardenctl needs a session ID and kube configuration but is otherwise easy to install:

choco install gardenctl-v2
if ( !(Test-Path Env:GCTL_SESSION_ID) -and !(Test-Path Env:TERM_SESSION_ID) ) { $Env:GCTL_SESSION_ID = [guid]::NewGuid().ToString() }
gardenctl-v2 config set-garden architectsap --kubeconfig C:\Users\Frank\kubeconfig-garden-garden.yaml
gardenctl-v2 kubectl-env powershell
$Env:KUBECONFIG = 'C:\Users\Frank\AppData\Local\Temp\garden\3f3a762c-6e24-4b09-b899-e46fecb72db8\kubeconfig.yaml';
kubectl get controllerregistration

After logging in with dex:

The output confirms that I am missing DNSRecord/cloudflare-dns:

PS C:\WINDOWS\system32> kubectl get controllerregistration
NAME                RESOURCES                                                                                                                                                                                      AGE
dns-external        DNSProvider/aws-route53, DNSProvider/alicloud-dns, DNSProvider/azure-dns, DNSProvider/google-clouddns, DNSProvider/openstack-designate, DNSProvider/cloudflare-dns, DNSProvider/infoblox-dns   4d23h
networking-calico   Network/calico                                                                                                                                                                                 4d23h
os-gardenlinux      OperatingSystemConfig/gardenlinux                                                                                                                                                              4d23h
os-suse-chost       OperatingSystemConfig/suse-chost                                                                                                                                                               4d23h
os-ubuntu           OperatingSystemConfig/ubuntu                                                                                                                                                                   4d23h
provider-gcp        Infrastructure/gcp, ControlPlane/gcp, Worker/gcp, BackupBucket/gcp, BackupEntry/gcp, DNSRecord/google-clouddns                                                                                 4d23h
runtime-gvisor      ContainerRuntime/gvisor

Which is luckily easy enough to add thanks to Tim Schrodi:

Gardener DNS Extension for Cloudflare

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.