Add a Kubernetes Cluster Connector

Updated 1 month ago by Michael Cretzman

You can connect Harness with your Kubernetes clusters using a Kubernetes Cluster Connector or Google Cloud Platform (GCP) Connector. This topic explains how to set up the Kubernetes Cluster Connector.

Once connected, you can use Kubernetes and Harness for provisioning infrastructure, running a CI build farm, and deploying microservices and other workloads to clusters.

What roles should my Kubernetes account have? What roles and policies needed by the account used in the Connector depend on what operations you are using Harness for in the cluster. For a list of roles and policies, see Kubernetes Cluster Connector Settings Reference.

In this topic:

Before You Begin

Visual Summary

Here's a quick video that shows you how to add a Kubernetes Cluster Connector and install the Kubernetes Delegate in the target cluster at the same time:

Review: Roles and Policies for the Connector

The IAM roles and policies needed by the account used in the Connector depend on what operations you are using with Harness and what operations you want Harness to perform in the cluster.

For a detailed list of roles and policies, see Kubernetes Cluster Connector Settings Reference.

In general, the following permissions are require:

  • Deployments: A Kubernetes service account with permission to create entities in the target namespace is required. The set of permissions should include list, get, create, watch (to fetch the pod events), and delete permissions for each of the entity types Harness uses. In general, cluster admin permission or namespace admin permission is sufficient.
  • Builds: A Kubernetes service account with CRUD permissions on Secret, Service, Pod, and PersistentVolumeClaim (PVC).

Review: Kubernetes Cluster Connector for EKS

If you want to connect Harness to Elastic Kubernetes Service (Amazon EKS), use the platform-agnostic Kubernetes Cluster Connector discussed here. Do not use an AWS Connector.

Review: Switching IAM Policies

If the IAM role used by your Connector does not have the policies required, you can modify or switch the role.

You simply change the role assigned to the cluster or the Harness Delegate your Connector is using.

When you switch or modify the IAM role, it might take up to 5 minutes to take effect.

Supported Platforms and Technologies

For a list of the platforms and technologies supported by Harness, see Supported Platforms and Technologies.

Step 1: Add a Kubernetes Cluster Connector

Open a Harness Project.

In Project Setup, click Connectors.

Click New Connector, and click Kubernetes Cluster. The Kubernetes Cluster Connector settings appear.

In Name, enter a name for this connector.

Harness automatically creates the corresponding Id (entity identifier).

Click Continue.

Step 2: Enter Credentials

Choose the method for Harness to use when connecting to the cluster.

Select one of the following:

  • Specify master URL and credentials:
    • You provide the Kubernetes master node URL. The easiest method to obtain the master URL is using kubectl: kubectl cluster-info.
    • Next, enter the Service Account Key or other credentials.
  • Use the credentials of a specific Harness Delegate: Select this option to have the Connector inherit the credentials used by the Harness Delegate running in the cluster. You can install a Delegate as part of adding this Connector.

For details on all of the credential settings, see Kubernetes Cluster Connector Settings Reference.

Step 3: Set Up Delegates

Regardless of which authentication method you selected, you select Harness Delegates to perform authentication for this Connector.

If you do not have Harness Delegates, click Install New Delegate to add one to the cluster, or any cluster in your environment that can connect to the cluster.

Harness uses Kubernetes Cluster Connectors at Pipeline runtime to authenticate and perform operations with Kubernetes. Authentications and operations are performed by Harness Delegates.

You can select Any Available Harness Delegate and Harness will select the Delegate. For a description of how Harness picks Delegates, see Delegates Overview.

You can use Delegate Tags to select one or more Delegates. For details on Delegate Tags, see Select Delegates with Tags.

If you need to install a Delegate, see Delegate Installation Overview or the Visual Summary above.

Click Save and Continue.

Harness tests the credentials you provided using the Delegates you selected.

Please Provide Feedback