It seems that after playing with the Custom VPC and Service Account labs, I am no longer able to create GKE clusters because it cannot find the [project-id]-email@example.com account in IAM. I check and it was there. I delete it, proceeded to back-track my entire set of operations. Deleted all instances, disabled the Kubernetes and Compute Engine APIs and re-enabled. I’m still not able to deploy a GKE cluster.
I created another service-account with the same privileges and assigned it under Node-pool->Options->SA; this seemed to allow me to create my GKE cluster
Any advice on restoring the default operations so I do not have to set this SA every time i spin up a GKE cluster?
Hello, Marino! I’m glad you’re going through the labs and working through problems like this that you encounter.
In this case, are you sure you haven’t still been doin anything in the networking project where we deleted the default service account? The reason I had you make a new project for the networking stuff, in particular, is to manage negative interactions causing errors like the one you’ve described–but it’s a good idea to make a new project anytime you’re starting something new. The only reason I don’t make a new project for pretty much every lab is because of the pesky quotas while we’re on the free trial.
But in this case, I really think it’s worth cleaning up (i.e. either deleting or just unlinking) an old project so you can make a new one. Especially because there’s no good way to undo some things that may have been done to the default service account.
I hope this helps!