Connect kubernetes pod to a GCS bucket using JS

To connect from a Kubernetes pod to a Google Cloud Storage (GCS) bucket using JavaScript, you need to follow these steps:

  1. Set up your GCP Service Account and Credentials:
    • Create a service account in Google Cloud Platform (GCP) that has access to the GCS bucket.
    • Download the service account key file in JSON format.
  2. Store the Service Account Key securely:
    • Store the service account key as a Kubernetes Secret to keep it secure.
    • You can use the following command to create a secret:
kubectl create secret generic gcs-key --from-file=key.json=/path/to/service-account-key.json

3. Configure your Kubernetes Pod to use the Secret:

apiVersion: v1
kind: Pod
metadata:
  name: gcs-example-pod
spec:
  containers:
    - name: gcs-container
      image: node:18  # Use a Node.js image
      volumeMounts:
        - name: gcs-key-volume
          mountPath: /secrets
      env:
        - name: GOOGLE_APPLICATION_CREDENTIALS
          value: "/secrets/key.json"
  volumes:
    - name: gcs-key-volume
      secret:
        secretName: gcs-key

In this YAML:

4. Install the Google Cloud Storage client library:

npm install @google-cloud/storage

5. Use the Google Cloud Storage client in your JavaScript code:

const { Storage } = require('@google-cloud/storage');

// Creates a client using Application Default Credentials
const storage = new Storage();

async function listBuckets() {
  try {
    const [buckets] = await storage.getBuckets();
    console.log('Buckets:');
    buckets.forEach(bucket => {
      console.log(bucket.name);
    });
  } catch (err) {
    console.error('ERROR:', err);
  }
}

listBuckets();

6. Deploy your application to Kubernetes:

7. Access the GCS bucket:

    This setup ensures secure access to GCS using a service account in a Kubernetes environment, following best practices for credentials management and secure access.

    Let's Share
    Exit mobile version