Deploy and execute Conjur OSS in GKE


I am trying to deploy conjur oss on GKE and encountering the following error.
Attaching logs and screen shots.

null__logs__2020-02-26T12-32.txt (115.8 KB)

Hey @saravanant23 can you provide us with the following so that we can better assess the problem:

  • Version of Conjur OSS app you are deploying
  • GKE Kubernetes version on your cluster
  • Settings of your cluster
  • Non-json logs (these are hard to parse visually but if you can’t provide us with regular logs we can figure something out).


Hi Srdian,

I am attaching the draft which I followed thru… To answer your question,
GKE Version - 1.15.7-gke.23
Conjur version - I couldn’t find the version…

kind: Application
creationTimestamp: “2020-02-26T17:32:36Z”
generation: 694
name: conjur-open-source-1
namespace: default
resourceVersion: “378840”
selfLink: /apis/
uid: d6a86ce2-28e2-4f2e-ac0e-f96f8d0ba490
assemblyPhase: Failed

  • group: “”
    kind: ConfigMap
  • group: “”
    kind: Secret
  • group: “”
    kind: ServiceAccount
  • group:
    kind: Role
  • group:
    kind: RoleBinding
  • group: batch
    kind: Job
    descriptor: {}
    matchLabels: conjur-open-source-1
  • link: /api/v1/namespaces/default/serviceaccounts/conjur-open-source-1-conjur-oss-serviceaccount-name-e6f1
    name: conjur-open-source-1-conjur-oss-serviceaccount-name-e6f1
    status: Ready
  • link: /apis/batch/v1/namespaces/default/jobs/conjur-open-source-1-deployer
    name: conjur-open-source-1-deployer
    status: Ready
  • link: /api/v1/namespaces/default/configmaps/conjur-open-source-1-deployer-config
    name: conjur-open-source-1-deployer-config
    status: Ready
  • link: /apis/
    name: conjur-open-source-1-deployer-rb
    status: Ready
  • link: /apis/
    name: conjur-open-source-1-deployer-rb
    status: Ready
  • link: /api/v1/namespaces/default/serviceaccounts/conjur-open-source-1-deployer-sa
    name: conjur-open-source-1-deployer-sa
    status: Ready
  • lastTransitionTime: “2020-02-26T17:32:36Z”
    lastUpdateTime: “2020-02-26T17:32:36Z”
    message: all components ready
    reason: ComponentsReady
    status: “True”
    type: Ready
  • lastTransitionTime: “2020-02-26T17:32:36Z”
    lastUpdateTime: “2020-02-26T17:32:36Z”
    message: No error seen
    reason: NoError
    status: “False”
    type: Error

I would recommend to reproduce the scenario , if you can so you can view the logs.


Hi @saravanant23,
I have confirmed the issue with that version of GKE. We will look into this. The issue is filed here:

@saravanant23, We’re working on a fix for the problem (see The main problem appears to be that the version of Google Marketplace Tools (0.6.0) that is incorporated into our app Deployment container needs to be upgraded. This version that we’re currently using incorporates a version of the kubectl client (1.12) that doesn’t know how to authenticate with Kubernetes versions 1.15 and newer. A fix is proposed that upgrades the Google Marketplace Tools to 0.10.0. (see
This newer version of the Google Marketplace Tools includes an adaptive scheme to pick a Kubernetes client (it reads the Kubernetes server version, then switches to a matching version of the Kubernetes client binary).