Answer-first summary for fast verification
Answer: Your Cloud Shell external IP address is not part of the authorized networks of the cluster.
The issue is most likely due to the Cloud Shell's external IP address not being part of the cluster's authorized networks. GKE clusters with public endpoints can restrict access to specific IP ranges via 'authorized networks'. If Cloud Shell's IP is not included, traffic to the cluster's control plane (kubectl commands) will be blocked, causing timeouts. Authorization errors (A) would return explicit permission messages, not timeouts. Cloud Shell connects via the public endpoint, so VPC membership (C) or internal VPC firewalls (D) are irrelevant in this scenario. The public endpoint's access is governed by authorized networks, not VPC firewalls.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are attempting to connect to your Google Kubernetes Engine (GKE) cluster using kubectl from Cloud Shell. Your GKE cluster has a public endpoint. When running the following command in Cloud Shell:
gcloud container clusters get-credentials <cluster-name> \
--zone <zone> --project <project-name>
gcloud container clusters get-credentials <cluster-name> \
--zone <zone> --project <project-name>
You observe that kubectl commands time out without any error message. What is the most probable cause of this issue?
A
Your user account does not have privileges to interact with the cluster using kubectl.
B
Your Cloud Shell external IP address is not part of the authorized networks of the cluster.
C
The Cloud Shell is not part of the same VPC as the GKE cluster.
D
A VPC firewall is blocking access to the cluster’s endpoint.
No comments yet.