Como proteger o Google Kubernetes Engine com o IAM e a admissão de segurança do pod avaliações

Marek S. · Revisado há over 2 years

Kylie H. · Revisado há over 2 years

Michael M. · Revisado há over 2 years

Good examples of giving GKE permissions through service accounts and IAM Permissions, enjoyed the IP Address rotation of the GKE Cluster as an addition, would have been nice to have been marked on that one!

Justin E. · Revisado há over 2 years

KAI W. · Revisado há over 2 years

Michael Angelo Z. · Revisado há over 2 years

student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ gcloud container clusters update $my_cluster --zone $my_zone --complete-credential-rotation This will complete the in-progress Credential Rotation on cluster [standard-cluster-1]. The master will be updated to stop serving on the old IP address and only serve on the new IP address. Old cluster credentials will be invalidated. Make sure all API clients have been updated to communicate with the new IP address (e.g. by running `gcloud container clusters get-credentials --project qwiklabs-gcp-03-8d7e8f2024b6 --location us-central1-a standard-cluster-1`). If maintenence window is used, nodes are not recreated until a maintenance window occurs. See documentation https://cloud.google.com/kubernetes-engine/docs/how-to/credential-rotation on how to manually update nodes. This operation is long-running and will block other operations on the cluster (including delete) until it has run to completion. Do you want to continue (Y/n)? y ERROR: (gcloud.container.clusters.update) ResponseError: code=400, message=Node pool "default-pool" requires recreation. student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ gcloud container clusters upgrade $my_cluster --node-pool=default-pool --zone $my_zone All nodes in node pool [default-pool] of cluster [standard-cluster-1] will be upgraded from version [1.27.3-gke.100] to version [1.27.3-gke.100]. This operation is long-running and will block other operations on the cluster (including delete) until it has run to completion. Do you want to continue (Y/n)? y ERROR: (gcloud.container.clusters.upgrade) ResponseError: code=400, message=Cluster is running incompatible operation operation-1704226508383-92397857-74fe-4a23-bbcd-b2a907b83659. student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ ================ PS: problem does not occur when using K8S v1.28

Michel M. · Revisado há over 2 years

Jennifer L. · Revisado há over 2 years

second time was fine - all OK

DevAnd O. · Revisado há over 2 years

the permissions for username 2 are not present

DevAnd O. · Revisado há over 2 years

Passawit K. · Revisado há over 2 years

Ashess P. · Revisado há over 2 years

Nhan H. · Revisado há over 2 years

Aritra R. · Revisado há over 2 years

jubeda b. · Revisado há over 2 years

Kavitha P. · Revisado há over 2 years

Pragatheeswar M. · Revisado há over 2 years

Lewis M. · Revisado há over 2 years

Wing Z. · Revisado há over 2 years

Shubham C. · Revisado há over 2 years

Rex O. · Revisado há over 2 years

Charles Y. · Revisado há over 2 years

Anbarasan M. · Revisado há over 2 years

Ichii O. · Revisado há over 2 years

Dino B. · Revisado há over 2 years