Securing Google Kubernetes Engine with IAM and Pod Security Admission Reviews

tom y. · Reviewed 1 yıldan fazla ago

jack B. · Reviewed 1 yıldan fazla ago

Gabriel A. · Reviewed 1 yıldan fazla ago

some issue with the labels, but after some witchery with the yaml being able to work it out

Igor T. · Reviewed 1 yıldan fazla ago

Akansha W. · Reviewed 1 yıldan fazla ago

Gloria K. · Reviewed 1 yıldan fazla ago

sebastien D. · Reviewed 1 yıldan fazla ago

Anthony L. · Reviewed 1 yıldan fazla ago

Mariana L. · Reviewed 1 yıldan fazla ago

Abhishek B. · Reviewed 1 yıldan fazla ago

Deepak L. · Reviewed 1 yıldan fazla ago

Sofia E. · Reviewed 1 yıldan fazla ago

Paing Htoo N. · Reviewed 1 yıldan fazla ago

Buena experiencia.

Rafael M. · Reviewed 1 yıldan fazla ago

Robert G. · Reviewed 1 yıldan fazla ago

Oscar J. · Reviewed 1 yıldan fazla ago

Marek S. · Reviewed 1 yıldan fazla ago

Kylie H. · Reviewed 1 yıldan fazla ago

Michael M. · Reviewed 1 yıldan fazla ago

Good examples of giving GKE permissions through service accounts and IAM Permissions, enjoyed the IP Address rotation of the GKE Cluster as an addition, would have been nice to have been marked on that one!

Justin E. · Reviewed 1 yıldan fazla ago

KAI W. · Reviewed 1 yıldan fazla ago

Michael Angelo Z. · Reviewed 1 yıldan fazla ago

student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ gcloud container clusters update $my_cluster --zone $my_zone --complete-credential-rotation This will complete the in-progress Credential Rotation on cluster [standard-cluster-1]. The master will be updated to stop serving on the old IP address and only serve on the new IP address. Old cluster credentials will be invalidated. Make sure all API clients have been updated to communicate with the new IP address (e.g. by running `gcloud container clusters get-credentials --project qwiklabs-gcp-03-8d7e8f2024b6 --location us-central1-a standard-cluster-1`). If maintenence window is used, nodes are not recreated until a maintenance window occurs. See documentation https://cloud.google.com/kubernetes-engine/docs/how-to/credential-rotation on how to manually update nodes. This operation is long-running and will block other operations on the cluster (including delete) until it has run to completion. Do you want to continue (Y/n)? y ERROR: (gcloud.container.clusters.update) ResponseError: code=400, message=Node pool "default-pool" requires recreation. student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ gcloud container clusters upgrade $my_cluster --node-pool=default-pool --zone $my_zone All nodes in node pool [default-pool] of cluster [standard-cluster-1] will be upgraded from version [1.27.3-gke.100] to version [1.27.3-gke.100]. This operation is long-running and will block other operations on the cluster (including delete) until it has run to completion. Do you want to continue (Y/n)? y ERROR: (gcloud.container.clusters.upgrade) ResponseError: code=400, message=Cluster is running incompatible operation operation-1704226508383-92397857-74fe-4a23-bbcd-b2a907b83659. student_00_e614b07bad74@cloudshell:~ (qwiklabs-gcp-03-8d7e8f2024b6)$ ================ PS: problem does not occur when using K8S v1.28

Michel M. · Reviewed 1 yıldan fazla ago

Jennifer L. · Reviewed 1 yıldan fazla ago

second time was fine - all OK

DevAnd O. · Reviewed 1 yıldan fazla ago