Mengamankan Google Kubernetes Engine dengan Cloud IAM dan Kebijakan Keamanan Pod Ulasan

Namrata R. · Diulas sekitar 3 tahun lalu

this lab is broken create service account check is broken and default k8s version removed the PSP interface!!

Royi R. · Diulas sekitar 3 tahun lalu

PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first

Neehar Kanti S. · Diulas sekitar 3 tahun lalu

Adesh S. · Diulas sekitar 3 tahun lalu

I was chat with support team ,they said problem on backend so if possible provide extra attempt chances

lakshmi u. · Diulas sekitar 3 tahun lalu

Chao Z. · Diulas sekitar 3 tahun lalu

Vaishnavi B. · Diulas sekitar 3 tahun lalu

i am stuck with an error could not get pass a task

Cyril C. · Diulas sekitar 3 tahun lalu

Creating pod security policy is not working.

Rahul S. · Diulas sekitar 3 tahun lalu

Abinaya S. · Diulas sekitar 3 tahun lalu

Krishna Sai Prakash C. · Diulas sekitar 3 tahun lalu

the file restricted-psp.yaml did not work for me. An error was generated and i couldn't move forward. Please fix this lab the PodSecurityPolicy has been deprecated in v1.21

Ayman F. · Diulas sekitar 3 tahun lalu

The content needs to be modified to support GKE version 1.25.7-gke.1000 Creating a pod security policy throws below very obvious error student_00_b0dbdd15174a@cloudshell:~/training-data-analyst/courses/ak8s/14_IAM (qwiklabs-gcp-02-819a26b79e05)$ kubectl apply -f restricted-psp.yaml error: resource mapping not found for name: "restricted-psp" namespace: "" from "restricted-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first student_00_b0dbdd15174a@cloudshell:~/training-data-analyst/courses/ak8s/14_IAM (qwiklabs-gcp-02-819a26b79e05)$ Activating security policy also throws this error student_00_b0dbdd15174a@cloudshell:~/training-data-analyst/courses/ak8s/14_IAM (qwiklabs-gcp-02-819a26b79e05)$ gcloud beta container clusters update $my_cluster --zone $my_zone --enable-pod-security-policy Kubernetes has officially deprecated PodSecurityPolicy in version 1.21 and will be removed in 1.25 with no upgrade path available with this feature enabled. For additional details, please refer to https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies Default change: During creation of nodepools or autoscaling configuration changes for cluster versions greater than 1.24.1-gke.800 a default location policy is applied. For Spot and PVM it defaults to ANY, and for all other VM kinds a BALANCED policy is used. To change the default values use the `--location-policy` flag. ERROR: (gcloud.beta.container.clusters.update) INVALID_ARGUMENT: Pod Security Policy was removed from GKE clusters with version >= 1.25.0. The cluster cannot be created with Pod Security Policy is enabled. Instructions for using an alternative pod-level security policies can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/migrate-podsecuritypolicy. Completeting the optional task like the credential and IP rotation tasks using the following command has also failed: student_00_b0dbdd15174a@cloudshell:~/training-data-analyst/courses/ak8s/14_IAM (qwiklabs-gcp-02-819a26b79e05)$ gcloud container clusters update $my_cluster --zone $my_zone --complete-credential-rotation This will complete the in-progress Credential Rotation on cluster [standard-cluster-1]. The master will be updated to stop serving on the old IP address and only serve on the new IP address. Old cluster credentials will be invalidated. Make sure all API clients have been updated to communicate with the new IP address (e.g. by running `gcloud container clusters get-credentials --project qwiklabs-gcp-02-819a26b79e05 --location us-central1-a standard-cluster-1`). If maintenence window is used, nodes are not recreated until a maintenance window occurs. See documentation https://cloud.google.com/kubernetes-engine/docs/how-to/credential-rotation on how to manually update nodes. This operation is long-running and will block other operations on the cluster (including delete) until it has run to completion. Do you want to continue (Y/n)? Y ERROR: (gcloud.container.clusters.update) ResponseError: code=400, message=Node pool "default-pool" requires recreation.

Rahul W. · Diulas sekitar 3 tahun lalu

Francesca D. · Diulas sekitar 3 tahun lalu

Pratik B. · Diulas sekitar 3 tahun lalu

Task 2 showing error, please could you look into it

Shrirang P. · Diulas sekitar 3 tahun lalu

Task 2 has mistakes. Because of that, I am unable to finish the lab.

Abhinandh J. · Diulas sekitar 3 tahun lalu

Task 2 has mistakes. Because of that, I am unable to finish the lab.

Abhinandh J. · Diulas sekitar 3 tahun lalu

your lab doesn`t work!!!! restricted-esp.yaml!!!! error: resource mapping not found for name: "restricted-psp" namespace: "" from "restricted-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"

Большаков А. · Diulas sekitar 3 tahun lalu

Shivam K. · Diulas sekitar 3 tahun lalu

Task 2 showing error

Shrirang P. · Diulas sekitar 3 tahun lalu

kubectl apply -f restricted-psp.yaml command is throwing error error: resource mapping not found for name: "restricted-psp" namespace: "" from "restricted-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1". so that i cannot complete the lab

Indranil P. · Diulas sekitar 3 tahun lalu

Anurag M. · Diulas sekitar 3 tahun lalu

Lab does not function properly. Cannot apply restricted-psp.yaml, error messages. Tried a couple of times.

Thomas C. · Diulas sekitar 3 tahun lalu

NITHA N. · Diulas sekitar 3 tahun lalu