关于“Securing Google Kubernetes Engine with Cloud IAM and Pod Security Policies”的评价

bad

Chakravarthy S. · 已于 almost 3 years前审核

Naohiro F. · 已于 almost 3 years前审核

Podセキュリティーポリシーが作成されない。

野崎秀人野. · 已于 almost 3 years前审核

Akshay J. · 已于 almost 3 years前审核

Sergey B. · 已于 almost 3 years前审核

The material is outdated and the K8s API used here deprecated.

Sebastian G. · 已于 almost 3 years前审核

Nonaka T. · 已于 almost 3 years前审核

Tapan H. · 已于 almost 3 years前审核

Sarath Kumar M. · 已于 almost 3 years前审核

Akshay J. · 已于 almost 3 years前审核

Jason V. · 已于 almost 3 years前审核

Kubernetes has officially deprecated PodSecurityPolicy in version 1.21 and will be removed in 1.25 with no upgrade path available with this feature enabled. For additional details, please refer to https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies Default change: During creation of nodepools or autoscaling configuration changes for cluster versions greater than 1.24.1-gke.800 a default location policy is applied. For Spot and PVM it defaults to ANY, and for all other VM kinds a BALANCED policy is used. To change the default values use the `--location-policy` flag. ERROR: (gcloud.beta.container.clusters.update) INVALID_ARGUMENT: Pod Security Policy was removed from GKE clusters with version >= 1.25.0. The cluster cannot be created with Pod Security Policy is enabled. Instructions for using an alternative pod-level security policies can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/migrate-podsecuritypolicy. - '@type': type.googleapis.com/google.rpc.RequestInfo requestId: '0xb8c0e903480f30a3'

Sivaprasath M. · 已于 almost 3 years前审核

Could not create pod security Policies: student_03_525b2bce9214@cloudshell:~/training-data-analyst/courses/ak8s/14_IAM (qwiklabs-gcp-04-732f88260d6a)$ kubectl apply -f restricted-psp.yaml error: resource mapping not found for name: "restricted-psp" namespace: "" from "restricted-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"

Donglin J. · 已于 almost 3 years前审核

Jason V. · 已于 almost 3 years前审核

Kubernetes has officially deprecated PodSecurityPolicy in version 1.21 and will be removed in 1.25 with no upgrade path available with this feature enabled. For additional details, please refer to https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies Default change: During creation of nodepools or autoscaling configuration changes for cluster versions greater than 1.24.1-gke.800 a default location policy is applied. For Spot and PVM it defaults to ANY, and for all other VM kinds a BALANCED policy is used. To change the default values use the `--location-policy` flag. ERROR: (gcloud.beta.container.clusters.update) INVALID_ARGUMENT: Pod Security Policy was removed from GKE clusters with version >= 1.25.0. The cluster cannot be created with Pod Security Policy is enabled. Instructions for using an alternative pod-level security policies can be found at: https://cloud.google.com/kubernetes-engine/docs/how-to/migrate-podsecuritypolicy. - '@type': type.googleapis.com/google.rpc.RequestInfo requestId: '0xb8c0e903480f30a3'

Sivaprasath M. · 已于 almost 3 years前审核

Lab does not work

John M. · 已于 almost 3 years前审核

no matches for kind "PodSecurityPolicy" in version "policy/v1beta1. - failed could not create security policy had to move on

Peter G. · 已于 almost 3 years前审核

Scot B. · 已于 almost 3 years前审核

Gandhi S. · 已于 almost 3 years前审核

There is an error in this lab due to deprecated PodSecurityPolicy and it could not be finished.

Anthony R. · 已于 almost 3 years前审核

pod security creation coudl not happen with all steps mentioned

Divya A. · 已于 almost 3 years前审核

error: resource mapping not found for name: "restricted-psp" namespace: "" from "restricted-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: restricted-psp spec: privileged: false # Don't allow privileged pods! seLinux: rule: RunAsAny supplementalGroups: rule: RunAsAny runAsUser: rule: MustRunAsNonRoot fsGroup: rule: RunAsAny volumes: - '*'

Esmeralda S. · 已于 almost 3 years前审核

pod security creation coudl not happen with all steps mentioned

Divya A. · 已于 almost 3 years前审核