Hardening Default GKE Cluster Configurations Reviews
9967 reviews
Fandi H. · Reviewed 1 yıldan fazla ago
error trying to implement Task 7.....error: resource mapping not found for name: "restrictive-psp" namespace: "" from "STDIN": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first
Randyansyah .. · Reviewed 1 yıldan fazla ago
Bruno F. · Reviewed 1 yıldan fazla ago
As others have said. Task 7 is error. Solution " gcloud container clusters create simplecluster --zone $MY_ZONE --cluster-version 1.21.14-gke.18100 --num-nodes 2 --metadata=disable-legacy-endpoints=false " do this in step Task 1
Muhammad Ilham Akbar S. · Reviewed 1 yıldan fazla ago
Edwin T. · Reviewed 1 yıldan fazla ago
Bruno F. · Reviewed 1 yıldan fazla ago
service account v1 beta is deprecated and removed on kubernetes v1.25
Bas T. · Reviewed 1 yıldan fazla ago
Bryan P. · Reviewed 1 yıldan fazla ago
Reza K. · Reviewed 1 yıldan fazla ago
Rafi A. · Reviewed 1 yıldan fazla ago
Lab cannot be completed because step 7 is outdated.
Wolfgang G. · Reviewed 1 yıldan fazla ago
Rafael F. · Reviewed 1 yıldan fazla ago
finally finish.. huft
HAIDAR W. · Reviewed 1 yıldan fazla ago
David A. · Reviewed 1 yıldan fazla ago
Lab is using PodSecurityPolicies which are deprecated and even no longer available at all on the kubernetes version running in GCP currently. Not possible to complete with 100% rate.
Maximilian W. · Reviewed 1 yıldan fazla ago
cant finish this labb bcs the instruction is deprecated!!!
HAIDAR W. · Reviewed 1 yıldan fazla ago
THANK YOU FOR WASTING MY TIME!! PLEASE CHECK ALL THE DEPRECATED DEPENDENCY!!! cat <<EOF | kubectl apply -f - --- apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: restrictive-psp annotations: seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' spec: privileged: false # Required to prevent escalations to root. allowPrivilegeEscalation: false # This is redundant with non-root + disallow privilege escalation, # but we can provide it for defense in depth. requiredDropCapabilities: - ALL # Allow core volume types. volumes: - 'configMap' - 'emptyDir' - 'projected' - 'secret' - 'downwardAPI' # Assume that persistentVolumes set up by the cluster admin are safe to use. - 'persistentVolumeClaim' hostNetwork: false hostIPC: false hostPID: false runAsUser: # Require the container to run without root privileges. rule: 'MustRunAsNonRoot' seLinux: # This policy assumes the nodes are using AppArmor rather than SELinux. rule: 'RunAsAny' supplementalGroups: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 fsGroup: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 EOF
Astawan Z. · Reviewed 1 yıldan fazla ago
cant finish this labb bcs the instruction is deprecated!!!
HAIDAR W. · Reviewed 1 yıldan fazla ago
Richard A. · Reviewed 1 yıldan fazla ago
THANK YOU FOR WASTING MY TIME!! PLEASE CHECK ALL THE DEPRECATED DEPENDENCY!!!
Astawan Z. · Reviewed 1 yıldan fazla ago
Wahyu L. · Reviewed 1 yıldan fazla ago
BUGGG
HAIDAR W. · Reviewed 1 yıldan fazla ago
YOU NEED to specify the version. On task 1 no 2, paste this instead <gcloud container clusters create simplecluster --zone $MY_ZONE --num-nodes 2 --metadata=disable-legacy-endpoints=false --cluster-version=1.24.13-gke.500> After that, you wont get error on task 7 no 2.
Moch A. · Reviewed 1 yıldan fazla ago
Moch A. · Reviewed 1 yıldan fazla ago
Fahrul a. · Reviewed 1 yıldan fazla ago
We do not ensure the published reviews originate from consumers who have purchased or used the products. Reviews are not verified by Google.