关于“Hardening Default GKE Cluster Configurations”的评价

service account v1 beta is deprecated and removed on kubernetes v1.25

Bas T. · 评论11 months之前

Bryan P. · 评论11 months之前

Reza K. · 评论11 months之前

Rafi A. · 评论11 months之前

Lab cannot be completed because step 7 is outdated.

Wolfgang G. · 评论11 months之前

Rafael F. · 评论11 months之前

finally finish.. huft

HAIDAR W. · 评论11 months之前

David A. · 评论11 months之前

Lab is using PodSecurityPolicies which are deprecated and even no longer available at all on the kubernetes version running in GCP currently. Not possible to complete with 100% rate.

Maximilian W. · 评论11 months之前

cant finish this labb bcs the instruction is deprecated!!!

HAIDAR W. · 评论11 months之前

THANK YOU FOR WASTING MY TIME!! PLEASE CHECK ALL THE DEPRECATED DEPENDENCY!!! cat <<EOF | kubectl apply -f - --- apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: restrictive-psp annotations: seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' spec: privileged: false # Required to prevent escalations to root. allowPrivilegeEscalation: false # This is redundant with non-root + disallow privilege escalation, # but we can provide it for defense in depth. requiredDropCapabilities: - ALL # Allow core volume types. volumes: - 'configMap' - 'emptyDir' - 'projected' - 'secret' - 'downwardAPI' # Assume that persistentVolumes set up by the cluster admin are safe to use. - 'persistentVolumeClaim' hostNetwork: false hostIPC: false hostPID: false runAsUser: # Require the container to run without root privileges. rule: 'MustRunAsNonRoot' seLinux: # This policy assumes the nodes are using AppArmor rather than SELinux. rule: 'RunAsAny' supplementalGroups: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 fsGroup: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 EOF

Astawan Z. · 评论11 months之前

cant finish this labb bcs the instruction is deprecated!!!

HAIDAR W. · 评论11 months之前

Richard A. · 评论11 months之前

THANK YOU FOR WASTING MY TIME!! PLEASE CHECK ALL THE DEPRECATED DEPENDENCY!!!

Astawan Z. · 评论11 months之前

Wahyu L. · 评论11 months之前

BUGGG

HAIDAR W. · 评论11 months之前

YOU NEED to specify the version. On task 1 no 2, paste this instead <gcloud container clusters create simplecluster --zone $MY_ZONE --num-nodes 2 --metadata=disable-legacy-endpoints=false --cluster-version=1.24.13-gke.500> After that, you wont get error on task 7 no 2.

Moch A. · 评论11 months之前

Moch A. · 评论11 months之前

Fahrul a. · 评论11 months之前

Ewen L. · 评论11 months之前

ayu a. · 评论11 months之前

Fahrul a. · 评论11 months之前

stuck on task 7 no 2 edit : YOU NEED to specify the version. On task 1 no 2, paste this instead gcloud container clusters create simplecluster --zone $MY_ZONE --num-nodes 2 --metadata=disable-legacy-endpoints=false --cluster-version=1.24.13-gke.500 After that, you wont get error on task 7 no 2. (sometime there's may an error at some task, just wait and retry)

Muhammad I. · 评论11 months之前

Archie C. · 评论11 months之前

Damar S. · 评论11 months之前