mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-18 14:56:05 +00:00
gcloud: Wed Oct 9 09:55:07 UTC 2024
This commit is contained in:
parent
489be55d99
commit
4ffb04ab9e
211 changed files with 7635 additions and 1232 deletions
|
|
@ -24,17 +24,19 @@ SYNOPSIS
|
|||
[--database-encryption-key=DATABASE_ENCRYPTION_KEY]
|
||||
[--default-max-pods-per-node=DEFAULT_MAX_PODS_PER_NODE]
|
||||
[--disable-default-snat] [--disable-pod-cidr-overprovision]
|
||||
[--disk-size=DISK_SIZE] [--disk-type=DISK_TYPE] [--enable-autorepair]
|
||||
[--no-enable-autoupgrade] [--enable-cilium-clusterwide-network-policy]
|
||||
[--enable-cloud-logging] [--enable-cloud-monitoring]
|
||||
[--enable-cloud-run-alpha] [--enable-confidential-nodes]
|
||||
[--enable-confidential-storage] [--enable-cost-allocation]
|
||||
[--enable-dataplane-v2] [--enable-fleet] [--enable-fqdn-network-policy]
|
||||
[--disk-size=DISK_SIZE] [--disk-type=DISK_TYPE]
|
||||
[--enable-authorized-networks-on-private-endpoint]
|
||||
[--enable-autorepair] [--no-enable-autoupgrade]
|
||||
[--enable-cilium-clusterwide-network-policy] [--enable-cloud-logging]
|
||||
[--enable-cloud-monitoring] [--enable-cloud-run-alpha]
|
||||
[--enable-confidential-nodes] [--enable-confidential-storage]
|
||||
[--enable-cost-allocation] [--enable-dataplane-v2]
|
||||
[--enable-dns-access] [--enable-fleet] [--enable-fqdn-network-policy]
|
||||
[--enable-gke-oidc] [--enable-google-cloud-access] [--enable-gvnic]
|
||||
[--enable-identity-service] [--enable-image-streaming]
|
||||
[--enable-insecure-kubelet-readonly-port]
|
||||
[--enable-intra-node-visibility] [--enable-ip-alias]
|
||||
[--enable-kubernetes-alpha]
|
||||
[--enable-intra-node-visibility] [--enable-ip-access]
|
||||
[--enable-ip-alias] [--enable-kubernetes-alpha]
|
||||
[--enable-kubernetes-unstable-apis=API,[API,...]]
|
||||
[--enable-l4-ilb-subsetting] [--enable-legacy-authorization]
|
||||
[--enable-logging-monitoring-system-only] [--enable-managed-prometheus]
|
||||
|
|
@ -434,6 +436,10 @@ FLAGS
|
|||
DISK_TYPE must be one of: pd-standard, pd-ssd, pd-balanced,
|
||||
hyperdisk-balanced, hyperdisk-extreme, hyperdisk-throughput.
|
||||
|
||||
--enable-authorized-networks-on-private-endpoint
|
||||
Enable enforcement of --master-authorized-networks CIDR ranges for
|
||||
traffic reaching cluster's control plane via private IP.
|
||||
|
||||
--enable-autorepair
|
||||
Enable node autorepair feature for a cluster's default node pool(s).
|
||||
|
||||
|
|
@ -514,6 +520,11 @@ FLAGS
|
|||
Enables the new eBPF dataplane for GKE clusters that is required for
|
||||
network security, scalability and visibility features.
|
||||
|
||||
--enable-dns-access
|
||||
Enable access to the cluster's control plane over DNS-based endpoint.
|
||||
|
||||
DNS-based control plane access is recommended.
|
||||
|
||||
--enable-fleet
|
||||
Set cluster project as the fleet host project. This will register the
|
||||
cluster to the same project. To register the cluster to a fleet in a
|
||||
|
|
@ -576,6 +587,10 @@ FLAGS
|
|||
Enabling it on an existing cluster causes the cluster master and the
|
||||
cluster nodes to restart, which might cause a disruption.
|
||||
|
||||
--enable-ip-access
|
||||
Enable access to the cluster's control plane over private IP and public
|
||||
IP if --enable-private-endpoint is not enabled.
|
||||
|
||||
--enable-ip-alias
|
||||
Enable use of alias IPs
|
||||
(https://cloud.google.com/compute/docs/alias-ip/) for Pod IPs. This
|
||||
|
|
|
|||
|
|
@ -14,9 +14,10 @@ SYNOPSIS
|
|||
[--containerd-config-from-file=PATH_TO_FILE]
|
||||
[--create-subnetwork=[KEY=VALUE,...]]
|
||||
[--database-encryption-key=DATABASE_ENCRYPTION_KEY]
|
||||
[--enable-authorized-networks-on-private-endpoint]
|
||||
[--enable-backup-restore] [--enable-cilium-clusterwide-network-policy]
|
||||
[--enable-fleet] [--enable-google-cloud-access]
|
||||
[--enable-kubernetes-unstable-apis=API,[API,...]]
|
||||
[--enable-dns-access] [--enable-fleet] [--enable-google-cloud-access]
|
||||
[--enable-ip-access] [--enable-kubernetes-unstable-apis=API,[API,...]]
|
||||
[--enable-master-global-access] [--enable-ray-cluster-logging]
|
||||
[--enable-ray-cluster-monitoring] [--enable-ray-operator]
|
||||
[--enable-secret-manager] [--fleet-project=PROJECT_ID_OR_NUMBER]
|
||||
|
|
@ -219,6 +220,10 @@ FLAGS
|
|||
For more information, see
|
||||
https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets.
|
||||
|
||||
--enable-authorized-networks-on-private-endpoint
|
||||
Enable enforcement of --master-authorized-networks CIDR ranges for
|
||||
traffic reaching cluster's control plane via private IP.
|
||||
|
||||
--enable-backup-restore
|
||||
Enable the Backup for GKE add-on. This add-on is disabled by default.
|
||||
To learn more, see the Backup for GKE overview:
|
||||
|
|
@ -228,6 +233,11 @@ FLAGS
|
|||
Enable Cilium Clusterwide Network Policies on the cluster. Disabled by
|
||||
default.
|
||||
|
||||
--enable-dns-access
|
||||
Enable access to the cluster's control plane over DNS-based endpoint.
|
||||
|
||||
DNS-based control plane access is recommended.
|
||||
|
||||
--enable-fleet
|
||||
Set cluster project as the fleet host project. This will register the
|
||||
cluster to the same project. To register the cluster to a fleet in a
|
||||
|
|
@ -239,6 +249,10 @@ FLAGS
|
|||
Google Cloud can reach the public control plane endpoint of your
|
||||
cluster.
|
||||
|
||||
--enable-ip-access
|
||||
Enable access to the cluster's control plane over private IP and public
|
||||
IP if --enable-private-endpoint is not enabled.
|
||||
|
||||
--enable-kubernetes-unstable-apis=API,[API,...]
|
||||
Enable Kubernetes beta API features on this cluster. Beta APIs are not
|
||||
expected to be production ready and should be avoided in
|
||||
|
|
|
|||
|
|
@ -3,7 +3,8 @@ NAME
|
|||
running cluster
|
||||
|
||||
SYNOPSIS
|
||||
gcloud beta container clusters get-credentials NAME [--internal-ip]
|
||||
gcloud beta container clusters get-credentials NAME [--dns-endpoint]
|
||||
[--internal-ip]
|
||||
[--location=LOCATION | --region=REGION | --zone=ZONE, -z ZONE]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
|
|
@ -46,6 +47,9 @@ POSITIONAL ARGUMENTS
|
|||
container/cluster property value for this command invocation.
|
||||
|
||||
FLAGS
|
||||
--dns-endpoint
|
||||
Whether to use the DNS-based endpoint for the cluster address.
|
||||
|
||||
--internal-ip
|
||||
Whether to use the internal IP address of the cluster endpoint.
|
||||
|
||||
|
|
|
|||
56
gcloud/beta/container/clusters/get-upgrade-info
Normal file
56
gcloud/beta/container/clusters/get-upgrade-info
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
NAME
|
||||
gcloud beta container clusters get-upgrade-info - get information about
|
||||
upgrades for existing clusters including auto upgrade status, upgrade
|
||||
history, upgrade targets, and end of support timelines
|
||||
|
||||
SYNOPSIS
|
||||
gcloud beta container clusters get-upgrade-info NAME
|
||||
[--location=LOCATION | --region=REGION | --zone=ZONE, -z ZONE]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(BETA) Get information about upgrades for existing clusters including auto
|
||||
upgrade status, upgrade history, upgrade targets, and end of support
|
||||
timelines.
|
||||
|
||||
EXAMPLES
|
||||
To get upgrade information for an existing cluster, run:
|
||||
|
||||
$ gcloud beta container clusters get-upgrade-info sample-cluster
|
||||
|
||||
POSITIONAL ARGUMENTS
|
||||
NAME
|
||||
The name of your existing cluster.
|
||||
|
||||
FLAGS
|
||||
At most one of these can be specified:
|
||||
|
||||
--location=LOCATION
|
||||
Compute zone or region (e.g. us-central1-a or us-central1) for the
|
||||
cluster. Overrides the default compute/region or compute/zone value
|
||||
for this command invocation. Prefer using this flag over the --region
|
||||
or --zone flags.
|
||||
|
||||
--region=REGION
|
||||
Compute region (e.g. us-central1) for a regional cluster. Overrides
|
||||
the default compute/region property value for this command
|
||||
invocation.
|
||||
|
||||
--zone=ZONE, -z ZONE
|
||||
Compute zone (e.g. us-central1-a) for a zonal cluster. Overrides the
|
||||
default compute/zone property value for this command invocation.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
||||
--trace-token, --user-output-enabled, --verbosity.
|
||||
|
||||
Run $ gcloud help for details.
|
||||
|
||||
NOTES
|
||||
This command is currently in beta and might change without notice. This
|
||||
variant is also available:
|
||||
|
||||
$ gcloud alpha container clusters get-upgrade-info
|
||||
|
||||
|
|
@ -58,6 +58,11 @@ COMMANDS
|
|||
get-credentials
|
||||
(BETA) Fetch credentials for a running cluster.
|
||||
|
||||
get-upgrade-info
|
||||
(BETA) Get information about upgrades for existing clusters including
|
||||
auto upgrade status, upgrade history, upgrade targets, and end of
|
||||
support timelines.
|
||||
|
||||
list
|
||||
(BETA) List existing clusters for running containers.
|
||||
|
||||
|
|
|
|||
|
|
@ -16,16 +16,14 @@ SYNOPSIS
|
|||
| --[no-]enable-cilium-clusterwide-network-policy
|
||||
| --enable-cost-allocation | --enable-fleet
|
||||
| --enable-fqdn-network-policy | --enable-gke-oidc
|
||||
| --enable-google-cloud-access | --enable-identity-service
|
||||
| --enable-image-streaming | --enable-insecure-kubelet-readonly-port
|
||||
| --enable-identity-service | --enable-image-streaming
|
||||
| --enable-insecure-kubelet-readonly-port
|
||||
| --enable-intra-node-visibility
|
||||
| --enable-kubernetes-unstable-apis=API,[API,...]
|
||||
| --enable-l4-ilb-subsetting | --enable-legacy-authorization
|
||||
| --enable-logging-monitoring-system-only
|
||||
| --enable-master-authorized-networks | --enable-master-global-access
|
||||
| --enable-multi-networking | --enable-network-policy
|
||||
| --enable-pod-security-policy | --enable-private-endpoint
|
||||
| --[no-]enable-ray-cluster-logging
|
||||
| --enable-logging-monitoring-system-only | --enable-multi-networking
|
||||
| --enable-network-policy | --enable-pod-security-policy
|
||||
| --enable-private-nodes | --[no-]enable-ray-cluster-logging
|
||||
| --[no-]enable-ray-cluster-monitoring | --enable-secret-manager
|
||||
| --enable-service-externalips | --enable-shielded-nodes
|
||||
| --enable-stackdriver-kubernetes | --enable-vertical-pod-autoscaling
|
||||
|
|
@ -76,6 +74,11 @@ SYNOPSIS
|
|||
| --disable-dataplane-v2-flow-observability
|
||||
| --enable-dataplane-v2-flow-observability
|
||||
--disable-dataplane-v2-metrics | --enable-dataplane-v2-metrics
|
||||
| --enable-authorized-networks-on-private-endpoint
|
||||
--enable-dns-access --enable-google-cloud-access --enable-ip-access
|
||||
--enable-master-global-access --enable-private-endpoint
|
||||
--enable-master-authorized-networks
|
||||
--master-authorized-networks=NETWORK,[NETWORK,...]
|
||||
| [--enable-autoprovisioning
|
||||
: --autoprovisioning-config-file=PATH_TO_FILE
|
||||
| --autoprovisioning-image-type=AUTOPROVISIONING_IMAGE_TYPE
|
||||
|
|
@ -101,9 +104,7 @@ SYNOPSIS
|
|||
| --password=PASSWORD --enable-basic-auth
|
||||
| --username=USERNAME, -u USERNAME) [--async]
|
||||
[--cloud-run-config=[load-balancer-type=EXTERNAL,...]]
|
||||
[--istio-config=[auth=MTLS_PERMISSIVE,...]]
|
||||
[--master-authorized-networks=NETWORK,[NETWORK,...]]
|
||||
[--node-pool=NODE_POOL]
|
||||
[--istio-config=[auth=MTLS_PERMISSIVE,...]] [--node-pool=NODE_POOL]
|
||||
[--location=LOCATION | --region=REGION | --zone=ZONE, -z ZONE]
|
||||
[--location-policy=LOCATION_POLICY --max-nodes=MAX_NODES
|
||||
--min-nodes=MIN_NODES
|
||||
|
|
@ -319,11 +320,6 @@ REQUIRED FLAGS
|
|||
Thus, flag --enable-gke-oidc is also deprecated. Please use
|
||||
--enable-identity-service to enable the Identity Service component
|
||||
|
||||
--enable-google-cloud-access
|
||||
When you enable Google Cloud Access, any public IP addresses owned by
|
||||
Google Cloud can reach the public control plane endpoint of your
|
||||
cluster.
|
||||
|
||||
--enable-identity-service
|
||||
Enable Identity Service component on the cluster.
|
||||
|
||||
|
|
@ -380,26 +376,6 @@ REQUIRED FLAGS
|
|||
and
|
||||
https://cloud.google.com/kubernetes-engine/docs/how-to/configure-metrics.
|
||||
|
||||
--enable-master-authorized-networks
|
||||
Allow only specified set of CIDR blocks (specified by the
|
||||
--master-authorized-networks flag) to connect to Kubernetes master
|
||||
through HTTPS. Besides these blocks, the following have access as
|
||||
well:
|
||||
|
||||
1) The private network the cluster connects to if
|
||||
`--enable-private-nodes` is specified.
|
||||
2) Google Compute Engine Public IPs if `--enable-private-nodes` is not
|
||||
specified.
|
||||
|
||||
Use --no-enable-master-authorized-networks to disable. When disabled,
|
||||
public internet (0.0.0.0/0) is allowed to connect to Kubernetes
|
||||
master through HTTPS.
|
||||
|
||||
--enable-master-global-access
|
||||
Use with private clusters to allow access to the master's private
|
||||
endpoint from any Google Cloud region or on-premises environment
|
||||
regardless of the private cluster's region.
|
||||
|
||||
--enable-multi-networking
|
||||
Enables multi-networking on the cluster. Multi-networking is disabled
|
||||
by default.
|
||||
|
|
@ -417,9 +393,20 @@ REQUIRED FLAGS
|
|||
PodSecurityPolicy API objects. For more information, see
|
||||
https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies.
|
||||
|
||||
--enable-private-endpoint
|
||||
Enables cluster's control plane to be accessible using private IP
|
||||
address only.
|
||||
--enable-private-nodes
|
||||
Standard cluster: Enable private nodes as a default behavior for all
|
||||
newly created node pools, if --enable-private-nodes is not provided
|
||||
at node pool creation time.
|
||||
|
||||
Modifications to this flag do not affect `--enable-private-nodes` state of the
|
||||
existing node pools.
|
||||
|
||||
Autopilot cluster: Force new and existing workloads, without explicit
|
||||
cloud.google.com/private-node=true node selector, to run on nodes
|
||||
with no public IP address.
|
||||
|
||||
Modifications to this flag trigger a re-schedule operation on all existng
|
||||
workloads to run on different node VMs.
|
||||
|
||||
--[no-]enable-ray-cluster-logging
|
||||
Enable automatic log processing sidecar for Ray clusters. Use
|
||||
|
|
@ -1136,6 +1123,57 @@ REQUIRED FLAGS
|
|||
--enable-dataplane-v2-metrics
|
||||
Exposes advanced datapath flow metrics on node port.
|
||||
|
||||
--enable-authorized-networks-on-private-endpoint
|
||||
Enable enforcement of --master-authorized-networks CIDR ranges for
|
||||
traffic reaching cluster's control plane via private IP.
|
||||
|
||||
--enable-dns-access
|
||||
Enable access to the cluster's control plane over DNS-based endpoint.
|
||||
|
||||
DNS-based control plane access is recommended.
|
||||
|
||||
--enable-google-cloud-access
|
||||
When you enable Google Cloud Access, any public IP addresses owned by
|
||||
Google Cloud can reach the public control plane endpoint of your
|
||||
cluster.
|
||||
|
||||
--enable-ip-access
|
||||
Enable access to the cluster's control plane over private IP and
|
||||
public IP if --enable-private-endpoint is not enabled.
|
||||
|
||||
--enable-master-global-access
|
||||
Use with private clusters to allow access to the master's private
|
||||
endpoint from any Google Cloud region or on-premises environment
|
||||
regardless of the private cluster's region.
|
||||
|
||||
--enable-private-endpoint
|
||||
Enables cluster's control plane to be accessible using private IP
|
||||
address only.
|
||||
|
||||
Master Authorized Networks
|
||||
|
||||
--enable-master-authorized-networks
|
||||
Allow only specified set of CIDR blocks (specified by the
|
||||
--master-authorized-networks flag) to connect to Kubernetes master
|
||||
through HTTPS. Besides these blocks, the following have access as
|
||||
well:
|
||||
|
||||
1) The private network the cluster connects to if
|
||||
`--enable-private-nodes` is specified.
|
||||
2) Google Compute Engine Public IPs if `--enable-private-nodes` is not
|
||||
specified.
|
||||
|
||||
Use --no-enable-master-authorized-networks to disable. When
|
||||
disabled, public internet (0.0.0.0/0) is allowed to connect to
|
||||
Kubernetes master through HTTPS.
|
||||
|
||||
--master-authorized-networks=NETWORK,[NETWORK,...]
|
||||
The list of CIDR blocks (up to 100 for private cluster, 50 for
|
||||
public cluster) that are allowed to connect to Kubernetes master
|
||||
through HTTPS. Specified in CIDR notation (e.g. 1.2.3.4/30). Cannot
|
||||
be specified unless --enable-master-authorized-networks is also
|
||||
specified.
|
||||
|
||||
Node autoprovisioning
|
||||
|
||||
--enable-autoprovisioning
|
||||
|
|
@ -1499,12 +1537,6 @@ OPTIONAL FLAGS
|
|||
information and migration, see
|
||||
https://cloud.google.com/istio/docs/istio-on-gke/migrate-to-anthos-service-mesh.
|
||||
|
||||
--master-authorized-networks=NETWORK,[NETWORK,...]
|
||||
The list of CIDR blocks (up to 100 for private cluster, 50 for public
|
||||
cluster) that are allowed to connect to Kubernetes master through
|
||||
HTTPS. Specified in CIDR notation (e.g. 1.2.3.4/30). Cannot be
|
||||
specified unless --enable-master-authorized-networks is also specified.
|
||||
|
||||
--node-pool=NODE_POOL
|
||||
Node pool to be updated.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue