1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-18 14:56:05 +00:00

gcloud: Thu Jul 20 11:47:24 UTC 2023

This commit is contained in:
Automated 2023-07-20 11:47:25 +00:00
parent b4c2508b12
commit 64e67b443c
325 changed files with 10090 additions and 1806 deletions

View file

@ -19,6 +19,7 @@ SYNOPSIS
[--cluster-version=CLUSTER_VERSION]
[--create-subnetwork=[KEY=VALUE,...]]
[--database-encryption-key=DATABASE_ENCRYPTION_KEY]
[--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE]
[--default-max-pods-per-node=DEFAULT_MAX_PODS_PER_NODE]
[--disable-default-snat] [--disable-pod-cidr-overprovision]
[--disk-size=DISK_SIZE] [--disk-type=DISK_TYPE] [--enable-autorepair]
@ -28,6 +29,7 @@ SYNOPSIS
[--enable-dataplane-v2] [--enable-fleet] [--enable-fqdn-network-policy]
[--enable-gke-oidc] [--enable-google-cloud-access] [--enable-gvnic]
[--enable-identity-service] [--enable-image-streaming]
[--enable-insecure-kubelet-readonly-port]
[--enable-intra-node-visibility] [--enable-ip-alias]
[--enable-kubernetes-alpha]
[--enable-kubernetes-unstable-apis=API,[API,...]]
@ -67,11 +69,12 @@ SYNOPSIS
[--workload-metadata=WORKLOAD_METADATA] [--workload-pool=WORKLOAD_POOL]
[--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING]
[--additional-zones=ZONE,[ZONE,...] | --node-locations=ZONE,[ZONE,...]]
[--binauthz-policy=BINAUTHZ_POLICY
[--binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]
--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE
| --enable-binauthz]
[--cluster-dns=CLUSTER_DNS --cluster-dns-domain=CLUSTER_DNS_DOMAIN
--cluster-dns-scope=CLUSTER_DNS_SCOPE]
[--disable-dataplane-v2-metrics | --enable-dataplane-v2-metrics]
[[--enable-autoprovisioning
: --autoprovisioning-config-file=AUTOPROVISIONING_CONFIG_FILE
| [--max-cpu=MAX_CPU --max-memory=MAX_MEMORY
@ -321,6 +324,35 @@ FLAGS
For more information, see
https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets.
--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE
Select Advanced Datapath Observability mode for the cluster. Defaults
to DISABLED.
Advanced Datapath Observability allows for a real-time view into
pod-to-pod traffic within your cluster.
Examples:
$ gcloud beta container clusters create \
--dataplane-v2-observability-mode=DISABLED
$ gcloud beta container clusters create \
--dataplane-v2-observability-mode=INTERNAL_VPC_LB
$ gcloud beta container clusters create \
--dataplane-v2-observability-mode=EXTERNAL_LB
DATAPLANE_V2_OBSERVABILITY_MODE must be one of:
DISABLED
Disables Advanced Datapath Observability.
EXTERNAL_LB
Makes Advanced Datapath Observability available to the external
network.
INTERNAL_VPC_LB
Makes Advanced Datapath Observability available from the VPC
network.
--default-max-pods-per-node=DEFAULT_MAX_PODS_PER_NODE
The default max number of pods per node for node pools in the cluster.
@ -477,6 +509,12 @@ FLAGS
--enable-image-streaming
Specifies whether to enable image streaming on cluster.
--enable-insecure-kubelet-readonly-port
Enables the Kubelet's insecure Read Only Port.
To disable in an existing cluster, explicitly set flag to
--no-enable-insecure-kubelet-readonly-port.
--enable-intra-node-visibility
Enable Intra-node visibility for this cluster.
@ -1210,7 +1248,7 @@ FLAGS
Flags for Binary Authorization:
--binauthz-policy=BINAUTHZ_POLICY
--binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]
The relative resource name of the Binary Authorization policy to
audit and/or enforce. GKE policies have the following format:
projects/{project_number}/platforms/gke/policies/{policy_id}.
@ -1259,6 +1297,14 @@ FLAGS
vpc
Configures the Cloud DNS zone to be private to the VPC Network.
At most one of these can be specified:
--disable-dataplane-v2-metrics
Stops exposing advanced datapath flow metrics on node port.
--enable-dataplane-v2-metrics
Exposes advanced datapath flow metrics on node port.
Node autoprovisioning
--enable-autoprovisioning

View file

@ -10,8 +10,10 @@ SYNOPSIS
[--cluster-secondary-range-name=NAME]
[--cluster-version=CLUSTER_VERSION]
[--create-subnetwork=[KEY=VALUE,...]]
[--database-encryption-key=DATABASE_ENCRYPTION_KEY] [--enable-fleet]
[--enable-google-cloud-access]
[--database-encryption-key=DATABASE_ENCRYPTION_KEY]
[--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE]
[--enable-fleet] [--enable-google-cloud-access]
[--enable-insecure-kubelet-readonly-port]
[--enable-kubernetes-unstable-apis=API,[API,...]]
[--enable-master-global-access] [--fleet-project=PROJECT_ID_OR_NUMBER]
[--logging=[COMPONENT,...]] [--monitoring=[COMPONENT,...]]
@ -22,7 +24,7 @@ SYNOPSIS
[--workload-policies=WORKLOAD_POLICIES]
[--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING]
[--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE
--binauthz-policy=BINAUTHZ_POLICY]
--binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]]
[--enable-master-authorized-networks
--master-authorized-networks=NETWORK,[NETWORK,...]]
[--enable-private-endpoint
@ -155,6 +157,35 @@ FLAGS
For more information, see
https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets.
--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE
Select Advanced Datapath Observability mode for the cluster. Defaults
to DISABLED.
Advanced Datapath Observability allows for a real-time view into
pod-to-pod traffic within your cluster.
Examples:
$ gcloud beta container clusters create-auto \
--dataplane-v2-observability-mode=DISABLED
$ gcloud beta container clusters create-auto \
--dataplane-v2-observability-mode=INTERNAL_VPC_LB
$ gcloud beta container clusters create-auto \
--dataplane-v2-observability-mode=EXTERNAL_LB
DATAPLANE_V2_OBSERVABILITY_MODE must be one of:
DISABLED
Disables Advanced Datapath Observability.
EXTERNAL_LB
Makes Advanced Datapath Observability available to the external
network.
INTERNAL_VPC_LB
Makes Advanced Datapath Observability available from the VPC
network.
--enable-fleet
Set cluster project as the fleet host project. This will register the
cluster to the same project. To register the cluster to a fleet in a
@ -166,6 +197,12 @@ FLAGS
Google Cloud can reach the public control plane endpoint of your
cluster.
--enable-insecure-kubelet-readonly-port
Enables the Kubelet's insecure Read Only Port.
To disable in an existing cluster, explicitly set flag to
--no-enable-insecure-kubelet-readonly-port.
--enable-kubernetes-unstable-apis=API,[API,...]
Enable Kubernetes beta API features on this cluster. Beta APIs are not
expected to be production ready and should be avoided in
@ -342,7 +379,7 @@ FLAGS
POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE,
PROJECT_SINGLETON_POLICY_ENFORCE.
--binauthz-policy=BINAUTHZ_POLICY
--binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]
The relative resource name of the Binary Authorization policy to
audit and/or enforce. GKE policies have the following format:
projects/{project_number}/platforms/gke/policies/{policy_id}.

View file

@ -8,12 +8,14 @@ SYNOPSIS
| --autoscaling-profile=AUTOSCALING_PROFILE | --clear-fleet-project
| --complete-credential-rotation | --complete-ip-rotation
| --database-encryption-key=DATABASE_ENCRYPTION_KEY
| --dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE
| --disable-database-encryption | --disable-default-snat
| --disable-workload-identity | --enable-autoscaling
| --enable-cost-allocation | --enable-fleet
| --enable-fqdn-network-policy | --enable-gke-oidc
| --enable-google-cloud-access | --enable-identity-service
| --enable-image-streaming | --enable-intra-node-visibility
| --enable-image-streaming | --enable-insecure-kubelet-readonly-port
| --enable-intra-node-visibility
| --enable-kubernetes-unstable-apis=API,[API,...]
| --enable-l4-ilb-subsetting | --enable-legacy-authorization
| --enable-logging-monitoring-system-only
@ -41,7 +43,7 @@ SYNOPSIS
| --additional-pod-ipv4-ranges=NAME,[NAME,...]
--remove-additional-pod-ipv4-ranges=NAME,[NAME,...]
| --additional-zones=[ZONE,...] | --node-locations=ZONE,[ZONE,...]
| --binauthz-policy=BINAUTHZ_POLICY
| --binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]
--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE
| --enable-binauthz | --clear-maintenance-window
| --remove-maintenance-exclusion=NAME
@ -57,7 +59,9 @@ SYNOPSIS
--enable-resource-consumption-metering
--resource-usage-bigquery-dataset=RESOURCE_USAGE_BIGQUERY_DATASET
| --cluster-dns=CLUSTER_DNS --cluster-dns-domain=CLUSTER_DNS_DOMAIN
--cluster-dns-scope=CLUSTER_DNS_SCOPE | [--enable-autoprovisioning
--cluster-dns-scope=CLUSTER_DNS_SCOPE
| --disable-dataplane-v2-metrics | --enable-dataplane-v2-metrics
| [--enable-autoprovisioning
: --autoprovisioning-config-file=AUTOPROVISIONING_CONFIG_FILE
| --autoprovisioning-image-type=AUTOPROVISIONING_IMAGE_TYPE
--autoprovisioning-locations=ZONE,[ZONE,...]
@ -163,6 +167,35 @@ REQUIRED FLAGS
For more information, see
https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets.
--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE
Select Advanced Datapath Observability mode for the cluster. Defaults
to DISABLED.
Advanced Datapath Observability allows for a real-time view into
pod-to-pod traffic within your cluster.
Examples:
$ gcloud beta container clusters update \
--dataplane-v2-observability-mode=DISABLED
$ gcloud beta container clusters update \
--dataplane-v2-observability-mode=INTERNAL_VPC_LB
$ gcloud beta container clusters update \
--dataplane-v2-observability-mode=EXTERNAL_LB
DATAPLANE_V2_OBSERVABILITY_MODE must be one of:
DISABLED
Disables Advanced Datapath Observability.
EXTERNAL_LB
Makes Advanced Datapath Observability available to the external
network.
INTERNAL_VPC_LB
Makes Advanced Datapath Observability available from the VPC
network.
--disable-database-encryption
Disable database encryption.
@ -256,6 +289,12 @@ REQUIRED FLAGS
--enable-image-streaming
Specifies whether to enable image streaming on cluster.
--enable-insecure-kubelet-readonly-port
Enables the Kubelet's insecure Read Only Port.
To disable in an existing cluster, explicitly set flag to
--no-enable-insecure-kubelet-readonly-port.
--enable-intra-node-visibility
Enable Intra-node visibility for this cluster.
@ -690,7 +729,7 @@ REQUIRED FLAGS
Flags for Binary Authorization:
--binauthz-policy=BINAUTHZ_POLICY
--binauthz-policy-bindings=[name=BINAUTHZ_POLICY,...]
The relative resource name of the Binary Authorization policy to
audit and/or enforce. GKE policies have the following format:
projects/{project_number}/platforms/gke/policies/{policy_id}.
@ -875,6 +914,14 @@ REQUIRED FLAGS
vpc
Configures the Cloud DNS zone to be private to the VPC Network.
At most one of these can be specified:
--disable-dataplane-v2-metrics
Stops exposing advanced datapath flow metrics on node port.
--enable-dataplane-v2-metrics
Exposes advanced datapath flow metrics on node port.
Node autoprovisioning
--enable-autoprovisioning