mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-18 06:47:12 +00:00
gcloud: Wed Nov 19 10:58:36 UTC 2025
This commit is contained in:
parent
e1ec13485a
commit
7b14250313
392 changed files with 17141 additions and 774 deletions
|
|
@ -28,6 +28,7 @@ SYNOPSIS
|
|||
[--enable-blue-green-upgrade] [--enable-confidential-nodes]
|
||||
[--enable-confidential-storage] [--enable-gvnic]
|
||||
[--enable-image-streaming] [--enable-insecure-kubelet-readonly-port]
|
||||
[--enable-kernel-module-signature-enforcement]
|
||||
[--enable-nested-virtualization] [--enable-private-nodes]
|
||||
[--enable-queued-provisioning] [--enable-surge-upgrade] [--flex-start]
|
||||
[--image-type=IMAGE_TYPE] [--labels=[KEY=VALUE,...]]
|
||||
|
|
@ -326,6 +327,19 @@ FLAGS
|
|||
To disable the readonly port on a cluster or node-pool set the flag to
|
||||
--no-enable-insecure-kubelet-readonly-port.
|
||||
|
||||
--enable-kernel-module-signature-enforcement
|
||||
Enforces that kernel modules are signed on all nodes in the node pool.
|
||||
This setting overrides the cluster-level setting. For example, if the
|
||||
cluster disables enforcement, you can enable enforcement only for a
|
||||
specific node pool. When the policy is modified on an existing node
|
||||
pool, nodes will be immediately recreated to use the new policy. Use
|
||||
--no-enable-kernel-module-signature-enforcement to disable.
|
||||
|
||||
Examples:
|
||||
|
||||
$ gcloud alpha container node-pools create node-pool-1 \
|
||||
--enable-kernel-module-signature-enforcement
|
||||
|
||||
--enable-nested-virtualization
|
||||
Enables the use of nested virtualization on the node pool. Defaults to
|
||||
false. Can only be enabled on UBUNTU_CONTAINERD base image or
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue