mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-18 06:47:12 +00:00
gcloud: Wed Nov 19 10:58:36 UTC 2025
This commit is contained in:
parent
e1ec13485a
commit
7b14250313
392 changed files with 17141 additions and 774 deletions
|
|
@ -13,6 +13,7 @@ SYNOPSIS
|
|||
| --containerd-config-from-file=PATH_TO_FILE
|
||||
| --enable-confidential-nodes | --enable-gvnic
|
||||
| --enable-image-streaming | --enable-insecure-kubelet-readonly-port
|
||||
| --enable-kernel-module-signature-enforcement
|
||||
| --enable-private-nodes | --enable-queued-provisioning
|
||||
| --flex-start | --labels=[KEY=VALUE,...]
|
||||
| --logging-variant=LOGGING_VARIANT
|
||||
|
|
@ -137,6 +138,19 @@ REQUIRED FLAGS
|
|||
To disable the readonly port on a cluster or node-pool set the flag
|
||||
to --no-enable-insecure-kubelet-readonly-port.
|
||||
|
||||
--enable-kernel-module-signature-enforcement
|
||||
Enforces that kernel modules are signed on all nodes in the node
|
||||
pool. This setting overrides the cluster-level setting. For example,
|
||||
if the cluster disables enforcement, you can enable enforcement only
|
||||
for a specific node pool. When the policy is modified on an existing
|
||||
node pool, nodes will be immediately recreated to use the new policy.
|
||||
Use --no-enable-kernel-module-signature-enforcement to disable.
|
||||
|
||||
Examples:
|
||||
|
||||
$ gcloud container node-pools update node-pool-1 \
|
||||
--enable-kernel-module-signature-enforcement
|
||||
|
||||
--enable-private-nodes
|
||||
Enables provisioning nodes with private IP addresses only.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue