1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-18 06:47:12 +00:00

gcloud: Wed Nov 19 10:58:36 UTC 2025

This commit is contained in:
Automated 2025-11-19 10:58:36 +00:00
parent e1ec13485a
commit 7b14250313
392 changed files with 17141 additions and 774 deletions

View file

@ -13,6 +13,7 @@ SYNOPSIS
| --containerd-config-from-file=PATH_TO_FILE
| --enable-confidential-nodes | --enable-gvnic
| --enable-image-streaming | --enable-insecure-kubelet-readonly-port
| --enable-kernel-module-signature-enforcement
| --enable-private-nodes | --enable-queued-provisioning
| --flex-start | --labels=[KEY=VALUE,...]
| --logging-variant=LOGGING_VARIANT
@ -137,6 +138,19 @@ REQUIRED FLAGS
To disable the readonly port on a cluster or node-pool set the flag
to --no-enable-insecure-kubelet-readonly-port.
--enable-kernel-module-signature-enforcement
Enforces that kernel modules are signed on all nodes in the node
pool. This setting overrides the cluster-level setting. For example,
if the cluster disables enforcement, you can enable enforcement only
for a specific node pool. When the policy is modified on an existing
node pool, nodes will be immediately recreated to use the new policy.
Use --no-enable-kernel-module-signature-enforcement to disable.
Examples:
$ gcloud container node-pools update node-pool-1 \
--enable-kernel-module-signature-enforcement
--enable-private-nodes
Enables provisioning nodes with private IP addresses only.