gcpdiag
gcpdiag copied to clipboard
GoogleCloudPlatform
gcpdiag is a command-line diagnostics tool for GCP customers.
I tried to use it with Github Actions - minimalistic setup to reproduce (I know configs like credentials are missing, but it's not required for the reproduction): ```yml name: GCP...
GKE Private clusters are almost always the right answer. NAT gateways and GLBs can be used to cover almost any use case where a cluster needs to communicate with the...
Please publish to PyPI so gcpdiag can be installed with pip (or [pipx](https://pypa.github.io/pipx/)), and so that the community can build distro packages out of it (homebrew, AUR, other linux distros)....
Currently it is only possible to filter by project id, labels and regions, but it would be useful for example to analyze only a specific GKE cluster. This is more...
Currently with --auth=oauth you need to rm -rf .config/gcpdiag to force a relogin. Provide an option to force a login.
gcpdiag sets billing project id for API calls using the X-Goog-User-Project header, either to what was passed as --billing-project, or by default to the project that is being inspected. The...
Currently iam.py can't resolve IAM groups so for example if a service account is given certain permissions via a group, that won't be detected properly.
Doc: https://cloud.google.com/kubernetes-engine/docs/how-to/network-policy#limitations_and_requirements If Network Policy is enabled, fail a best practice rule if the nodes are f1-micro or g1-small or if there are less than 3 nodes.
OS Login is not supported in public GKE clusters.
Warning that will check the image type set for NAP: https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning#default-image-type and warn if it is set to dockershim=based image type. Node images with the Docker as a container runtime...
Metadata
Owner
Metadata
gcpdiag is a command-line diagnostics tool for GCP customers.