David Schweikert
David Schweikert
Currently it is only possible to filter by project id, labels and regions, but it would be useful for example to analyze only a specific GKE cluster. This is more...
Currently with --auth=oauth you need to rm -rf .config/gcpdiag to force a relogin. Provide an option to force a login.
gcpdiag sets billing project id for API calls using the X-Goog-User-Project header, either to what was passed as --billing-project, or by default to the project that is being inspected. The...
Currently iam.py can't resolve IAM groups so for example if a service account is given certain permissions via a group, that won't be detected properly.
Doc: https://cloud.google.com/kubernetes-engine/docs/how-to/network-policy#limitations_and_requirements If Network Policy is enabled, fail a best practice rule if the nodes are f1-micro or g1-small or if there are less than 3 nodes.
OS Login is not supported in public GKE clusters.
Warning that will check the image type set for NAP: https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning#default-image-type and warn if it is set to dockershim=based image type. Node images with the Docker as a container runtime...
When the constraints/compute. disableSerialPortLogging policy is enabled, GKE clusters must be created with logging disabled (serial-port-logging-enable: 'false'), otherwise the creation will fail.
I am not sure that this is possible, but it would be useful to be able to specify a "outgoing interface". This would work similarly to the '-I' option, but...
It would be nice to have this in fping as well: http://anarcat.koumbit.org/2013-12-03-announcing-prettier-noping https://github.com/octo/liboping/pull/3