Using Command Line: To set the node image to cos for an existing cluster’s Node pool:
gcloud container clusters upgrade [CLUSTER_NAME]\
--image-type cos \
--zone [COMPUTE_ZONE] --node-pool [POOL_NAME]
Using Command Line: To enable node auto-repair for an existing cluster with Node pool, run the following command:
gcloud container node-pools update [POOL_NAME] \
--cluster [CLUSTER_NAME] --zone [COMPUTE_ZONE] \
--enable-autorepair
Using Command Line: To enable node auto-upgrade for an existing cluster’s Node pool, run the following command:
gcloud container node-pools update [NODE_POOL] \
--cluster [CLUSTER_NAME] --zone [COMPUTE_ZONE] \
--enable-autoupgrade
Using Command Line: Create a new cluster by running the following command:
gcloud beta container clusters create [CLUSTER_NAME] \
--zone [COMPUTE_ZONE] \
--release-channel [RELEASE_CHANNEL]
where [RELEASE_CHANNEL] is stable or regular according to your needs.
Using Command Line: To create a Node pool within the cluster with Integrity Monitoring enabled, run the following command:
gcloud beta container node-pools create [NODEPOOL_NAME] \
--cluster [CLUSTER_NAME] --zone [COMPUTE_ZONE] \
--shielded-integrity-monitoring
You will also need to migrate workloads from existing non-conforming Node pools to the newly created Node pool, then delete the non-conforming pools.
Using Command Line: To migrate an existing cluster, you will need to specify the –enable-shielded-nodes flag on a cluster update command:
gcloud beta container clusters update [CLUSTER_NAME] \
--zone [CLUSTER_ZONE] \
--enable-shielded-nodes
Using Command Line: To create a Node pool within the cluster with Secure Boot enabled, run the following command:
gcloud beta container node-pools create [NODEPOOL_NAME] \
--cluster [CLUSTER_NAME] --zone [COMPUTE_ZONE] \
--shielded-secure-boot
You will also need to migrate workloads from existing non-conforming Node pools to the newly created Node pool, then delete the non-conforming pools.