Assigned
Status Update
No update yet.
Comments
xc...@google.com
Hello,
Thanks for reaching out to us!
The Product Engineering Team has been made aware of your feature request, and will address it in due course. Though we can't provide an ETA on feature requests nor guarantee their implementation, rest assured that your feedback is always taken very seriously, as it allows us to improve our products. Thank you for your trust and continued support to improve Google Cloud Platform products.
In case you want to report a new issue, please do not hesitate to create a new [Issue Tracker]
Thanks and Regards,
Onkar Mhetre
Google Cloud Support
de...@conrad.de
Specifically, this happened to us. We have a GKE cluster with two similarly-sized node pools. One has E2 nodes and the other has C2D nodes. We wanted to temporarily double the size of our E2 nodepool and checked the quotas page first. The only quota in the entire GCP project that was above 20% was "CPUs" at 55%. We reasoned that since only half of our machines were in the nodepool we wanted to double, this would only raise us to around 80-85% of quota, which seemed safe for a temporary change. We were surprised to see our scale-up fail due to quota. (And then we clumsily tried to quickly scale down to get below quota using direct GCE ASG scaling rather than GKE autoscaler, which ended up deleting a bunch of our more active machines instead of the empty ones — perhaps user error, but a bigger impact than we had expected for what we thought was going to be a simple "scale up fast, let it scale down slowly once our temporary need was over".)
Had the human-readable label in the UI said "E2 and N1 CPUs" instead of "CPUs" we would not have made that mistake: we would have tried for a smaller scale-up or requested more quota first.
I assume that the "internal"/computer-readable name `CPUS` is unlikely to change for compatibility reasons, but hopefully the UI display name is less hardcoded?
Had the human-readable label in the UI said "E2 and N1 CPUs" instead of "CPUs" we would not have made that mistake: we would have tried for a smaller scale-up or requested more quota first.
I assume that the "internal"/computer-readable name `CPUS` is unlikely to change for compatibility reasons, but hopefully the UI display name is less hardcoded?
[Deleted User] <[Deleted User]>
Hi
Just to add this would really help in our office. We have devices we would rather not have a Google account use and the workarounds are not great.
Thanks
Just to add this would really help in our office. We have devices we would rather not have a Google account use and the workarounds are not great.
Thanks
[Deleted User] <[Deleted User]>
Is there any update to it? We have so many usecases accessing from office, etc!
Description
What you would like to accomplish:
Would like to be able to white list IPs for Identity Aware Proxy so those specific IP addresses do not need to authenticate when connecting to the IAP.
How this might work:
Add an option for IAPs for white listing IP addresses. White listed IPs traffic should bypass IAP authentication & connect to the service without supplying credentials.
If applicable, reasons why alternative solutions are not sufficient:
Other workarounds are possible but they involve using another IP address, & setting up a new service, firewall rules, etc. This feature would reduce/remove that work load.
Other information (workarounds you have tried, documentation consulted, etc):
There are a number of work arounds but they all involve setup which can be reduced with this feature.
i.e.
Creating a second load balancer
creating internal load balancer & connecting through GCE instance
Creating node port service
Connecting through VPN to an internal service