From d5c8bbce514394a23176ec71023b4a6442bf2794 Mon Sep 17 00:00:00 2001 From: Sergii Tkachenko Date: Fri, 20 May 2022 10:44:59 -0700 Subject: [PATCH] xds-k8s: Do not recommend enabling mesh certs by default (#29743) This should covered separately per this note: > For more details, and for the setup for security tests, see ["Setting up Traffic Director service security with proxyless gRPC"](https://cloud.google.com/traffic-director/docs/security-proxyless-setup) user guide. --- tools/run_tests/xds_k8s_test_driver/README.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/tools/run_tests/xds_k8s_test_driver/README.md b/tools/run_tests/xds_k8s_test_driver/README.md index 67b65dc3b99..eff908574e5 100644 --- a/tools/run_tests/xds_k8s_test_driver/README.md +++ b/tools/run_tests/xds_k8s_test_driver/README.md @@ -30,6 +30,21 @@ changes to this codebase at the moment. `kubectl` can be installed via `gcloud components install kubectl`, or system package manager: https://kubernetes.io/docs/tasks/tools/#kubectl +##### Getting Started + +1. If you haven't, [initialize](https://cloud.google.com/sdk/docs/install-sdk) gcloud SDK +2. Activate gcloud [configuration](https://cloud.google.com/sdk/docs/configurations) with your project +3. Enable gcloud services: + ```shell + gcloud services enable \ + compute.googleapis.com \ + container.googleapis.com \ + networksecurity.googleapis.com \ + networkservices.googleapis.com \ + secretmanager.googleapis.com \ + trafficdirector.googleapis.com + ``` + #### Configure GKE cluster This is an example outlining minimal requirements to run `tests.baseline_test`. For more details, and for the setup for security tests, see @@ -69,7 +84,6 @@ gcloud container clusters create "${CLUSTER_NAME}" \ --zone="${ZONE}" \ --enable-ip-alias \ --workload-pool="${PROJECT_ID}.svc.id.goog" \ - --enable-mesh-certificates \ --workload-metadata=GKE_METADATA \ --tags=allow-health-checks ```