Securing Applications on Kubernetes Engine - Three ExamplesGo to Lab
make teardown not work, with error
tear down script does not work
Fine but the teardown script is broken for for Securing Applications on Kubernetes Engine - Three Examples. I only completed the lab by deleting the firewall and VPC network manually.
The lab itself is very interesting and educational. The infrastructure setup with Terraform has some obstacles: `make teardown` fails with: ``` Error: Get https://container.googleapis.com/v1beta1/projects/qwiklabs-gcp-04-bfe8ca3376dc/locations/us-central1-a/clusters/gke-security-demo-ss?alt=json&prettyPrint=false: dial tcp [2a00:1450:400c:c0b::5f]:443: connect: cannot assign requested address ``` WTF Running `make teardown` a second time fails with errors about missing values for Terraform variables; `terraform/terraform.tfvars` has vanished. This is because `scripts/teardown.sh` unconditionally removes this file even if the `terraform` command itself fails (e.g. because of a timeout) … which prevents you from running teardown a second time. Fixed by commenting this out and restoring the tfvars file ... and running teardown again: ``` Error: Error reading ComputeNetwork "kube-net-ss": Get https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-04-bfe8ca3376dc/global/networks/kube-net-ss?al t=json: dial tcp [2a00:1450:400c:c04::5f]:443: connect: cannot assign requested address ``` Where do these IPv6 addrs come from? Running teardown yet another time finally works. For the record, this all was in `us-central1-a`. Oh and BTW, in the Overview section: link to Github repo is wrong; should be: https://github.com/GoogleCloudPlatform/gke-security-scenarios-demo. This looks like a cut-and-paste relict from another lab.