个人中心
gpt4 book ai didi

windows - 在 Azure AKS 节点上运行 PowerShell 脚本,

转载 作者:行者123 更新时间:2023-12-02 23:37:31 24 4
gpt4 key购买 nike

我有一个 PowerShell 脚本,想要在某些 Azure AKS 节点(运行 Windows)上运行以部署安全工具。软件供应商没有为此设置守护程序。我该如何完成它?

感谢一百万阿卜杜勒

最佳答案

已提出类似问题here 。用户philipwelz已写:

Hey,

although there could be ways to do this, i would recommend that you dont. The reason is that your AKS setup should not allow execute scripts inside container directly on AKS nodes. This would imply a huge security issue IMO.

I suggest to find a way the execute your script directly on your nodes, for example with PowerShell remoting or any way that suits you.

BR,
Philip

这位用户是对的。您应该避免在 AKS 节点上执行脚本。在您的情况下,如果您想部署 Prisma 云,您需要使用 following doc 。你是对的,安装脚本只能在 Linux 上运行:

Install scripts work on Linux hosts only.

但是,对于 Windows 和 Mac 软件,您有特定的 yaml 文件:

For macOS and Windows hosts, use twistcli to generate Defender DaemonSet YAML configuration files, and then deploy it with kubectl, as described in the following procedure.

整个过程在我引用的文档中有详细描述。注意步骤3和步骤4。正如您所看到的,不需要运行任何powershell脚本:

第 3 步:

   The following command connects to Console (specified in  [--address](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_kubernetes.html#)) as user <ADMIN> (specified in  [--user](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_kubernetes.html#)), and generates a Defender DaemonSet YAML config file according to the configuration options passed to  [twistcli](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_kubernetes.html#). The  [--cluster-address](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_kubernetes.html#)  option specifies the address Defender uses to connect to Console.
   
   $ <PLATFORM>/twistcli defender export kubernetes \
     --user <ADMIN_USER> \
     --address <PRISMA_CLOUD_COMPUTE_CONSOLE_URL> \
     --cluster-address <PRISMA_CLOUD_COMPUTE_HOSTNAME>
   
   -   <PLATFORM> can be linux, osx, or windows.
       
   -   <ADMIN_USER> is the name of a Prisma Cloud user with the System Admin role.

然后是第 4 步:

kubectl create -f ./defender.yaml

关于windows - 在 Azure AKS 节点上运行 PowerShell 脚本,,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68940972/

24 4 0
文章推荐: javascript - 当用户更改选项卡并返回时,停止触发事件监听器
文章推荐: matlab - 检测时间扩散回波
文章推荐: javascript - 如何在渲染后禁用视频?
文章推荐: apache - elasticsearch-mesos不在mesosUI框架下列出
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com