1. Open the GCP Console and navigate to the Cloud Build page.
2. Click on the “Worker pools” tab from the left-hand menu.
3. Select the worker pool for which you want to set the teardown policy.
4. Click on the “Edit” button at the top of the page.
5. Scroll down to the “Teardown policy” section.
6. Select the “Delete instances when the pool is idle” option.
7. Click on the “Save” button at the bottom of the page.
8. Verify that the teardown policy has been set correctly by checking the “Teardown policy” section for the worker pool.

​

1. Open the Google Cloud SDK Shell or any other terminal of your choice.
2. Run the following command to set the worker pool teardown policy to “delete”:

gcloud container node-pools update [POOL_NAME] --cluster=[CLUSTER_NAME] --workload-metadata=GKE_METADATA --teardown-policy=delete

3. Once the command is executed successfully, the worker pool teardown policy will be set to “delete”.
4. Verify the changes by running the following command:

gcloud container node-pools describe [POOL_NAME] --cluster=[CLUSTER_NAME] --format="json" | jq '.management.autoRepair' 

5. If the output of the above command is “true”, then the worker pool teardown policy has been successfully set to “delete”.

1. Install the required libraries:
   Copy

   Ask AI

   pip install google-cloud-logging google-auth google-auth-oauthlib google-auth-httplib2
   

2. Set up authentication to access the GCP project:
   Copy

   Ask AI

   from google.oauth2 import service_account
   
   credentials = service_account.Credentials.from_service_account_file('path/to/service_account.json')
   

3. Create a Logging client to access the logs:
   Copy

   Ask AI

   from google.cloud import logging_v2
   
   client = logging_v2.LoggingServiceV2Client(credentials=credentials)
   

4. Define the filter to search for the relevant log entries:
   Copy

   Ask AI

   filter_str = 'resource.type="k8s_container" AND log_name="projects/<project_id>/logs/stderr" AND severity="ERROR" AND textPayload:"WorkerPoolTeardownPolicy" AND textPayload:"not set"'
   

   Replace <project_id> with your GCP project ID.
5. Retrieve the log entries using the filter:
   Copy

   Ask AI

   response = client.list_log_entries(filter_=filter_str)
   

6. For each log entry, retrieve the relevant metadata:
   Copy

   Ask AI

   for entry in response:
       print(f"Log Name: {entry.log_name}")
       print(f"Resource Type: {entry.resource.type}")
       print(f"Resource Labels: {entry.resource.labels}")
       print(f"Severity: {entry.severity}")
       print(f"Timestamp: {entry.timestamp}")
       print(f"Message: {entry.json_payload['message']}")
   

7. For each relevant metadata, remediate the misconfiguration by setting the Worker Pool Teardown Policy:
   Copy

   Ask AI

   from google.cloud import container_v1
   
   client = container_v1.ClusterManagerClient(credentials=credentials)
   
   project_id = "<project_id>"
   zone = "<zone>"
   cluster_id = "<cluster_id>"
   
   cluster = client.get_cluster(project_id, zone, cluster_id)
   
   # Update the Worker Pool Teardown Policy
   for pool in cluster.node_pools:
       pool.management.auto_repair = True
       pool.management.auto_upgrade = True
       pool.management.auto_upgrade_maintenance_policy = {
           "window": {
               "dailyMaintenanceWindow": {
                   "startTime": "02:00"
               }
           }
       }
   
   # Update the cluster with the new configuration
   update_request = container_v1.types.UpdateClusterRequest(cluster=cluster, update_mask={"paths": ["node_pools"]})
   operation = client.update_cluster(update_request)
   

   Replace <project_id>, <zone> and <cluster_id> with your specific details.
8. Verify that the misconfiguration has been remediated by checking the logs again.