It's basically still the only game in town for a high performance shared posix filesystem with multiple writers and builtin support in basically all operating systems. As an application developer, I probably wouldn't choose to design a system that needed it. However there are lots of good reasons why a company in 2023 might decide to use this NFS based product: https://cloud.google.com/filestore?hl=en. - Source: Hacker News / over 1 year ago

Hi, Brandon from GCS here! If you're looking for all of the guarantees of a real, POSIX filesystem, you want to do fast top level directory listing for 100MM+ nested files, and POSIX permissions/owner/group and other file metadata are important to you, Gcsfuse is probably not what you're after. You might want something more like Filestore: https://cloud.google.com/filestore Gcsfuse is a great way to mount Cloud... - Source: Hacker News / over 1 year ago

At Redactics we needed a way to provide writeable persistent storage to multiple Kubernetes pods. Cost effective ReadWriteMany storage options are generally somewhat limited, in our experience. Using Amazon S3 or the like was also not a great option for us, because the Redactics SMART Agent uses Apache Airflow and the KubernetesPodOperator for a number of its workflow steps - many of which run in parallel. This... - Source: dev.to / over 2 years ago

It sounds like you're looking for Filestore. You can mount Filestore shares as NFS in GKE deployments, and every deployment sees the same set of files. Source: almost 3 years ago

Grafana.ini: ... database: type: postgres host: ":5432" name: grafana user: grafana # password: "" # obtained from GF_DATABASE_PASSWORD env users: allow_sign_up: false allow_org_create: true auto_assign_org: true auto_assign_org_id: 1 auto_assign_org_role: Viewer verify_email_enabled: false default_theme: dark viewers_can_edit: false editors_can_admin:... - Source: dev.to / 5 months ago

That is not how you do Zero Trust. You want to use an Identity Aware Proxy. There are lots of ways you can implement this with Google as your core auth. For example Pomerium or oauth2-proxy. Source: over 1 year ago

It's like this, which may be what you're referring to: https://cloud.google.com/iap. Source: about 2 years ago

If System A is operated by a user in realtime, I would lean toward using strong user or app identity (Firebase Authentication, Firebase App Check or Identity-Aware Proxy). But that would mean major modifications to System A, and you described it as a "closed system" so maybe that's not possible? Source: about 2 years ago

Put Identity-Aware Proxy in front of your application. It will block anyone who is not from the right domain or in your access control list. This option is useful if you only want to allow a list of users known ahead of time, like for a company-internal app. Source: over 2 years ago