docs: add GCE and GKE documentation for running NPI benchmarks

[kislaykishore]

No description provided.

[gemini-code-assist]

Code Review

This pull request introduces documentation for running Network Performance Improvement (NPI) benchmarks on GCE and GKE. The guides cover building Docker images, setting up prerequisites, and executing benchmarks via a Python script on GCE or Kubernetes Pods on GKE. Feedback was provided to enhance the security of the GKE instructions by recommending the principle of least privilege for IAM roles and removing unnecessary privileged execution modes in the Pod configurations.

[gemini-code-assist]

The roles/storage.objectAdmin role is overly permissive as it allows management of the bucket itself (e.g., deleting the bucket or changing its IAM policy). For benchmarking, roles/storage.objectUser is a more secure alternative that provides full access to objects (read, write, delete) without bucket-level administrative permissions, adhering to the principle of least privilege.

Suggested change

	--role "roles/storage.objectAdmin"
	--role "roles/storage.objectUser"

[gemini-code-assist]

The privileged: true setting is likely unnecessary and poses a security risk. Since the GKE GCS Fuse CSI driver handles the mounting process and the benchmark container simply accesses the data through a pre-mounted volume (--mount-path=/data), the container does not need elevated privileges. Removing this allows the Pod to run under more restrictive security policies (e.g., the GKE baseline or restricted Pod Security Standards).

Suggested change

	securityContext:
	privileged: true
	volumeMounts:
	volumeMounts: