Class: Google::Cloud::Container::V1beta1::WorkloadMetadataConfig

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/container/v1beta1/cluster_service.rb

Overview

WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.

Defined Under Namespace

Modules: Mode, NodeMetadata

Instance Attribute Summary collapse

Instance Attribute Details

#mode::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::Mode

Returns Mode is the configuration for how to expose metadata to workloads running on the node pool.

Returns:



3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 3837

class WorkloadMetadataConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # NodeMetadata is the configuration for if and how to expose the node
  # metadata to the workload running on the node.
  module NodeMetadata
    # Not set.
    UNSPECIFIED = 0

    # Prevent workloads not in hostNetwork from accessing certain VM metadata,
    # specifically kube-env, which contains Kubelet credentials, and the
    # instance identity token.
    #
    # Metadata concealment is a temporary security solution available while the
    # bootstrapping process for cluster nodes is being redesigned with
    # significant security improvements.  This feature is scheduled to be
    # deprecated in the future and later removed.
    SECURE = 1

    # Expose all VM metadata to pods.
    EXPOSE = 2

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA_SERVER = 3
  end

  # Mode is the configuration for how to expose metadata to workloads running
  # on the node.
  module Mode
    # Not set.
    MODE_UNSPECIFIED = 0

    # Expose all Compute Engine metadata to pods.
    GCE_METADATA = 1

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA = 2
  end
end

#node_metadata::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::NodeMetadata

Returns NodeMetadata is the configuration for how to expose metadata to the workloads running on the node.

Returns:



3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 3837

class WorkloadMetadataConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # NodeMetadata is the configuration for if and how to expose the node
  # metadata to the workload running on the node.
  module NodeMetadata
    # Not set.
    UNSPECIFIED = 0

    # Prevent workloads not in hostNetwork from accessing certain VM metadata,
    # specifically kube-env, which contains Kubelet credentials, and the
    # instance identity token.
    #
    # Metadata concealment is a temporary security solution available while the
    # bootstrapping process for cluster nodes is being redesigned with
    # significant security improvements.  This feature is scheduled to be
    # deprecated in the future and later removed.
    SECURE = 1

    # Expose all VM metadata to pods.
    EXPOSE = 2

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA_SERVER = 3
  end

  # Mode is the configuration for how to expose metadata to workloads running
  # on the node.
  module Mode
    # Not set.
    MODE_UNSPECIFIED = 0

    # Expose all Compute Engine metadata to pods.
    GCE_METADATA = 1

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA = 2
  end
end