Class: Google::Cloud::Container::V1beta1::WorkloadMetadataConfig

Inherits:

Object

• Object
• Google::Cloud::Container::V1beta1::WorkloadMetadataConfig

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/container/v1beta1/cluster_service.rb

Overview

WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.

Defined Under Namespace

Modules: Mode, NodeMetadata

Instance Attribute Summary

• #mode ⇒ ::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::Mode

  Mode is the configuration for how to expose metadata to workloads running on the node pool.

• #node_metadata ⇒ ::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::NodeMetadata

  NodeMetadata is the configuration for how to expose metadata to the workloads running on the node.

Instance Attribute Details

#mode ⇒ ::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::Mode

Returns Mode is the configuration for how to expose metadata to workloads running on the node pool.

Returns:

• (::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::Mode) —

  Mode is the configuration for how to expose metadata to workloads running on the node pool.

# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 4065

class WorkloadMetadataConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # NodeMetadata is the configuration for if and how to expose the node
  # metadata to the workload running on the node.
  module NodeMetadata
    # Not set.
    UNSPECIFIED = 0

    # Prevent workloads not in hostNetwork from accessing certain VM metadata,
    # specifically kube-env, which contains Kubelet credentials, and the
    # instance identity token.
    #
    # Metadata concealment is a temporary security solution available while the
    # bootstrapping process for cluster nodes is being redesigned with
    # significant security improvements.  This feature is scheduled to be
    # deprecated in the future and later removed.
    SECURE = 1

    # Expose all VM metadata to pods.
    EXPOSE = 2

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA_SERVER = 3
  end

  # Mode is the configuration for how to expose metadata to workloads running
  # on the node.
  module Mode
    # Not set.
    MODE_UNSPECIFIED = 0

    # Expose all Compute Engine metadata to pods.
    GCE_METADATA = 1

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA = 2
  end
end

#node_metadata ⇒ ::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::NodeMetadata

Returns NodeMetadata is the configuration for how to expose metadata to the workloads running on the node.

Returns:

• (::Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::NodeMetadata) —

  NodeMetadata is the configuration for how to expose metadata to the workloads running on the node.

# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 4065

class WorkloadMetadataConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # NodeMetadata is the configuration for if and how to expose the node
  # metadata to the workload running on the node.
  module NodeMetadata
    # Not set.
    UNSPECIFIED = 0

    # Prevent workloads not in hostNetwork from accessing certain VM metadata,
    # specifically kube-env, which contains Kubelet credentials, and the
    # instance identity token.
    #
    # Metadata concealment is a temporary security solution available while the
    # bootstrapping process for cluster nodes is being redesigned with
    # significant security improvements.  This feature is scheduled to be
    # deprecated in the future and later removed.
    SECURE = 1

    # Expose all VM metadata to pods.
    EXPOSE = 2

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA_SERVER = 3
  end

  # Mode is the configuration for how to expose metadata to workloads running
  # on the node.
  module Mode
    # Not set.
    MODE_UNSPECIFIED = 0

    # Expose all Compute Engine metadata to pods.
    GCE_METADATA = 1

    # Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
    # a metadata API to workloads that is compatible with the V1 Compute
    # Metadata APIs exposed by the Compute Engine and App Engine Metadata
    # Servers. This feature can only be enabled if Workload Identity is enabled
    # at the cluster level.
    GKE_METADATA = 2
  end
end