Module: Google::Cloud::Container::V1beta1::WorkloadMetadataConfig::NodeMetadata

Defined in:

proto_docs/google/container/v1beta1/cluster_service.rb

Overview

NodeMetadata is the configuration for if and how to expose the node metadata to the workload running on the node.

Constant Summary

UNSPECIFIED =

Not set.

0

SECURE =

Prevent workloads not in hostNetwork from accessing certain VM metadata, specifically kube-env, which contains Kubelet credentials, and the instance identity token.

Metadata concealment is a temporary security solution available while the bootstrapping process for cluster nodes is being redesigned with significant security improvements. This feature is scheduled to be deprecated in the future and later removed.

1

EXPOSE =

Expose all VM metadata to pods.

2