Workload metadata variables


You can change the Confidential Space workload VM behavior by passing variables into the --metadata option when you create the VM.

To pass in multiple variables, first set the delimiter by prefixing the --metadata value with ^~^. This sets the delimiter to ~, as , is used in variable values.

For example:

metadata="^~^tee-restart-policy=Always~tee-image-reference=us-docker.pkg.dev/WORKLOAD_AUTHOR_PROJECT_ID/REPOSITORY_NAME/WORKLOAD_CONTAINER_NAME:latest"

The following table details the metadata variables you can set for your workload VM.

Metadata key Type Description and values

tee-image-reference

Interacts with:

String

Required. This points to the location of the workload container.

Example
tee-image-reference=us-docker.pkg.dev/WORKLOAD_AUTHOR_PROJECT_ID/REPOSITORY_NAME/WORKLOAD_CONTAINER_NAME:latest

tee-cmd

Interacts with:

String array

Overrides the CMD instructions specified in the workload container's Dockerfile.

Example
tee-cmd=['ls', 'cat ./file.txt']

tee-container-log-redirect

Interacts with:

Defined string

Outputs STDOUT and STDERR from the workload container to Cloud Logging or serial console, under the confidential-space-launcher field.

The valid values are:

  • false: (default) no logging occurs.
  • true: outputs to the serial console and Cloud Logging.
  • cloud_logging: outputs to Cloud Logging only.
  • serial: outputs to the serial console only.

A high log volume in the serial console might impact workload performance.

Example
tee-container-log-redirect=true

tee-dev-shm-size

Integer

Sets the size in kB of the /dev/shm shared memory mount.

Example
tee-dev-shm-size=65536

tee-env-ENVIRONMENT_VARIABLE_NAME

Interacts with:

String

Sets environment variables in the workload container. The workload author must also add the environment variable names to the allow_env_override launch policy, or they won't be set.

Example
tee-env-example-env-1='value-1'~tee-env-example-env-2='value-2'

tee-impersonate-service-accounts

Interacts with:

String

A list of service accounts that can be impersonated by the workload operator. The workload operator must be allowed to impersonate the service accounts.

Multiple service accounts can be listed, separated by commas.

Example
tee-impersonate-service-accounts=SERVICE_ACCOUNT_NAME_1@WORKLOAD_OPERATOR_PROJECT_ID.iam.gserviceaccount.com,SERVICE_ACCOUNT_NAME_2@WORKLOAD_OPERATOR_PROJECT_ID.iam.gserviceaccount.com

tee-monitoring-memory-enable

Interacts with:

Boolean

Defaults to false. When set to true, enables memory usage monitoring. The metrics collected by the Confidential VM are of the guest/memory/bytes_used type, and can be viewed in Cloud Logging or Metrics Explorer.

Example
tee-monitoring-memory-enable=true

tee-mount

Interacts with:

String

A list of semicolon-separated mount definitions. A mount definition consists of a comma-separated list of key-value pairs, requiring type, source, and destination. destination must be an absolute path and type/source must be tmpfs.

Example
type=tmpfs,source=tmpfs,destination=/tmp/tmpfs,size=12345;type=tmpfs,source=tmpfs,destination=/run/workload

tee-restart-policy

Interacts with:

Defined string

The restart policy of the container launcher when the workload stops

The valid values are:

  • Never (default)
  • Always
  • OnFailure

This variable is only supported by the production Confidential Space image.

Example
tee-restart-policy=OnFailure

tee-signed-image-repos

Interacts with:

String

A list of comma-separated container repositories that store the signatures that are generated by Sigstore Cosign.

Example
tee-signed-image-repos=us-docker.pkg.dev/projectA/repo/example,us-docker.pkg.dev/projectB/repo/example,us-docker.pkg.dev/projectC/repo/example