- 2.54.0 (latest)
- 2.53.0
- 2.52.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.1
- 2.46.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.41.0
- 2.40.0
- 2.39.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.34.0
- 2.33.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.29.0
- 2.28.0
- 2.27.0
- 2.26.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.18.0
- 2.17.4
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.2
- 2.11.2
- 2.10.8
- 2.9.0
- 2.8.1
- 2.7.1
- 2.6.1
- 2.5.0
- 2.4.1
- 2.3.1
- 2.2.0
- 2.1.0
- 2.0.1
- 1.0.3
- 0.5.0
- 0.4.0
- 0.3.0
WorkloadMetadataConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)
WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.
Attributes
Name | Description |
node_metadata |
google.cloud.container_v1beta1.types.WorkloadMetadataConfig.NodeMetadata
NodeMetadata is the configuration for how to expose metadata to the workloads running on the node. |
mode |
google.cloud.container_v1beta1.types.WorkloadMetadataConfig.Mode
Mode is the configuration for how to expose metadata to workloads running on the node pool. |
Classes
Mode
Mode(value)
Mode is the configuration for how to expose metadata to workloads running on the node.
Values: MODE_UNSPECIFIED (0): Not set. GCE_METADATA (1): Expose all Compute Engine metadata to pods. GKE_METADATA (2): Run the GKE Metadata Server on this node. The GKE Metadata Server exposes a metadata API to workloads that is compatible with the V1 Compute Metadata APIs exposed by the Compute Engine and App Engine Metadata Servers. This feature can only be enabled if Workload Identity is enabled at the cluster level.
NodeMetadata
NodeMetadata(value)
NodeMetadata is the configuration for if and how to expose the node metadata to the workload running on the node.
Values: UNSPECIFIED (0): Not set. SECURE (1): Prevent workloads not in hostNetwork from accessing certain VM metadata, specifically kube-env, which contains Kubelet credentials, and the instance identity token.
Metadata concealment is a temporary security
solution available while the bootstrapping
process for cluster nodes is being redesigned
with significant security improvements. This
feature is scheduled to be deprecated in the
future and later removed.
EXPOSE (2):
Expose all VM metadata to pods.
GKE_METADATA_SERVER (3):
Run the GKE Metadata Server on this node. The
GKE Metadata Server exposes a metadata API to
workloads that is compatible with the V1 Compute
Metadata APIs exposed by the Compute Engine and
App Engine Metadata Servers. This feature can
only be enabled if Workload Identity is enabled
at the cluster level.