Class: Google::Cloud::Container::V1beta1::LinuxNodeConfig::NodeKernelModuleLoading

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/container/v1beta1/cluster_service.rb

Overview

Configuration for kernel module loading on nodes.

Defined Under Namespace

Modules: Policy

Instance Attribute Summary collapse

Instance Attribute Details

#policy::Google::Cloud::Container::V1beta1::LinuxNodeConfig::NodeKernelModuleLoading::Policy

Returns Set the node module loading policy for nodes in the node pool.

Returns:



282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
 
# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 282

class NodeKernelModuleLoading
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Defines the kernel module loading policy for nodes in the node pool.
  module Policy
    # Default behavior. GKE selects the image based on node type.
    # For CPU and TPU nodes, the image will not allow loading external
    # kernel modules.
    # For GPU nodes, the image will allow loading any module, whether it
    # is signed or not.
    POLICY_UNSPECIFIED = 0

    # Enforced signature verification: Node pools will use a
    # Container-Optimized OS image configured to allow loading of
    # *Google-signed* external kernel modules.
    # Loadpin is enabled but configured to exclude modules, and kernel
    # module signature checking is enforced.
    ENFORCE_SIGNED_MODULES = 1

    # Mirrors existing DEFAULT behavior:
    # For CPU and TPU nodes, the image will not allow loading external
    # kernel modules.
    # For GPU nodes, the image will allow loading any module, whether it
    # is signed or not.
    DO_NOT_ENFORCE_SIGNED_MODULES = 2
  end
end