Merge pull request #51824 from ihmccreery/oss-mdc

Automatic merge from submit-queue (batch tested with PRs 51824, 50476, 52451, 52009, 52237) Allow metadata firewall & proxy on in GCE, off by default **What this PR does / why we need it**: Add necessary variables in kube-env to allow a user to turn on metadata firewall and proxy for K8s on GCE. Ref #8867. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: **Special notes for your reviewer**: **Release note**: ```release-note GCE users can enable the metadata firewall and metadata proxy with KUBE_FIREWALL_METADATA_SERVER and ENABLE_METADATA_PROXY, respectively. ```
2026-01-04 23:17:50 +00:00 · 2017-09-15 01:07:58 -07:00
parent 9d8c11924f 6930f5ac31
commit b3e641d7f3
3 changed files with 17 additions and 6 deletions
--- a/cluster/common.sh
+++ b/cluster/common.sh
@@ -750,6 +750,16 @@ EOF
  if [ -n "${ENABLE_CUSTOM_METRICS:-}" ]; then
    cat >>$file <<EOF
 ENABLE_CUSTOM_METRICS: $(yaml-quote ${ENABLE_CUSTOM_METRICS})
+EOF
+  fi
+  if [ -n "${ENABLE_METADATA_PROXY:-}" ]; then
+    cat >>$file <<EOF
+ENABLE_METADATA_PROXY: $(yaml-quote ${ENABLE_METADATA_PROXY})
+EOF
+  fi
+  if [ -n "${KUBE_FIREWALL_METADATA_SERVER:-}" ]; then
+    cat >>$file <<EOF
+KUBE_FIREWALL_METADATA_SERVER: $(yaml-quote ${KUBE_FIREWALL_METADATA_SERVER})
 EOF
  fi
  if [ -n "${FEATURE_GATES:-}" ]; then