private/google/container/v1/cluster_service.proto
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.container.v1;
import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/api/field_behavior.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option csharp_namespace = "Google.Cloud.Container.V1";
option go_package = "google.golang.org/genproto/googleapis/container/v1;container";
option java_multiple_files = true;
option java_outer_classname = "ClusterServiceProto";
option java_package = "com.google.container.v1";
option php_namespace = "Google\\Cloud\\Container\\V1";
option ruby_package = "Google::Cloud::Container::V1";
// Google Kubernetes Engine Cluster Manager v1
service ClusterManager {
option (google.api.default_host) = "container.googleapis.com";
option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
// Lists all clusters owned by a project in either the specified zone or all
// zones.
rpc ListClusters(ListClustersRequest) returns (ListClustersResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/locations/*}/clusters"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/clusters"
}
};
option (google.api.method_signature) = "project_id,zone";
option (google.api.method_signature) = "parent";
}
// Gets the details of a specific cluster.
rpc GetCluster(GetClusterRequest) returns (Cluster) {
option (google.api.http) = {
get: "/v1/{name=projects/*/locations/*/clusters/*}"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id";
option (google.api.method_signature) = "name";
}
// Creates a cluster, consisting of the specified number and type of Google
// Compute Engine instances.
//
// By default, the cluster is created in the project's
// [default
// network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks).
//
// One firewall is added for the cluster. After cluster creation,
// the Kubelet creates routes for each node to allow the containers
// on that node to communicate with all other instances in the
// cluster.
//
// Finally, an entry is added to the project's global metadata indicating
// which CIDR range the cluster is using.
rpc CreateCluster(CreateClusterRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{parent=projects/*/locations/*}/clusters"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster";
option (google.api.method_signature) = "parent,cluster";
}
// Updates the settings of a specific cluster.
rpc UpdateCluster(UpdateClusterRequest) returns (Operation) {
option (google.api.http) = {
put: "/v1/{name=projects/*/locations/*/clusters/*}"
body: "*"
additional_bindings {
put: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,update";
option (google.api.method_signature) = "name,update";
}
// Updates the version and/or image type for the specified node pool.
rpc UpdateNodePool(UpdateNodePoolRequest) returns (Operation) {
option (google.api.http) = {
put: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/update"
body: "*"
}
};
}
// Sets the autoscaling settings for the specified node pool.
rpc SetNodePoolAutoscaling(SetNodePoolAutoscalingRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setAutoscaling"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/autoscaling"
body: "*"
}
};
}
// Sets the logging service for a specific cluster.
rpc SetLoggingService(SetLoggingServiceRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setLogging"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/logging"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,logging_service";
option (google.api.method_signature) = "name,logging_service";
}
// Sets the monitoring service for a specific cluster.
rpc SetMonitoringService(SetMonitoringServiceRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setMonitoring"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/monitoring"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,monitoring_service";
option (google.api.method_signature) = "name,monitoring_service";
}
// Sets the addons for a specific cluster.
rpc SetAddonsConfig(SetAddonsConfigRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setAddons"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/addons"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,addons_config";
option (google.api.method_signature) = "name,addons_config";
}
// Sets the locations for a specific cluster.
// Deprecated. Use
// [projects.locations.clusters.update](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update)
// instead.
rpc SetLocations(SetLocationsRequest) returns (Operation) {
option deprecated = true;
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setLocations"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/locations"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,locations";
option (google.api.method_signature) = "name,locations";
}
// Updates the master for a specific cluster.
rpc UpdateMaster(UpdateMasterRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:updateMaster"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/master"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,master_version";
option (google.api.method_signature) = "name,master_version";
}
// Sets master auth materials. Currently supports changing the admin password
// or a specific cluster, either via password generation or explicitly setting
// the password.
rpc SetMasterAuth(SetMasterAuthRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setMasterAuth"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMasterAuth"
body: "*"
}
};
}
// Deletes the cluster, including the Kubernetes endpoint and all worker
// nodes.
//
// Firewalls and routes that were configured during cluster creation
// are also deleted.
//
// Other Google Compute Engine resources that might be in use by the cluster,
// such as load balancer resources, are not deleted if they weren't present
// when the cluster was initially created.
rpc DeleteCluster(DeleteClusterRequest) returns (Operation) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/locations/*/clusters/*}"
additional_bindings {
delete: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id";
option (google.api.method_signature) = "name";
}
// Lists all operations in a project in a specific zone or all zones.
rpc ListOperations(ListOperationsRequest) returns (ListOperationsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/locations/*}/operations"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/operations"
}
};
option (google.api.method_signature) = "project_id,zone";
}
// Gets the specified operation.
rpc GetOperation(GetOperationRequest) returns (Operation) {
option (google.api.http) = {
get: "/v1/{name=projects/*/locations/*/operations/*}"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/operations/{operation_id}"
}
};
option (google.api.method_signature) = "project_id,zone,operation_id";
option (google.api.method_signature) = "name";
}
// Cancels the specified operation.
rpc CancelOperation(CancelOperationRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/operations/*}:cancel"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/operations/{operation_id}:cancel"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,operation_id";
option (google.api.method_signature) = "name";
}
// Returns configuration info about the Google Kubernetes Engine service.
rpc GetServerConfig(GetServerConfigRequest) returns (ServerConfig) {
option (google.api.http) = {
get: "/v1/{name=projects/*/locations/*}/serverConfig"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/serverconfig"
}
};
option (google.api.method_signature) = "project_id,zone";
option (google.api.method_signature) = "name";
}
// Gets the public component of the cluster signing keys in
// JSON Web Key format.
// This API is not yet intended for general use, and is not available for all
// clusters.
rpc GetJSONWebKeys(GetJSONWebKeysRequest) returns (GetJSONWebKeysResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/locations/*/clusters/*}/jwks"
};
}
// Lists the node pools for a cluster.
rpc ListNodePools(ListNodePoolsRequest) returns (ListNodePoolsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/locations/*/clusters/*}/nodePools"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id";
option (google.api.method_signature) = "parent";
}
// Retrieves the requested node pool.
rpc GetNodePool(GetNodePoolRequest) returns (NodePool) {
option (google.api.http) = {
get: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}"
additional_bindings {
get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id";
option (google.api.method_signature) = "name";
}
// Creates a node pool for a cluster.
rpc CreateNodePool(CreateNodePoolRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{parent=projects/*/locations/*/clusters/*}/nodePools"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool";
option (google.api.method_signature) = "parent,node_pool";
}
// Deletes a node pool from a cluster.
rpc DeleteNodePool(DeleteNodePoolRequest) returns (Operation) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}"
additional_bindings {
delete: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id";
option (google.api.method_signature) = "name";
}
// Rolls back a previously Aborted or Failed NodePool upgrade.
// This makes no changes if the last upgrade successfully completed.
rpc RollbackNodePoolUpgrade(RollbackNodePoolUpgradeRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:rollback"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}:rollback"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id";
option (google.api.method_signature) = "name";
}
// Sets the NodeManagement options for a node pool.
rpc SetNodePoolManagement(SetNodePoolManagementRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setManagement"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setManagement"
body: "*"
}
};
}
// Sets labels on a cluster.
rpc SetLabels(SetLabelsRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setResourceLabels"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/resourceLabels"
body: "*"
}
};
}
// Enables or disables the ABAC authorization mechanism on a cluster.
rpc SetLegacyAbac(SetLegacyAbacRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setLegacyAbac"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/legacyAbac"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,enabled";
option (google.api.method_signature) = "name,enabled";
}
// Starts master IP rotation.
rpc StartIPRotation(StartIPRotationRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:startIpRotation"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:startIpRotation"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id";
option (google.api.method_signature) = "name";
}
// Completes master IP rotation.
rpc CompleteIPRotation(CompleteIPRotationRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:completeIpRotation"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:completeIpRotation"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id";
option (google.api.method_signature) = "name";
}
// Sets the size for a specific node pool.
rpc SetNodePoolSize(SetNodePoolSizeRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setSize"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setSize"
body: "*"
}
};
}
// Enables or disables Network Policy for a cluster.
rpc SetNetworkPolicy(SetNetworkPolicyRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setNetworkPolicy"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setNetworkPolicy"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,network_policy";
option (google.api.method_signature) = "name,network_policy";
}
// Sets the maintenance policy for a cluster.
rpc SetMaintenancePolicy(SetMaintenancePolicyRequest) returns (Operation) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/clusters/*}:setMaintenancePolicy"
body: "*"
additional_bindings {
post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMaintenancePolicy"
body: "*"
}
};
option (google.api.method_signature) = "project_id,zone,cluster_id,maintenance_policy";
option (google.api.method_signature) = "name,maintenance_policy";
}
// Lists subnetworks that are usable for creating clusters in a project.
rpc ListUsableSubnetworks(ListUsableSubnetworksRequest) returns (ListUsableSubnetworksResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*}/aggregated/usableSubnetworks"
};
}
}
// Parameters that describe the nodes in a cluster.
message NodeConfig {
// The name of a Google Compute Engine [machine
// type](https://cloud.google.com/compute/docs/machine-types)
//
// If unspecified, the default machine type is `e2-medium`.
string machine_type = 1;
// Size of the disk attached to each node, specified in GB.
// The smallest allowed disk size is 10GB.
//
// If unspecified, the default disk size is 100GB.
int32 disk_size_gb = 2;
// The set of Google API scopes to be made available on all of the
// node VMs under the "default" service account.
//
// The following scopes are recommended, but not required, and by default are
// not included:
//
// * `https://www.googleapis.com/auth/compute` is required for mounting
// persistent storage on your nodes.
// * `https://www.googleapis.com/auth/devstorage.read_only` is required for
// communicating with **gcr.io**
// (the [Google Container
// Registry](https://cloud.google.com/container-registry/)).
//
// If unspecified, no scopes are added, unless Cloud Logging or Cloud
// Monitoring are enabled, in which case their required scopes will be added.
repeated string oauth_scopes = 3;
// The Google Cloud Platform Service Account to be used by the node VMs.
// Specify the email address of the Service Account; otherwise, if no Service
// Account is specified, the "default" service account is used.
string service_account = 9;
// The metadata key/value pairs assigned to instances in the cluster.
//
// Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes
// in length. These are reflected as part of a URL in the metadata server.
// Additionally, to avoid ambiguity, keys must not conflict with any other
// metadata keys for the project or be one of the reserved keys:
// - "cluster-location"
// - "cluster-name"
// - "cluster-uid"
// - "configure-sh"
// - "containerd-configure-sh"
// - "enable-os-login"
// - "gci-ensure-gke-docker"
// - "gci-metrics-enabled"
// - "gci-update-strategy"
// - "instance-template"
// - "kube-env"
// - "startup-script"
// - "user-data"
// - "disable-address-manager"
// - "windows-startup-script-ps1"
// - "common-psm1"
// - "k8s-node-setup-psm1"
// - "install-ssh-psm1"
// - "user-profile-psm1"
//
// The following keys are reserved for Windows nodes:
// - "serial-port-logging-enable"
//
// Values are free-form strings, and only have meaning as interpreted by
// the image running in the instance. The only restriction placed on them is
// that each value's size must be less than or equal to 32 KB.
//
// The total size of all keys and values must be less than 512 KB.
map<string, string> metadata = 4;
// The image type to use for this node. Note that for a given image type,
// the latest version of it will be used.
string image_type = 5;
// The map of Kubernetes labels (key/value pairs) to be applied to each node.
// These will added in addition to any default label(s) that
// Kubernetes may apply to the node.
// In case of conflict in label keys, the applied set may differ depending on
// the Kubernetes version -- it's best to assume the behavior is undefined
// and conflicts should be avoided.
// For more information, including usage and the valid values, see:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
map<string, string> labels = 6;
// The number of local SSD disks to be attached to the node.
//
// The limit for this value is dependent upon the maximum number of
// disks available on a machine per zone. See:
// https://cloud.google.com/compute/docs/disks/local-ssd
// for more information.
int32 local_ssd_count = 7;
// The list of instance tags applied to all nodes. Tags are used to identify
// valid sources or targets for network firewalls and are specified by
// the client during cluster or node pool creation. Each tag within the list
// must comply with RFC1035.
repeated string tags = 8;
// Whether the nodes are created as preemptible VM instances. See:
// https://cloud.google.com/compute/docs/instances/preemptible for more
// information about preemptible VM instances.
bool preemptible = 10;
// A list of hardware accelerators to be attached to each node.
// See https://cloud.google.com/compute/docs/gpus for more information about
// support for GPUs.
repeated AcceleratorConfig accelerators = 11;
// Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or
// 'pd-balanced')
//
// If unspecified, the default disk type is 'pd-standard'
string disk_type = 12;
// Minimum CPU platform to be used by this instance. The instance may be
// scheduled on the specified or newer CPU platform. Applicable values are the
// friendly names of CPU platforms, such as
// `minCpuPlatform: "Intel Haswell"` or
// `minCpuPlatform: "Intel Sandy Bridge"`. For more
// information, read [how to specify min CPU
// platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)
string min_cpu_platform = 13;
// The workload metadata configuration for this node.
WorkloadMetadataConfig workload_metadata_config = 14;
// List of kubernetes taints to be applied to each node.
//
// For more information, including usage and the valid values, see:
// https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
repeated NodeTaint taints = 15;
// Sandbox configuration for this node.
SandboxConfig sandbox_config = 17;
// Setting this field will assign instances of this
// pool to run on the specified node group. This is useful for running
// workloads on [sole tenant
// nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes).
string node_group = 18;
// The optional reservation affinity. Setting this field will apply
// the specified [Zonal Compute
// Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources)
// to this node pool.
ReservationAffinity reservation_affinity = 19;
// Shielded Instance options.
ShieldedInstanceConfig shielded_instance_config = 20;
//
// The Customer Managed Encryption Key used to encrypt the boot disk attached
// to each node in the node pool. This should be of the form
// projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME].
// For more information about protecting resources with Cloud KMS Keys please
// see:
// https://cloud.google.com/compute/docs/disks/customer-managed-encryption
string boot_disk_kms_key = 23;
}
// A set of Shielded Instance options.
message ShieldedInstanceConfig {
// Defines whether the instance has Secure Boot enabled.
//
// Secure Boot helps ensure that the system only runs authentic software by
// verifying the digital signature of all boot components, and halting the
// boot process if signature verification fails.
bool enable_secure_boot = 1;
// Defines whether the instance has integrity monitoring enabled.
//
// Enables monitoring and attestation of the boot integrity of the instance.
// The attestation is performed against the integrity policy baseline. This
// baseline is initially derived from the implicitly trusted boot image when
// the instance is created.
bool enable_integrity_monitoring = 2;
}
// SandboxConfig contains configurations of the sandbox to use for the node.
message SandboxConfig {
// Possible types of sandboxes.
enum Type {
// Default value. This should not be used.
UNSPECIFIED = 0;
// Run sandbox using gvisor.
GVISOR = 1;
}
// Type of the sandbox to use for the node.
Type type = 2;
}
// [ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources)
// is the configuration of desired reservation which instances could take
// capacity from.
message ReservationAffinity {
// Indicates whether to consume capacity from a reservation or not.
enum Type {
// Default value. This should not be used.
UNSPECIFIED = 0;
// Do not consume from any reserved capacity.
NO_RESERVATION = 1;
// Consume any reservation available.
ANY_RESERVATION = 2;
// Must consume from a specific reservation. Must specify key value fields
// for specifying the reservations.
SPECIFIC_RESERVATION = 3;
}
// Corresponds to the type of reservation consumption.
Type consume_reservation_type = 1;
// Corresponds to the label key of a reservation resource. To target a
// SPECIFIC_RESERVATION by name, specify "googleapis.com/reservation-name" as
// the key and specify the name of your reservation as its value.
string key = 2;
// Corresponds to the label value(s) of reservation resource(s).
repeated string values = 3;
}
// Kubernetes taint is comprised of three fields: key, value, and effect. Effect
// can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute.
//
// See
// [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration)
// for more information, including usage and the valid values.
message NodeTaint {
// Possible values for Effect in taint.
enum Effect {
// Not set
EFFECT_UNSPECIFIED = 0;
// NoSchedule
NO_SCHEDULE = 1;
// PreferNoSchedule
PREFER_NO_SCHEDULE = 2;
// NoExecute
NO_EXECUTE = 3;
}
// Key for taint.
string key = 1;
// Value for taint.
string value = 2;
// Effect for taint.
Effect effect = 3;
}
// The authentication information for accessing the master endpoint.
// Authentication can be done using HTTP basic auth or using client
// certificates.
message MasterAuth {
// The username to use for HTTP basic authentication to the master endpoint.
// For clusters v1.6.0 and later, basic authentication can be disabled by
// leaving username unspecified (or setting it to the empty string).
//
// Warning: basic authentication is deprecated, and will be removed in GKE
// control plane versions 1.19 and newer. For a list of recommended
// authentication methods, see:
// https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication
string username = 1 [deprecated = true];
// The password to use for HTTP basic authentication to the master endpoint.
// Because the master endpoint is open to the Internet, you should create a
// strong password. If a password is provided for cluster creation, username
// must be non-empty.
//
// Warning: basic authentication is deprecated, and will be removed in GKE
// control plane versions 1.19 and newer. For a list of recommended
// authentication methods, see:
// https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication
string password = 2 [deprecated = true];
// Configuration for client certificate authentication on the cluster. For
// clusters before v1.12, if no configuration is specified, a client
// certificate is issued.
ClientCertificateConfig client_certificate_config = 3;
// [Output only] Base64-encoded public certificate that is the root of
// trust for the cluster.
string cluster_ca_certificate = 100;
// [Output only] Base64-encoded public certificate used by clients to
// authenticate to the cluster endpoint.
string client_certificate = 101;
// [Output only] Base64-encoded private key used by clients to authenticate
// to the cluster endpoint.
string client_key = 102;
}
// Configuration for client certificates on the cluster.
message ClientCertificateConfig {
// Issue a client certificate.
bool issue_client_certificate = 1;
}
// Configuration for the addons that can be automatically spun up in the
// cluster, enabling additional functionality.
message AddonsConfig {
// Configuration for the HTTP (L7) load balancing controller addon, which
// makes it easy to set up HTTP load balancers for services in a cluster.
HttpLoadBalancing http_load_balancing = 1;
// Configuration for the horizontal pod autoscaling feature, which
// increases or decreases the number of replica pods a replication controller
// has based on the resource usage of the existing pods.
HorizontalPodAutoscaling horizontal_pod_autoscaling = 2;
// Configuration for the Kubernetes Dashboard.
// This addon is deprecated, and will be disabled in 1.15. It is recommended
// to use the Cloud Console to manage and monitor your Kubernetes clusters,
// workloads and applications. For more information, see:
// https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards
KubernetesDashboard kubernetes_dashboard = 3 [deprecated = true];
// Configuration for NetworkPolicy. This only tracks whether the addon
// is enabled or not on the Master, it does not track whether network policy
// is enabled for the nodes.
NetworkPolicyConfig network_policy_config = 4;
// Configuration for the Cloud Run addon, which allows the user to use a
// managed Knative service.
CloudRunConfig cloud_run_config = 7;
// Configuration for NodeLocalDNS, a dns cache running on cluster nodes
DnsCacheConfig dns_cache_config = 8;
// Configuration for the ConfigConnector add-on, a Kubernetes
// extension to manage hosted GCP services through the Kubernetes API
ConfigConnectorConfig config_connector_config = 10;
}
// Configuration options for the HTTP (L7) load balancing controller addon,
// which makes it easy to set up HTTP load balancers for services in a cluster.
message HttpLoadBalancing {
// Whether the HTTP Load Balancing controller is enabled in the cluster.
// When enabled, it runs a small pod in the cluster that manages the load
// balancers.
bool disabled = 1;
}
// Configuration options for the horizontal pod autoscaling feature, which
// increases or decreases the number of replica pods a replication controller
// has based on the resource usage of the existing pods.
message HorizontalPodAutoscaling {
// Whether the Horizontal Pod Autoscaling feature is enabled in the cluster.
// When enabled, it ensures that metrics are collected into Stackdriver
// Monitoring.
bool disabled = 1;
}
// Configuration for the Kubernetes Dashboard.
message KubernetesDashboard {
// Whether the Kubernetes Dashboard is enabled for this cluster.
bool disabled = 1;
}
// Configuration for NetworkPolicy. This only tracks whether the addon
// is enabled or not on the Master, it does not track whether network policy
// is enabled for the nodes.
message NetworkPolicyConfig {
// Whether NetworkPolicy is enabled for this cluster.
bool disabled = 1;
}
// Configuration for NodeLocal DNSCache
message DnsCacheConfig {
// Whether NodeLocal DNSCache is enabled for this cluster.
bool enabled = 1;
}
// Configuration for controlling master global access settings.
message PrivateClusterMasterGlobalAccessConfig {
// Whenever master is accessible globally or not.
bool enabled = 1;
}
// Configuration options for private clusters.
message PrivateClusterConfig {
// Whether nodes have internal IP addresses only. If enabled, all nodes are
// given only RFC 1918 private addresses and communicate with the master via
// private networking.
bool enable_private_nodes = 1;
// Whether the master's internal IP address is used as the cluster endpoint.
bool enable_private_endpoint = 2;
// The IP range in CIDR notation to use for the hosted master network. This
// range will be used for assigning internal IP addresses to the master or
// set of masters, as well as the ILB VIP. This range must not overlap with
// any other ranges in use within the cluster's network.
string master_ipv4_cidr_block = 3;
// Output only. The internal IP address of this cluster's master endpoint.
string private_endpoint = 4;
// Output only. The external IP address of this cluster's master endpoint.
string public_endpoint = 5;
// Output only. The peering name in the customer VPC used by this cluster.
string peering_name = 7;
// Controls master global access settings.
PrivateClusterMasterGlobalAccessConfig master_global_access_config = 8;
}
// Configuration for returning group information from authenticators.
message AuthenticatorGroupsConfig {
// Whether this cluster should return group membership lookups
// during authentication using a group of security groups.
bool enabled = 1;
// The name of the security group-of-groups to be used. Only relevant
// if enabled = true.
string security_group = 2;
}
// Configuration options for the Cloud Run feature.
message CloudRunConfig {
// Load balancer type of ingress service of Cloud Run.
enum LoadBalancerType {
// Load balancer type for Cloud Run is unspecified.
LOAD_BALANCER_TYPE_UNSPECIFIED = 0;
// Install external load balancer for Cloud Run.
LOAD_BALANCER_TYPE_EXTERNAL = 1;
// Install internal load balancer for Cloud Run.
LOAD_BALANCER_TYPE_INTERNAL = 2;
}
// Whether Cloud Run addon is enabled for this cluster.
bool disabled = 1;
// Which load balancer type is installed for Cloud Run.
LoadBalancerType load_balancer_type = 3;
}
// Configuration options for the Config Connector add-on.
message ConfigConnectorConfig {
// Whether Cloud Connector is enabled for this cluster.
bool enabled = 1;
}
// Configuration options for the master authorized networks feature. Enabled
// master authorized networks will disallow all external traffic to access
// Kubernetes master through HTTPS except traffic from the given CIDR blocks,
// Google Compute Engine Public IPs and Google Prod IPs.
message MasterAuthorizedNetworksConfig {
// CidrBlock contains an optional name and one CIDR block.
message CidrBlock {
// display_name is an optional field for users to identify CIDR blocks.
string display_name = 1;
// cidr_block must be specified in CIDR notation.
string cidr_block = 2;
}
// Whether or not master authorized networks is enabled.
bool enabled = 1;
// cidr_blocks define up to 50 external networks that could access
// Kubernetes master through HTTPS.
repeated CidrBlock cidr_blocks = 2;
}
// Configuration for the legacy Attribute Based Access Control authorization
// mode.
message LegacyAbac {
// Whether the ABAC authorizer is enabled for this cluster. When enabled,
// identities in the system, including service accounts, nodes, and
// controllers, will have statically granted permissions beyond those
// provided by the RBAC configuration or IAM.
bool enabled = 1;
}
// Configuration options for the NetworkPolicy feature.
// https://kubernetes.io/docs/concepts/services-networking/networkpolicies/
message NetworkPolicy {
// Allowed Network Policy providers.
enum Provider {
// Not set
PROVIDER_UNSPECIFIED = 0;
// Tigera (Calico Felix).
CALICO = 1;
}
// The selected network policy provider.
Provider provider = 1;
// Whether network policy is enabled on the cluster.
bool enabled = 2;
}
// Configuration for Binary Authorization.
message BinaryAuthorization {
// Enable Binary Authorization for this cluster. If enabled, all container
// images will be validated by Binary Authorization.
bool enabled = 1;
}
// Configuration for controlling how IPs are allocated in the cluster.
message IPAllocationPolicy {
// Whether alias IPs will be used for pod IPs in the cluster.
// This is used in conjunction with use_routes. It cannot
// be true if use_routes is true. If both use_ip_aliases and use_routes are
// false, then the server picks the default IP allocation mode
bool use_ip_aliases = 1;
// Whether a new subnetwork will be created automatically for the cluster.
//
// This field is only applicable when `use_ip_aliases` is true.
bool create_subnetwork = 2;
// A custom subnetwork name to be used if `create_subnetwork` is true. If
// this field is empty, then an automatic name will be chosen for the new
// subnetwork.
string subnetwork_name = 3;
// This field is deprecated, use cluster_ipv4_cidr_block.
string cluster_ipv4_cidr = 4 [deprecated = true];
// This field is deprecated, use node_ipv4_cidr_block.
string node_ipv4_cidr = 5 [deprecated = true];
// This field is deprecated, use services_ipv4_cidr_block.
string services_ipv4_cidr = 6 [deprecated = true];
// The name of the secondary range to be used for the cluster CIDR
// block. The secondary range will be used for pod IP
// addresses. This must be an existing secondary range associated
// with the cluster subnetwork.
//
// This field is only applicable with use_ip_aliases is true and
// create_subnetwork is false.
string cluster_secondary_range_name = 7;
// The name of the secondary range to be used as for the services
// CIDR block. The secondary range will be used for service
// ClusterIPs. This must be an existing secondary range associated
// with the cluster subnetwork.
//
// This field is only applicable with use_ip_aliases is true and
// create_subnetwork is false.
string services_secondary_range_name = 8;
// The IP address range for the cluster pod IPs. If this field is set, then
// `cluster.cluster_ipv4_cidr` must be left blank.
//
// This field is only applicable when `use_ip_aliases` is true.
//
// Set to blank to have a range chosen with the default size.
//
// Set to /netmask (e.g. `/14`) to have a range chosen with a specific
// netmask.
//
// Set to a
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.
// `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range
// to use.
string cluster_ipv4_cidr_block = 9;
// The IP address range of the instance IPs in this cluster.
//
// This is applicable only if `create_subnetwork` is true.
//
// Set to blank to have a range chosen with the default size.
//
// Set to /netmask (e.g. `/14`) to have a range chosen with a specific
// netmask.
//
// Set to a
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.
// `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range
// to use.
string node_ipv4_cidr_block = 10;
// The IP address range of the services IPs in this cluster. If blank, a range
// will be automatically chosen with the default size.
//
// This field is only applicable when `use_ip_aliases` is true.
//
// Set to blank to have a range chosen with the default size.
//
// Set to /netmask (e.g. `/14`) to have a range chosen with a specific
// netmask.
//
// Set to a
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.
// `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range
// to use.
string services_ipv4_cidr_block = 11;
// The IP address range of the Cloud TPUs in this cluster. If unspecified, a
// range will be automatically chosen with the default size.
//
// This field is only applicable when `use_ip_aliases` is true.
//
// If unspecified, the range will use the default size.
//
// Set to /netmask (e.g. `/14`) to have a range chosen with a specific
// netmask.
//
// Set to a
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.
// `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range
// to use.
string tpu_ipv4_cidr_block = 13;
// Whether routes will be used for pod IPs in the cluster.
// This is used in conjunction with use_ip_aliases. It cannot be true if
// use_ip_aliases is true. If both use_ip_aliases and use_routes are false,
// then the server picks the default IP allocation mode
bool use_routes = 15;
}
// A Google Kubernetes Engine cluster.
message Cluster {
// The current status of the cluster.
enum Status {
// Not set.
STATUS_UNSPECIFIED = 0;
// The PROVISIONING state indicates the cluster is being created.
PROVISIONING = 1;
// The RUNNING state indicates the cluster has been created and is fully
// usable.
RUNNING = 2;
// The RECONCILING state indicates that some work is actively being done on
// the cluster, such as upgrading the master or node software. Details can
// be found in the `statusMessage` field.
RECONCILING = 3;
// The STOPPING state indicates the cluster is being deleted.
STOPPING = 4;
// The ERROR state indicates the cluster is unusable. It will be
// automatically deleted. Details can be found in the `statusMessage` field.
ERROR = 5;
// The DEGRADED state indicates the cluster requires user action to restore
// full functionality. Details can be found in the `statusMessage` field.
DEGRADED = 6;
}
// The name of this cluster. The name must be unique within this project
// and location (e.g. zone or region), and can be up to 40 characters with
// the following restrictions:
//
// * Lowercase letters, numbers, and hyphens only.
// * Must start with a letter.
// * Must end with a number or a letter.
string name = 1;
// An optional description of this cluster.
string description = 2;
// The number of nodes to create in this cluster. You must ensure that your
// Compute Engine [resource quota](https://cloud.google.com/compute/quotas)
// is sufficient for this number of instances. You must also have available
// firewall and routes quota.
// For requests, this field should only be used in lieu of a
// "node_pool" object, since this configuration (along with the
// "node_config") will be used to create a "NodePool" object with an
// auto-generated name. Do not use this and a node_pool at the same time.
//
// This field is deprecated, use node_pool.initial_node_count instead.
int32 initial_node_count = 3 [deprecated = true];
// Parameters used in creating the cluster's nodes.
// For requests, this field should only be used in lieu of a
// "node_pool" object, since this configuration (along with the
// "initial_node_count") will be used to create a "NodePool" object with an
// auto-generated name. Do not use this and a node_pool at the same time.
// For responses, this field will be populated with the node configuration of
// the first node pool. (For configuration of each node pool, see
// `node_pool.config`)
//
// If unspecified, the defaults are used.
// This field is deprecated, use node_pool.config instead.
NodeConfig node_config = 4 [deprecated = true];
// The authentication information for accessing the master endpoint.
// If unspecified, the defaults are used:
// For clusters before v1.12, if master_auth is unspecified, `username` will
// be set to "admin", a random password will be generated, and a client
// certificate will be issued.
MasterAuth master_auth = 5;
// The logging service the cluster should use to write logs.
// Currently available options:
//
// * `logging.googleapis.com/kubernetes` - The Cloud Logging
// service with a Kubernetes-native resource model
// * `logging.googleapis.com` - The legacy Cloud Logging service (no longer
// available as of GKE 1.15).
// * `none` - no logs will be exported from the cluster.
//
// If left as an empty string,`logging.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `logging.googleapis.com` for earlier versions.
string logging_service = 6;
// The monitoring service the cluster should use to write metrics.
// Currently available options:
//
// * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring
// service with a Kubernetes-native resource model
// * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no
// longer available as of GKE 1.15).
// * `none` - No metrics will be exported from the cluster.
//
// If left as an empty string,`monitoring.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions.
string monitoring_service = 7;
// The name of the Google Compute Engine
// [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks)
// to which the cluster is connected. If left unspecified, the `default`
// network will be used.
string network = 8;
// The IP address range of the container pods in this cluster, in
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `10.96.0.0/14`). Leave blank to have
// one automatically chosen or specify a `/14` block in `10.0.0.0/8`.
string cluster_ipv4_cidr = 9;
// Configurations for the various addons available to run in the cluster.
AddonsConfig addons_config = 10;
// The name of the Google Compute Engine
// [subnetwork](https://cloud.google.com/compute/docs/subnetworks) to which
// the cluster is connected.
string subnetwork = 11;
// The node pools associated with this cluster.
// This field should not be set if "node_config" or "initial_node_count" are
// specified.
repeated NodePool node_pools = 12;
// The list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster's nodes should be located.
//
// This field provides a default value if
// [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations)
// are not specified during node pool creation.
//
// Warning: changing cluster locations will update the
// [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations)
// of all node pools and will result in nodes being added and/or removed.
repeated string locations = 13;
// Kubernetes alpha features are enabled on this cluster. This includes alpha
// API groups (e.g. v1alpha1) and features that may not be production ready in
// the kubernetes version of the master and nodes.
// The cluster has no SLA for uptime and master/node upgrades are disabled.
// Alpha enabled clusters are automatically deleted thirty days after
// creation.
bool enable_kubernetes_alpha = 14;
// The resource labels for the cluster to use to annotate any related
// Google Compute Engine resources.
map<string, string> resource_labels = 15;
// The fingerprint of the set of labels for this cluster.
string label_fingerprint = 16;
// Configuration for the legacy ABAC authorization mode.
LegacyAbac legacy_abac = 18;
// Configuration options for the NetworkPolicy feature.
NetworkPolicy network_policy = 19;
// Configuration for cluster IP allocation.
IPAllocationPolicy ip_allocation_policy = 20;
// The configuration options for master authorized networks feature.
MasterAuthorizedNetworksConfig master_authorized_networks_config = 22;
// Configure the maintenance policy for this cluster.
MaintenancePolicy maintenance_policy = 23;
// Configuration for Binary Authorization.
BinaryAuthorization binary_authorization = 24;
// Cluster-level autoscaling configuration.
ClusterAutoscaling autoscaling = 26;
// Configuration for cluster networking.
NetworkConfig network_config = 27;
// The default constraint on the maximum number of pods that can be run
// simultaneously on a node in the node pool of this cluster. Only honored
// if cluster created with IP Alias support.
MaxPodsConstraint default_max_pods_constraint = 30;
// Configuration for exporting resource usages. Resource usage export is
// disabled when this config is unspecified.
ResourceUsageExportConfig resource_usage_export_config = 33;
// Configuration controlling RBAC group membership information.
AuthenticatorGroupsConfig authenticator_groups_config = 34;
// Configuration for private cluster.
PrivateClusterConfig private_cluster_config = 37;
// Configuration of etcd encryption.
DatabaseEncryption database_encryption = 38;
// Cluster-level Vertical Pod Autoscaling configuration.
VerticalPodAutoscaling vertical_pod_autoscaling = 39;
// Shielded Nodes configuration.
ShieldedNodes shielded_nodes = 40;
// Release channel configuration.
ReleaseChannel release_channel = 41;
// Configuration for the use of Kubernetes Service Accounts in GCP IAM
// policies.
WorkloadIdentityConfig workload_identity_config = 43;
// [Output only] Server-defined URL for the resource.
string self_link = 100;
// [Output only] The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field is deprecated, use location instead.
string zone = 101 [deprecated = true];
// [Output only] The IP address of this cluster's master endpoint.
// The endpoint can be accessed from the internet at
// `https://username:password@endpoint/`.
//
// See the `masterAuth` property of this resource for username and
// password information.
string endpoint = 102;
// The initial Kubernetes version for this cluster. Valid versions are those
// found in validMasterVersions returned by getServerConfig. The version can
// be upgraded over time; such upgrades are reflected in
// currentMasterVersion and currentNodeVersion.
//
// Users may specify either explicit versions offered by
// Kubernetes Engine or version aliases, which have the following behavior:
//
// - "latest": picks the highest valid Kubernetes version
// - "1.X": picks the highest valid patch+gke.N patch in the 1.X version
// - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
// - "1.X.Y-gke.N": picks an explicit Kubernetes version
// - "","-": picks the default Kubernetes version
string initial_cluster_version = 103;
// [Output only] The current software version of the master endpoint.
string current_master_version = 104;
// [Output only] Deprecated, use
// [NodePools.version](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools)
// instead. The current version of the node software components. If they are
// currently at multiple versions because they're in the process of being
// upgraded, this reflects the minimum version of all nodes.
string current_node_version = 105 [deprecated = true];
// [Output only] The time the cluster was created, in
// [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.
string create_time = 106;
// [Output only] The current status of this cluster.
Status status = 107;
// [Output only] Deprecated. Use conditions instead.
// Additional information about the current status of this
// cluster, if available.
string status_message = 108 [deprecated = true];
// [Output only] The size of the address space on each node for hosting
// containers. This is provisioned from within the `container_ipv4_cidr`
// range. This field will only be set when cluster is in route-based network
// mode.
int32 node_ipv4_cidr_size = 109;
// [Output only] The IP address range of the Kubernetes services in
// this cluster, in
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `1.2.3.4/29`). Service addresses are
// typically put in the last `/16` from the container CIDR.
string services_ipv4_cidr = 110;
// Deprecated. Use node_pools.instance_group_urls.
repeated string instance_group_urls = 111 [deprecated = true];
// [Output only] The number of nodes currently in the cluster. Deprecated.
// Call Kubernetes API directly to retrieve node information.
int32 current_node_count = 112 [deprecated = true];
// [Output only] The time the cluster will be automatically
// deleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.
string expire_time = 113;
// [Output only] The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
// or
// [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
// in which the cluster resides.
string location = 114;
// Enable the ability to use Cloud TPUs in this cluster.
bool enable_tpu = 115;
// [Output only] The IP address range of the Cloud TPUs in this cluster, in
// [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
// notation (e.g. `1.2.3.4/29`).
string tpu_ipv4_cidr_block = 116;
// Which conditions caused the current cluster state.
repeated StatusCondition conditions = 118;
}
// ClusterUpdate describes an update to the cluster. Exactly one update can
// be applied to a cluster with each request, so at most one field can be
// provided.
message ClusterUpdate {
// The Kubernetes version to change the nodes to (typically an
// upgrade).
//
// Users may specify either explicit versions offered by
// Kubernetes Engine or version aliases, which have the following behavior:
//
// - "latest": picks the highest valid Kubernetes version
// - "1.X": picks the highest valid patch+gke.N patch in the 1.X version
// - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
// - "1.X.Y-gke.N": picks an explicit Kubernetes version
// - "-": picks the Kubernetes master version
string desired_node_version = 4;
// The monitoring service the cluster should use to write metrics.
// Currently available options:
//
// * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring
// service with a Kubernetes-native resource model
// * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no
// longer available as of GKE 1.15).
// * `none` - No metrics will be exported from the cluster.
//
// If left as an empty string,`monitoring.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions.
string desired_monitoring_service = 5;
// Configurations for the various addons available to run in the cluster.
AddonsConfig desired_addons_config = 6;
// The node pool to be upgraded. This field is mandatory if
// "desired_node_version", "desired_image_family" or
// "desired_node_pool_autoscaling" is specified and there is more than one
// node pool on the cluster.
string desired_node_pool_id = 7;
// The desired image type for the node pool.
// NOTE: Set the "desired_node_pool" field as well.
string desired_image_type = 8;
// Configuration of etcd encryption.
DatabaseEncryption desired_database_encryption = 46;
// Configuration for Workload Identity.
WorkloadIdentityConfig desired_workload_identity_config = 47;
// Configuration for Shielded Nodes.
ShieldedNodes desired_shielded_nodes = 48;
// Autoscaler configuration for the node pool specified in
// desired_node_pool_id. If there is only one pool in the
// cluster and desired_node_pool_id is not provided then
// the change applies to that single node pool.
NodePoolAutoscaling desired_node_pool_autoscaling = 9;
// The desired list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster's nodes should be located.
//
// This list must always include the cluster's primary zone.
//
// Warning: changing cluster locations will update the locations of all node
// pools and will result in nodes being added and/or removed.
repeated string desired_locations = 10;
// The desired configuration options for master authorized networks feature.
MasterAuthorizedNetworksConfig desired_master_authorized_networks_config = 12;
// Cluster-level autoscaling configuration.
ClusterAutoscaling desired_cluster_autoscaling = 15;
// The desired configuration options for the Binary Authorization feature.
BinaryAuthorization desired_binary_authorization = 16;
// The logging service the cluster should use to write logs.
// Currently available options:
//
// * `logging.googleapis.com/kubernetes` - The Cloud Logging
// service with a Kubernetes-native resource model
// * `logging.googleapis.com` - The legacy Cloud Logging service (no longer
// available as of GKE 1.15).
// * `none` - no logs will be exported from the cluster.
//
// If left as an empty string,`logging.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `logging.googleapis.com` for earlier versions.
string desired_logging_service = 19;
// The desired configuration for exporting resource usage.
ResourceUsageExportConfig desired_resource_usage_export_config = 21;
// Cluster-level Vertical Pod Autoscaling configuration.
VerticalPodAutoscaling desired_vertical_pod_autoscaling = 22;
// The desired private cluster configuration.
PrivateClusterConfig desired_private_cluster_config = 25;
// The desired config of Intra-node visibility.
IntraNodeVisibilityConfig desired_intra_node_visibility_config = 26;
// The desired status of whether to disable default sNAT for this cluster.
DefaultSnatStatus desired_default_snat_status = 28;
// The desired release channel configuration.
ReleaseChannel desired_release_channel = 31;
// The Kubernetes version to change the master to.
//
// Users may specify either explicit versions offered by
// Kubernetes Engine or version aliases, which have the following behavior:
//
// - "latest": picks the highest valid Kubernetes version
// - "1.X": picks the highest valid patch+gke.N patch in the 1.X version
// - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
// - "1.X.Y-gke.N": picks an explicit Kubernetes version
// - "-": picks the default Kubernetes version
string desired_master_version = 100;
}
// This operation resource represents operations that may have happened or are
// happening on the cluster. All fields are output only.
message Operation {
// Current status of the operation.
enum Status {
// Not set.
STATUS_UNSPECIFIED = 0;
// The operation has been created.
PENDING = 1;
// The operation is currently running.
RUNNING = 2;
// The operation is done, either cancelled or completed.
DONE = 3;
// The operation is aborting.
ABORTING = 4;
}
// Operation type.
enum Type {
// Not set.
TYPE_UNSPECIFIED = 0;
// Cluster create.
CREATE_CLUSTER = 1;
// Cluster delete.
DELETE_CLUSTER = 2;
// A master upgrade.
UPGRADE_MASTER = 3;
// A node upgrade.
UPGRADE_NODES = 4;
// Cluster repair.
REPAIR_CLUSTER = 5;
// Cluster update.
UPDATE_CLUSTER = 6;
// Node pool create.
CREATE_NODE_POOL = 7;
// Node pool delete.
DELETE_NODE_POOL = 8;
// Set node pool management.
SET_NODE_POOL_MANAGEMENT = 9;
// Automatic node pool repair.
AUTO_REPAIR_NODES = 10;
// Automatic node upgrade.
AUTO_UPGRADE_NODES = 11;
// Set labels.
SET_LABELS = 12;
// Set/generate master auth materials
SET_MASTER_AUTH = 13;
// Set node pool size.
SET_NODE_POOL_SIZE = 14;
// Updates network policy for a cluster.
SET_NETWORK_POLICY = 15;
// Set the maintenance policy.
SET_MAINTENANCE_POLICY = 16;
}
// The server-assigned ID for the operation.
string name = 1;
// The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// operation is taking place. This field is deprecated, use location instead.
string zone = 2 [deprecated = true];
// The operation type.
Type operation_type = 3;
// The current status of the operation.
Status status = 4;
// Detailed operation progress, if available.
string detail = 8;
// Output only. If an error has occurred, a textual description of the error.
string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
// Server-defined URL for the resource.
string self_link = 6;
// Server-defined URL for the target of the operation.
string target_link = 7;
// [Output only] The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
// or
// [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
// in which the cluster resides.
string location = 9;
// [Output only] The time the operation started, in
// [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.
string start_time = 10;
// [Output only] The time the operation completed, in
// [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.
string end_time = 11;
// Output only. [Output only] Progress information for an operation.
OperationProgress progress = 12 [(google.api.field_behavior) = OUTPUT_ONLY];
// Which conditions caused the current cluster state.
repeated StatusCondition cluster_conditions = 13;
// Which conditions caused the current node pool state.
repeated StatusCondition nodepool_conditions = 14;
}
// Information about operation (or operation stage) progress.
message OperationProgress {
// Progress metric is (string, int|float|string) pair.
message Metric {
// Required. Metric name, e.g., "nodes total", "percent done".
string name = 1 [(google.api.field_behavior) = REQUIRED];
// Strictly one of the values is required.
oneof value {
// For metrics with integer value.
int64 int_value = 2;
// For metrics with floating point value.
double double_value = 3;
// For metrics with custom values (ratios, visual progress, etc.).
string string_value = 4;
}
}
// A non-parameterized string describing an operation stage.
// Unset for single-stage operations.
string name = 1;
// Status of an operation stage.
// Unset for single-stage operations.
Operation.Status status = 2;
// Progress metric bundle, for example:
// metrics: [{name: "nodes done", int_value: 15},
// {name: "nodes total", int_value: 32}]
// or
// metrics: [{name: "progress", double_value: 0.56},
// {name: "progress scale", double_value: 1.0}]
repeated Metric metrics = 3;
// Substages of an operation or a stage.
repeated OperationProgress stages = 4;
}
// CreateClusterRequest creates a cluster.
message CreateClusterRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the parent field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the parent
// field.
string zone = 2 [deprecated = true];
// Required. A [cluster
// resource](https://cloud.google.com/container-engine/reference/rest/v1/projects.locations.clusters)
Cluster cluster = 3 [(google.api.field_behavior) = REQUIRED];
// The parent (project and location) where the cluster will be created.
// Specified in the format `projects/*/locations/*`.
string parent = 5;
}
// GetClusterRequest gets the settings of a cluster.
message GetClusterRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to retrieve.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// The name (project, location, cluster) of the cluster to retrieve.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 5;
}
// UpdateClusterRequest updates the settings of a cluster.
message UpdateClusterRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. A description of the update.
ClusterUpdate update = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to update.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 5;
}
// UpdateNodePoolRequests update a node pool's image and/or version.
message UpdateNodePoolRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to upgrade.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// Required. The Kubernetes version to change the nodes to (typically an
// upgrade).
//
// Users may specify either explicit versions offered by Kubernetes Engine or
// version aliases, which have the following behavior:
//
// - "latest": picks the highest valid Kubernetes version
// - "1.X": picks the highest valid patch+gke.N patch in the 1.X version
// - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
// - "1.X.Y-gke.N": picks an explicit Kubernetes version
// - "-": picks the Kubernetes master version
string node_version = 5 [(google.api.field_behavior) = REQUIRED];
// Required. The desired image type for the node pool.
string image_type = 6 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster, node pool) of the node pool to
// update. Specified in the format
// `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 8;
// The desired list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// node pool's nodes should be located. Changing the locations for a node pool
// will result in nodes being either created or removed from the node pool,
// depending on whether locations are being added or removed.
repeated string locations = 13;
// The desired workload metadata config for the node pool.
WorkloadMetadataConfig workload_metadata_config = 14;
// Upgrade settings control disruption and speed of the upgrade.
NodePool.UpgradeSettings upgrade_settings = 15;
}
// SetNodePoolAutoscalingRequest sets the autoscaler settings of a node pool.
message SetNodePoolAutoscalingRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to upgrade.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// Required. Autoscaling configuration for the node pool.
NodePoolAutoscaling autoscaling = 5 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster, node pool) of the node pool to set
// autoscaler settings. Specified in the format
// `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 6;
}
// SetLoggingServiceRequest sets the logging service of a cluster.
message SetLoggingServiceRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The logging service the cluster should use to write logs.
// Currently available options:
//
// * `logging.googleapis.com/kubernetes` - The Cloud Logging
// service with a Kubernetes-native resource model
// * `logging.googleapis.com` - The legacy Cloud Logging service (no longer
// available as of GKE 1.15).
// * `none` - no logs will be exported from the cluster.
//
// If left as an empty string,`logging.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `logging.googleapis.com` for earlier versions.
string logging_service = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to set logging.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 5;
}
// SetMonitoringServiceRequest sets the monitoring service of a cluster.
message SetMonitoringServiceRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The monitoring service the cluster should use to write metrics.
// Currently available options:
//
// * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring
// service with a Kubernetes-native resource model
// * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no
// longer available as of GKE 1.15).
// * `none` - No metrics will be exported from the cluster.
//
// If left as an empty string,`monitoring.googleapis.com/kubernetes` will be
// used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions.
string monitoring_service = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to set monitoring.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
}
// SetAddonsConfigRequest sets the addons associated with the cluster.
message SetAddonsConfigRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The desired configurations for the various addons available to run in the
// cluster.
AddonsConfig addons_config = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to set addons.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
}
// SetLocationsRequest sets the locations of the cluster.
message SetLocationsRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The desired list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster's nodes should be located. Changing the locations a cluster is in
// will result in nodes being either created or removed from the cluster,
// depending on whether locations are being added or removed.
//
// This list must always include the cluster's primary zone.
repeated string locations = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to set locations.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
}
// UpdateMasterRequest updates the master of the cluster.
message UpdateMasterRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The Kubernetes version to change the master to.
//
// Users may specify either explicit versions offered by Kubernetes Engine or
// version aliases, which have the following behavior:
//
// - "latest": picks the highest valid Kubernetes version
// - "1.X": picks the highest valid patch+gke.N patch in the 1.X version
// - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
// - "1.X.Y-gke.N": picks an explicit Kubernetes version
// - "-": picks the default Kubernetes version
string master_version = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to update.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 7;
}
// SetMasterAuthRequest updates the admin password of a cluster.
message SetMasterAuthRequest {
// Operation type: what type update to perform.
enum Action {
// Operation is unknown and will error out.
UNKNOWN = 0;
// Set the password to a user generated value.
SET_PASSWORD = 1;
// Generate a new password and set it to that.
GENERATE_PASSWORD = 2;
// Set the username. If an empty username is provided, basic authentication
// is disabled for the cluster. If a non-empty username is provided, basic
// authentication is enabled, with either a provided password or a generated
// one.
SET_USERNAME = 3;
}
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to upgrade.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The exact form of action to be taken on the master auth.
Action action = 4 [(google.api.field_behavior) = REQUIRED];
// Required. A description of the update.
MasterAuth update = 5 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster) of the cluster to set auth.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 7;
}
// DeleteClusterRequest deletes a cluster.
message DeleteClusterRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to delete.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// The name (project, location, cluster) of the cluster to delete.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 4;
}
// ListClustersRequest lists clusters.
message ListClustersRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the parent field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides, or "-" for all zones. This field has been deprecated and
// replaced by the parent field.
string zone = 2 [deprecated = true];
// The parent (project and location) where the clusters will be listed.
// Specified in the format `projects/*/locations/*`.
// Location "-" matches all zones and all regions.
string parent = 4;
}
// ListClustersResponse is the result of ListClustersRequest.
message ListClustersResponse {
// A list of clusters in the project in the specified zone, or
// across all ones.
repeated Cluster clusters = 1;
// If any zones are listed here, the list of clusters returned
// may be missing those zones.
repeated string missing_zones = 2;
}
// GetOperationRequest gets a single operation.
message GetOperationRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The server-assigned `name` of the operation.
// This field has been deprecated and replaced by the name field.
string operation_id = 3 [deprecated = true];
// The name (project, location, operation id) of the operation to get.
// Specified in the format `projects/*/locations/*/operations/*`.
string name = 5;
}
// ListOperationsRequest lists operations.
message ListOperationsRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the parent field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) to return
// operations for, or `-` for all zones. This field has been deprecated and
// replaced by the parent field.
string zone = 2 [deprecated = true];
// The parent (project and location) where the operations will be listed.
// Specified in the format `projects/*/locations/*`.
// Location "-" matches all zones and all regions.
string parent = 4;
}
// CancelOperationRequest cancels a single operation.
message CancelOperationRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// operation resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The server-assigned `name` of the operation.
// This field has been deprecated and replaced by the name field.
string operation_id = 3 [deprecated = true];
// The name (project, location, operation id) of the operation to cancel.
// Specified in the format `projects/*/locations/*/operations/*`.
string name = 4;
}
// ListOperationsResponse is the result of ListOperationsRequest.
message ListOperationsResponse {
// A list of operations in the project in the specified zone.
repeated Operation operations = 1;
// If any zones are listed here, the list of operations returned
// may be missing the operations from those zones.
repeated string missing_zones = 2;
}
// Gets the current Kubernetes Engine service configuration.
message GetServerConfigRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) to return
// operations for. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// The name (project and location) of the server config to get,
// specified in the format `projects/*/locations/*`.
string name = 4;
}
// Kubernetes Engine service configuration.
message ServerConfig {
// ReleaseChannelConfig exposes configuration for a release channel.
message ReleaseChannelConfig {
// The release channel this configuration applies to.
ReleaseChannel.Channel channel = 1;
// The default version for newly created clusters on the channel.
string default_version = 2;
// List of valid versions for the channel.
repeated string valid_versions = 4;
}
// Version of Kubernetes the service deploys by default.
string default_cluster_version = 1;
// List of valid node upgrade target versions, in descending order.
repeated string valid_node_versions = 3;
// Default image type.
string default_image_type = 4;
// List of valid image types.
repeated string valid_image_types = 5;
// List of valid master versions, in descending order.
repeated string valid_master_versions = 6;
// List of release channel configurations.
repeated ReleaseChannelConfig channels = 9;
}
// CreateNodePoolRequest creates a node pool for a cluster.
message CreateNodePoolRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the parent field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the parent
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the parent field.
string cluster_id = 3 [deprecated = true];
// Required. The node pool to create.
NodePool node_pool = 4 [(google.api.field_behavior) = REQUIRED];
// The parent (project, location, cluster id) where the node pool will be
// created. Specified in the format
// `projects/*/locations/*/clusters/*`.
string parent = 6;
}
// DeleteNodePoolRequest deletes a node pool for a cluster.
message DeleteNodePoolRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to delete.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// The name (project, location, cluster, node pool id) of the node pool to
// delete. Specified in the format
// `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 6;
}
// ListNodePoolsRequest lists the node pool(s) for a cluster.
message ListNodePoolsRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the parent field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the parent
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the parent field.
string cluster_id = 3 [deprecated = true];
// The parent (project, location, cluster id) where the node pools will be
// listed. Specified in the format `projects/*/locations/*/clusters/*`.
string parent = 5;
}
// GetNodePoolRequest retrieves a node pool for a cluster.
message GetNodePoolRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// The name (project, location, cluster, node pool id) of the node pool to
// get. Specified in the format
// `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 6;
}
// NodePool contains the name and configuration for a cluster's node pool.
// Node pools are a set of nodes (i.e. VM's), with a common configuration and
// specification, under the control of the cluster master. They may have a set
// of Kubernetes labels applied to them, which may be used to reference them
// during pod scheduling. They may also be resized up or down, to accommodate
// the workload.
message NodePool {
// These upgrade settings control the level of parallelism and the level of
// disruption caused by an upgrade.
//
// maxUnavailable controls the number of nodes that can be simultaneously
// unavailable.
//
// maxSurge controls the number of additional nodes that can be added to the
// node pool temporarily for the time of the upgrade to increase the number of
// available nodes.
//
// (maxUnavailable + maxSurge) determines the level of parallelism (how many
// nodes are being upgraded at the same time).
//
// Note: upgrades inevitably introduce some disruption since workloads need to
// be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0,
// this holds true. (Disruption stays within the limits of
// PodDisruptionBudget, if it is configured.)
//
// Consider a hypothetical node pool with 5 nodes having maxSurge=2,
// maxUnavailable=1. This means the upgrade process upgrades 3 nodes
// simultaneously. It creates 2 additional (upgraded) nodes, then it brings
// down 3 old (not yet upgraded) nodes at the same time. This ensures that
// there are always at least 4 nodes available.
message UpgradeSettings {
// The maximum number of nodes that can be created beyond the current size
// of the node pool during the upgrade process.
int32 max_surge = 1;
// The maximum number of nodes that can be simultaneously unavailable during
// the upgrade process. A node is considered available if its status is
// Ready.
int32 max_unavailable = 2;
}
// The current status of the node pool instance.
enum Status {
// Not set.
STATUS_UNSPECIFIED = 0;
// The PROVISIONING state indicates the node pool is being created.
PROVISIONING = 1;
// The RUNNING state indicates the node pool has been created
// and is fully usable.
RUNNING = 2;
// The RUNNING_WITH_ERROR state indicates the node pool has been created
// and is partially usable. Some error state has occurred and some
// functionality may be impaired. Customer may need to reissue a request
// or trigger a new update.
RUNNING_WITH_ERROR = 3;
// The RECONCILING state indicates that some work is actively being done on
// the node pool, such as upgrading node software. Details can
// be found in the `statusMessage` field.
RECONCILING = 4;
// The STOPPING state indicates the node pool is being deleted.
STOPPING = 5;
// The ERROR state indicates the node pool may be unusable. Details
// can be found in the `statusMessage` field.
ERROR = 6;
}
// The name of the node pool.
string name = 1;
// The node configuration of the pool.
NodeConfig config = 2;
// The initial node count for the pool. You must ensure that your
// Compute Engine [resource quota](https://cloud.google.com/compute/quotas)
// is sufficient for this number of instances. You must also have available
// firewall and routes quota.
int32 initial_node_count = 3;
// The list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// NodePool's nodes should be located.
//
// If this value is unspecified during node pool creation, the
// [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations)
// value will be used, instead.
//
// Warning: changing node pool locations will result in nodes being added
// and/or removed.
repeated string locations = 13;
// [Output only] Server-defined URL for the resource.
string self_link = 100;
// The version of the Kubernetes of this node.
string version = 101;
// [Output only] The resource URLs of the [managed instance
// groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances)
// associated with this node pool.
repeated string instance_group_urls = 102;
// [Output only] The status of the nodes in this pool instance.
Status status = 103;
// [Output only] Deprecated. Use conditions instead.
// Additional information about the current status of this
// node pool instance, if available.
string status_message = 104 [deprecated = true];
// Autoscaler configuration for this NodePool. Autoscaler is enabled
// only if a valid configuration is present.
NodePoolAutoscaling autoscaling = 4;
// NodeManagement configuration for this NodePool.
NodeManagement management = 5;
// The constraint on the maximum number of pods that can be run
// simultaneously on a node in the node pool.
MaxPodsConstraint max_pods_constraint = 6;
// Which conditions caused the current node pool state.
repeated StatusCondition conditions = 105;
// [Output only] The pod CIDR block size per node in this node pool.
int32 pod_ipv4_cidr_size = 7;
// Upgrade settings control disruption and speed of the upgrade.
UpgradeSettings upgrade_settings = 107;
}
// NodeManagement defines the set of node management services turned on for the
// node pool.
message NodeManagement {
// A flag that specifies whether node auto-upgrade is enabled for the node
// pool. If enabled, node auto-upgrade helps keep the nodes in your node pool
// up to date with the latest release version of Kubernetes.
bool auto_upgrade = 1;
// A flag that specifies whether the node auto-repair is enabled for the node
// pool. If enabled, the nodes in this node pool will be monitored and, if
// they fail health checks too many times, an automatic repair action will be
// triggered.
bool auto_repair = 2;
// Specifies the Auto Upgrade knobs for the node pool.
AutoUpgradeOptions upgrade_options = 10;
}
// AutoUpgradeOptions defines the set of options for the user to control how
// the Auto Upgrades will proceed.
message AutoUpgradeOptions {
// [Output only] This field is set when upgrades are about to commence
// with the approximate start time for the upgrades, in
// [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.
string auto_upgrade_start_time = 1;
// [Output only] This field is set when upgrades are about to commence
// with the description of the upgrade.
string description = 2;
}
// MaintenancePolicy defines the maintenance policy to be used for the cluster.
message MaintenancePolicy {
// Specifies the maintenance window in which maintenance may be performed.
MaintenanceWindow window = 1;
// A hash identifying the version of this policy, so that updates to fields of
// the policy won't accidentally undo intermediate changes (and so that users
// of the API unaware of some fields won't accidentally remove other fields).
// Make a `get()` request to the cluster to get the current
// resource version and include it with requests to set the policy.
string resource_version = 3;
}
// MaintenanceWindow defines the maintenance window to be used for the cluster.
message MaintenanceWindow {
oneof policy {
// DailyMaintenanceWindow specifies a daily maintenance operation window.
DailyMaintenanceWindow daily_maintenance_window = 2;
// RecurringWindow specifies some number of recurring time periods for
// maintenance to occur. The time windows may be overlapping. If no
// maintenance windows are set, maintenance can occur at any time.
RecurringTimeWindow recurring_window = 3;
}
// Exceptions to maintenance window. Non-emergency maintenance should not
// occur in these windows.
map<string, TimeWindow> maintenance_exclusions = 4;
}
// Represents an arbitrary window of time.
message TimeWindow {
// The time that the window first starts.
google.protobuf.Timestamp start_time = 1;
// The time that the window ends. The end time should take place after the
// start time.
google.protobuf.Timestamp end_time = 2;
}
// Represents an arbitrary window of time that recurs.
message RecurringTimeWindow {
// The window of the first recurrence.
TimeWindow window = 1;
// An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how
// this window reccurs. They go on for the span of time between the start and
// end time.
//
// For example, to have something repeat every weekday, you'd use:
// `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR`
//
// To repeat some window daily (equivalent to the DailyMaintenanceWindow):
// `FREQ=DAILY`
//
// For the first weekend of every month:
// `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU`
//
// This specifies how frequently the window starts. Eg, if you wanted to have
// a 9-5 UTC-4 window every weekday, you'd use something like:
// ```
// start time = 2019-01-01T09:00:00-0400
// end time = 2019-01-01T17:00:00-0400
// recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR
// ```
//
// Windows can span multiple days. Eg, to make the window encompass every
// weekend from midnight Saturday till the last minute of Sunday UTC:
// ```
// start time = 2019-01-05T00:00:00Z
// end time = 2019-01-07T23:59:00Z
// recurrence = FREQ=WEEKLY;BYDAY=SA
// ```
//
// Note the start and end time's specific dates are largely arbitrary except
// to specify duration of the window and when it first starts.
// The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported.
string recurrence = 2;
}
// Time window specified for daily maintenance operations.
message DailyMaintenanceWindow {
// Time within the maintenance window to start the maintenance operations.
// Time format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)
// format "HH:MM", where HH : [00-23] and MM : [00-59] GMT.
string start_time = 2;
// [Output only] Duration of the time window, automatically chosen to be
// smallest possible in the given scenario.
// Duration will be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)
// format "PTnHnMnS".
string duration = 3;
}
// SetNodePoolManagementRequest sets the node management properties of a node
// pool.
message SetNodePoolManagementRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to update.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to update.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// Required. NodeManagement configuration for the node pool.
NodeManagement management = 5 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster, node pool id) of the node pool to set
// management properties. Specified in the format
// `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 7;
}
// SetNodePoolSizeRequest sets the size a node
// pool.
message SetNodePoolSizeRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to update.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to update.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// Required. The desired node count for the pool.
int32 node_count = 5 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster, node pool id) of the node pool to set
// size.
// Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 7;
}
// RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or Failed
// NodePool upgrade. This will be an no-op if the last upgrade successfully
// completed.
message RollbackNodePoolUpgradeRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to rollback.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Deprecated. The name of the node pool to rollback.
// This field has been deprecated and replaced by the name field.
string node_pool_id = 4 [deprecated = true];
// The name (project, location, cluster, node pool id) of the node poll to
// rollback upgrade.
// Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`.
string name = 6;
}
// ListNodePoolsResponse is the result of ListNodePoolsRequest.
message ListNodePoolsResponse {
// A list of node pools for a cluster.
repeated NodePool node_pools = 1;
}
// ClusterAutoscaling contains global, per-cluster information
// required by Cluster Autoscaler to automatically adjust
// the size of the cluster and create/delete
// node pools based on the current needs.
message ClusterAutoscaling {
// Enables automatic node pool creation and deletion.
bool enable_node_autoprovisioning = 1;
// Contains global constraints regarding minimum and maximum
// amount of resources in the cluster.
repeated ResourceLimit resource_limits = 2;
// AutoprovisioningNodePoolDefaults contains defaults for a node pool
// created by NAP.
AutoprovisioningNodePoolDefaults autoprovisioning_node_pool_defaults = 4;
// The list of Google Compute Engine
// [zones](https://cloud.google.com/compute/docs/zones#available) in which the
// NodePool's nodes can be created by NAP.
repeated string autoprovisioning_locations = 5;
}
// AutoprovisioningNodePoolDefaults contains defaults for a node pool created
// by NAP.
message AutoprovisioningNodePoolDefaults {
// Scopes that are used by NAP when creating node pools.
repeated string oauth_scopes = 1;
// The Google Cloud Platform Service Account to be used by the node VMs.
string service_account = 2;
// Specifies the upgrade settings for NAP created node pools
NodePool.UpgradeSettings upgrade_settings = 3;
// Specifies the node management options for NAP created node-pools.
NodeManagement management = 4;
// Minimum CPU platform to be used for NAP created node pools.
// The instance may be scheduled on the specified or newer CPU platform.
// Applicable values are the friendly names of CPU platforms, such as
// minCpuPlatform: Intel Haswell or
// minCpuPlatform: Intel Sandy Bridge. For more
// information, read [how to specify min CPU
// platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)
// To unset the min cpu platform field pass "automatic"
// as field value.
string min_cpu_platform = 5;
// Size of the disk attached to each node, specified in GB.
// The smallest allowed disk size is 10GB.
//
// If unspecified, the default disk size is 100GB.
int32 disk_size_gb = 6;
// Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or
// 'pd-balanced')
//
// If unspecified, the default disk type is 'pd-standard'
string disk_type = 7;
// Shielded Instance options.
ShieldedInstanceConfig shielded_instance_config = 8;
// The Customer Managed Encryption Key used to encrypt the boot disk attached
// to each node in the node pool. This should be of the form
// projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME].
// For more information about protecting resources with Cloud KMS Keys please
// see:
// https://cloud.google.com/compute/docs/disks/customer-managed-encryption
string boot_disk_kms_key = 9;
}
// Contains information about amount of some resource in the cluster.
// For memory, value should be in GB.
message ResourceLimit {
// Resource name "cpu", "memory" or gpu-specific string.
string resource_type = 1;
// Minimum amount of the resource in the cluster.
int64 minimum = 2;
// Maximum amount of the resource in the cluster.
int64 maximum = 3;
}
// NodePoolAutoscaling contains information required by cluster autoscaler to
// adjust the size of the node pool to the current cluster usage.
message NodePoolAutoscaling {
// Is autoscaling enabled for this node pool.
bool enabled = 1;
// Minimum number of nodes in the NodePool. Must be >= 1 and <=
// max_node_count.
int32 min_node_count = 2;
// Maximum number of nodes in the NodePool. Must be >= min_node_count. There
// has to enough quota to scale up the cluster.
int32 max_node_count = 3;
// Can this node pool be deleted automatically.
bool autoprovisioned = 4;
}
// SetLabelsRequest sets the Google Cloud Platform labels on a Google Container
// Engine cluster, which will in turn set them for Google Compute Engine
// resources used by that cluster
message SetLabelsRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. The labels to set for that cluster.
map<string, string> resource_labels = 4 [(google.api.field_behavior) = REQUIRED];
// Required. The fingerprint of the previous set of labels for this resource,
// used to detect conflicts. The fingerprint is initially generated by
// Kubernetes Engine and changes after every request to modify or update
// labels. You must always provide an up-to-date fingerprint hash when
// updating or changing labels. Make a `get()` request to the
// resource to get the latest fingerprint.
string label_fingerprint = 5 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster id) of the cluster to set labels.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 7;
}
// SetLegacyAbacRequest enables or disables the ABAC authorization mechanism for
// a cluster.
message SetLegacyAbacRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster to update.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. Whether ABAC authorization will be enabled in the cluster.
bool enabled = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster id) of the cluster to set legacy abac.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
}
// StartIPRotationRequest creates a new IP for the cluster and then performs
// a node upgrade on each node pool to point to the new IP.
message StartIPRotationRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// The name (project, location, cluster id) of the cluster to start IP
// rotation. Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
// Whether to rotate credentials during IP rotation.
bool rotate_credentials = 7;
}
// CompleteIPRotationRequest moves the cluster master back into single-IP mode.
message CompleteIPRotationRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// The name (project, location, cluster id) of the cluster to complete IP
// rotation. Specified in the format `projects/*/locations/*/clusters/*`.
string name = 7;
}
// AcceleratorConfig represents a Hardware Accelerator request.
message AcceleratorConfig {
// The number of the accelerator cards exposed to an instance.
int64 accelerator_count = 1;
// The accelerator type resource name. List of supported accelerators
// [here](https://cloud.google.com/compute/docs/gpus)
string accelerator_type = 2;
}
// WorkloadMetadataConfig defines the metadata configuration to expose to
// workloads on the node pool.
message WorkloadMetadataConfig {
// Mode is the configuration for how to expose metadata to workloads running
// on the node.
enum Mode {
// Not set.
MODE_UNSPECIFIED = 0;
// Expose all Compute Engine metadata to pods.
GCE_METADATA = 1;
// Run the GKE Metadata Server on this node. The GKE Metadata Server exposes
// a metadata API to workloads that is compatible with the V1 Compute
// Metadata APIs exposed by the Compute Engine and App Engine Metadata
// Servers. This feature can only be enabled if Workload Identity is enabled
// at the cluster level.
GKE_METADATA = 2;
}
// Mode is the configuration for how to expose metadata to workloads running
// on the node pool.
Mode mode = 2;
}
// SetNetworkPolicyRequest enables/disables network policy for a cluster.
message SetNetworkPolicyRequest {
// Deprecated. The Google Developers Console [project ID or project
// number](https://developers.google.com/console/help/new/#projectnumber).
// This field has been deprecated and replaced by the name field.
string project_id = 1 [deprecated = true];
// Deprecated. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides. This field has been deprecated and replaced by the name
// field.
string zone = 2 [deprecated = true];
// Deprecated. The name of the cluster.
// This field has been deprecated and replaced by the name field.
string cluster_id = 3 [deprecated = true];
// Required. Configuration options for the NetworkPolicy feature.
NetworkPolicy network_policy = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster id) of the cluster to set networking
// policy. Specified in the format `projects/*/locations/*/clusters/*`.
string name = 6;
}
// SetMaintenancePolicyRequest sets the maintenance policy for a cluster.
message SetMaintenancePolicyRequest {
// Required. The Google Developers Console [project ID or project
// number](https://support.google.com/cloud/answer/6158840).
string project_id = 1 [(google.api.field_behavior) = REQUIRED];
// Required. The name of the Google Compute Engine
// [zone](https://cloud.google.com/compute/docs/zones#available) in which the
// cluster resides.
string zone = 2 [(google.api.field_behavior) = REQUIRED];
// Required. The name of the cluster to update.
string cluster_id = 3 [(google.api.field_behavior) = REQUIRED];
// Required. The maintenance policy to be set for the cluster. An empty field
// clears the existing maintenance policy.
MaintenancePolicy maintenance_policy = 4 [(google.api.field_behavior) = REQUIRED];
// The name (project, location, cluster id) of the cluster to set maintenance
// policy.
// Specified in the format `projects/*/locations/*/clusters/*`.
string name = 5;
}
// StatusCondition describes why a cluster or a node pool has a certain status
// (e.g., ERROR or DEGRADED).
message StatusCondition {
// Code for each condition
enum Code {
// UNKNOWN indicates a generic condition.
UNKNOWN = 0;
// GCE_STOCKOUT indicates that Google Compute Engine resources are
// temporarily unavailable.
GCE_STOCKOUT = 1;
// GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot
// service account.
GKE_SERVICE_ACCOUNT_DELETED = 2;
// Google Compute Engine quota was exceeded.
GCE_QUOTA_EXCEEDED = 3;
// Cluster state was manually changed by an SRE due to a system logic error.
SET_BY_OPERATOR = 4;
// Unable to perform an encrypt operation against the CloudKMS key used for
// etcd level encryption.
// More codes TBA
CLOUD_KMS_KEY_ERROR = 7;
}
// Machine-friendly representation of the condition
Code code = 1;
// Human-friendly representation of the condition
string message = 2;
}
// NetworkConfig reports the relative names of network & subnetwork.
message NetworkConfig {
// Output only. The relative name of the Google Compute Engine
// [network][google.container.v1.NetworkConfig.network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks)
// to which the cluster is connected. Example:
// projects/my-project/global/networks/my-network
string network = 1;
// Output only. The relative name of the Google Compute Engine
// [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the
// cluster is connected. Example:
// projects/my-project/regions/us-central1/subnetworks/my-subnet
string subnetwork = 2;
// Whether Intra-node visibility is enabled for this cluster.
// This makes same node pod to pod traffic visible for VPC network.
bool enable_intra_node_visibility = 5;
// Whether the cluster disables default in-node sNAT rules. In-node sNAT rules
// will be disabled when default_snat_status is disabled. When disabled is set
// to false, default IP masquerade rules will be applied to the nodes to
// prevent sNAT on cluster internal traffic.
DefaultSnatStatus default_snat_status = 7;
}
// GetOpenIDConfigRequest gets the OIDC discovery document for the
// cluster. See the OpenID Connect Discovery 1.0 specification for details.
message GetOpenIDConfigRequest {
// The cluster (project, location, cluster id) to get the discovery document
// for. Specified in the format `projects/*/locations/*/clusters/*`.
string parent = 1;
}
// GetOpenIDConfigResponse is an OIDC discovery document for the cluster.
// See the OpenID Connect Discovery 1.0 specification for details.
message GetOpenIDConfigResponse {
// OIDC Issuer.
string issuer = 1;
// JSON Web Key uri.
string jwks_uri = 2;
// Supported response types.
repeated string response_types_supported = 3;
// Supported subject types.
repeated string subject_types_supported = 4;
// supported ID Token signing Algorithms.
repeated string id_token_signing_alg_values_supported = 5;
// Supported claims.
repeated string claims_supported = 6;
// Supported grant types.
repeated string grant_types = 7;
}
// GetJSONWebKeysRequest gets the public component of the keys used by the
// cluster to sign token requests. This will be the jwks_uri for the discover
// document returned by getOpenIDConfig. See the OpenID Connect
// Discovery 1.0 specification for details.
message GetJSONWebKeysRequest {
// The cluster (project, location, cluster id) to get keys for. Specified in
// the format `projects/*/locations/*/clusters/*`.
string parent = 1;
}
// Jwk is a JSON Web Key as specified in RFC 7517
message Jwk {
// Key Type.
string kty = 1;
// Algorithm.
string alg = 2;
// Permitted uses for the public keys.
string use = 3;
// Key ID.
string kid = 4;
// Used for RSA keys.
string n = 5;
// Used for RSA keys.
string e = 6;
// Used for ECDSA keys.
string x = 7;
// Used for ECDSA keys.
string y = 8;
// Used for ECDSA keys.
string crv = 9;
}
// GetJSONWebKeysResponse is a valid JSON Web Key Set as specififed in rfc 7517
message GetJSONWebKeysResponse {
// The public component of the keys used by the cluster to sign token
// requests.
repeated Jwk keys = 1;
}
// ReleaseChannel indicates which release channel a cluster is
// subscribed to. Release channels are arranged in order of risk.
//
// When a cluster is subscribed to a release channel, Google maintains
// both the master version and the node version. Node auto-upgrade
// defaults to true and cannot be disabled.
message ReleaseChannel {
// Possible values for 'channel'.
enum Channel {
// No channel specified.
UNSPECIFIED = 0;
// RAPID channel is offered on an early access basis for customers who want
// to test new releases.
//
// WARNING: Versions available in the RAPID Channel may be subject to
// unresolved issues with no known workaround and are not subject to any
// SLAs.
RAPID = 1;
// Clusters subscribed to REGULAR receive versions that are considered GA
// quality. REGULAR is intended for production users who want to take
// advantage of new features.
REGULAR = 2;
// Clusters subscribed to STABLE receive versions that are known to be
// stable and reliable in production.
STABLE = 3;
}
// channel specifies which release channel the cluster is subscribed to.
Channel channel = 1;
}
// IntraNodeVisibilityConfig contains the desired config of the intra-node
// visibility on this cluster.
message IntraNodeVisibilityConfig {
// Enables intra node visibility for this cluster.
bool enabled = 1;
}
// Constraints applied to pods.
message MaxPodsConstraint {
// Constraint enforced on the max num of pods per node.
int64 max_pods_per_node = 1;
}
// Configuration for the use of Kubernetes Service Accounts in GCP IAM
// policies.
message WorkloadIdentityConfig {
// The workload pool to attach all Kubernetes service accounts to.
string workload_pool = 2;
}
// Configuration of etcd encryption.
message DatabaseEncryption {
// State of etcd encryption.
enum State {
// Should never be set
UNKNOWN = 0;
// Secrets in etcd are encrypted.
ENCRYPTED = 1;
// Secrets in etcd are stored in plain text (at etcd level) - this is
// unrelated to Compute Engine level full disk encryption.
DECRYPTED = 2;
}
// Denotes the state of etcd encryption.
State state = 2;
// Name of CloudKMS key to use for the encryption of secrets in etcd.
// Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key
string key_name = 1;
}
// ListUsableSubnetworksRequest requests the list of usable subnetworks
// available to a user for creating clusters.
message ListUsableSubnetworksRequest {
// The parent project where subnetworks are usable.
// Specified in the format `projects/*`.
string parent = 1;
// Filtering currently only supports equality on the networkProjectId and must
// be in the form: "networkProjectId=[PROJECTID]", where `networkProjectId`
// is the project which owns the listed subnetworks. This defaults to the
// parent project ID.
string filter = 2;
// The max number of results per page that should be returned. If the number
// of available results is larger than `page_size`, a `next_page_token` is
// returned which can be used to get the next page of results in subsequent
// requests. Acceptable values are 0 to 500, inclusive. (Default: 500)
int32 page_size = 3;
// Specifies a page token to use. Set this to the nextPageToken returned by
// previous list requests to get the next page of results.
string page_token = 4;
}
// ListUsableSubnetworksResponse is the response of
// ListUsableSubnetworksRequest.
message ListUsableSubnetworksResponse {
// A list of usable subnetworks in the specified network project.
repeated UsableSubnetwork subnetworks = 1;
// This token allows you to get the next page of results for list requests.
// If the number of results is larger than `page_size`, use the
// `next_page_token` as a value for the query parameter `page_token` in the
// next request. The value will become empty when there are no more pages.
string next_page_token = 2;
}
// Secondary IP range of a usable subnetwork.
message UsableSubnetworkSecondaryRange {
// Status shows the current usage of a secondary IP range.
enum Status {
// UNKNOWN is the zero value of the Status enum. It's not a valid status.
UNKNOWN = 0;
// UNUSED denotes that this range is unclaimed by any cluster.
UNUSED = 1;
// IN_USE_SERVICE denotes that this range is claimed by a cluster for
// services. It cannot be used for other clusters.
IN_USE_SERVICE = 2;
// IN_USE_SHAREABLE_POD denotes this range was created by the network admin
// and is currently claimed by a cluster for pods. It can only be used by
// other clusters as a pod range.
IN_USE_SHAREABLE_POD = 3;
// IN_USE_MANAGED_POD denotes this range was created by GKE and is claimed
// for pods. It cannot be used for other clusters.
IN_USE_MANAGED_POD = 4;
}
// The name associated with this subnetwork secondary range, used when adding
// an alias IP range to a VM instance.
string range_name = 1;
// The range of IP addresses belonging to this subnetwork secondary range.
string ip_cidr_range = 2;
// This field is to determine the status of the secondary range programmably.
Status status = 3;
}
// UsableSubnetwork resource returns the subnetwork name, its associated network
// and the primary CIDR range.
message UsableSubnetwork {
// Subnetwork Name.
// Example: projects/my-project/regions/us-central1/subnetworks/my-subnet
string subnetwork = 1;
// Network Name.
// Example: projects/my-project/global/networks/my-network
string network = 2;
// The range of internal addresses that are owned by this subnetwork.
string ip_cidr_range = 3;
// Secondary IP ranges.
repeated UsableSubnetworkSecondaryRange secondary_ip_ranges = 4;
// A human readable status message representing the reasons for cases where
// the caller cannot use the secondary ranges under the subnet. For example if
// the secondary_ip_ranges is empty due to a permission issue, an insufficient
// permission message will be given by status_message.
string status_message = 5;
}
// Configuration for exporting cluster resource usages.
message ResourceUsageExportConfig {
// Parameters for using BigQuery as the destination of resource usage export.
message BigQueryDestination {
// The ID of a BigQuery Dataset.
string dataset_id = 1;
}
// Parameters for controlling consumption metering.
message ConsumptionMeteringConfig {
// Whether to enable consumption metering for this cluster. If enabled, a
// second BigQuery table will be created to hold resource consumption
// records.
bool enabled = 1;
}
// Configuration to use BigQuery as usage export destination.
BigQueryDestination bigquery_destination = 1;
// Whether to enable network egress metering for this cluster. If enabled, a
// daemonset will be created in the cluster to meter network egress traffic.
bool enable_network_egress_metering = 2;
// Configuration to enable resource consumption metering.
ConsumptionMeteringConfig consumption_metering_config = 3;
}
// VerticalPodAutoscaling contains global, per-cluster information
// required by Vertical Pod Autoscaler to automatically adjust
// the resources of pods controlled by it.
message VerticalPodAutoscaling {
// Enables vertical pod autoscaling.
bool enabled = 1;
}
// DefaultSnatStatus contains the desired state of whether default sNAT should
// be disabled on the cluster.
message DefaultSnatStatus {
// Disables cluster default sNAT rules.
bool disabled = 1;
}
// Configuration of Shielded Nodes feature.
message ShieldedNodes {
// Whether Shielded Nodes features are enabled on all nodes in this cluster.
bool enabled = 1;
}