gcp

package
v1.14.16-dcf8320c8c4e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 12, 2024 License: Apache-2.0 Imports: 4 Imported by: 24

Documentation

Overview

Package gcp contains GCP-specific structures for installer configuration and management.

Index

Constants

View Source
const (
	// EnabledFeature indicates that the feature is configured as enabled.
	EnabledFeature FeatureSwitch = "Enabled"

	// DisabledFeature indicates that the feature is configured as disabled.
	DisabledFeature FeatureSwitch = "Disabled"

	// OnHostMaintenanceMigrate is the default, and it indicates that the OnHostMaintenance feature is set to Migrate.
	OnHostMaintenanceMigrate OnHostMaintenanceType = "Migrate"

	// OnHostMaintenanceTerminate indicates that the OnHostMaintenance feature is set to Terminate.
	OnHostMaintenanceTerminate OnHostMaintenanceType = "Terminate"
)
View Source
const (
	// ServiceComputeEngineAPI is the GCE service URL
	ServiceComputeEngineAPI = "compute.googleapis.com"
	// ServiceIAMAPI is the IAM service URL
	ServiceIAMAPI = "iam.googleapis.com"
)
View Source
const Name string = "gcp"

Name is name for the gcp platform.

Variables

View Source
var (
	// ControlPlaneSupportedDisks contains the supported disk types for control plane nodes.
	ControlPlaneSupportedDisks = sets.New("hyperdisk-balanced", "pd-balanced", "pd-ssd")

	// ComputeSupportedDisks contains the supported disk types for control plane nodes.
	ComputeSupportedDisks = sets.New("hyperdisk-balanced", "pd-balanced", "pd-ssd", "pd-standard")
)

Functions

func CloudControllerUID

func CloudControllerUID(infraID string) string

CloudControllerUID generates a UID used by the GCP cloud controller provider to generate certain load balancing resources

func DefaultSubnetName added in v0.90.0

func DefaultSubnetName(infraID, role string) string

DefaultSubnetName sets a default name for the subnet.

func GetConfiguredServiceAccount added in v0.90.17

func GetConfiguredServiceAccount(platform *Platform, mpool *MachinePool) string

GetConfiguredServiceAccount returns the service account email from a configured service account for a control plane or compute node. Returns empty string if not configured.

func GetDefaultServiceAccount added in v0.90.17

func GetDefaultServiceAccount(platform *Platform, clusterID string, role string) string

GetDefaultServiceAccount returns the default service account email to use based on role. The default should be used when an existing service account is not configured.

Types

type AuthorizationMode added in v0.9.153

type AuthorizationMode string

AuthorizationMode is the mode or type of authentication indicated in the google credentials struct.

const (
	// AuthorizedUserMode indicates that an authorized user without a service account has been used
	// for authentication with the gcloud.
	AuthorizedUserMode AuthorizationMode = "authorized_user"

	// ServiceAccountMode indicates that a service account has been used for authentication with
	// the gcloud.
	ServiceAccountMode AuthorizationMode = "service_account"

	// ExternalAccountMode indicates that an external user such as AWS, Azure, etc. has been used for
	// authentication with gcloud.
	ExternalAccountMode AuthorizationMode = "external_account"
)

type EncryptionKeyReference

type EncryptionKeyReference struct {
	// KMSKey is a reference to a KMS Key to use for the encryption.
	//
	// +optional
	KMSKey *KMSKeyReference `json:"kmsKey,omitempty"`

	// KMSKeyServiceAccount is the service account being used for the
	// encryption request for the given KMS key. If absent, the Compute
	// Engine default service account is used.
	// See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account
	// for details on the default service account.
	//
	// +optional
	KMSKeyServiceAccount string `json:"kmsKeyServiceAccount,omitempty"`
}

EncryptionKeyReference describes the encryptionKey to use for a disk's encryption.

func (*EncryptionKeyReference) Set

Set sets the values from `required` to `e`.

type FeatureSwitch added in v0.90.0

type FeatureSwitch string

FeatureSwitch indicates whether the feature is enabled or disabled.

type KMSKeyReference

type KMSKeyReference struct {
	// Name is the name of the customer managed encryption key to be used for the disk encryption.
	Name string `json:"name"`

	// KeyRing is the name of the KMS Key Ring which the KMS Key belongs to.
	KeyRing string `json:"keyRing"`

	// ProjectID is the ID of the Project in which the KMS Key Ring exists.
	// Defaults to the VM ProjectID if not set.
	//
	// +optional
	ProjectID string `json:"projectID,omitempty"`

	// Location is the GCP location in which the Key Ring exists.
	Location string `json:"location"`
}

KMSKeyReference gathers required fields for looking up a GCP KMS Key

func (*KMSKeyReference) Set

func (k *KMSKeyReference) Set(required *KMSKeyReference)

Set sets the values from `required` to `k`.

type MachinePool

type MachinePool struct {
	// Zones is list of availability zones that can be used.
	//
	// +optional
	Zones []string `json:"zones,omitempty"`

	// InstanceType defines the GCP instance type.
	// eg. n1-standard-4
	//
	// +optional
	InstanceType string `json:"type"`

	// OSDisk defines the storage for instance.
	//
	// +optional
	OSDisk `json:"osDisk"`

	// OSImage defines a custom image for instance.
	//
	// +optional
	OSImage *OSImage `json:"osImage,omitempty"`

	// Tags defines a set of network tags which will be added to instances in the machineset
	//
	// +optional
	Tags []string `json:"tags,omitempty"`

	// SecureBoot Defines whether the instance should have secure boot enabled.
	// secure boot Verify the digital signature of all boot components, and halt the boot process if signature verification fails.
	// If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.
	// +kubebuilder:validation:Enum=Enabled;Disabled
	// +optional
	SecureBoot string `json:"secureBoot,omitempty"`

	// OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot.
	// Allowed values are "Migrate" and "Terminate".
	// If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate".
	// +kubebuilder:default="Migrate"
	// +default="Migrate"
	// +kubebuilder:validation:Enum=Migrate;Terminate;
	// +optional
	OnHostMaintenance string `json:"onHostMaintenance,omitempty"`

	// ConfidentialCompute Defines whether the instance should have confidential compute enabled.
	// If enabled OnHostMaintenance is required to be set to "Terminate".
	// If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.
	// +kubebuilder:default="Disabled"
	// +default="Disabled"
	// +kubebuilder:validation:Enum=Enabled;Disabled
	// +optional
	ConfidentialCompute string `json:"confidentialCompute,omitempty"`

	// ServiceAccount is the email of a gcp service account to be used during installations.
	// The provided service account can be attached to both control-plane nodes
	// and worker nodes in order to provide the permissions required by the cloud provider.
	//
	// +optional
	ServiceAccount string `json:"serviceAccount,omitempty"`
}

MachinePool stores the configuration for a machine pool installed on GCP.

func (*MachinePool) Set

func (a *MachinePool) Set(required *MachinePool)

Set sets the values from `required` to `a`.

type Metadata

type Metadata struct {
	Region            string `json:"region"`
	ProjectID         string `json:"projectID"`
	NetworkProjectID  string `json:"networkProjectID,omitempty"`
	PrivateZoneDomain string `json:"privateZoneDomain,omitempty"`
}

Metadata contains GCP metadata (e.g. for uninstalling the cluster).

type Metric

type Metric struct {
	// Service is the Google Cloud Service to which this quota belongs (e.g. compute.googleapis.com)
	Service string `json:"service,omitempty"`
	// Limit is the name of the item that's limited (e.g. cpus)
	Limit string `json:"limit,omitempty"`
	// Dimensions are unique axes on which this Limit is applied (e.g. region: us-central-1)
	Dimensions map[string]string `json:"dimensions,omitempty"`
}

Metric identify a quota. Service/Label matches the Google Quota API names for quota metrics

func (*Metric) Matches

func (m *Metric) Matches(other *Metric) bool

Matches determines if this metric matches the other

func (*Metric) String

func (m *Metric) String() string

String formats the metric

type OSDisk

type OSDisk struct {
	// DiskType defines the type of disk.
	// For control plane nodes, the valid values are pd-balanced, pd-ssd, and hyperdisk-balanced.
	// +optional
	// +kubebuilder:validation:Enum=pd-balanced;pd-ssd;pd-standard;hyperdisk-balanced
	DiskType string `json:"diskType"`

	// DiskSizeGB defines the size of disk in GB.
	//
	// +kubebuilder:validation:Minimum=16
	// +kubebuilder:validation:Maximum=65536
	DiskSizeGB int64 `json:"DiskSizeGB"`

	// EncryptionKey defines the KMS key to be used to encrypt the disk.
	//
	// +optional
	EncryptionKey *EncryptionKeyReference `json:"encryptionKey,omitempty"`
}

OSDisk defines the disk for machines on GCP.

type OSImage added in v0.9.153

type OSImage struct {
	// Name defines the name of the image.
	//
	// +required
	Name string `json:"name"`

	// Project defines the name of the project containing the image.
	//
	// +required
	Project string `json:"project"`
}

OSImage defines the image to use for the OS.

type OnHostMaintenanceType added in v0.90.0

type OnHostMaintenanceType string

OnHostMaintenanceType indicates the setting for the OnHostMaintenance feature, but this is only applicable when ConfidentialCompute is Enabled.

type Platform

type Platform struct {
	// ProjectID is the the project that will be used for the cluster.
	ProjectID string `json:"projectID"`

	// Region specifies the GCP region where the cluster will be created.
	Region string `json:"region"`

	// DefaultMachinePlatform is the default configuration used when
	// installing on GCP for machine pools which do not define their own
	// platform configuration.
	// +optional
	DefaultMachinePlatform *MachinePool `json:"defaultMachinePlatform,omitempty"`

	// Network specifies an existing VPC where the cluster should be created
	// rather than provisioning a new one.
	// +optional
	Network string `json:"network,omitempty"`

	// NetworkProjectID specifies which project the network and subnets exist in when
	// they are not in the main ProjectID.
	// +optional
	NetworkProjectID string `json:"networkProjectID,omitempty"`

	// ControlPlaneSubnet is an existing subnet where the control plane will be deployed.
	// The value should be the name of the subnet.
	// +optional
	ControlPlaneSubnet string `json:"controlPlaneSubnet,omitempty"`

	// ComputeSubnet is an existing subnet where the compute nodes will be deployed.
	// The value should be the name of the subnet.
	// +optional
	ComputeSubnet string `json:"computeSubnet,omitempty"`

	// userLabels has additional keys and values that the installer will add as
	// labels to all resources that it creates on GCP. Resources created by the
	// cluster itself may not include these labels. GCPLabelsTags featureGate is
	// defined for managing this feature and is enabled by default.
	UserLabels []UserLabel `json:"userLabels,omitempty"`

	// userTags has additional keys and values that the installer will add as
	// tags to all resources that it creates on GCP. Resources created by the
	// cluster itself may not include these tags. Tag key and tag value should
	// be the shortnames of the tag key and tag value resource. GCPLabelsTags featureGate
	// is defined for managing this feature and is enabled by default.
	UserTags []UserTag `json:"userTags,omitempty"`

	// UserProvisionedDNS indicates if the customer is providing their own DNS solution in place of the default
	// provisioned by the Installer.
	// +kubebuilder:default:="Disabled"
	// +default="Disabled"
	// +kubebuilder:validation:Enum="Enabled";"Disabled"
	UserProvisionedDNS UserProvisionedDNS `json:"userProvisionedDNS,omitempty"`
}

Platform stores all the global configuration that all machinesets use.

type Quota

type Quota []QuotaUsage

Quota is a record of the quota in GCP consumed by a cluster

type QuotaUsage

type QuotaUsage struct {
	*Metric `json:",inline"`
	// Amount is the amount of the quota being used
	Amount int64 `json:"amount,omitempty"`
}

QuotaUsage identifies a quota metric and records the usage

func (*QuotaUsage) String

func (q *QuotaUsage) String() string

String formats the quota usage

type UserLabel added in v0.9.153

type UserLabel struct {
	// key is the key part of the label. A label key can have a maximum of 63 characters
	// and cannot be empty. Label must begin with a lowercase letter, and must contain
	// only lowercase letters, numeric characters, and the following special characters `_-`.
	Key string `json:"key"`

	// value is the value part of the label. A label value can have a maximum of 63 characters
	// and cannot be empty. Value must contain only lowercase letters, numeric characters, and
	// the following special characters `_-`.
	Value string `json:"value"`
}

UserLabel is a label to apply to GCP resources created for the cluster.

type UserProvisionedDNS added in v0.9.153

type UserProvisionedDNS string

UserProvisionedDNS indicates whether the DNS solution is provisioned by the Installer or the user.

const (
	// UserProvisionedDNSEnabled indicates that the DNS solution is provisioned and provided by the user.
	UserProvisionedDNSEnabled UserProvisionedDNS = "Enabled"

	// UserProvisionedDNSDisabled indicates that the DNS solution is provisioned by the Installer.
	UserProvisionedDNSDisabled UserProvisionedDNS = "Disabled"
)

type UserTag added in v0.9.153

type UserTag struct {
	// parentID is the ID of the hierarchical resource where the tags are defined,
	// e.g. at the Organization or the Project level. To find the Organization ID or Project ID refer to the following pages:
	// https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id,
	// https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects.
	// An OrganizationID must consist of decimal numbers, and cannot have leading zeroes.
	// A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters,
	// numbers, and hyphens, and must start with a letter, and cannot end with a hyphen.
	ParentID string `json:"parentID"`

	// key is the key part of the tag. A tag key can have a maximum of 63 characters and
	// cannot be empty. Tag key must begin and end with an alphanumeric character, and
	// must contain only uppercase, lowercase alphanumeric characters, and the following
	// special characters `._-`.
	Key string `json:"key"`

	// value is the value part of the tag. A tag value can have a maximum of 63 characters
	// and cannot be empty. Tag value must begin and end with an alphanumeric character, and
	// must contain only uppercase, lowercase alphanumeric characters, and the following
	// special characters `_-.@%=+:,*#&(){}[]` and spaces.
	Value string `json:"value"`
}

UserTag is a tag to apply to GCP resources created for the cluster.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL