Documentation ¶
Overview ¶
Package gcp contains GCP-specific structures for installer configuration and management.
Index ¶
- Constants
- Variables
- func CloudControllerUID(infraID string) string
- func DefaultSubnetName(infraID, role string) string
- func GetConfiguredServiceAccount(platform *Platform, mpool *MachinePool) string
- func GetDefaultServiceAccount(platform *Platform, clusterID string, role string) string
- type AuthorizationMode
- type EncryptionKeyReference
- type FeatureSwitch
- type KMSKeyReference
- type MachinePool
- type Metadata
- type Metric
- type OSDisk
- type OSImage
- type OnHostMaintenanceType
- type Platform
- type Quota
- type QuotaUsage
- type UserLabel
- type UserProvisionedDNS
- type UserTag
Constants ¶
const ( // EnabledFeature indicates that the feature is configured as enabled. EnabledFeature FeatureSwitch = "Enabled" // DisabledFeature indicates that the feature is configured as disabled. DisabledFeature FeatureSwitch = "Disabled" // OnHostMaintenanceMigrate is the default, and it indicates that the OnHostMaintenance feature is set to Migrate. OnHostMaintenanceMigrate OnHostMaintenanceType = "Migrate" // OnHostMaintenanceTerminate indicates that the OnHostMaintenance feature is set to Terminate. OnHostMaintenanceTerminate OnHostMaintenanceType = "Terminate" )
const ( // ServiceComputeEngineAPI is the GCE service URL ServiceComputeEngineAPI = "compute.googleapis.com" // ServiceIAMAPI is the IAM service URL ServiceIAMAPI = "iam.googleapis.com" )
const Name string = "gcp"
Name is name for the gcp platform.
Variables ¶
var ( // ControlPlaneSupportedDisks contains the supported disk types for control plane nodes. ControlPlaneSupportedDisks = sets.New("hyperdisk-balanced", "pd-balanced", "pd-ssd") // ComputeSupportedDisks contains the supported disk types for control plane nodes. ComputeSupportedDisks = sets.New("hyperdisk-balanced", "pd-balanced", "pd-ssd", "pd-standard") )
Functions ¶
func CloudControllerUID ¶
CloudControllerUID generates a UID used by the GCP cloud controller provider to generate certain load balancing resources
func DefaultSubnetName ¶ added in v0.90.0
DefaultSubnetName sets a default name for the subnet.
func GetConfiguredServiceAccount ¶ added in v0.90.17
func GetConfiguredServiceAccount(platform *Platform, mpool *MachinePool) string
GetConfiguredServiceAccount returns the service account email from a configured service account for a control plane or compute node. Returns empty string if not configured.
func GetDefaultServiceAccount ¶ added in v0.90.17
GetDefaultServiceAccount returns the default service account email to use based on role. The default should be used when an existing service account is not configured.
Types ¶
type AuthorizationMode ¶ added in v0.9.153
type AuthorizationMode string
AuthorizationMode is the mode or type of authentication indicated in the google credentials struct.
const ( // AuthorizedUserMode indicates that an authorized user without a service account has been used // for authentication with the gcloud. AuthorizedUserMode AuthorizationMode = "authorized_user" // ServiceAccountMode indicates that a service account has been used for authentication with // the gcloud. ServiceAccountMode AuthorizationMode = "service_account" // ExternalAccountMode indicates that an external user such as AWS, Azure, etc. has been used for // authentication with gcloud. ExternalAccountMode AuthorizationMode = "external_account" )
type EncryptionKeyReference ¶
type EncryptionKeyReference struct { // KMSKey is a reference to a KMS Key to use for the encryption. // // +optional KMSKey *KMSKeyReference `json:"kmsKey,omitempty"` // KMSKeyServiceAccount is the service account being used for the // encryption request for the given KMS key. If absent, the Compute // Engine default service account is used. // See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account // for details on the default service account. // // +optional KMSKeyServiceAccount string `json:"kmsKeyServiceAccount,omitempty"` }
EncryptionKeyReference describes the encryptionKey to use for a disk's encryption.
func (*EncryptionKeyReference) Set ¶
func (e *EncryptionKeyReference) Set(required *EncryptionKeyReference)
Set sets the values from `required` to `e`.
type FeatureSwitch ¶ added in v0.90.0
type FeatureSwitch string
FeatureSwitch indicates whether the feature is enabled or disabled.
type KMSKeyReference ¶
type KMSKeyReference struct { // Name is the name of the customer managed encryption key to be used for the disk encryption. Name string `json:"name"` // KeyRing is the name of the KMS Key Ring which the KMS Key belongs to. KeyRing string `json:"keyRing"` // ProjectID is the ID of the Project in which the KMS Key Ring exists. // Defaults to the VM ProjectID if not set. // // +optional ProjectID string `json:"projectID,omitempty"` // Location is the GCP location in which the Key Ring exists. Location string `json:"location"` }
KMSKeyReference gathers required fields for looking up a GCP KMS Key
func (*KMSKeyReference) Set ¶
func (k *KMSKeyReference) Set(required *KMSKeyReference)
Set sets the values from `required` to `k`.
type MachinePool ¶
type MachinePool struct { // Zones is list of availability zones that can be used. // // +optional Zones []string `json:"zones,omitempty"` // InstanceType defines the GCP instance type. // eg. n1-standard-4 // // +optional InstanceType string `json:"type"` // OSDisk defines the storage for instance. // // +optional OSDisk `json:"osDisk"` // OSImage defines a custom image for instance. // // +optional OSImage *OSImage `json:"osImage,omitempty"` // Tags defines a set of network tags which will be added to instances in the machineset // // +optional Tags []string `json:"tags,omitempty"` // SecureBoot Defines whether the instance should have secure boot enabled. // secure boot Verify the digital signature of all boot components, and halt the boot process if signature verification fails. // If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. // +kubebuilder:validation:Enum=Enabled;Disabled // +optional SecureBoot string `json:"secureBoot,omitempty"` // OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. // Allowed values are "Migrate" and "Terminate". // If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". // +kubebuilder:default="Migrate" // +default="Migrate" // +kubebuilder:validation:Enum=Migrate;Terminate; // +optional OnHostMaintenance string `json:"onHostMaintenance,omitempty"` // ConfidentialCompute Defines whether the instance should have confidential compute enabled. // If enabled OnHostMaintenance is required to be set to "Terminate". // If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. // +kubebuilder:default="Disabled" // +default="Disabled" // +kubebuilder:validation:Enum=Enabled;Disabled // +optional ConfidentialCompute string `json:"confidentialCompute,omitempty"` // ServiceAccount is the email of a gcp service account to be used during installations. // The provided service account can be attached to both control-plane nodes // and worker nodes in order to provide the permissions required by the cloud provider. // // +optional ServiceAccount string `json:"serviceAccount,omitempty"` }
MachinePool stores the configuration for a machine pool installed on GCP.
func (*MachinePool) Set ¶
func (a *MachinePool) Set(required *MachinePool)
Set sets the values from `required` to `a`.
type Metadata ¶
type Metadata struct { Region string `json:"region"` ProjectID string `json:"projectID"` NetworkProjectID string `json:"networkProjectID,omitempty"` PrivateZoneDomain string `json:"privateZoneDomain,omitempty"` }
Metadata contains GCP metadata (e.g. for uninstalling the cluster).
type Metric ¶
type Metric struct { // Service is the Google Cloud Service to which this quota belongs (e.g. compute.googleapis.com) Service string `json:"service,omitempty"` // Limit is the name of the item that's limited (e.g. cpus) Limit string `json:"limit,omitempty"` // Dimensions are unique axes on which this Limit is applied (e.g. region: us-central-1) Dimensions map[string]string `json:"dimensions,omitempty"` }
Metric identify a quota. Service/Label matches the Google Quota API names for quota metrics
type OSDisk ¶
type OSDisk struct { // DiskType defines the type of disk. // For control plane nodes, the valid values are pd-balanced, pd-ssd, and hyperdisk-balanced. // +optional // +kubebuilder:validation:Enum=pd-balanced;pd-ssd;pd-standard;hyperdisk-balanced DiskType string `json:"diskType"` // DiskSizeGB defines the size of disk in GB. // // +kubebuilder:validation:Minimum=16 // +kubebuilder:validation:Maximum=65536 DiskSizeGB int64 `json:"DiskSizeGB"` // EncryptionKey defines the KMS key to be used to encrypt the disk. // // +optional EncryptionKey *EncryptionKeyReference `json:"encryptionKey,omitempty"` }
OSDisk defines the disk for machines on GCP.
type OSImage ¶ added in v0.9.153
type OSImage struct { // Name defines the name of the image. // // +required Name string `json:"name"` // Project defines the name of the project containing the image. // // +required Project string `json:"project"` }
OSImage defines the image to use for the OS.
type OnHostMaintenanceType ¶ added in v0.90.0
type OnHostMaintenanceType string
OnHostMaintenanceType indicates the setting for the OnHostMaintenance feature, but this is only applicable when ConfidentialCompute is Enabled.
type Platform ¶
type Platform struct { // ProjectID is the the project that will be used for the cluster. ProjectID string `json:"projectID"` // Region specifies the GCP region where the cluster will be created. Region string `json:"region"` // DefaultMachinePlatform is the default configuration used when // installing on GCP for machine pools which do not define their own // platform configuration. // +optional DefaultMachinePlatform *MachinePool `json:"defaultMachinePlatform,omitempty"` // Network specifies an existing VPC where the cluster should be created // rather than provisioning a new one. // +optional Network string `json:"network,omitempty"` // NetworkProjectID specifies which project the network and subnets exist in when // they are not in the main ProjectID. // +optional NetworkProjectID string `json:"networkProjectID,omitempty"` // ControlPlaneSubnet is an existing subnet where the control plane will be deployed. // The value should be the name of the subnet. // +optional ControlPlaneSubnet string `json:"controlPlaneSubnet,omitempty"` // ComputeSubnet is an existing subnet where the compute nodes will be deployed. // The value should be the name of the subnet. // +optional ComputeSubnet string `json:"computeSubnet,omitempty"` // userLabels has additional keys and values that the installer will add as // labels to all resources that it creates on GCP. Resources created by the // cluster itself may not include these labels. GCPLabelsTags featureGate is // defined for managing this feature and is enabled by default. UserLabels []UserLabel `json:"userLabels,omitempty"` // userTags has additional keys and values that the installer will add as // tags to all resources that it creates on GCP. Resources created by the // cluster itself may not include these tags. Tag key and tag value should // be the shortnames of the tag key and tag value resource. GCPLabelsTags featureGate // is defined for managing this feature and is enabled by default. UserTags []UserTag `json:"userTags,omitempty"` // UserProvisionedDNS indicates if the customer is providing their own DNS solution in place of the default // provisioned by the Installer. // +kubebuilder:default:="Disabled" // +default="Disabled" // +kubebuilder:validation:Enum="Enabled";"Disabled" UserProvisionedDNS UserProvisionedDNS `json:"userProvisionedDNS,omitempty"` }
Platform stores all the global configuration that all machinesets use.
type QuotaUsage ¶
type QuotaUsage struct { *Metric `json:",inline"` // Amount is the amount of the quota being used Amount int64 `json:"amount,omitempty"` }
QuotaUsage identifies a quota metric and records the usage
type UserLabel ¶ added in v0.9.153
type UserLabel struct { // key is the key part of the label. A label key can have a maximum of 63 characters // and cannot be empty. Label must begin with a lowercase letter, and must contain // only lowercase letters, numeric characters, and the following special characters `_-`. Key string `json:"key"` // value is the value part of the label. A label value can have a maximum of 63 characters // and cannot be empty. Value must contain only lowercase letters, numeric characters, and // the following special characters `_-`. Value string `json:"value"` }
UserLabel is a label to apply to GCP resources created for the cluster.
type UserProvisionedDNS ¶ added in v0.9.153
type UserProvisionedDNS string
UserProvisionedDNS indicates whether the DNS solution is provisioned by the Installer or the user.
const ( // UserProvisionedDNSEnabled indicates that the DNS solution is provisioned and provided by the user. UserProvisionedDNSEnabled UserProvisionedDNS = "Enabled" // UserProvisionedDNSDisabled indicates that the DNS solution is provisioned by the Installer. UserProvisionedDNSDisabled UserProvisionedDNS = "Disabled" )
type UserTag ¶ added in v0.9.153
type UserTag struct { // parentID is the ID of the hierarchical resource where the tags are defined, // e.g. at the Organization or the Project level. To find the Organization ID or Project ID refer to the following pages: // https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, // https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. // An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. // A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, // numbers, and hyphens, and must start with a letter, and cannot end with a hyphen. ParentID string `json:"parentID"` // key is the key part of the tag. A tag key can have a maximum of 63 characters and // cannot be empty. Tag key must begin and end with an alphanumeric character, and // must contain only uppercase, lowercase alphanumeric characters, and the following // special characters `._-`. Key string `json:"key"` // value is the value part of the tag. A tag value can have a maximum of 63 characters // and cannot be empty. Tag value must begin and end with an alphanumeric character, and // must contain only uppercase, lowercase alphanumeric characters, and the following // special characters `_-.@%=+:,*#&(){}[]` and spaces. Value string `json:"value"` }
UserTag is a tag to apply to GCP resources created for the cluster.