Skip to content

Commit

Permalink
feat: add storage schema to local control plane config
Browse files Browse the repository at this point in the history 
feat: add VM service config to system addons config
feat: add resource state to control plane encryption
feat: add connection state to cluster
feat: add resource state to local disk encryption
feat: add storage schema to node config
feat: add config data to zone metadata
feat: add maintenance exclusion window to maintenance policy
feat: add status reason to operation metadata

PiperOrigin-RevId: 690689315
  • Loading branch information
@copybara-github
Google APIs authored and copybara-github committed Oct 28, 2024
1 parent 80460eb commit ba8ea80
Show file tree
Hide file tree
Showing 2 changed files with 123 additions and 12 deletions.
122 changes: 110 additions & 12 deletions google/cloud/edgecontainer/v1/resources.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,18 @@ enum KmsKeyState {
KMS_KEY_STATE_KEY_UNAVAILABLE = 2;
}

// Represents if the resource is in lock down state or pending.
enum ResourceState {
// Default value.
RESOURCE_STATE_UNSPECIFIED = 0;

// The resource is in LOCK DOWN state.
RESOURCE_STATE_LOCK_DOWN = 1;

// The resource is pending lock down.
RESOURCE_STATE_LOCK_DOWN_PENDING = 2;
}

// A Google Distributed Cloud Edge Kubernetes cluster.
message Cluster {
option (google.api.resource) = {
Expand Down Expand Up @@ -86,6 +98,14 @@ message Cluster {

// Policy configuration about how user applications are deployed.
SharedDeploymentPolicy shared_deployment_policy = 4;

// Optional. Name for the storage schema of control plane nodes.
//
// Warning: Configurable node local storage schema feature is an
// experimental feature, and is not recommended for general use
// in production clusters/nodepools.
string control_plane_node_storage_schema = 5
[(google.api.field_behavior) = OPTIONAL];
}

// Represents the policy configuration about how user applications are
Expand Down Expand Up @@ -131,19 +151,28 @@ message Cluster {
string ipv4_vip = 2 [(google.api.field_behavior) = OPTIONAL];
}

// VMServiceConfig defines the configuration for GDCE VM Service.
message VMServiceConfig {
// Optional. Whether VMM is enabled.
bool vmm_enabled = 1 [(google.api.field_behavior) = OPTIONAL];
}

// Optional. Config for Ingress.
Ingress ingress = 1 [(google.api.field_behavior) = OPTIONAL];

// Optional. Config for VM Service.
VMServiceConfig vm_service_config = 4
[(google.api.field_behavior) = OPTIONAL];
}

// Configuration for Customer-managed KMS key support for remote control plane
// cluster disk encryption.
// Configuration for Customer-managed KMS key support for control plane nodes.
message ControlPlaneEncryption {
// Immutable. The Cloud KMS CryptoKey e.g.
// Optional. The Cloud KMS CryptoKey e.g.
// projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}
// to use for protecting control plane disks. If not specified, a
// Google-managed key will be used instead.
string kms_key = 1 [
(google.api.field_behavior) = IMMUTABLE,
(google.api.field_behavior) = OPTIONAL,
(google.api.resource_reference) = {
type: "cloudkms.googleapis.com/CryptoKey"
}
Expand All @@ -170,6 +199,10 @@ message Cluster {
// error status reported by Cloud KMS.
google.rpc.Status kms_status = 4
[(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. The current resource state associated with the cmek.
ResourceState resource_state = 5
[(google.api.field_behavior) = OUTPUT_ONLY];
}

// A Maintenance Event is an operation that could cause temporary disruptions
Expand Down Expand Up @@ -263,6 +296,33 @@ message Cluster {
[(google.api.field_behavior) = OPTIONAL];
}

// ConnectionState holds the current connection state from the cluster to
// Google.
message ConnectionState {
// The connection state.
enum State {
// Unknown connection state.
STATE_UNSPECIFIED = 0;

// This cluster is currently disconnected from Google.
DISCONNECTED = 1;

// This cluster is currently connected to Google.
CONNECTED = 2;

// This cluster is currently connected to Google, but may have recently
// reconnected after a disconnection. It is still syncing back.
CONNECTED_AND_SYNCING = 3;
}

// Output only. The current connection state.
State state = 1 [(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. The time when the connection state was last changed.
google.protobuf.Timestamp update_time = 2
[(google.api.field_behavior) = OUTPUT_ONLY];
}

// Indicates the status of the cluster.
enum Status {
// Status unknown.
Expand Down Expand Up @@ -396,6 +456,10 @@ message Cluster {
// balancing.
repeated string external_load_balancer_ipv6_address_pools = 25
[(google.api.field_behavior) = OPTIONAL];

// Output only. The current connection state of the cluster.
ConnectionState connection_state = 27
[(google.api.field_behavior) = OUTPUT_ONLY];
}

// Cluster-wide networking configuration.
Expand Down Expand Up @@ -458,12 +522,12 @@ message NodePool {

// Configuration for CMEK support for edge machine local disk encryption.
message LocalDiskEncryption {
// Immutable. The Cloud KMS CryptoKey e.g.
// Optional. The Cloud KMS CryptoKey e.g.
// projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}
// to use for protecting node local disks. If not specified, a
// Google-managed key will be used instead.
string kms_key = 1 [
(google.api.field_behavior) = IMMUTABLE,
(google.api.field_behavior) = OPTIONAL,
(google.api.resource_reference) = {
type: "cloudkms.googleapis.com/CryptoKey"
}
Expand All @@ -490,12 +554,23 @@ message NodePool {
// error status reported by Cloud KMS.
google.rpc.Status kms_status = 4
[(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. The current resource state associated with the cmek.
ResourceState resource_state = 5
[(google.api.field_behavior) = OUTPUT_ONLY];
}

// Configuration for each node in the NodePool
message NodeConfig {
// Optional. The Kubernetes node labels
map<string, string> labels = 1 [(google.api.field_behavior) = OPTIONAL];

// Optional. Name for the storage schema of worker nodes.
//
// Warning: Configurable node local storage schema feature is an
// experimental feature, and is not recommended for general use
// in production clusters/nodepools.
string node_storage_schema = 2 [(google.api.field_behavior) = OPTIONAL];
}

// Required. The resource name of the node pool.
Expand Down Expand Up @@ -602,12 +677,7 @@ message VpnConnection {
// the cluster project.
string project_id = 1;

// Optional. The service account in the VPC project configured by user. It
// is used to create/delete Cloud Router and Cloud HA VPNs for VPN
// connection. If this SA is changed during/after a VPN connection is
// created, you need to remove the Cloud Router and Cloud VPN resources in
// |project_id|. It is in the form of
// service-{project_number}@gcp-sa-edgecontainer.iam.gserviceaccount.com.
// Optional. Deprecated: do not use.
string service_account = 2
[deprecated = true, (google.api.field_behavior) = OPTIONAL];
}
Expand Down Expand Up @@ -746,6 +816,18 @@ message ZoneMetadata {

// The map keyed by rack name and has value of RackType.
map<string, RackType> rack_types = 2;

// Config data for the zone.
ConfigData config_data = 3;
}

// Config data holds all the config related data for the zone.
message ConfigData {
// list of available v4 ip pools for external loadbalancer
repeated string available_external_lb_pools_ipv4 = 1;

// list of available v6 ip pools for external loadbalancer
repeated string available_external_lb_pools_ipv6 = 2;
}

// Represents quota for Edge Container resources.
Expand All @@ -764,6 +846,13 @@ message Quota {
message MaintenancePolicy {
// Specifies the maintenance window in which maintenance may be performed.
MaintenanceWindow window = 1;

// Optional. Exclusions to automatic maintenance. Non-emergency maintenance
// should not occur in these windows. Each exclusion has a unique name and may
// be active or expired. The max number of maintenance exclusions allowed at a
// given time is 3.
repeated MaintenanceExclusionWindow maintenance_exclusions = 2
[(google.api.field_behavior) = OPTIONAL];
}

// Maintenance window configuration
Expand All @@ -783,6 +872,15 @@ message RecurringTimeWindow {
string recurrence = 2;
}

// Represents a maintenance exclusion window.
message MaintenanceExclusionWindow {
// Optional. The time window.
TimeWindow window = 1 [(google.api.field_behavior) = OPTIONAL];

// Optional. A unique (per cluster) id for the window.
string id = 2 [(google.api.field_behavior) = OPTIONAL];
}

// Represents an arbitrary window of time.
message TimeWindow {
// The time that the window first starts.
Expand Down
13 changes: 13 additions & 0 deletions google/cloud/edgecontainer/v1/service.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/cloud/edgecontainer/v1/resources.proto";
import "google/longrunning/operations.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";

Expand Down Expand Up @@ -258,6 +259,15 @@ service EdgeContainer {

// Long-running operation metadata for Edge Container API methods.
message OperationMetadata {
// Indicates the reason for the status of the operation.
enum StatusReason {
// Reason unknown.
STATUS_REASON_UNSPECIFIED = 0;

// The cluster upgrade is currently paused.
UPGRADE_PAUSED = 1;
}

// The time the operation was created.
google.protobuf.Timestamp create_time = 1;

Expand Down Expand Up @@ -285,6 +295,9 @@ message OperationMetadata {
// Warnings that do not block the operation, but still hold relevant
// information for the end user to receive.
repeated string warnings = 8;

// Machine-readable status of the operation, if any.
StatusReason status_reason = 9;
}

// Lists clusters in a location.
Expand Down

0 comments on commit ba8ea80

Please sign in to comment.