From dc97927f98ca37c430a5e36a66d9ee6785f0deef Mon Sep 17 00:00:00 2001 From: Google APIs Date: Thu, 21 Mar 2024 15:02:58 -0700 Subject: [PATCH] feat: add GetServerConfig rpc and message feat: add UpgradeCluster PiperOrigin-RevId: 617974201 --- google/cloud/edgecontainer/v1/BUILD.bazel | 30 +- .../edgecontainer/v1/edgecontainer_gapic.yaml | 35 ++ .../v1/edgecontainer_grpc_service_config.json | 8 +- .../edgecontainer/v1/edgecontainer_v1.yaml | 11 - google/cloud/edgecontainer/v1/resources.proto | 489 ++++++++++++++++-- google/cloud/edgecontainer/v1/service.proto | 155 +++++- 6 files changed, 636 insertions(+), 92 deletions(-) create mode 100644 google/cloud/edgecontainer/v1/edgecontainer_gapic.yaml diff --git a/google/cloud/edgecontainer/v1/BUILD.bazel b/google/cloud/edgecontainer/v1/BUILD.bazel index cbabcd62c53ed..db8ce2937a3b7 100644 --- a/google/cloud/edgecontainer/v1/BUILD.bazel +++ b/google/cloud/edgecontainer/v1/BUILD.bazel @@ -9,14 +9,17 @@ # * extra_protoc_file_parameters # The complete list of preserved parameters can be found in the source code. +# buildifier: disable=load-on-top + # This is an API workspace, having public visibility by default makes perfect sense. package(default_visibility = ["//visibility:public"]) ############################################################################## # Common ############################################################################## -load("@rules_proto//proto:defs.bzl", "proto_library") +# buildifier: disable=same-origin-load load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info") +load("@rules_proto//proto:defs.bzl", "proto_library") proto_library( name = "edgecontainer_proto", @@ -31,6 +34,7 @@ proto_library( "//google/api:resource_proto", "//google/longrunning:operations_proto", "//google/rpc:status_proto", + "@com_google_protobuf//:duration_proto", "@com_google_protobuf//:empty_proto", "@com_google_protobuf//:field_mask_proto", "@com_google_protobuf//:timestamp_proto", @@ -42,12 +46,14 @@ proto_library_with_info( deps = [ ":edgecontainer_proto", "//google/cloud:common_resources_proto", + "//google/cloud/location:location_proto", ], ) ############################################################################## # Java ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "java_gapic_assembly_gradle_pkg", @@ -71,17 +77,19 @@ java_grpc_library( java_gapic_library( name = "edgecontainer_java_gapic", srcs = [":edgecontainer_proto_with_info"], - gapic_yaml = None, + gapic_yaml = "edgecontainer_gapic.yaml", grpc_service_config = "edgecontainer_grpc_service_config.json", rest_numeric_enums = True, service_yaml = "edgecontainer_v1.yaml", test_deps = [ ":edgecontainer_java_grpc", + "//google/cloud/location:location_java_grpc", ], transport = "grpc+rest", deps = [ ":edgecontainer_java_proto", "//google/api:api_java_proto", + "//google/cloud/location:location_java_proto", ], ) @@ -110,6 +118,7 @@ java_gapic_assembly_gradle_pkg( ############################################################################## # Go ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "go_gapic_assembly_pkg", @@ -145,6 +154,7 @@ go_gapic_library( "//google/longrunning:longrunning_go_proto", "@com_google_cloud_go_longrunning//:go_default_library", "@com_google_cloud_go_longrunning//autogen:go_default_library", + "@io_bazel_rules_go//proto/wkt:duration_go_proto", ], ) @@ -163,6 +173,7 @@ go_gapic_assembly_pkg( ############################################################################## # Python ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "py_gapic_assembly_pkg", @@ -177,7 +188,8 @@ py_gapic_library( rest_numeric_enums = True, service_yaml = "edgecontainer_v1.yaml", transport = "grpc+rest", - deps = ["//google/iam/v1:iam_policy_py_proto"], + deps = [ + ], ) py_test( @@ -201,6 +213,7 @@ py_gapic_assembly_pkg( ############################################################################## # PHP ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "php_gapic_assembly_pkg", @@ -217,10 +230,14 @@ php_gapic_library( name = "edgecontainer_php_gapic", srcs = [":edgecontainer_proto_with_info"], grpc_service_config = "edgecontainer_grpc_service_config.json", + migration_mode = "PRE_MIGRATION_SURFACE_ONLY", rest_numeric_enums = True, service_yaml = "edgecontainer_v1.yaml", transport = "grpc+rest", - deps = [":edgecontainer_php_proto"], + gapic_yaml = "edgecontainer_gapic.yaml", + deps = [ + ":edgecontainer_php_proto", + ], ) # Open Source Packages @@ -235,6 +252,7 @@ php_gapic_assembly_pkg( ############################################################################## # Node.js ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "nodejs_gapic_assembly_pkg", @@ -265,6 +283,7 @@ nodejs_gapic_assembly_pkg( ############################################################################## # Ruby ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "ruby_cloud_gapic_library", @@ -311,6 +330,7 @@ ruby_gapic_assembly_pkg( ############################################################################## # C# ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "csharp_gapic_assembly_pkg", @@ -321,6 +341,7 @@ load( csharp_proto_library( name = "edgecontainer_csharp_proto", + extra_opts = [], deps = [":edgecontainer_proto"], ) @@ -357,6 +378,7 @@ csharp_gapic_assembly_pkg( ############################################################################## # C++ ############################################################################## +# buildifier: disable=same-origin-load load( "@com_google_googleapis_imports//:imports.bzl", "cc_grpc_library", diff --git a/google/cloud/edgecontainer/v1/edgecontainer_gapic.yaml b/google/cloud/edgecontainer/v1/edgecontainer_gapic.yaml new file mode 100644 index 0000000000000..69a3ab9dae169 --- /dev/null +++ b/google/cloud/edgecontainer/v1/edgecontainer_gapic.yaml @@ -0,0 +1,35 @@ +type: com.google.api.codegen.ConfigProto +config_schema_version: 2.0.0 +interfaces: +- name: google.cloud.edgecontainer.v1.EdgeContainer + methods: + - name: CreateCluster + long_running: + initial_poll_delay_millis: 1000 + poll_delay_multiplier: 2 + max_poll_delay_millis: 10000 + total_poll_timeout_millis: 2700000 + - name: DeleteCluster + long_running: + initial_poll_delay_millis: 1000 + poll_delay_multiplier: 2 + max_poll_delay_millis: 10000 + total_poll_timeout_millis: 1800000 + - name: CreateNodePool + long_running: + initial_poll_delay_millis: 1000 + poll_delay_multiplier: 2 + max_poll_delay_millis: 10000 + total_poll_timeout_millis: 68400000 + - name: UpdateNodePool + long_running: + initial_poll_delay_millis: 1000 + poll_delay_multiplier: 2 + max_poll_delay_millis: 10000 + total_poll_timeout_millis: 68400000 + - name: DeleteNodePool + long_running: + initial_poll_delay_millis: 1000 + poll_delay_multiplier: 2 + max_poll_delay_millis: 10000 + total_poll_timeout_millis: 1800000 diff --git a/google/cloud/edgecontainer/v1/edgecontainer_grpc_service_config.json b/google/cloud/edgecontainer/v1/edgecontainer_grpc_service_config.json index 63a6cde7c32f5..ca8eb2deae88d 100644 --- a/google/cloud/edgecontainer/v1/edgecontainer_grpc_service_config.json +++ b/google/cloud/edgecontainer/v1/edgecontainer_grpc_service_config.json @@ -8,8 +8,10 @@ { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "ListVpnConnections" }, { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GetVpnConnection" }, { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "ListMachines" }, - { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GetMachine" } - + { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GetMachine" }, + { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GenerateAccessToken" }, + { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GenerateOfflineCredential" }, + { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GetServerConfig" } ], "timeout": "60s", "retryPolicy": { @@ -30,7 +32,7 @@ { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "DeleteNodePool" }, { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "CreateVpnConnection" }, { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "DeleteVpnConnection" }, - { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "GenerateAccessToken" } + { "service": "google.cloud.edgecontainer.v1.EdgeContainer", "method": "UpgradeCluster" } ], "timeout": "60s" }] diff --git a/google/cloud/edgecontainer/v1/edgecontainer_v1.yaml b/google/cloud/edgecontainer/v1/edgecontainer_v1.yaml index 1a98c93ba02b6..235c6f7163582 100644 --- a/google/cloud/edgecontainer/v1/edgecontainer_v1.yaml +++ b/google/cloud/edgecontainer/v1/edgecontainer_v1.yaml @@ -20,17 +20,6 @@ documentation: - selector: google.cloud.location.Locations.ListLocations description: Lists information about the supported locations for this service. -backend: - rules: - - selector: 'google.cloud.edgecontainer.v1.EdgeContainer.*' - deadline: 60.0 - - selector: google.cloud.location.Locations.GetLocation - deadline: 60.0 - - selector: google.cloud.location.Locations.ListLocations - deadline: 60.0 - - selector: 'google.longrunning.Operations.*' - deadline: 60.0 - http: rules: - selector: google.cloud.location.Locations.GetLocation diff --git a/google/cloud/edgecontainer/v1/resources.proto b/google/cloud/edgecontainer/v1/resources.proto index 35fb43d40af07..1ec599ae2d43d 100644 --- a/google/cloud/edgecontainer/v1/resources.proto +++ b/google/cloud/edgecontainer/v1/resources.proto @@ -1,4 +1,4 @@ -// Copyright 2022 Google LLC +// Copyright 2023 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,6 +18,7 @@ package google.cloud.edgecontainer.v1; import "google/api/field_behavior.proto"; import "google/api/resource.proto"; +import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/rpc/status.proto"; @@ -55,6 +56,244 @@ message Cluster { pattern: "projects/{project}/locations/{location}/clusters/{cluster}" }; + // Configuration of the cluster control plane. + message ControlPlane { + // Configuration specific to clusters with a control plane hosted remotely. + message Remote {} + + // Configuration specific to clusters with a control plane hosted locally. + // + // Warning: Local control plane clusters must be created in their own + // project. Local control plane clusters cannot coexist in the same + // project with any other type of clusters, including non-GDCE clusters. + // Mixing local control plane GDCE clusters with any other type of + // clusters in the same project can result in data loss. + message Local { + // Name of the Google Distributed Cloud Edge zones where this node pool + // will be created. For example: `us-central1-edge-customer-a`. + string node_location = 1; + + // The number of nodes to serve as replicas of the Control Plane. + int32 node_count = 2; + + // Only machines matching this filter will be allowed to host control + // plane nodes. The filtering language accepts strings like "name=", + // and is documented here: [AIP-160](https://google.aip.dev/160). + string machine_filter = 3; + + // Policy configuration about how user applications are deployed. + SharedDeploymentPolicy shared_deployment_policy = 4; + } + + // Represents the policy configuration about how user applications are + // deployed. + enum SharedDeploymentPolicy { + // Unspecified. + SHARED_DEPLOYMENT_POLICY_UNSPECIFIED = 0; + + // User applications can be deployed both on control plane and worker + // nodes. + ALLOWED = 1; + + // User applications can not be deployed on control plane nodes and can + // only be deployed on worker nodes. + DISALLOWED = 2; + } + + oneof config { + // Remote control plane configuration. + Remote remote = 1; + + // Local control plane configuration. + // + // Warning: Local control plane clusters must be created in their own + // project. Local control plane clusters cannot coexist in the same + // project with any other type of clusters, including non-GDCE clusters. + // Mixing local control plane GDCE clusters with any other type of + // clusters in the same project can result in data loss. + Local local = 2; + } + } + + // Config that customers are allowed to define for GDCE system add-ons. + message SystemAddonsConfig { + // Config for the Ingress add-on which allows customers to create an Ingress + // object to manage external access to the servers in a cluster. The add-on + // consists of istiod and istio-ingress. + message Ingress { + // Optional. Whether Ingress is disabled. + bool disabled = 1 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Ingress VIP. + string ipv4_vip = 2 [(google.api.field_behavior) = OPTIONAL]; + } + + // Optional. Config for Ingress. + Ingress ingress = 1 [(google.api.field_behavior) = OPTIONAL]; + } + + // Configuration for Customer-managed KMS key support for remote control plane + // cluster disk encryption. + message ControlPlaneEncryption { + // Immutable. The Cloud KMS CryptoKey e.g. + // projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey} + // to use for protecting control plane disks. If not specified, a + // Google-managed key will be used instead. + string kms_key = 1 [ + (google.api.field_behavior) = IMMUTABLE, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Output only. The Cloud KMS CryptoKeyVersion currently in use for + // protecting control plane disks. Only applicable if kms_key is set. + string kms_key_active_version = 2 [ + (google.api.field_behavior) = OUTPUT_ONLY, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; + + // Output only. Availability of the Cloud KMS CryptoKey. If not + // `KEY_AVAILABLE`, then nodes may go offline as they cannot access their + // local data. This can be caused by a lack of permissions to use the key, + // or if the key is disabled or deleted. + KmsKeyState kms_key_state = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Error status returned by Cloud KMS when using this key. This + // field may be populated only if `kms_key_state` is not + // `KMS_KEY_STATE_KEY_AVAILABLE`. If populated, this field contains the + // error status reported by Cloud KMS. + google.rpc.Status kms_status = 4 + [(google.api.field_behavior) = OUTPUT_ONLY]; + } + + // A Maintenance Event is an operation that could cause temporary disruptions + // to the cluster workloads, including Google-driven or user-initiated cluster + // upgrades, user-initiated cluster configuration changes that require + // restarting nodes, etc. + message MaintenanceEvent { + // Indicates the maintenance event type. + enum Type { + // Unspecified. + TYPE_UNSPECIFIED = 0; + + // Upgrade initiated by users. + USER_INITIATED_UPGRADE = 1; + + // Upgrade driven by Google. + GOOGLE_DRIVEN_UPGRADE = 2; + } + + // Indicates when the maintenance event should be performed. + enum Schedule { + // Unspecified. + SCHEDULE_UNSPECIFIED = 0; + + // Immediately after receiving the request. + IMMEDIATELY = 1; + } + + // Indicates the maintenance event state. + enum State { + // Unspecified. + STATE_UNSPECIFIED = 0; + + // The maintenance event is ongoing. The cluster might be unusable. + RECONCILING = 1; + + // The maintenance event succeeded. + SUCCEEDED = 2; + + // The maintenance event failed. + FAILED = 3; + } + + // Output only. UUID of the maintenance event. + string uuid = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The target version of the cluster. + string target_version = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The operation for running the maintenance event. Specified + // in the format projects/*/locations/*/operations/*. If the maintenance + // event is split into multiple operations (e.g. due to maintenance + // windows), the latest one is recorded. + string operation = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The type of the maintenance event. + Type type = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The schedule of the maintenance event. + Schedule schedule = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The state of the maintenance event. + State state = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time when the maintenance event request was created. + google.protobuf.Timestamp create_time = 7 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time when the maintenance event started. + google.protobuf.Timestamp start_time = 8 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time when the maintenance event ended, either + // successfully or not. If the maintenance event is split into multiple + // maintenance windows, end_time is only updated when the whole flow ends. + google.protobuf.Timestamp end_time = 9 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time when the maintenance event message was updated. + google.protobuf.Timestamp update_time = 10 + [(google.api.field_behavior) = OUTPUT_ONLY]; + } + + // Configuration of the cluster survivability, e.g., for the case when network + // connectivity is lost. + message SurvivabilityConfig { + // Optional. Time period that allows the cluster nodes to be rebooted and + // become functional without network connectivity to Google. The default 0 + // means not allowed. The maximum is 7 days. + google.protobuf.Duration offline_reboot_ttl = 1 + [(google.api.field_behavior) = OPTIONAL]; + } + + // Indicates the status of the cluster. + enum Status { + // Status unknown. + STATUS_UNSPECIFIED = 0; + + // The cluster is being created. + PROVISIONING = 1; + + // The cluster is created and fully usable. + RUNNING = 2; + + // The cluster is being deleted. + DELETING = 3; + + // The status indicates that some errors occurred while reconciling/deleting + // the cluster. + ERROR = 4; + + // The cluster is undergoing some work such as version upgrades, etc. + RECONCILING = 5; + } + + // The release channel a cluster is subscribed to. + enum ReleaseChannel { + // Unspecified release channel. This will default to the REGULAR channel. + RELEASE_CHANNEL_UNSPECIFIED = 0; + + // No release channel. + NONE = 1; + + // Regular release channel. + REGULAR = 2; + } + // Required. The resource name of the cluster. string name = 1 [ (google.api.field_behavior) = REQUIRED, @@ -64,16 +303,18 @@ message Cluster { ]; // Output only. The time when the cluster was created. - google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp create_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. The time when the cluster was last updated. - google.protobuf.Timestamp update_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Labels associated with this resource. map labels = 4; - // Optional. Fleet configuration. - Fleet fleet = 11 [(google.api.field_behavior) = OPTIONAL]; + // Required. Fleet configuration. + Fleet fleet = 11 [(google.api.field_behavior) = REQUIRED]; // Required. Cluster-wide networking configuration. ClusterNetworking networking = 7 [(google.api.field_behavior) = REQUIRED]; @@ -84,32 +325,89 @@ message Cluster { (google.api.field_behavior) = IMMUTABLE ]; - // Optional. The default maximum number of pods per node used if a maximum value is not - // specified explicitly for a node pool in this cluster. If unspecified, the - // Kubernetes default value will be used. + // Optional. The default maximum number of pods per node used if a maximum + // value is not specified explicitly for a node pool in this cluster. If + // unspecified, the Kubernetes default value will be used. int32 default_max_pods_per_node = 8 [(google.api.field_behavior) = OPTIONAL]; // Output only. The IP address of the Kubernetes API server. string endpoint = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + // Output only. The port number of the Kubernetes API server. + int32 port = 19 [(google.api.field_behavior) = OUTPUT_ONLY]; + // Output only. The PEM-encoded public certificate of the cluster's CA. - string cluster_ca_certificate = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; + string cluster_ca_certificate = 10 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Optional. Cluster-wide maintenance policy configuration. - MaintenancePolicy maintenance_policy = 12 [(google.api.field_behavior) = OPTIONAL]; + MaintenancePolicy maintenance_policy = 12 + [(google.api.field_behavior) = OPTIONAL]; + + // Output only. The control plane release version + string control_plane_version = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The lowest release version among all worker nodes. This field + // can be empty if the cluster does not have any worker nodes. + string node_version = 14 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. The configuration of the cluster control plane. + ControlPlane control_plane = 15 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. The configuration of the system add-ons. + SystemAddonsConfig system_addons_config = 16 + [(google.api.field_behavior) = OPTIONAL]; + + // Optional. IPv4 address pools for cluster data plane external load + // balancing. + repeated string external_load_balancer_ipv4_address_pools = 17 + [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Remote control plane disk encryption options. This field is only + // used when enabling CMEK support. + ControlPlaneEncryption control_plane_encryption = 18 + [(google.api.field_behavior) = OPTIONAL]; + + // Output only. The current status of the cluster. + Status status = 20 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. All the maintenance events scheduled for the cluster, + // including the ones ongoing, planned for the future and done in the past (up + // to 90 days). + repeated MaintenanceEvent maintenance_events = 21 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. The target cluster version. For example: "1.5.0". + string target_version = 22 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. The release channel a cluster is subscribed to. + ReleaseChannel release_channel = 23 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Configuration of the cluster survivability, e.g., for the case + // when network connectivity is lost. Note: This only applies to local control + // plane clusters. + SurvivabilityConfig survivability_config = 24 + [(google.api.field_behavior) = OPTIONAL]; + + // Optional. IPv6 address pools for cluster data plane external load + // balancing. + repeated string external_load_balancer_ipv6_address_pools = 25 + [(google.api.field_behavior) = OPTIONAL]; } // Cluster-wide networking configuration. message ClusterNetworking { - // Required. All pods in the cluster are assigned an RFC1918 IPv4 address from these - // blocks. Only a single block is supported. This field cannot be changed - // after creation. - repeated string cluster_ipv4_cidr_blocks = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. All services in the cluster are assigned an RFC1918 IPv4 address from these - // blocks. Only a single block is supported. This field cannot be changed - // after creation. - repeated string services_ipv4_cidr_blocks = 2 [(google.api.field_behavior) = REQUIRED]; + // Required. All pods in the cluster are assigned an RFC1918 IPv4 address from + // these blocks. Only a single block is supported. This field cannot be + // changed after creation. + repeated string cluster_ipv4_cidr_blocks = 1 + [(google.api.field_behavior) = REQUIRED]; + + // Required. All services in the cluster are assigned an RFC1918 IPv4 address + // from these blocks. Only a single block is supported. This field cannot be + // changed after creation. + repeated string services_ipv4_cidr_blocks = 2 + [(google.api.field_behavior) = REQUIRED]; } // Fleet related configuration. @@ -118,13 +416,15 @@ message ClusterNetworking { // letting you use and manage multi-cluster capabilities and apply // consistent policies across your systems. message Fleet { - // Required. The name of the Fleet host project where this cluster will be registered. + // Required. The name of the Fleet host project where this cluster will be + // registered. // // Project names are formatted as // `projects/`. string project = 1 [(google.api.field_behavior) = REQUIRED]; - // Output only. The name of the managed Hub Membership resource associated to this cluster. + // Output only. The name of the managed Hub Membership resource associated to + // this cluster. // // Membership names are formatted as // `projects//locations/global/membership/`. @@ -139,9 +439,9 @@ message ClusterUser { // RBAC policy that will be applied and managed by GEC. message Authorization { - // Required. User that will be granted the cluster-admin role on the cluster, providing - // full access to the cluster. Currently, this is a singular field, but will - // be expanded to allow multiple admins in the future. + // Required. User that will be granted the cluster-admin role on the cluster, + // providing full access to the cluster. Currently, this is a singular field, + // but will be expanded to allow multiple admins in the future. ClusterUser admin_users = 1 [(google.api.field_behavior) = REQUIRED]; } @@ -166,8 +466,8 @@ message NodePool { } ]; - // Output only. The Cloud KMS CryptoKeyVersion currently in use for protecting node local - // disks. Only applicable if kms_key is set. + // Output only. The Cloud KMS CryptoKeyVersion currently in use for + // protecting node local disks. Only applicable if kms_key is set. string kms_key_active_version = 2 [ (google.api.field_behavior) = OUTPUT_ONLY, (google.api.resource_reference) = { @@ -175,16 +475,24 @@ message NodePool { } ]; - // Output only. Availability of the Cloud KMS CryptoKey. If not `KEY_AVAILABLE`, then - // nodes may go offline as they cannot access their local data. This can be - // caused by a lack of permissions to use the key, or if the key is disabled - // or deleted. + // Output only. Availability of the Cloud KMS CryptoKey. If not + // `KEY_AVAILABLE`, then nodes may go offline as they cannot access their + // local data. This can be caused by a lack of permissions to use the key, + // or if the key is disabled or deleted. KmsKeyState kms_key_state = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; - // Output only. Error status returned by Cloud KMS when using this key. This field may be - // populated only if `kms_key_state` is not `KMS_KEY_STATE_KEY_AVAILABLE`. - // If populated, this field contains the error status reported by Cloud KMS. - google.rpc.Status kms_status = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + // Output only. Error status returned by Cloud KMS when using this key. This + // field may be populated only if `kms_key_state` is not + // `KMS_KEY_STATE_KEY_AVAILABLE`. If populated, this field contains the + // error status reported by Cloud KMS. + google.rpc.Status kms_status = 4 + [(google.api.field_behavior) = OUTPUT_ONLY]; + } + + // Configuration for each node in the NodePool + message NodeConfig { + // Optional. The Kubernetes node labels + map labels = 1 [(google.api.field_behavior) = OPTIONAL]; } // Required. The resource name of the node pool. @@ -196,10 +504,12 @@ message NodePool { ]; // Output only. The time when the node pool was created. - google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp create_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. The time when the node pool was last updated. - google.protobuf.Timestamp update_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Labels associated with this resource. map labels = 4; @@ -216,9 +526,16 @@ message NodePool { // documented in more detail in [AIP-160](https://google.aip.dev/160). string machine_filter = 7; - // Optional. Local disk encryption options. This field is only used when enabling CMEK - // support. - LocalDiskEncryption local_disk_encryption = 9 [(google.api.field_behavior) = OPTIONAL]; + // Optional. Local disk encryption options. This field is only used when + // enabling CMEK support. + LocalDiskEncryption local_disk_encryption = 9 + [(google.api.field_behavior) = OPTIONAL]; + + // Output only. The lowest release version among all worker nodes. + string node_version = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. Configuration for each node in the NodePool + NodeConfig node_config = 11 [(google.api.field_behavior) = OPTIONAL]; } // A Google Distributed Cloud Edge machine capable of acting as a Kubernetes @@ -238,10 +555,12 @@ message Machine { ]; // Output only. The time when the node pool was created. - google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp create_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. The time when the node pool was last updated. - google.protobuf.Timestamp update_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Labels associated with this resource. map labels = 4; @@ -250,13 +569,20 @@ message Machine { // hosting e.g. // projects/{project}/locations/{location}/clusters/{cluster_id}/nodePools/{pool_id}/{node}, // Or empty if the machine is not assigned to assume the role of a node. + // + // For control plane nodes hosted on edge machines, this will return + // the following format: + // "projects/{project}/locations/{location}/clusters/{cluster_id}/controlPlaneNodes/{node}". string hosted_node = 5; // The Google Distributed Cloud Edge zone of this machine. string zone = 6; - // Output only. Whether the machine is disabled. If disabled, the machine is unable to - // enter service. + // Output only. The software version of the machine. + string version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Whether the machine is disabled. If disabled, the machine is + // unable to enter service. bool disabled = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; } @@ -273,20 +599,21 @@ message VpnConnection { // the cluster project. string project_id = 1; - // Optional. The service account in the VPC project configured by user. It is used to - // create/delete Cloud Router and Cloud HA VPNs for VPN connection. If this - // SA is changed during/after a VPN connection is created, you need to - // remove the Cloud Router and Cloud VPN resources in |project_id|. - // It is in the form of + // Optional. The service account in the VPC project configured by user. It + // is used to create/delete Cloud Router and Cloud HA VPNs for VPN + // connection. If this SA is changed during/after a VPN connection is + // created, you need to remove the Cloud Router and Cloud VPN resources in + // |project_id|. It is in the form of // service-{project_number}@gcp-sa-edgecontainer.iam.gserviceaccount.com. - string service_account = 2 [(google.api.field_behavior) = OPTIONAL]; + string service_account = 2 + [deprecated = true, (google.api.field_behavior) = OPTIONAL]; } // The created connection details. message Details { // The Cloud Router info. message CloudRouter { - // The created Cloud Router name. + // The associated Cloud Router name. string name = 1; } @@ -345,10 +672,12 @@ message VpnConnection { ]; // Output only. The time when the VPN connection was created. - google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp create_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. The time when the VPN connection was last updated. - google.protobuf.Timestamp update_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; // Labels associated with this resource. map labels = 4; @@ -364,25 +693,29 @@ message VpnConnection { // The canonical Cluster name to connect to. It is in the form of // projects/{project}/locations/{location}/clusters/{cluster}. string cluster = 7 [(google.api.resource_reference) = { - type: "edgecontainer.googleapis.com/Cluster" - }]; + type: "edgecontainer.googleapis.com/Cluster" + }]; // The network ID of VPC to connect to. string vpc = 8; - // Optional. Project detail of the VPC network. Required if VPC is in a different - // project than the cluster project. + // Optional. Project detail of the VPC network. Required if VPC is in a + // different project than the cluster project. VpcProject vpc_project = 11 [(google.api.field_behavior) = OPTIONAL]; // Whether this VPN connection has HA enabled on cluster side. If enabled, // when creating VPN connection we will attempt to use 2 ANG floating IPs. bool enable_high_availability = 9; + // Optional. The VPN connection Cloud Router name. + string router = 12 [(google.api.field_behavior) = OPTIONAL]; + // Output only. The created connection details. Details details = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; } -// Metadata for a given [google.cloud.location.Location][google.cloud.location.Location]. +// Metadata for a given +// [google.cloud.location.Location][google.cloud.location.Location]. message LocationMetadata { // The set of available Google Distributed Cloud Edge zones in the location. // The map is keyed by the lowercase ID of each zone. @@ -391,8 +724,25 @@ message LocationMetadata { // A Google Distributed Cloud Edge zone where edge machines are located. message ZoneMetadata { + // Type of the rack. + enum RackType { + // Unspecified rack type, single rack also belongs to this type. + RACK_TYPE_UNSPECIFIED = 0; + + // Base rack type, a pair of two modified Config-1 racks containing + // Aggregation switches. + BASE = 1; + + // Expansion rack type, also known as standalone racks, + // added by customers on demand. + EXPANSION = 2; + } + // Quota for resources in this zone. repeated Quota quota = 1; + + // The map keyed by rack name and has value of RackType. + map rack_types = 2; } // Represents quota for Edge Container resources. @@ -439,3 +789,28 @@ message TimeWindow { // start time. google.protobuf.Timestamp end_time = 2; } + +// Server configuration for supported versions and release channels. +message ServerConfig { + // Output only. Mapping from release channel to channel config. + map channels = 1 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Supported versions, e.g.: ["1.4.0", "1.5.0"]. + repeated Version versions = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Default version, e.g.: "1.4.0". + string default_version = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// Configuration for a release channel. +message ChannelConfig { + // Output only. Default version for this release channel, e.g.: "1.4.0". + string default_version = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// Version of a cluster. +message Version { + // Output only. Name of the version, e.g.: "1.4.0". + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; +} diff --git a/google/cloud/edgecontainer/v1/service.proto b/google/cloud/edgecontainer/v1/service.proto index 5ff6020a19a19..355e8b8b53d8c 100644 --- a/google/cloud/edgecontainer/v1/service.proto +++ b/google/cloud/edgecontainer/v1/service.proto @@ -1,4 +1,4 @@ -// Copyright 2022 Google LLC +// Copyright 2023 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -34,7 +34,8 @@ option java_package = "com.google.cloud.edgecontainer.v1"; // Cloud deployments. service EdgeContainer { option (google.api.default_host) = "edgecontainer.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + option (google.api.oauth_scopes) = + "https://www.googleapis.com/auth/cloud-platform"; // Lists Clusters in a given project and location. rpc ListClusters(ListClustersRequest) returns (ListClustersResponse) { @@ -53,7 +54,8 @@ service EdgeContainer { } // Creates a new Cluster in a given project and location. - rpc CreateCluster(CreateClusterRequest) returns (google.longrunning.Operation) { + rpc CreateCluster(CreateClusterRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { post: "/v1/{parent=projects/*/locations/*}/clusters" body: "cluster" @@ -66,7 +68,8 @@ service EdgeContainer { } // Updates the parameters of a single Cluster. - rpc UpdateCluster(UpdateClusterRequest) returns (google.longrunning.Operation) { + rpc UpdateCluster(UpdateClusterRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { patch: "/v1/{cluster.name=projects/*/locations/*/clusters/*}" body: "cluster" @@ -78,8 +81,23 @@ service EdgeContainer { }; } + // Upgrades a single cluster. + rpc UpgradeCluster(UpgradeClusterRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/clusters/*}:upgrade" + body: "*" + }; + option (google.api.method_signature) = "name,target_version,schedule"; + option (google.longrunning.operation_info) = { + response_type: "Cluster" + metadata_type: "OperationMetadata" + }; + } + // Deletes a single Cluster. - rpc DeleteCluster(DeleteClusterRequest) returns (google.longrunning.Operation) { + rpc DeleteCluster(DeleteClusterRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { delete: "/v1/{name=projects/*/locations/*/clusters/*}" }; @@ -91,13 +109,23 @@ service EdgeContainer { } // Generates an access token for a Cluster. - rpc GenerateAccessToken(GenerateAccessTokenRequest) returns (GenerateAccessTokenResponse) { + rpc GenerateAccessToken(GenerateAccessTokenRequest) + returns (GenerateAccessTokenResponse) { option (google.api.http) = { get: "/v1/{cluster=projects/*/locations/*/clusters/*}:generateAccessToken" }; option (google.api.method_signature) = "cluster"; } + // Generates an offline credential for a Cluster. + rpc GenerateOfflineCredential(GenerateOfflineCredentialRequest) + returns (GenerateOfflineCredentialResponse) { + option (google.api.http) = { + get: "/v1/{cluster=projects/*/locations/*/clusters/*}:generateOfflineCredential" + }; + option (google.api.method_signature) = "cluster"; + } + // Lists NodePools in a given project and location. rpc ListNodePools(ListNodePoolsRequest) returns (ListNodePoolsResponse) { option (google.api.http) = { @@ -115,7 +143,8 @@ service EdgeContainer { } // Creates a new NodePool in a given project and location. - rpc CreateNodePool(CreateNodePoolRequest) returns (google.longrunning.Operation) { + rpc CreateNodePool(CreateNodePoolRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { post: "/v1/{parent=projects/*/locations/*/clusters/*}/nodePools" body: "node_pool" @@ -128,7 +157,8 @@ service EdgeContainer { } // Updates the parameters of a single NodePool. - rpc UpdateNodePool(UpdateNodePoolRequest) returns (google.longrunning.Operation) { + rpc UpdateNodePool(UpdateNodePoolRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { patch: "/v1/{node_pool.name=projects/*/locations/*/clusters/*/nodePools/*}" body: "node_pool" @@ -141,7 +171,8 @@ service EdgeContainer { } // Deletes a single NodePool. - rpc DeleteNodePool(DeleteNodePoolRequest) returns (google.longrunning.Operation) { + rpc DeleteNodePool(DeleteNodePoolRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { delete: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}" }; @@ -169,7 +200,8 @@ service EdgeContainer { } // Lists VPN connections in a given project and location. - rpc ListVpnConnections(ListVpnConnectionsRequest) returns (ListVpnConnectionsResponse) { + rpc ListVpnConnections(ListVpnConnectionsRequest) + returns (ListVpnConnectionsResponse) { option (google.api.http) = { get: "/v1/{parent=projects/*/locations/*}/vpnConnections" }; @@ -185,12 +217,14 @@ service EdgeContainer { } // Creates a new VPN connection in a given project and location. - rpc CreateVpnConnection(CreateVpnConnectionRequest) returns (google.longrunning.Operation) { + rpc CreateVpnConnection(CreateVpnConnectionRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { post: "/v1/{parent=projects/*/locations/*}/vpnConnections" body: "vpn_connection" }; - option (google.api.method_signature) = "parent,vpn_connection,vpn_connection_id"; + option (google.api.method_signature) = + "parent,vpn_connection,vpn_connection_id"; option (google.longrunning.operation_info) = { response_type: "VpnConnection" metadata_type: "OperationMetadata" @@ -198,7 +232,8 @@ service EdgeContainer { } // Deletes a single VPN connection. - rpc DeleteVpnConnection(DeleteVpnConnectionRequest) returns (google.longrunning.Operation) { + rpc DeleteVpnConnection(DeleteVpnConnectionRequest) + returns (google.longrunning.Operation) { option (google.api.http) = { delete: "/v1/{name=projects/*/locations/*/vpnConnections/*}" }; @@ -208,6 +243,14 @@ service EdgeContainer { metadata_type: "OperationMetadata" }; } + + // Gets the server config. + rpc GetServerConfig(GetServerConfigRequest) returns (ServerConfig) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*}/serverConfig" + }; + option (google.api.method_signature) = "name"; + } } // Long-running operation metadata for Edge Container API methods. @@ -229,12 +272,16 @@ message OperationMetadata { // Identifies whether the user has requested cancellation of the operation. // Operations that have successfully been cancelled have [Operation.error][] - // value with a [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to - // `Code.CANCELLED`. + // value with a [google.rpc.Status.code][google.rpc.Status.code] of 1, + // corresponding to `Code.CANCELLED`. bool requested_cancellation = 6; // API version used to start the operation. string api_version = 7; + + // Warnings that do not block the operation, but still hold relevant + // information for the end user to receive. + repeated string warnings = 8; } // Lists clusters in a location. @@ -324,6 +371,39 @@ message UpdateClusterRequest { string request_id = 3; } +// Upgrades a cluster. +message UpgradeClusterRequest { + // Represents the schedule about when the cluster is going to be upgraded. + enum Schedule { + // Unspecified. The default is to upgrade the cluster immediately which is + // the only option today. + SCHEDULE_UNSPECIFIED = 0; + + // The cluster is going to be upgraded immediately after receiving the + // request. + IMMEDIATELY = 1; + } + + // Required. The resource name of the cluster. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "edgecontainer.googleapis.com/Cluster" + } + ]; + + // Required. The version the cluster is going to be upgraded to. + string target_version = 2 [(google.api.field_behavior) = REQUIRED]; + + // The schedule for the upgrade. + Schedule schedule = 3; + + // A unique identifier for this request. Restricted to 36 ASCII characters. A + // random UUID is recommended. This request is only idempotent if + // `request_id` is provided. + string request_id = 4; +} + // Deletes a cluster. message DeleteClusterRequest { // Required. The resource name of the cluster. @@ -357,7 +437,35 @@ message GenerateAccessTokenResponse { string access_token = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. Timestamp at which the token will expire. - google.protobuf.Timestamp expire_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp expire_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// Generates an offline credential(offline) for a cluster. +message GenerateOfflineCredentialRequest { + // Required. The resource name of the cluster. + string cluster = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "edgecontainer.googleapis.com/Cluster" + } + ]; +} + +// An offline credential for a cluster. +message GenerateOfflineCredentialResponse { + // Output only. Client certificate to authenticate to k8s api-server. + string client_certificate = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Client private key to authenticate to k8s api-server. + string client_key = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Client's identity. + string user_id = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Timestamp at which this credential will expire. + google.protobuf.Timestamp expire_time = 4 + [(google.api.field_behavior) = OUTPUT_ONLY]; } // Lists node pools in a cluster. @@ -510,7 +618,8 @@ message GetMachineRequest { // Lists VPN connections. message ListVpnConnectionsRequest { - // Required. The parent location, which owns this collection of VPN connections. + // Required. The parent location, which owns this collection of VPN + // connections. string parent = 1 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { @@ -591,3 +700,15 @@ message DeleteVpnConnectionRequest { // `request_id` is provided. string request_id = 2; } + +// Gets the server config. +message GetServerConfigRequest { + // Required. The name (project and location) of the server config to get, + // specified in the format `projects/*/locations/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "locations.googleapis.com/Location" + } + ]; +}