xref: /aosp_15_r20/external/googleapis/google/cloud/notebooks/v2/gce_setup.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.cloud.notebooks.v2;
18
19import "google/api/field_behavior.proto";
20
21option csharp_namespace = "Google.Cloud.Notebooks.V2";
22option go_package = "cloud.google.com/go/notebooks/apiv2/notebookspb;notebookspb";
23option java_multiple_files = true;
24option java_outer_classname = "GceSetupProto";
25option java_package = "com.google.cloud.notebooks.v2";
26option php_namespace = "Google\\Cloud\\Notebooks\\V2";
27option ruby_package = "Google::Cloud::Notebooks::V2";
28
29// The definition of a network interface resource attached to a VM.
30message NetworkInterface {
31  // The type of vNIC driver.
32  // Default should be NIC_TYPE_UNSPECIFIED.
33  enum NicType {
34    // No type specified.
35    NIC_TYPE_UNSPECIFIED = 0;
36
37    // VIRTIO
38    VIRTIO_NET = 1;
39
40    // GVNIC
41    GVNIC = 2;
42  }
43
44  // Optional. The name of the VPC that this VM instance is in.
45  // Format:
46  // `projects/{project_id}/global/networks/{network_id}`
47  string network = 1 [(google.api.field_behavior) = OPTIONAL];
48
49  // Optional. The name of the subnet that this VM instance is in.
50  // Format:
51  // `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}`
52  string subnet = 2 [(google.api.field_behavior) = OPTIONAL];
53
54  // Optional. The type of vNIC to be used on this interface. This may be gVNIC
55  // or VirtioNet.
56  NicType nic_type = 3 [(google.api.field_behavior) = OPTIONAL];
57}
58
59// Definition of a custom Compute Engine virtual machine image for starting a
60// notebook instance with the environment installed directly on the VM.
61message VmImage {
62  // Required. The name of the Google Cloud project that this VM image belongs
63  // to. Format: `{project_id}`
64  string project = 1 [(google.api.field_behavior) = REQUIRED];
65
66  // The reference to an external Compute Engine VM image.
67  oneof image {
68    // Optional. Use VM image name to find the image.
69    string name = 2 [(google.api.field_behavior) = OPTIONAL];
70
71    // Optional. Use this VM image family to find the image; the newest image in
72    // this family will be used.
73    string family = 3 [(google.api.field_behavior) = OPTIONAL];
74  }
75}
76
77// Definition of a container image for starting a notebook instance with the
78// environment installed in a container.
79message ContainerImage {
80  // Required. The path to the container image repository. For example:
81  // `gcr.io/{project_id}/{image_name}`
82  string repository = 1 [(google.api.field_behavior) = REQUIRED];
83
84  // Optional. The tag of the container image. If not specified, this defaults
85  // to the latest tag.
86  string tag = 2 [(google.api.field_behavior) = OPTIONAL];
87}
88
89// An accelerator configuration for a VM instance
90// Definition of a hardware accelerator. Note that there is no check on `type`
91// and `core_count` combinations. TPUs are not supported.
92// See [GPUs on Compute
93// Engine](https://cloud.google.com/compute/docs/gpus/#gpus-list) to find a
94// valid combination.
95message AcceleratorConfig {
96  // Definition of the types of hardware accelerators that can be used on
97  // this instance.
98  enum AcceleratorType {
99    // Accelerator type is not specified.
100    ACCELERATOR_TYPE_UNSPECIFIED = 0;
101
102    // Accelerator type is Nvidia Tesla P100.
103    NVIDIA_TESLA_P100 = 2;
104
105    // Accelerator type is Nvidia Tesla V100.
106    NVIDIA_TESLA_V100 = 3;
107
108    // Accelerator type is Nvidia Tesla P4.
109    NVIDIA_TESLA_P4 = 4;
110
111    // Accelerator type is Nvidia Tesla T4.
112    NVIDIA_TESLA_T4 = 5;
113
114    // Accelerator type is Nvidia Tesla A100 - 40GB.
115    NVIDIA_TESLA_A100 = 11;
116
117    // Accelerator type is Nvidia Tesla A100 - 80GB.
118    NVIDIA_A100_80GB = 12;
119
120    // Accelerator type is Nvidia Tesla L4.
121    NVIDIA_L4 = 13;
122
123    // Accelerator type is NVIDIA Tesla T4 Virtual Workstations.
124    NVIDIA_TESLA_T4_VWS = 8;
125
126    // Accelerator type is NVIDIA Tesla P100 Virtual Workstations.
127    NVIDIA_TESLA_P100_VWS = 9;
128
129    // Accelerator type is NVIDIA Tesla P4 Virtual Workstations.
130    NVIDIA_TESLA_P4_VWS = 10;
131  }
132
133  // Optional. Type of this accelerator.
134  AcceleratorType type = 1 [(google.api.field_behavior) = OPTIONAL];
135
136  // Optional. Count of cores of this accelerator.
137  int64 core_count = 2 [(google.api.field_behavior) = OPTIONAL];
138}
139
140// A set of Shielded Instance options.
141// See [Images using supported Shielded VM
142// features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm).
143// Not all combinations are valid.
144message ShieldedInstanceConfig {
145  // Optional. Defines whether the VM instance has Secure Boot enabled.
146  //
147  // Secure Boot helps ensure that the system only runs authentic software by
148  // verifying the digital signature of all boot components, and halting the
149  // boot process if signature verification fails. Disabled by default.
150  bool enable_secure_boot = 1 [(google.api.field_behavior) = OPTIONAL];
151
152  // Optional. Defines whether the VM instance has the vTPM enabled. Enabled by
153  // default.
154  bool enable_vtpm = 2 [(google.api.field_behavior) = OPTIONAL];
155
156  // Optional. Defines whether the VM instance has integrity monitoring enabled.
157  //
158  // Enables monitoring and attestation of the boot integrity of the VM
159  // instance. The attestation is performed against the integrity policy
160  // baseline. This baseline is initially derived from the implicitly trusted
161  // boot image when the VM instance is created. Enabled by default.
162  bool enable_integrity_monitoring = 3 [(google.api.field_behavior) = OPTIONAL];
163}
164
165// A GPU driver configuration
166message GPUDriverConfig {
167  // Optional. Whether the end user authorizes Google Cloud to install GPU
168  // driver on this VM instance. If this field is empty or set to false, the GPU
169  // driver won't be installed. Only applicable to instances with GPUs.
170  bool enable_gpu_driver = 1 [(google.api.field_behavior) = OPTIONAL];
171
172  // Optional. Specify a custom Cloud Storage path where the GPU driver is
173  // stored. If not specified, we'll automatically choose from official GPU
174  // drivers.
175  string custom_gpu_driver_path = 2 [(google.api.field_behavior) = OPTIONAL];
176}
177
178// An instance-attached disk resource.
179message DataDisk {
180  // Optional. The size of the disk in GB attached to this VM instance, up to a
181  // maximum of 64000 GB (64 TB). If not specified, this defaults to 100.
182  int64 disk_size_gb = 1 [(google.api.field_behavior) = OPTIONAL];
183
184  // Optional. Input only. Indicates the type of the disk.
185  DiskType disk_type = 2 [
186    (google.api.field_behavior) = INPUT_ONLY,
187    (google.api.field_behavior) = OPTIONAL
188  ];
189
190  // Optional. Input only. Disk encryption method used on the boot and data
191  // disks, defaults to GMEK.
192  DiskEncryption disk_encryption = 5 [
193    (google.api.field_behavior) = INPUT_ONLY,
194    (google.api.field_behavior) = OPTIONAL
195  ];
196
197  // Optional. Input only. The KMS key used to encrypt the disks, only
198  // applicable if disk_encryption is CMEK. Format:
199  // `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}`
200  //
201  // Learn more about using your own encryption keys.
202  string kms_key = 6 [
203    (google.api.field_behavior) = INPUT_ONLY,
204    (google.api.field_behavior) = OPTIONAL
205  ];
206}
207
208// The definition of a boot disk.
209message BootDisk {
210  // Optional. The size of the boot disk in GB attached to this instance, up to
211  // a maximum of 64000 GB (64 TB). If not specified, this defaults to the
212  // recommended value of 150GB.
213  int64 disk_size_gb = 1 [(google.api.field_behavior) = OPTIONAL];
214
215  // Optional. Indicates the type of the disk.
216  DiskType disk_type = 2 [(google.api.field_behavior) = OPTIONAL];
217
218  // Optional. Input only. Disk encryption method used on the boot and data
219  // disks, defaults to GMEK.
220  DiskEncryption disk_encryption = 3 [
221    (google.api.field_behavior) = INPUT_ONLY,
222    (google.api.field_behavior) = OPTIONAL
223  ];
224
225  // Optional. Input only. The KMS key used to encrypt the disks, only
226  // applicable if disk_encryption is CMEK. Format:
227  // `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}`
228  //
229  // Learn more about using your own encryption keys.
230  string kms_key = 4 [
231    (google.api.field_behavior) = INPUT_ONLY,
232    (google.api.field_behavior) = OPTIONAL
233  ];
234}
235
236// A service account that acts as an identity.
237message ServiceAccount {
238  // Optional. Email address of the service account.
239  string email = 1 [(google.api.field_behavior) = OPTIONAL];
240
241  // Output only. The list of scopes to be made available for this service
242  // account. Set by the CLH to https://www.googleapis.com/auth/cloud-platform
243  repeated string scopes = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
244}
245
246// The definition of how to configure a VM instance outside of Resources and
247// Identity.
248message GceSetup {
249  // Optional. The machine type of the VM instance.
250  // https://cloud.google.com/compute/docs/machine-resource
251  string machine_type = 1 [(google.api.field_behavior) = OPTIONAL];
252
253  // Optional. The hardware accelerators used on this instance. If you use
254  // accelerators, make sure that your configuration has
255  // [enough vCPUs and memory to support the `machine_type` you have
256  // selected](https://cloud.google.com/compute/docs/gpus/#gpus-list).
257  // Currently supports only one accelerator configuration.
258  repeated AcceleratorConfig accelerator_configs = 2
259      [(google.api.field_behavior) = OPTIONAL];
260
261  // Optional. The service account that serves as an identity for the VM
262  // instance. Currently supports only one service account.
263  repeated ServiceAccount service_accounts = 3
264      [(google.api.field_behavior) = OPTIONAL];
265
266  // Type of the image; can be one of VM image, or container image.
267  oneof image {
268    // Optional. Use a Compute Engine VM image to start the notebook instance.
269    VmImage vm_image = 4 [(google.api.field_behavior) = OPTIONAL];
270
271    // Optional. Use a container image to start the notebook instance.
272    ContainerImage container_image = 5 [(google.api.field_behavior) = OPTIONAL];
273  }
274
275  // Optional. The boot disk for the VM.
276  BootDisk boot_disk = 6 [(google.api.field_behavior) = OPTIONAL];
277
278  // Optional. Data disks attached to the VM instance.
279  // Currently supports only one data disk.
280  repeated DataDisk data_disks = 7 [(google.api.field_behavior) = OPTIONAL];
281
282  // Optional. Shielded VM configuration.
283  // [Images using supported Shielded VM
284  // features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm).
285  ShieldedInstanceConfig shielded_instance_config = 8
286      [(google.api.field_behavior) = OPTIONAL];
287
288  // Optional. The network interfaces for the VM.
289  // Supports only one interface.
290  repeated NetworkInterface network_interfaces = 9
291      [(google.api.field_behavior) = OPTIONAL];
292
293  // Optional. If true, no external IP will be assigned to this VM instance.
294  bool disable_public_ip = 10 [(google.api.field_behavior) = OPTIONAL];
295
296  // Optional. The Compute Engine tags to add to runtime (see [Tagging
297  // instances](https://cloud.google.com/compute/docs/label-or-tag-resources#tags)).
298  repeated string tags = 11 [(google.api.field_behavior) = OPTIONAL];
299
300  // Optional. Custom metadata to apply to this instance.
301  map<string, string> metadata = 12 [(google.api.field_behavior) = OPTIONAL];
302
303  // Optional. Flag to enable ip forwarding or not, default false/off.
304  // https://cloud.google.com/vpc/docs/using-routes#canipforward
305  bool enable_ip_forwarding = 13 [(google.api.field_behavior) = OPTIONAL];
306
307  // Optional. Configuration for GPU drivers.
308  GPUDriverConfig gpu_driver_config = 14
309      [(google.api.field_behavior) = OPTIONAL];
310}
311
312// Definition of the disk encryption options.
313enum DiskEncryption {
314  // Disk encryption is not specified.
315  DISK_ENCRYPTION_UNSPECIFIED = 0;
316
317  // Use Google managed encryption keys to encrypt the boot disk.
318  GMEK = 1;
319
320  // Use customer managed encryption keys to encrypt the boot disk.
321  CMEK = 2;
322}
323
324// Possible disk types.
325enum DiskType {
326  // Disk type not set.
327  DISK_TYPE_UNSPECIFIED = 0;
328
329  // Standard persistent disk type.
330  PD_STANDARD = 1;
331
332  // SSD persistent disk type.
333  PD_SSD = 2;
334
335  // Balanced persistent disk type.
336  PD_BALANCED = 3;
337
338  // Extreme persistent disk type.
339  PD_EXTREME = 4;
340}
341