1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.edgecontainer.v1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/field_behavior.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/duration.proto"; 22*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/timestamp.proto"; 23*d5c09012SAndroid Build Coastguard Workerimport "google/rpc/status.proto"; 24*d5c09012SAndroid Build Coastguard Worker 25*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/edgecontainer/apiv1/edgecontainerpb;edgecontainerpb"; 26*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 27*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "ResourcesProto"; 28*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.edgecontainer.v1"; 29*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 30*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKey" 31*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" 32*d5c09012SAndroid Build Coastguard Worker}; 33*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 34*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKeyVersion" 35*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}" 36*d5c09012SAndroid Build Coastguard Worker}; 37*d5c09012SAndroid Build Coastguard Worker 38*d5c09012SAndroid Build Coastguard Worker// Represents the accessibility state of a customer-managed KMS key used for 39*d5c09012SAndroid Build Coastguard Worker// CMEK integration. 40*d5c09012SAndroid Build Coastguard Workerenum KmsKeyState { 41*d5c09012SAndroid Build Coastguard Worker // Unspecified. 42*d5c09012SAndroid Build Coastguard Worker KMS_KEY_STATE_UNSPECIFIED = 0; 43*d5c09012SAndroid Build Coastguard Worker 44*d5c09012SAndroid Build Coastguard Worker // The key is available for use, and dependent resources should be accessible. 45*d5c09012SAndroid Build Coastguard Worker KMS_KEY_STATE_KEY_AVAILABLE = 1; 46*d5c09012SAndroid Build Coastguard Worker 47*d5c09012SAndroid Build Coastguard Worker // The key is unavailable for an unspecified reason. Dependent resources may 48*d5c09012SAndroid Build Coastguard Worker // be inaccessible. 49*d5c09012SAndroid Build Coastguard Worker KMS_KEY_STATE_KEY_UNAVAILABLE = 2; 50*d5c09012SAndroid Build Coastguard Worker} 51*d5c09012SAndroid Build Coastguard Worker 52*d5c09012SAndroid Build Coastguard Worker// A Google Distributed Cloud Edge Kubernetes cluster. 53*d5c09012SAndroid Build Coastguard Workermessage Cluster { 54*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 55*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/Cluster" 56*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/clusters/{cluster}" 57*d5c09012SAndroid Build Coastguard Worker }; 58*d5c09012SAndroid Build Coastguard Worker 59*d5c09012SAndroid Build Coastguard Worker // Configuration of the cluster control plane. 60*d5c09012SAndroid Build Coastguard Worker message ControlPlane { 61*d5c09012SAndroid Build Coastguard Worker // Configuration specific to clusters with a control plane hosted remotely. 62*d5c09012SAndroid Build Coastguard Worker message Remote {} 63*d5c09012SAndroid Build Coastguard Worker 64*d5c09012SAndroid Build Coastguard Worker // Configuration specific to clusters with a control plane hosted locally. 65*d5c09012SAndroid Build Coastguard Worker // 66*d5c09012SAndroid Build Coastguard Worker // Warning: Local control plane clusters must be created in their own 67*d5c09012SAndroid Build Coastguard Worker // project. Local control plane clusters cannot coexist in the same 68*d5c09012SAndroid Build Coastguard Worker // project with any other type of clusters, including non-GDCE clusters. 69*d5c09012SAndroid Build Coastguard Worker // Mixing local control plane GDCE clusters with any other type of 70*d5c09012SAndroid Build Coastguard Worker // clusters in the same project can result in data loss. 71*d5c09012SAndroid Build Coastguard Worker message Local { 72*d5c09012SAndroid Build Coastguard Worker // Name of the Google Distributed Cloud Edge zones where this node pool 73*d5c09012SAndroid Build Coastguard Worker // will be created. For example: `us-central1-edge-customer-a`. 74*d5c09012SAndroid Build Coastguard Worker string node_location = 1; 75*d5c09012SAndroid Build Coastguard Worker 76*d5c09012SAndroid Build Coastguard Worker // The number of nodes to serve as replicas of the Control Plane. 77*d5c09012SAndroid Build Coastguard Worker int32 node_count = 2; 78*d5c09012SAndroid Build Coastguard Worker 79*d5c09012SAndroid Build Coastguard Worker // Only machines matching this filter will be allowed to host control 80*d5c09012SAndroid Build Coastguard Worker // plane nodes. The filtering language accepts strings like "name=<name>", 81*d5c09012SAndroid Build Coastguard Worker // and is documented here: [AIP-160](https://google.aip.dev/160). 82*d5c09012SAndroid Build Coastguard Worker string machine_filter = 3; 83*d5c09012SAndroid Build Coastguard Worker 84*d5c09012SAndroid Build Coastguard Worker // Policy configuration about how user applications are deployed. 85*d5c09012SAndroid Build Coastguard Worker SharedDeploymentPolicy shared_deployment_policy = 4; 86*d5c09012SAndroid Build Coastguard Worker } 87*d5c09012SAndroid Build Coastguard Worker 88*d5c09012SAndroid Build Coastguard Worker // Represents the policy configuration about how user applications are 89*d5c09012SAndroid Build Coastguard Worker // deployed. 90*d5c09012SAndroid Build Coastguard Worker enum SharedDeploymentPolicy { 91*d5c09012SAndroid Build Coastguard Worker // Unspecified. 92*d5c09012SAndroid Build Coastguard Worker SHARED_DEPLOYMENT_POLICY_UNSPECIFIED = 0; 93*d5c09012SAndroid Build Coastguard Worker 94*d5c09012SAndroid Build Coastguard Worker // User applications can be deployed both on control plane and worker 95*d5c09012SAndroid Build Coastguard Worker // nodes. 96*d5c09012SAndroid Build Coastguard Worker ALLOWED = 1; 97*d5c09012SAndroid Build Coastguard Worker 98*d5c09012SAndroid Build Coastguard Worker // User applications can not be deployed on control plane nodes and can 99*d5c09012SAndroid Build Coastguard Worker // only be deployed on worker nodes. 100*d5c09012SAndroid Build Coastguard Worker DISALLOWED = 2; 101*d5c09012SAndroid Build Coastguard Worker } 102*d5c09012SAndroid Build Coastguard Worker 103*d5c09012SAndroid Build Coastguard Worker oneof config { 104*d5c09012SAndroid Build Coastguard Worker // Remote control plane configuration. 105*d5c09012SAndroid Build Coastguard Worker Remote remote = 1; 106*d5c09012SAndroid Build Coastguard Worker 107*d5c09012SAndroid Build Coastguard Worker // Local control plane configuration. 108*d5c09012SAndroid Build Coastguard Worker // 109*d5c09012SAndroid Build Coastguard Worker // Warning: Local control plane clusters must be created in their own 110*d5c09012SAndroid Build Coastguard Worker // project. Local control plane clusters cannot coexist in the same 111*d5c09012SAndroid Build Coastguard Worker // project with any other type of clusters, including non-GDCE clusters. 112*d5c09012SAndroid Build Coastguard Worker // Mixing local control plane GDCE clusters with any other type of 113*d5c09012SAndroid Build Coastguard Worker // clusters in the same project can result in data loss. 114*d5c09012SAndroid Build Coastguard Worker Local local = 2; 115*d5c09012SAndroid Build Coastguard Worker } 116*d5c09012SAndroid Build Coastguard Worker } 117*d5c09012SAndroid Build Coastguard Worker 118*d5c09012SAndroid Build Coastguard Worker // Config that customers are allowed to define for GDCE system add-ons. 119*d5c09012SAndroid Build Coastguard Worker message SystemAddonsConfig { 120*d5c09012SAndroid Build Coastguard Worker // Config for the Ingress add-on which allows customers to create an Ingress 121*d5c09012SAndroid Build Coastguard Worker // object to manage external access to the servers in a cluster. The add-on 122*d5c09012SAndroid Build Coastguard Worker // consists of istiod and istio-ingress. 123*d5c09012SAndroid Build Coastguard Worker message Ingress { 124*d5c09012SAndroid Build Coastguard Worker // Optional. Whether Ingress is disabled. 125*d5c09012SAndroid Build Coastguard Worker bool disabled = 1 [(google.api.field_behavior) = OPTIONAL]; 126*d5c09012SAndroid Build Coastguard Worker 127*d5c09012SAndroid Build Coastguard Worker // Optional. Ingress VIP. 128*d5c09012SAndroid Build Coastguard Worker string ipv4_vip = 2 [(google.api.field_behavior) = OPTIONAL]; 129*d5c09012SAndroid Build Coastguard Worker } 130*d5c09012SAndroid Build Coastguard Worker 131*d5c09012SAndroid Build Coastguard Worker // Optional. Config for Ingress. 132*d5c09012SAndroid Build Coastguard Worker Ingress ingress = 1 [(google.api.field_behavior) = OPTIONAL]; 133*d5c09012SAndroid Build Coastguard Worker } 134*d5c09012SAndroid Build Coastguard Worker 135*d5c09012SAndroid Build Coastguard Worker // Configuration for Customer-managed KMS key support for remote control plane 136*d5c09012SAndroid Build Coastguard Worker // cluster disk encryption. 137*d5c09012SAndroid Build Coastguard Worker message ControlPlaneEncryption { 138*d5c09012SAndroid Build Coastguard Worker // Immutable. The Cloud KMS CryptoKey e.g. 139*d5c09012SAndroid Build Coastguard Worker // projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey} 140*d5c09012SAndroid Build Coastguard Worker // to use for protecting control plane disks. If not specified, a 141*d5c09012SAndroid Build Coastguard Worker // Google-managed key will be used instead. 142*d5c09012SAndroid Build Coastguard Worker string kms_key = 1 [ 143*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = IMMUTABLE, 144*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 145*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKey" 146*d5c09012SAndroid Build Coastguard Worker } 147*d5c09012SAndroid Build Coastguard Worker ]; 148*d5c09012SAndroid Build Coastguard Worker 149*d5c09012SAndroid Build Coastguard Worker // Output only. The Cloud KMS CryptoKeyVersion currently in use for 150*d5c09012SAndroid Build Coastguard Worker // protecting control plane disks. Only applicable if kms_key is set. 151*d5c09012SAndroid Build Coastguard Worker string kms_key_active_version = 2 [ 152*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = OUTPUT_ONLY, 153*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 154*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKeyVersion" 155*d5c09012SAndroid Build Coastguard Worker } 156*d5c09012SAndroid Build Coastguard Worker ]; 157*d5c09012SAndroid Build Coastguard Worker 158*d5c09012SAndroid Build Coastguard Worker // Output only. Availability of the Cloud KMS CryptoKey. If not 159*d5c09012SAndroid Build Coastguard Worker // `KEY_AVAILABLE`, then nodes may go offline as they cannot access their 160*d5c09012SAndroid Build Coastguard Worker // local data. This can be caused by a lack of permissions to use the key, 161*d5c09012SAndroid Build Coastguard Worker // or if the key is disabled or deleted. 162*d5c09012SAndroid Build Coastguard Worker KmsKeyState kms_key_state = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 163*d5c09012SAndroid Build Coastguard Worker 164*d5c09012SAndroid Build Coastguard Worker // Output only. Error status returned by Cloud KMS when using this key. This 165*d5c09012SAndroid Build Coastguard Worker // field may be populated only if `kms_key_state` is not 166*d5c09012SAndroid Build Coastguard Worker // `KMS_KEY_STATE_KEY_AVAILABLE`. If populated, this field contains the 167*d5c09012SAndroid Build Coastguard Worker // error status reported by Cloud KMS. 168*d5c09012SAndroid Build Coastguard Worker google.rpc.Status kms_status = 4 169*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 170*d5c09012SAndroid Build Coastguard Worker } 171*d5c09012SAndroid Build Coastguard Worker 172*d5c09012SAndroid Build Coastguard Worker // A Maintenance Event is an operation that could cause temporary disruptions 173*d5c09012SAndroid Build Coastguard Worker // to the cluster workloads, including Google-driven or user-initiated cluster 174*d5c09012SAndroid Build Coastguard Worker // upgrades, user-initiated cluster configuration changes that require 175*d5c09012SAndroid Build Coastguard Worker // restarting nodes, etc. 176*d5c09012SAndroid Build Coastguard Worker message MaintenanceEvent { 177*d5c09012SAndroid Build Coastguard Worker // Indicates the maintenance event type. 178*d5c09012SAndroid Build Coastguard Worker enum Type { 179*d5c09012SAndroid Build Coastguard Worker // Unspecified. 180*d5c09012SAndroid Build Coastguard Worker TYPE_UNSPECIFIED = 0; 181*d5c09012SAndroid Build Coastguard Worker 182*d5c09012SAndroid Build Coastguard Worker // Upgrade initiated by users. 183*d5c09012SAndroid Build Coastguard Worker USER_INITIATED_UPGRADE = 1; 184*d5c09012SAndroid Build Coastguard Worker 185*d5c09012SAndroid Build Coastguard Worker // Upgrade driven by Google. 186*d5c09012SAndroid Build Coastguard Worker GOOGLE_DRIVEN_UPGRADE = 2; 187*d5c09012SAndroid Build Coastguard Worker } 188*d5c09012SAndroid Build Coastguard Worker 189*d5c09012SAndroid Build Coastguard Worker // Indicates when the maintenance event should be performed. 190*d5c09012SAndroid Build Coastguard Worker enum Schedule { 191*d5c09012SAndroid Build Coastguard Worker // Unspecified. 192*d5c09012SAndroid Build Coastguard Worker SCHEDULE_UNSPECIFIED = 0; 193*d5c09012SAndroid Build Coastguard Worker 194*d5c09012SAndroid Build Coastguard Worker // Immediately after receiving the request. 195*d5c09012SAndroid Build Coastguard Worker IMMEDIATELY = 1; 196*d5c09012SAndroid Build Coastguard Worker } 197*d5c09012SAndroid Build Coastguard Worker 198*d5c09012SAndroid Build Coastguard Worker // Indicates the maintenance event state. 199*d5c09012SAndroid Build Coastguard Worker enum State { 200*d5c09012SAndroid Build Coastguard Worker // Unspecified. 201*d5c09012SAndroid Build Coastguard Worker STATE_UNSPECIFIED = 0; 202*d5c09012SAndroid Build Coastguard Worker 203*d5c09012SAndroid Build Coastguard Worker // The maintenance event is ongoing. The cluster might be unusable. 204*d5c09012SAndroid Build Coastguard Worker RECONCILING = 1; 205*d5c09012SAndroid Build Coastguard Worker 206*d5c09012SAndroid Build Coastguard Worker // The maintenance event succeeded. 207*d5c09012SAndroid Build Coastguard Worker SUCCEEDED = 2; 208*d5c09012SAndroid Build Coastguard Worker 209*d5c09012SAndroid Build Coastguard Worker // The maintenance event failed. 210*d5c09012SAndroid Build Coastguard Worker FAILED = 3; 211*d5c09012SAndroid Build Coastguard Worker } 212*d5c09012SAndroid Build Coastguard Worker 213*d5c09012SAndroid Build Coastguard Worker // Output only. UUID of the maintenance event. 214*d5c09012SAndroid Build Coastguard Worker string uuid = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 215*d5c09012SAndroid Build Coastguard Worker 216*d5c09012SAndroid Build Coastguard Worker // Output only. The target version of the cluster. 217*d5c09012SAndroid Build Coastguard Worker string target_version = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 218*d5c09012SAndroid Build Coastguard Worker 219*d5c09012SAndroid Build Coastguard Worker // Output only. The operation for running the maintenance event. Specified 220*d5c09012SAndroid Build Coastguard Worker // in the format projects/*/locations/*/operations/*. If the maintenance 221*d5c09012SAndroid Build Coastguard Worker // event is split into multiple operations (e.g. due to maintenance 222*d5c09012SAndroid Build Coastguard Worker // windows), the latest one is recorded. 223*d5c09012SAndroid Build Coastguard Worker string operation = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 224*d5c09012SAndroid Build Coastguard Worker 225*d5c09012SAndroid Build Coastguard Worker // Output only. The type of the maintenance event. 226*d5c09012SAndroid Build Coastguard Worker Type type = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 227*d5c09012SAndroid Build Coastguard Worker 228*d5c09012SAndroid Build Coastguard Worker // Output only. The schedule of the maintenance event. 229*d5c09012SAndroid Build Coastguard Worker Schedule schedule = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 230*d5c09012SAndroid Build Coastguard Worker 231*d5c09012SAndroid Build Coastguard Worker // Output only. The state of the maintenance event. 232*d5c09012SAndroid Build Coastguard Worker State state = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 233*d5c09012SAndroid Build Coastguard Worker 234*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the maintenance event request was created. 235*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 7 236*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 237*d5c09012SAndroid Build Coastguard Worker 238*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the maintenance event started. 239*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp start_time = 8 240*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 241*d5c09012SAndroid Build Coastguard Worker 242*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the maintenance event ended, either 243*d5c09012SAndroid Build Coastguard Worker // successfully or not. If the maintenance event is split into multiple 244*d5c09012SAndroid Build Coastguard Worker // maintenance windows, end_time is only updated when the whole flow ends. 245*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp end_time = 9 246*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 247*d5c09012SAndroid Build Coastguard Worker 248*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the maintenance event message was updated. 249*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 10 250*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 251*d5c09012SAndroid Build Coastguard Worker } 252*d5c09012SAndroid Build Coastguard Worker 253*d5c09012SAndroid Build Coastguard Worker // Configuration of the cluster survivability, e.g., for the case when network 254*d5c09012SAndroid Build Coastguard Worker // connectivity is lost. 255*d5c09012SAndroid Build Coastguard Worker message SurvivabilityConfig { 256*d5c09012SAndroid Build Coastguard Worker // Optional. Time period that allows the cluster nodes to be rebooted and 257*d5c09012SAndroid Build Coastguard Worker // become functional without network connectivity to Google. The default 0 258*d5c09012SAndroid Build Coastguard Worker // means not allowed. The maximum is 7 days. 259*d5c09012SAndroid Build Coastguard Worker google.protobuf.Duration offline_reboot_ttl = 1 260*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 261*d5c09012SAndroid Build Coastguard Worker } 262*d5c09012SAndroid Build Coastguard Worker 263*d5c09012SAndroid Build Coastguard Worker // Indicates the status of the cluster. 264*d5c09012SAndroid Build Coastguard Worker enum Status { 265*d5c09012SAndroid Build Coastguard Worker // Status unknown. 266*d5c09012SAndroid Build Coastguard Worker STATUS_UNSPECIFIED = 0; 267*d5c09012SAndroid Build Coastguard Worker 268*d5c09012SAndroid Build Coastguard Worker // The cluster is being created. 269*d5c09012SAndroid Build Coastguard Worker PROVISIONING = 1; 270*d5c09012SAndroid Build Coastguard Worker 271*d5c09012SAndroid Build Coastguard Worker // The cluster is created and fully usable. 272*d5c09012SAndroid Build Coastguard Worker RUNNING = 2; 273*d5c09012SAndroid Build Coastguard Worker 274*d5c09012SAndroid Build Coastguard Worker // The cluster is being deleted. 275*d5c09012SAndroid Build Coastguard Worker DELETING = 3; 276*d5c09012SAndroid Build Coastguard Worker 277*d5c09012SAndroid Build Coastguard Worker // The status indicates that some errors occurred while reconciling/deleting 278*d5c09012SAndroid Build Coastguard Worker // the cluster. 279*d5c09012SAndroid Build Coastguard Worker ERROR = 4; 280*d5c09012SAndroid Build Coastguard Worker 281*d5c09012SAndroid Build Coastguard Worker // The cluster is undergoing some work such as version upgrades, etc. 282*d5c09012SAndroid Build Coastguard Worker RECONCILING = 5; 283*d5c09012SAndroid Build Coastguard Worker } 284*d5c09012SAndroid Build Coastguard Worker 285*d5c09012SAndroid Build Coastguard Worker // The release channel a cluster is subscribed to. 286*d5c09012SAndroid Build Coastguard Worker enum ReleaseChannel { 287*d5c09012SAndroid Build Coastguard Worker // Unspecified release channel. This will default to the REGULAR channel. 288*d5c09012SAndroid Build Coastguard Worker RELEASE_CHANNEL_UNSPECIFIED = 0; 289*d5c09012SAndroid Build Coastguard Worker 290*d5c09012SAndroid Build Coastguard Worker // No release channel. 291*d5c09012SAndroid Build Coastguard Worker NONE = 1; 292*d5c09012SAndroid Build Coastguard Worker 293*d5c09012SAndroid Build Coastguard Worker // Regular release channel. 294*d5c09012SAndroid Build Coastguard Worker REGULAR = 2; 295*d5c09012SAndroid Build Coastguard Worker } 296*d5c09012SAndroid Build Coastguard Worker 297*d5c09012SAndroid Build Coastguard Worker // Required. The resource name of the cluster. 298*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 299*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 300*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 301*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/Cluster" 302*d5c09012SAndroid Build Coastguard Worker } 303*d5c09012SAndroid Build Coastguard Worker ]; 304*d5c09012SAndroid Build Coastguard Worker 305*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the cluster was created. 306*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 2 307*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 308*d5c09012SAndroid Build Coastguard Worker 309*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the cluster was last updated. 310*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 3 311*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 312*d5c09012SAndroid Build Coastguard Worker 313*d5c09012SAndroid Build Coastguard Worker // Labels associated with this resource. 314*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 4; 315*d5c09012SAndroid Build Coastguard Worker 316*d5c09012SAndroid Build Coastguard Worker // Required. Fleet configuration. 317*d5c09012SAndroid Build Coastguard Worker Fleet fleet = 11 [(google.api.field_behavior) = REQUIRED]; 318*d5c09012SAndroid Build Coastguard Worker 319*d5c09012SAndroid Build Coastguard Worker // Required. Cluster-wide networking configuration. 320*d5c09012SAndroid Build Coastguard Worker ClusterNetworking networking = 7 [(google.api.field_behavior) = REQUIRED]; 321*d5c09012SAndroid Build Coastguard Worker 322*d5c09012SAndroid Build Coastguard Worker // Required. Immutable. RBAC policy that will be applied and managed by GEC. 323*d5c09012SAndroid Build Coastguard Worker Authorization authorization = 9 [ 324*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 325*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = IMMUTABLE 326*d5c09012SAndroid Build Coastguard Worker ]; 327*d5c09012SAndroid Build Coastguard Worker 328*d5c09012SAndroid Build Coastguard Worker // Optional. The default maximum number of pods per node used if a maximum 329*d5c09012SAndroid Build Coastguard Worker // value is not specified explicitly for a node pool in this cluster. If 330*d5c09012SAndroid Build Coastguard Worker // unspecified, the Kubernetes default value will be used. 331*d5c09012SAndroid Build Coastguard Worker int32 default_max_pods_per_node = 8 [(google.api.field_behavior) = OPTIONAL]; 332*d5c09012SAndroid Build Coastguard Worker 333*d5c09012SAndroid Build Coastguard Worker // Output only. The IP address of the Kubernetes API server. 334*d5c09012SAndroid Build Coastguard Worker string endpoint = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 335*d5c09012SAndroid Build Coastguard Worker 336*d5c09012SAndroid Build Coastguard Worker // Output only. The port number of the Kubernetes API server. 337*d5c09012SAndroid Build Coastguard Worker int32 port = 19 [(google.api.field_behavior) = OUTPUT_ONLY]; 338*d5c09012SAndroid Build Coastguard Worker 339*d5c09012SAndroid Build Coastguard Worker // Output only. The PEM-encoded public certificate of the cluster's CA. 340*d5c09012SAndroid Build Coastguard Worker string cluster_ca_certificate = 10 341*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 342*d5c09012SAndroid Build Coastguard Worker 343*d5c09012SAndroid Build Coastguard Worker // Optional. Cluster-wide maintenance policy configuration. 344*d5c09012SAndroid Build Coastguard Worker MaintenancePolicy maintenance_policy = 12 345*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 346*d5c09012SAndroid Build Coastguard Worker 347*d5c09012SAndroid Build Coastguard Worker // Output only. The control plane release version 348*d5c09012SAndroid Build Coastguard Worker string control_plane_version = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; 349*d5c09012SAndroid Build Coastguard Worker 350*d5c09012SAndroid Build Coastguard Worker // Output only. The lowest release version among all worker nodes. This field 351*d5c09012SAndroid Build Coastguard Worker // can be empty if the cluster does not have any worker nodes. 352*d5c09012SAndroid Build Coastguard Worker string node_version = 14 [(google.api.field_behavior) = OUTPUT_ONLY]; 353*d5c09012SAndroid Build Coastguard Worker 354*d5c09012SAndroid Build Coastguard Worker // Optional. The configuration of the cluster control plane. 355*d5c09012SAndroid Build Coastguard Worker ControlPlane control_plane = 15 [(google.api.field_behavior) = OPTIONAL]; 356*d5c09012SAndroid Build Coastguard Worker 357*d5c09012SAndroid Build Coastguard Worker // Optional. The configuration of the system add-ons. 358*d5c09012SAndroid Build Coastguard Worker SystemAddonsConfig system_addons_config = 16 359*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 360*d5c09012SAndroid Build Coastguard Worker 361*d5c09012SAndroid Build Coastguard Worker // Optional. IPv4 address pools for cluster data plane external load 362*d5c09012SAndroid Build Coastguard Worker // balancing. 363*d5c09012SAndroid Build Coastguard Worker repeated string external_load_balancer_ipv4_address_pools = 17 364*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 365*d5c09012SAndroid Build Coastguard Worker 366*d5c09012SAndroid Build Coastguard Worker // Optional. Remote control plane disk encryption options. This field is only 367*d5c09012SAndroid Build Coastguard Worker // used when enabling CMEK support. 368*d5c09012SAndroid Build Coastguard Worker ControlPlaneEncryption control_plane_encryption = 18 369*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 370*d5c09012SAndroid Build Coastguard Worker 371*d5c09012SAndroid Build Coastguard Worker // Output only. The current status of the cluster. 372*d5c09012SAndroid Build Coastguard Worker Status status = 20 [(google.api.field_behavior) = OUTPUT_ONLY]; 373*d5c09012SAndroid Build Coastguard Worker 374*d5c09012SAndroid Build Coastguard Worker // Output only. All the maintenance events scheduled for the cluster, 375*d5c09012SAndroid Build Coastguard Worker // including the ones ongoing, planned for the future and done in the past (up 376*d5c09012SAndroid Build Coastguard Worker // to 90 days). 377*d5c09012SAndroid Build Coastguard Worker repeated MaintenanceEvent maintenance_events = 21 378*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 379*d5c09012SAndroid Build Coastguard Worker 380*d5c09012SAndroid Build Coastguard Worker // Optional. The target cluster version. For example: "1.5.0". 381*d5c09012SAndroid Build Coastguard Worker string target_version = 22 [(google.api.field_behavior) = OPTIONAL]; 382*d5c09012SAndroid Build Coastguard Worker 383*d5c09012SAndroid Build Coastguard Worker // Optional. The release channel a cluster is subscribed to. 384*d5c09012SAndroid Build Coastguard Worker ReleaseChannel release_channel = 23 [(google.api.field_behavior) = OPTIONAL]; 385*d5c09012SAndroid Build Coastguard Worker 386*d5c09012SAndroid Build Coastguard Worker // Optional. Configuration of the cluster survivability, e.g., for the case 387*d5c09012SAndroid Build Coastguard Worker // when network connectivity is lost. Note: This only applies to local control 388*d5c09012SAndroid Build Coastguard Worker // plane clusters. 389*d5c09012SAndroid Build Coastguard Worker SurvivabilityConfig survivability_config = 24 390*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 391*d5c09012SAndroid Build Coastguard Worker 392*d5c09012SAndroid Build Coastguard Worker // Optional. IPv6 address pools for cluster data plane external load 393*d5c09012SAndroid Build Coastguard Worker // balancing. 394*d5c09012SAndroid Build Coastguard Worker repeated string external_load_balancer_ipv6_address_pools = 25 395*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 396*d5c09012SAndroid Build Coastguard Worker} 397*d5c09012SAndroid Build Coastguard Worker 398*d5c09012SAndroid Build Coastguard Worker// Cluster-wide networking configuration. 399*d5c09012SAndroid Build Coastguard Workermessage ClusterNetworking { 400*d5c09012SAndroid Build Coastguard Worker // Required. All pods in the cluster are assigned an RFC1918 IPv4 address from 401*d5c09012SAndroid Build Coastguard Worker // these blocks. Only a single block is supported. This field cannot be 402*d5c09012SAndroid Build Coastguard Worker // changed after creation. 403*d5c09012SAndroid Build Coastguard Worker repeated string cluster_ipv4_cidr_blocks = 1 404*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = REQUIRED]; 405*d5c09012SAndroid Build Coastguard Worker 406*d5c09012SAndroid Build Coastguard Worker // Required. All services in the cluster are assigned an RFC1918 IPv4 address 407*d5c09012SAndroid Build Coastguard Worker // from these blocks. Only a single block is supported. This field cannot be 408*d5c09012SAndroid Build Coastguard Worker // changed after creation. 409*d5c09012SAndroid Build Coastguard Worker repeated string services_ipv4_cidr_blocks = 2 410*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = REQUIRED]; 411*d5c09012SAndroid Build Coastguard Worker} 412*d5c09012SAndroid Build Coastguard Worker 413*d5c09012SAndroid Build Coastguard Worker// Fleet related configuration. 414*d5c09012SAndroid Build Coastguard Worker// 415*d5c09012SAndroid Build Coastguard Worker// Fleets are a Google Cloud concept for logically organizing clusters, 416*d5c09012SAndroid Build Coastguard Worker// letting you use and manage multi-cluster capabilities and apply 417*d5c09012SAndroid Build Coastguard Worker// consistent policies across your systems. 418*d5c09012SAndroid Build Coastguard Workermessage Fleet { 419*d5c09012SAndroid Build Coastguard Worker // Required. The name of the Fleet host project where this cluster will be 420*d5c09012SAndroid Build Coastguard Worker // registered. 421*d5c09012SAndroid Build Coastguard Worker // 422*d5c09012SAndroid Build Coastguard Worker // Project names are formatted as 423*d5c09012SAndroid Build Coastguard Worker // `projects/<project-number>`. 424*d5c09012SAndroid Build Coastguard Worker string project = 1 [(google.api.field_behavior) = REQUIRED]; 425*d5c09012SAndroid Build Coastguard Worker 426*d5c09012SAndroid Build Coastguard Worker // Output only. The name of the managed Hub Membership resource associated to 427*d5c09012SAndroid Build Coastguard Worker // this cluster. 428*d5c09012SAndroid Build Coastguard Worker // 429*d5c09012SAndroid Build Coastguard Worker // Membership names are formatted as 430*d5c09012SAndroid Build Coastguard Worker // `projects/<project-number>/locations/global/membership/<cluster-id>`. 431*d5c09012SAndroid Build Coastguard Worker string membership = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 432*d5c09012SAndroid Build Coastguard Worker} 433*d5c09012SAndroid Build Coastguard Worker 434*d5c09012SAndroid Build Coastguard Worker// A user principal for an RBAC policy. 435*d5c09012SAndroid Build Coastguard Workermessage ClusterUser { 436*d5c09012SAndroid Build Coastguard Worker // Required. An active Google username. 437*d5c09012SAndroid Build Coastguard Worker string username = 1 [(google.api.field_behavior) = REQUIRED]; 438*d5c09012SAndroid Build Coastguard Worker} 439*d5c09012SAndroid Build Coastguard Worker 440*d5c09012SAndroid Build Coastguard Worker// RBAC policy that will be applied and managed by GEC. 441*d5c09012SAndroid Build Coastguard Workermessage Authorization { 442*d5c09012SAndroid Build Coastguard Worker // Required. User that will be granted the cluster-admin role on the cluster, 443*d5c09012SAndroid Build Coastguard Worker // providing full access to the cluster. Currently, this is a singular field, 444*d5c09012SAndroid Build Coastguard Worker // but will be expanded to allow multiple admins in the future. 445*d5c09012SAndroid Build Coastguard Worker ClusterUser admin_users = 1 [(google.api.field_behavior) = REQUIRED]; 446*d5c09012SAndroid Build Coastguard Worker} 447*d5c09012SAndroid Build Coastguard Worker 448*d5c09012SAndroid Build Coastguard Worker// A set of Kubernetes nodes in a cluster with common configuration and 449*d5c09012SAndroid Build Coastguard Worker// specification. 450*d5c09012SAndroid Build Coastguard Workermessage NodePool { 451*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 452*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/NodePool" 453*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/clusters/{cluster}/nodePools/{node_pool}" 454*d5c09012SAndroid Build Coastguard Worker }; 455*d5c09012SAndroid Build Coastguard Worker 456*d5c09012SAndroid Build Coastguard Worker // Configuration for CMEK support for edge machine local disk encryption. 457*d5c09012SAndroid Build Coastguard Worker message LocalDiskEncryption { 458*d5c09012SAndroid Build Coastguard Worker // Immutable. The Cloud KMS CryptoKey e.g. 459*d5c09012SAndroid Build Coastguard Worker // projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey} 460*d5c09012SAndroid Build Coastguard Worker // to use for protecting node local disks. If not specified, a 461*d5c09012SAndroid Build Coastguard Worker // Google-managed key will be used instead. 462*d5c09012SAndroid Build Coastguard Worker string kms_key = 1 [ 463*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = IMMUTABLE, 464*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 465*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKey" 466*d5c09012SAndroid Build Coastguard Worker } 467*d5c09012SAndroid Build Coastguard Worker ]; 468*d5c09012SAndroid Build Coastguard Worker 469*d5c09012SAndroid Build Coastguard Worker // Output only. The Cloud KMS CryptoKeyVersion currently in use for 470*d5c09012SAndroid Build Coastguard Worker // protecting node local disks. Only applicable if kms_key is set. 471*d5c09012SAndroid Build Coastguard Worker string kms_key_active_version = 2 [ 472*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = OUTPUT_ONLY, 473*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 474*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKeyVersion" 475*d5c09012SAndroid Build Coastguard Worker } 476*d5c09012SAndroid Build Coastguard Worker ]; 477*d5c09012SAndroid Build Coastguard Worker 478*d5c09012SAndroid Build Coastguard Worker // Output only. Availability of the Cloud KMS CryptoKey. If not 479*d5c09012SAndroid Build Coastguard Worker // `KEY_AVAILABLE`, then nodes may go offline as they cannot access their 480*d5c09012SAndroid Build Coastguard Worker // local data. This can be caused by a lack of permissions to use the key, 481*d5c09012SAndroid Build Coastguard Worker // or if the key is disabled or deleted. 482*d5c09012SAndroid Build Coastguard Worker KmsKeyState kms_key_state = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 483*d5c09012SAndroid Build Coastguard Worker 484*d5c09012SAndroid Build Coastguard Worker // Output only. Error status returned by Cloud KMS when using this key. This 485*d5c09012SAndroid Build Coastguard Worker // field may be populated only if `kms_key_state` is not 486*d5c09012SAndroid Build Coastguard Worker // `KMS_KEY_STATE_KEY_AVAILABLE`. If populated, this field contains the 487*d5c09012SAndroid Build Coastguard Worker // error status reported by Cloud KMS. 488*d5c09012SAndroid Build Coastguard Worker google.rpc.Status kms_status = 4 489*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 490*d5c09012SAndroid Build Coastguard Worker } 491*d5c09012SAndroid Build Coastguard Worker 492*d5c09012SAndroid Build Coastguard Worker // Configuration for each node in the NodePool 493*d5c09012SAndroid Build Coastguard Worker message NodeConfig { 494*d5c09012SAndroid Build Coastguard Worker // Optional. The Kubernetes node labels 495*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 1 [(google.api.field_behavior) = OPTIONAL]; 496*d5c09012SAndroid Build Coastguard Worker } 497*d5c09012SAndroid Build Coastguard Worker 498*d5c09012SAndroid Build Coastguard Worker // Required. The resource name of the node pool. 499*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 500*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 501*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 502*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/NodePool" 503*d5c09012SAndroid Build Coastguard Worker } 504*d5c09012SAndroid Build Coastguard Worker ]; 505*d5c09012SAndroid Build Coastguard Worker 506*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the node pool was created. 507*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 2 508*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 509*d5c09012SAndroid Build Coastguard Worker 510*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the node pool was last updated. 511*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 3 512*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 513*d5c09012SAndroid Build Coastguard Worker 514*d5c09012SAndroid Build Coastguard Worker // Labels associated with this resource. 515*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 4; 516*d5c09012SAndroid Build Coastguard Worker 517*d5c09012SAndroid Build Coastguard Worker // Name of the Google Distributed Cloud Edge zone where this node pool will be 518*d5c09012SAndroid Build Coastguard Worker // created. For example: `us-central1-edge-customer-a`. 519*d5c09012SAndroid Build Coastguard Worker string node_location = 8; 520*d5c09012SAndroid Build Coastguard Worker 521*d5c09012SAndroid Build Coastguard Worker // Required. The number of nodes in the pool. 522*d5c09012SAndroid Build Coastguard Worker int32 node_count = 6 [(google.api.field_behavior) = REQUIRED]; 523*d5c09012SAndroid Build Coastguard Worker 524*d5c09012SAndroid Build Coastguard Worker // Only machines matching this filter will be allowed to join the node pool. 525*d5c09012SAndroid Build Coastguard Worker // The filtering language accepts strings like "name=<name>", and is 526*d5c09012SAndroid Build Coastguard Worker // documented in more detail in [AIP-160](https://google.aip.dev/160). 527*d5c09012SAndroid Build Coastguard Worker string machine_filter = 7; 528*d5c09012SAndroid Build Coastguard Worker 529*d5c09012SAndroid Build Coastguard Worker // Optional. Local disk encryption options. This field is only used when 530*d5c09012SAndroid Build Coastguard Worker // enabling CMEK support. 531*d5c09012SAndroid Build Coastguard Worker LocalDiskEncryption local_disk_encryption = 9 532*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 533*d5c09012SAndroid Build Coastguard Worker 534*d5c09012SAndroid Build Coastguard Worker // Output only. The lowest release version among all worker nodes. 535*d5c09012SAndroid Build Coastguard Worker string node_version = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 536*d5c09012SAndroid Build Coastguard Worker 537*d5c09012SAndroid Build Coastguard Worker // Optional. Configuration for each node in the NodePool 538*d5c09012SAndroid Build Coastguard Worker NodeConfig node_config = 11 [(google.api.field_behavior) = OPTIONAL]; 539*d5c09012SAndroid Build Coastguard Worker} 540*d5c09012SAndroid Build Coastguard Worker 541*d5c09012SAndroid Build Coastguard Worker// A Google Distributed Cloud Edge machine capable of acting as a Kubernetes 542*d5c09012SAndroid Build Coastguard Worker// node. 543*d5c09012SAndroid Build Coastguard Workermessage Machine { 544*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 545*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/Machine" 546*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/machines/{machine}" 547*d5c09012SAndroid Build Coastguard Worker }; 548*d5c09012SAndroid Build Coastguard Worker 549*d5c09012SAndroid Build Coastguard Worker // Required. The resource name of the machine. 550*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 551*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 552*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 553*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/Machine" 554*d5c09012SAndroid Build Coastguard Worker } 555*d5c09012SAndroid Build Coastguard Worker ]; 556*d5c09012SAndroid Build Coastguard Worker 557*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the node pool was created. 558*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 2 559*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 560*d5c09012SAndroid Build Coastguard Worker 561*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the node pool was last updated. 562*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 3 563*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 564*d5c09012SAndroid Build Coastguard Worker 565*d5c09012SAndroid Build Coastguard Worker // Labels associated with this resource. 566*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 4; 567*d5c09012SAndroid Build Coastguard Worker 568*d5c09012SAndroid Build Coastguard Worker // Canonical resource name of the node that this machine is responsible for 569*d5c09012SAndroid Build Coastguard Worker // hosting e.g. 570*d5c09012SAndroid Build Coastguard Worker // projects/{project}/locations/{location}/clusters/{cluster_id}/nodePools/{pool_id}/{node}, 571*d5c09012SAndroid Build Coastguard Worker // Or empty if the machine is not assigned to assume the role of a node. 572*d5c09012SAndroid Build Coastguard Worker // 573*d5c09012SAndroid Build Coastguard Worker // For control plane nodes hosted on edge machines, this will return 574*d5c09012SAndroid Build Coastguard Worker // the following format: 575*d5c09012SAndroid Build Coastguard Worker // "projects/{project}/locations/{location}/clusters/{cluster_id}/controlPlaneNodes/{node}". 576*d5c09012SAndroid Build Coastguard Worker string hosted_node = 5; 577*d5c09012SAndroid Build Coastguard Worker 578*d5c09012SAndroid Build Coastguard Worker // The Google Distributed Cloud Edge zone of this machine. 579*d5c09012SAndroid Build Coastguard Worker string zone = 6; 580*d5c09012SAndroid Build Coastguard Worker 581*d5c09012SAndroid Build Coastguard Worker // Output only. The software version of the machine. 582*d5c09012SAndroid Build Coastguard Worker string version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; 583*d5c09012SAndroid Build Coastguard Worker 584*d5c09012SAndroid Build Coastguard Worker // Output only. Whether the machine is disabled. If disabled, the machine is 585*d5c09012SAndroid Build Coastguard Worker // unable to enter service. 586*d5c09012SAndroid Build Coastguard Worker bool disabled = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; 587*d5c09012SAndroid Build Coastguard Worker} 588*d5c09012SAndroid Build Coastguard Worker 589*d5c09012SAndroid Build Coastguard Worker// A VPN connection . 590*d5c09012SAndroid Build Coastguard Workermessage VpnConnection { 591*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 592*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/VpnConnection" 593*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/vpnConnections/{vpn_connection}" 594*d5c09012SAndroid Build Coastguard Worker }; 595*d5c09012SAndroid Build Coastguard Worker 596*d5c09012SAndroid Build Coastguard Worker // Project detail of the VPC network. 597*d5c09012SAndroid Build Coastguard Worker message VpcProject { 598*d5c09012SAndroid Build Coastguard Worker // The project of the VPC to connect to. If not specified, it is the same as 599*d5c09012SAndroid Build Coastguard Worker // the cluster project. 600*d5c09012SAndroid Build Coastguard Worker string project_id = 1; 601*d5c09012SAndroid Build Coastguard Worker 602*d5c09012SAndroid Build Coastguard Worker // Optional. The service account in the VPC project configured by user. It 603*d5c09012SAndroid Build Coastguard Worker // is used to create/delete Cloud Router and Cloud HA VPNs for VPN 604*d5c09012SAndroid Build Coastguard Worker // connection. If this SA is changed during/after a VPN connection is 605*d5c09012SAndroid Build Coastguard Worker // created, you need to remove the Cloud Router and Cloud VPN resources in 606*d5c09012SAndroid Build Coastguard Worker // |project_id|. It is in the form of 607*d5c09012SAndroid Build Coastguard Worker // service-{project_number}@gcp-sa-edgecontainer.iam.gserviceaccount.com. 608*d5c09012SAndroid Build Coastguard Worker string service_account = 2 609*d5c09012SAndroid Build Coastguard Worker [deprecated = true, (google.api.field_behavior) = OPTIONAL]; 610*d5c09012SAndroid Build Coastguard Worker } 611*d5c09012SAndroid Build Coastguard Worker 612*d5c09012SAndroid Build Coastguard Worker // The created connection details. 613*d5c09012SAndroid Build Coastguard Worker message Details { 614*d5c09012SAndroid Build Coastguard Worker // The Cloud Router info. 615*d5c09012SAndroid Build Coastguard Worker message CloudRouter { 616*d5c09012SAndroid Build Coastguard Worker // The associated Cloud Router name. 617*d5c09012SAndroid Build Coastguard Worker string name = 1; 618*d5c09012SAndroid Build Coastguard Worker } 619*d5c09012SAndroid Build Coastguard Worker 620*d5c09012SAndroid Build Coastguard Worker // The Cloud VPN info. 621*d5c09012SAndroid Build Coastguard Worker message CloudVpn { 622*d5c09012SAndroid Build Coastguard Worker // The created Cloud VPN gateway name. 623*d5c09012SAndroid Build Coastguard Worker string gateway = 1; 624*d5c09012SAndroid Build Coastguard Worker } 625*d5c09012SAndroid Build Coastguard Worker 626*d5c09012SAndroid Build Coastguard Worker // The current connection state. 627*d5c09012SAndroid Build Coastguard Worker enum State { 628*d5c09012SAndroid Build Coastguard Worker // Unknown. 629*d5c09012SAndroid Build Coastguard Worker STATE_UNSPECIFIED = 0; 630*d5c09012SAndroid Build Coastguard Worker 631*d5c09012SAndroid Build Coastguard Worker // Connected. 632*d5c09012SAndroid Build Coastguard Worker STATE_CONNECTED = 1; 633*d5c09012SAndroid Build Coastguard Worker 634*d5c09012SAndroid Build Coastguard Worker // Still connecting. 635*d5c09012SAndroid Build Coastguard Worker STATE_CONNECTING = 2; 636*d5c09012SAndroid Build Coastguard Worker 637*d5c09012SAndroid Build Coastguard Worker // Error occurred. 638*d5c09012SAndroid Build Coastguard Worker STATE_ERROR = 3; 639*d5c09012SAndroid Build Coastguard Worker } 640*d5c09012SAndroid Build Coastguard Worker 641*d5c09012SAndroid Build Coastguard Worker // The state of this connection. 642*d5c09012SAndroid Build Coastguard Worker State state = 1; 643*d5c09012SAndroid Build Coastguard Worker 644*d5c09012SAndroid Build Coastguard Worker // The error message. This is only populated when state=ERROR. 645*d5c09012SAndroid Build Coastguard Worker string error = 2; 646*d5c09012SAndroid Build Coastguard Worker 647*d5c09012SAndroid Build Coastguard Worker // The Cloud Router info. 648*d5c09012SAndroid Build Coastguard Worker CloudRouter cloud_router = 3; 649*d5c09012SAndroid Build Coastguard Worker 650*d5c09012SAndroid Build Coastguard Worker // Each connection has multiple Cloud VPN gateways. 651*d5c09012SAndroid Build Coastguard Worker repeated CloudVpn cloud_vpns = 4; 652*d5c09012SAndroid Build Coastguard Worker } 653*d5c09012SAndroid Build Coastguard Worker 654*d5c09012SAndroid Build Coastguard Worker // Routing mode. 655*d5c09012SAndroid Build Coastguard Worker enum BgpRoutingMode { 656*d5c09012SAndroid Build Coastguard Worker // Unknown. 657*d5c09012SAndroid Build Coastguard Worker BGP_ROUTING_MODE_UNSPECIFIED = 0; 658*d5c09012SAndroid Build Coastguard Worker 659*d5c09012SAndroid Build Coastguard Worker // Regional mode. 660*d5c09012SAndroid Build Coastguard Worker REGIONAL = 1; 661*d5c09012SAndroid Build Coastguard Worker 662*d5c09012SAndroid Build Coastguard Worker // Global mode. 663*d5c09012SAndroid Build Coastguard Worker GLOBAL = 2; 664*d5c09012SAndroid Build Coastguard Worker } 665*d5c09012SAndroid Build Coastguard Worker 666*d5c09012SAndroid Build Coastguard Worker // Required. The resource name of VPN connection 667*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 668*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 669*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 670*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/VpnConnection" 671*d5c09012SAndroid Build Coastguard Worker } 672*d5c09012SAndroid Build Coastguard Worker ]; 673*d5c09012SAndroid Build Coastguard Worker 674*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the VPN connection was created. 675*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 2 676*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 677*d5c09012SAndroid Build Coastguard Worker 678*d5c09012SAndroid Build Coastguard Worker // Output only. The time when the VPN connection was last updated. 679*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 3 680*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 681*d5c09012SAndroid Build Coastguard Worker 682*d5c09012SAndroid Build Coastguard Worker // Labels associated with this resource. 683*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 4; 684*d5c09012SAndroid Build Coastguard Worker 685*d5c09012SAndroid Build Coastguard Worker // NAT gateway IP, or WAN IP address. If a customer has multiple NAT IPs, the 686*d5c09012SAndroid Build Coastguard Worker // customer needs to configure NAT such that only one external IP maps to the 687*d5c09012SAndroid Build Coastguard Worker // GMEC Anthos cluster. This is empty if NAT is not used. 688*d5c09012SAndroid Build Coastguard Worker string nat_gateway_ip = 5; 689*d5c09012SAndroid Build Coastguard Worker 690*d5c09012SAndroid Build Coastguard Worker // Dynamic routing mode of the VPC network, `regional` or `global`. 691*d5c09012SAndroid Build Coastguard Worker BgpRoutingMode bgp_routing_mode = 6 [deprecated = true]; 692*d5c09012SAndroid Build Coastguard Worker 693*d5c09012SAndroid Build Coastguard Worker // The canonical Cluster name to connect to. It is in the form of 694*d5c09012SAndroid Build Coastguard Worker // projects/{project}/locations/{location}/clusters/{cluster}. 695*d5c09012SAndroid Build Coastguard Worker string cluster = 7 [(google.api.resource_reference) = { 696*d5c09012SAndroid Build Coastguard Worker type: "edgecontainer.googleapis.com/Cluster" 697*d5c09012SAndroid Build Coastguard Worker }]; 698*d5c09012SAndroid Build Coastguard Worker 699*d5c09012SAndroid Build Coastguard Worker // The network ID of VPC to connect to. 700*d5c09012SAndroid Build Coastguard Worker string vpc = 8; 701*d5c09012SAndroid Build Coastguard Worker 702*d5c09012SAndroid Build Coastguard Worker // Optional. Project detail of the VPC network. Required if VPC is in a 703*d5c09012SAndroid Build Coastguard Worker // different project than the cluster project. 704*d5c09012SAndroid Build Coastguard Worker VpcProject vpc_project = 11 [(google.api.field_behavior) = OPTIONAL]; 705*d5c09012SAndroid Build Coastguard Worker 706*d5c09012SAndroid Build Coastguard Worker // Whether this VPN connection has HA enabled on cluster side. If enabled, 707*d5c09012SAndroid Build Coastguard Worker // when creating VPN connection we will attempt to use 2 ANG floating IPs. 708*d5c09012SAndroid Build Coastguard Worker bool enable_high_availability = 9; 709*d5c09012SAndroid Build Coastguard Worker 710*d5c09012SAndroid Build Coastguard Worker // Optional. The VPN connection Cloud Router name. 711*d5c09012SAndroid Build Coastguard Worker string router = 12 [(google.api.field_behavior) = OPTIONAL]; 712*d5c09012SAndroid Build Coastguard Worker 713*d5c09012SAndroid Build Coastguard Worker // Output only. The created connection details. 714*d5c09012SAndroid Build Coastguard Worker Details details = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 715*d5c09012SAndroid Build Coastguard Worker} 716*d5c09012SAndroid Build Coastguard Worker 717*d5c09012SAndroid Build Coastguard Worker// Metadata for a given 718*d5c09012SAndroid Build Coastguard Worker// [google.cloud.location.Location][google.cloud.location.Location]. 719*d5c09012SAndroid Build Coastguard Workermessage LocationMetadata { 720*d5c09012SAndroid Build Coastguard Worker // The set of available Google Distributed Cloud Edge zones in the location. 721*d5c09012SAndroid Build Coastguard Worker // The map is keyed by the lowercase ID of each zone. 722*d5c09012SAndroid Build Coastguard Worker map<string, ZoneMetadata> available_zones = 1; 723*d5c09012SAndroid Build Coastguard Worker} 724*d5c09012SAndroid Build Coastguard Worker 725*d5c09012SAndroid Build Coastguard Worker// A Google Distributed Cloud Edge zone where edge machines are located. 726*d5c09012SAndroid Build Coastguard Workermessage ZoneMetadata { 727*d5c09012SAndroid Build Coastguard Worker // Type of the rack. 728*d5c09012SAndroid Build Coastguard Worker enum RackType { 729*d5c09012SAndroid Build Coastguard Worker // Unspecified rack type, single rack also belongs to this type. 730*d5c09012SAndroid Build Coastguard Worker RACK_TYPE_UNSPECIFIED = 0; 731*d5c09012SAndroid Build Coastguard Worker 732*d5c09012SAndroid Build Coastguard Worker // Base rack type, a pair of two modified Config-1 racks containing 733*d5c09012SAndroid Build Coastguard Worker // Aggregation switches. 734*d5c09012SAndroid Build Coastguard Worker BASE = 1; 735*d5c09012SAndroid Build Coastguard Worker 736*d5c09012SAndroid Build Coastguard Worker // Expansion rack type, also known as standalone racks, 737*d5c09012SAndroid Build Coastguard Worker // added by customers on demand. 738*d5c09012SAndroid Build Coastguard Worker EXPANSION = 2; 739*d5c09012SAndroid Build Coastguard Worker } 740*d5c09012SAndroid Build Coastguard Worker 741*d5c09012SAndroid Build Coastguard Worker // Quota for resources in this zone. 742*d5c09012SAndroid Build Coastguard Worker repeated Quota quota = 1; 743*d5c09012SAndroid Build Coastguard Worker 744*d5c09012SAndroid Build Coastguard Worker // The map keyed by rack name and has value of RackType. 745*d5c09012SAndroid Build Coastguard Worker map<string, RackType> rack_types = 2; 746*d5c09012SAndroid Build Coastguard Worker} 747*d5c09012SAndroid Build Coastguard Worker 748*d5c09012SAndroid Build Coastguard Worker// Represents quota for Edge Container resources. 749*d5c09012SAndroid Build Coastguard Workermessage Quota { 750*d5c09012SAndroid Build Coastguard Worker // Name of the quota metric. 751*d5c09012SAndroid Build Coastguard Worker string metric = 1; 752*d5c09012SAndroid Build Coastguard Worker 753*d5c09012SAndroid Build Coastguard Worker // Quota limit for this metric. 754*d5c09012SAndroid Build Coastguard Worker double limit = 2; 755*d5c09012SAndroid Build Coastguard Worker 756*d5c09012SAndroid Build Coastguard Worker // Current usage of this metric. 757*d5c09012SAndroid Build Coastguard Worker double usage = 3; 758*d5c09012SAndroid Build Coastguard Worker} 759*d5c09012SAndroid Build Coastguard Worker 760*d5c09012SAndroid Build Coastguard Worker// Maintenance policy configuration. 761*d5c09012SAndroid Build Coastguard Workermessage MaintenancePolicy { 762*d5c09012SAndroid Build Coastguard Worker // Specifies the maintenance window in which maintenance may be performed. 763*d5c09012SAndroid Build Coastguard Worker MaintenanceWindow window = 1; 764*d5c09012SAndroid Build Coastguard Worker} 765*d5c09012SAndroid Build Coastguard Worker 766*d5c09012SAndroid Build Coastguard Worker// Maintenance window configuration 767*d5c09012SAndroid Build Coastguard Workermessage MaintenanceWindow { 768*d5c09012SAndroid Build Coastguard Worker // Configuration of a recurring maintenance window. 769*d5c09012SAndroid Build Coastguard Worker RecurringTimeWindow recurring_window = 1; 770*d5c09012SAndroid Build Coastguard Worker} 771*d5c09012SAndroid Build Coastguard Worker 772*d5c09012SAndroid Build Coastguard Worker// Represents an arbitrary window of time that recurs. 773*d5c09012SAndroid Build Coastguard Workermessage RecurringTimeWindow { 774*d5c09012SAndroid Build Coastguard Worker // The window of the first recurrence. 775*d5c09012SAndroid Build Coastguard Worker TimeWindow window = 1; 776*d5c09012SAndroid Build Coastguard Worker 777*d5c09012SAndroid Build Coastguard Worker // An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how 778*d5c09012SAndroid Build Coastguard Worker // this window recurs. They go on for the span of time between the start and 779*d5c09012SAndroid Build Coastguard Worker // end time. 780*d5c09012SAndroid Build Coastguard Worker string recurrence = 2; 781*d5c09012SAndroid Build Coastguard Worker} 782*d5c09012SAndroid Build Coastguard Worker 783*d5c09012SAndroid Build Coastguard Worker// Represents an arbitrary window of time. 784*d5c09012SAndroid Build Coastguard Workermessage TimeWindow { 785*d5c09012SAndroid Build Coastguard Worker // The time that the window first starts. 786*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp start_time = 1; 787*d5c09012SAndroid Build Coastguard Worker 788*d5c09012SAndroid Build Coastguard Worker // The time that the window ends. The end time must take place after the 789*d5c09012SAndroid Build Coastguard Worker // start time. 790*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp end_time = 2; 791*d5c09012SAndroid Build Coastguard Worker} 792*d5c09012SAndroid Build Coastguard Worker 793*d5c09012SAndroid Build Coastguard Worker// Server configuration for supported versions and release channels. 794*d5c09012SAndroid Build Coastguard Workermessage ServerConfig { 795*d5c09012SAndroid Build Coastguard Worker // Output only. Mapping from release channel to channel config. 796*d5c09012SAndroid Build Coastguard Worker map<string, ChannelConfig> channels = 1 797*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 798*d5c09012SAndroid Build Coastguard Worker 799*d5c09012SAndroid Build Coastguard Worker // Output only. Supported versions, e.g.: ["1.4.0", "1.5.0"]. 800*d5c09012SAndroid Build Coastguard Worker repeated Version versions = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 801*d5c09012SAndroid Build Coastguard Worker 802*d5c09012SAndroid Build Coastguard Worker // Output only. Default version, e.g.: "1.4.0". 803*d5c09012SAndroid Build Coastguard Worker string default_version = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 804*d5c09012SAndroid Build Coastguard Worker} 805*d5c09012SAndroid Build Coastguard Worker 806*d5c09012SAndroid Build Coastguard Worker// Configuration for a release channel. 807*d5c09012SAndroid Build Coastguard Workermessage ChannelConfig { 808*d5c09012SAndroid Build Coastguard Worker // Output only. Default version for this release channel, e.g.: "1.4.0". 809*d5c09012SAndroid Build Coastguard Worker string default_version = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 810*d5c09012SAndroid Build Coastguard Worker} 811*d5c09012SAndroid Build Coastguard Worker 812*d5c09012SAndroid Build Coastguard Worker// Version of a cluster. 813*d5c09012SAndroid Build Coastguard Workermessage Version { 814*d5c09012SAndroid Build Coastguard Worker // Output only. Name of the version, e.g.: "1.4.0". 815*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 816*d5c09012SAndroid Build Coastguard Worker} 817