{ "description": "GCPMachineProviderSpec is the type that will be embedded in a Machine.Spec.ProviderSpec field for an GCP virtual machine. It is used by the GCP machine actuator to create a single Machine. Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "canIPForward": { "description": "CanIPForward Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes.", "type": "boolean" }, "confidentialCompute": { "description": "confidentialCompute Defines whether the instance should have confidential compute enabled. If enabled OnHostMaintenance is required to be set to \"Terminate\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.", "enum": [ "Enabled", "Disabled" ], "type": "string" }, "credentialsSecret": { "description": "CredentialsSecret is a reference to the secret with GCP credentials.", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" } }, "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "deletionProtection": { "description": "DeletionProtection whether the resource should be protected against deletion.", "type": "boolean" }, "disks": { "description": "Disks is a list of disks to be attached to the VM.", "items": { "description": "GCPDisk describes disks for GCP.", "properties": { "autoDelete": { "description": "AutoDelete indicates if the disk will be auto-deleted when the instance is deleted (default false).", "type": "boolean" }, "boot": { "description": "Boot indicates if this is a boot disk (default false).", "type": "boolean" }, "encryptionKey": { "description": "EncryptionKey is the customer-supplied encryption key of the disk.", "properties": { "kmsKey": { "description": "KMSKeyName is the reference KMS key, in the format", "properties": { "keyRing": { "description": "KeyRing is the name of the KMS Key Ring which the KMS Key belongs to.", "type": "string" }, "location": { "description": "Location is the GCP location in which the Key Ring exists.", "type": "string" }, "name": { "description": "Name is the name of the customer managed encryption key to be used for the disk encryption.", "type": "string" }, "projectID": { "description": "ProjectID is the ID of the Project in which the KMS Key Ring exists. Defaults to the VM ProjectID if not set.", "type": "string" } }, "type": "object", "additionalProperties": false }, "kmsKeyServiceAccount": { "description": "KMSKeyServiceAccount is the service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account for details on the default service account.", "type": "string" } }, "type": "object", "additionalProperties": false }, "image": { "description": "Image is the source image to create this disk.", "type": "string" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels list of labels to apply to the disk.", "type": "object" }, "sizeGb": { "description": "SizeGB is the size of the disk (in GB).", "format": "int64", "type": "integer", "minimum": -9223372036854776000, "maximum": 9223372036854776000 }, "type": { "description": "Type is the type of the disk (eg: pd-standard).", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "gcpMetadata": { "description": "Metadata key/value pairs to apply to the VM.", "items": { "description": "GCPMetadata describes metadata for GCP.", "properties": { "key": { "description": "Key is the metadata key.", "type": "string" }, "value": { "description": "Value is the metadata value.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "gpus": { "description": "GPUs is a list of GPUs to be attached to the VM.", "items": { "description": "GCPGPUConfig describes type and count of GPUs attached to the instance on GCP.", "properties": { "count": { "description": "Count is the number of GPUs to be attached to an instance.", "format": "int32", "type": "integer", "minimum": -2147483648, "maximum": 2147483647 }, "type": { "description": "Type is the type of GPU to be attached to an instance. Supported GPU types are: nvidia-tesla-k80, nvidia-tesla-p100, nvidia-tesla-v100, nvidia-tesla-p4, nvidia-tesla-t4", "pattern": "^nvidia-tesla-(k80|p100|v100|p4|t4)$", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels list of labels to apply to the VM.", "type": "object" }, "machineType": { "description": "MachineType is the machine type to use for the VM.", "type": "string" }, "metadata": { "type": "object" }, "networkInterfaces": { "description": "NetworkInterfaces is a list of network interfaces to be attached to the VM.", "items": { "description": "GCPNetworkInterface describes network interfaces for GCP", "properties": { "network": { "description": "Network is the network name.", "type": "string" }, "projectID": { "description": "ProjectID is the project in which the GCP machine provider will create the VM.", "type": "string" }, "publicIP": { "description": "PublicIP indicates if true a public IP will be used", "type": "boolean" }, "subnetwork": { "description": "Subnetwork is the subnetwork name.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "onHostMaintenance": { "description": "OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. This is required to be set to \"Terminate\" if you want to provision machine with attached GPUs. Otherwise, allowed values are \"Migrate\" and \"Terminate\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is \"Migrate\".", "enum": [ "Migrate", "Terminate" ], "type": "string" }, "preemptible": { "description": "Preemptible indicates if created instance is preemptible.", "type": "boolean" }, "projectID": { "description": "ProjectID is the project in which the GCP machine provider will create the VM.", "type": "string" }, "region": { "description": "Region is the region in which the GCP machine provider will create the VM.", "type": "string" }, "restartPolicy": { "description": "RestartPolicy determines the behavior when an instance crashes or the underlying infrastructure provider stops the instance as part of a maintenance event (default \"Always\"). Cannot be \"Always\" with preemptible instances. Otherwise, allowed values are \"Always\" and \"Never\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is \"Always\". RestartPolicy represents AutomaticRestart in GCP compute api", "enum": [ "Always", "Never" ], "type": "string" }, "serviceAccounts": { "description": "ServiceAccounts is a list of GCP service accounts to be used by the VM.", "items": { "description": "GCPServiceAccount describes service accounts for GCP.", "properties": { "email": { "description": "Email is the service account email.", "type": "string" }, "scopes": { "description": "Scopes list of scopes to be assigned to the service account.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "shieldedInstanceConfig": { "description": "ShieldedInstanceConfig is the Shielded VM configuration for the VM", "properties": { "integrityMonitoring": { "description": "IntegrityMonitoring determines whether the instance should have integrity monitoring that verify the runtime boot integrity. Compares the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled.", "enum": [ "Enabled", "Disabled" ], "type": "string" }, "secureBoot": { "description": "SecureBoot Defines whether the instance should have secure boot enabled. Secure Boot verify the digital signature of all boot components, and halting the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Disabled.", "enum": [ "Enabled", "Disabled" ], "type": "string" }, "virtualizedTrustedPlatformModule": { "description": "VirtualizedTrustedPlatformModule enable virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to \"Enabled\" if IntegrityMonitoring is enabled. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled.", "enum": [ "Enabled", "Disabled" ], "type": "string" } }, "type": "object", "additionalProperties": false }, "tags": { "description": "Tags list of tags to apply to the VM.", "items": { "type": "string" }, "type": "array" }, "targetPools": { "description": "TargetPools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool", "items": { "type": "string" }, "type": "array" }, "userDataSecret": { "description": "UserDataSecret contains a local reference to a secret that contains the UserData to apply to the instance", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" } }, "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "zone": { "description": "Zone is the zone in which the GCP machine provider will create the VM.", "type": "string" } }, "type": "object", "additionalProperties": false, "$schema": "http://json-schema.org/draft-04/schema#" }