delowan / delowan.googlecloud / 1.0.2 / module / gcp_container_cluster Creates a GCP Cluster Authors: Google Inc. (@googlecloudplatform) preview | supported by communitydelowan.googlecloud.gcp_container_cluster (1.0.2) — module
Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2
collections: - name: delowan.googlecloud version: 1.0.2
A Google Container Engine cluster.
- name: create a cluster google.cloud.gcp_container_cluster: name: my-cluster initial_node_count: 2 master_auth: username: cluster_admin password: my-secret-password node_config: machine_type: n1-standard-4 disk_size_gb: 500 location: us-central1-a project: test_project auth_kind: serviceaccount service_account_file: "/tmp/auth.pem" state: present
name: description: - The name of this cluster. The name must be unique within this project and location, and can be up to 40 characters. Must be Lowercase letters, numbers, and hyphens only. Must start with a letter. Must end with a number or a letter. required: false type: str state: choices: - present - absent default: present description: - Whether the given object should exist in GCP type: str scopes: description: - Array of scopes to be used elements: str type: list network: description: - The name of the Google Compute Engine network to which the cluster is connected. If left unspecified, the default network will be used. required: false type: str project: description: - The Google Cloud Platform project to use. type: str env_type: description: - Specifies which Ansible environment you're running this module within. - This should not be set unless you know what you're doing. - This only alters the User Agent string for any API requests. type: str location: aliases: - zone description: - The location where the cluster is deployed. required: true type: str auth_kind: choices: - application - machineaccount - serviceaccount description: - The type of credential used. required: true type: str locations: aliases: - nodeLocations description: - The list of Google Compute Engine zones in which the cluster's nodes should be located. elements: str required: false type: list enable_tpu: description: - (Optional) Whether to enable Cloud TPU resources in this cluster. - See the official documentation - U(https://cloud.google.com/tpu/docs/kubernetes-engine-setup) . required: false type: bool subnetwork: description: - The name of the Google Compute Engine subnetwork to which the cluster is connected. required: false type: str description: description: - An optional description of this cluster. required: false type: str legacy_abac: description: - Configuration for the legacy ABAC authorization mode. required: false suboptions: enabled: description: - Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. required: false type: bool type: dict master_auth: description: - The authentication information for accessing the master endpoint. required: false suboptions: client_certificate_config: description: - Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued. required: false suboptions: issue_client_certificate: description: - Issue a client certificate. required: false type: bool type: dict password: description: - The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password with a minimum of 16 characters. required: false type: str username: description: - The username to use for HTTP basic authentication to the master endpoint. required: false type: str type: dict node_config: description: - Parameters used in creating the cluster's nodes. - For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "initialNodeCount") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. For responses, this field will be populated with the node configuration of the first node pool. If unspecified, the defaults are used. required: false suboptions: accelerators: description: - A list of hardware accelerators to be attached to each node. See U(https://cloud.google.com/compute/docs/gpus) for more information about support for GPUs. elements: dict required: false suboptions: accelerator_count: description: - The number of accelerator cards exposed to an instance. required: false type: str accelerator_type: description: - The accelerator type resource name. required: false type: str type: list disk_size_gb: description: - Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. required: false type: int disk_type: description: - Type of the disk attached to each node (e.g. 'pd-standard' or 'pd-ssd') If unspecified, the default disk type is 'pd-standard' . required: false type: str image_type: description: - The image type to use for this node. Note that for a given image type, the latest version of it will be used. required: false type: str labels: description: - 'The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it''s best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object containing a list of "key": value pairs.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' required: false type: dict local_ssd_count: description: - The number of local SSD disks to be attached to the node. - 'The limit for this value is dependant upon the maximum number of disks available on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for more information.' required: false type: int machine_type: description: - The name of a Google Compute Engine machine type (e.g. - n1-standard-1). If unspecified, the default machine type is n1-standard-1. required: false type: str metadata: description: - The metadata key/value pairs assigned to instances in the cluster. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the four reserved keys: "instance-template", "kube-env", "startup-script", and "user-data" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value''s size must be less than or equal to 32 KB.' - The total size of all keys and values must be less than 512 KB. - 'An object containing a list of "key": value pairs.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' required: false type: dict min_cpu_platform: description: - Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. required: false type: str oauth_scopes: description: - The set of Google API scopes to be made available on all of the node VMs under the "default" service account. - 'The following scopes are recommended, but not required, and by default are not included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent storage on your nodes.' - U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating with gcr.io (the Google Container Registry). - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added. elements: str required: false type: list preemptible: description: - 'Whether the nodes are created as preemptible VM instances. See: U(https://cloud.google.com/compute/docs/instances/preemptible) for more information about preemptible VM instances.' required: false type: bool service_account: description: - The Google Cloud Platform Service Account to be used by the node VMs. If no Service Account is specified, the "default" service account is used. required: false type: str shielded_instance_config: description: - Shielded Instance options. required: false suboptions: enable_integrity_monitoring: description: - Defines whether the instance has integrity monitoring enabled. - Enables monitoring and attestation of the boot integrity of the instance. - The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. required: false type: bool enable_secure_boot: description: - Defines whether the instance has Secure Boot enabled. - Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. required: false type: bool type: dict tags: description: - The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035. elements: str required: false type: list taints: description: - List of kubernetes taints to be applied to each node. - 'For more information, including usage and the valid values, see: U(https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) .' elements: dict required: false suboptions: effect: description: - Effect for taint. - 'Some valid choices include: "EFFECT_UNSPECIFIED", "NO_SCHEDULE", "PREFER_NO_SCHEDULE", "NO_EXECUTE"' required: false type: str key: description: - Key for taint. required: false type: str value: description: - Value for taint. required: false type: str type: list type: dict kubectl_path: description: - The path that the kubectl config file will be written to. - The file will not be created if this path is unset. - Any existing file at this path will be completely overwritten. - This requires the PyYaml library. required: false type: str addons_config: description: - Configurations for the various addons available to run in the cluster. required: false suboptions: horizontal_pod_autoscaling: description: - Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. required: false suboptions: disabled: description: - Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that a Heapster pod is running in the cluster, which is also used by the Cloud Monitoring service. required: false type: bool type: dict http_load_balancing: description: - Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. required: false suboptions: disabled: description: - Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers. required: false type: bool type: dict network_policy_config: description: - Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes. required: false suboptions: disabled: description: - Whether NetworkPolicy is enabled for this cluster. required: false type: bool type: dict type: dict network_config: description: - Network configurations . required: false suboptions: default_snat_status: description: - Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when defaultSnatStatus is disabled. required: false type: bool enable_intra_node_visibility: description: - Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network. required: false type: bool type: dict network_policy: description: - Configuration options for the NetworkPolicy feature. required: false suboptions: enabled: description: - Whether network policy is enabled on the cluster. required: false type: bool provider: description: - The selected network policy provider. - 'Some valid choices include: "PROVIDER_UNSPECIFIED", "CALICO"' required: false type: str type: dict shielded_nodes: description: - Shielded Nodes configuration. required: false suboptions: enabled: description: - Whether Shielded Nodes features are enabled on all nodes in this cluster. required: false type: bool type: dict kubectl_context: description: - The name of the context for the kubectl config file. Will default to the cluster name. required: false type: str logging_service: description: - 'The logging service the cluster should use to write logs. Currently available options: logging.googleapis.com - the Google Cloud Logging service.' - none - no logs will be exported from the cluster. - if left as an empty string,logging.googleapis.com will be used. - 'Some valid choices include: "logging.googleapis.com", "none"' required: false type: str release_channel: description: - ReleaseChannel indicates which release channel a cluster is subscribed to. - Release channels are arranged in order of risk and frequency of updates. required: false suboptions: channel: description: - Which release channel the cluster is subscribed to. - 'Some valid choices include: "UNSPECIFIED", "RAPID", "REGULAR", "STABLE"' required: false type: str type: dict resource_labels: description: - The resource labels for the cluster to use to annotate any related Google Compute Engine resources. required: false type: dict cluster_ipv4_cidr: description: - The IP address range of the container pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8. required: false type: str initial_node_count: description: - The number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "nodeConfig") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. - This field has been deprecated. Please use nodePool.initial_node_count instead. required: false type: int monitoring_service: description: - The monitoring service the cluster should use to write metrics. - 'Currently available options: monitoring.googleapis.com - the Google Cloud Monitoring service.' - none - no metrics will be exported from the cluster. - if left as an empty string, monitoring.googleapis.com will be used. - 'Some valid choices include: "monitoring.googleapis.com", "none"' required: false type: str database_encryption: description: - Configuration of etcd encryption. required: false suboptions: key_name: description: - Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. - '`projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key` .' required: false type: str state: description: - Denotes the state of etcd encryption. - 'Some valid choices include: "ENCRYPTED", "DECRYPTED"' required: false type: str type: dict binary_authorization: description: - Configuration for the BinaryAuthorization feature. required: false suboptions: enabled: description: - If enabled, all container images will be validated by Binary Authorization. required: false type: bool type: dict ip_allocation_policy: description: - Configuration for controlling how IPs are allocated in the cluster. required: false suboptions: cluster_ipv4_cidr_block: description: - The IP address range for the cluster pod IPs. If this field is set, then cluster.cluster_ipv4_cidr must be left blank. - This field is only applicable when useIpAliases is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. required: false type: str cluster_secondary_range_name: description: - The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. - This must be an existing secondary range associated with the cluster subnetwork . required: false type: str create_subnetwork: description: - Whether a new subnetwork will be created automatically for the cluster. required: false type: bool node_ipv4_cidr_block: description: - The IP address range of the instance IPs in this cluster. - This is applicable only if createSubnetwork is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. required: false type: str services_ipv4_cidr_block: description: - The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. - This field is only applicable when useIpAliases is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. required: false type: str services_secondary_range_name: description: - The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. required: false type: str subnetwork_name: description: - A custom subnetwork name to be used if createSubnetwork is true. - If this field is empty, then an automatic name will be chosen for the new subnetwork. required: false type: str tpu_ipv4_cidr_block: description: - The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. - This field is only applicable when useIpAliases is true. - If unspecified, the range will use the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. required: false type: str use_ip_aliases: description: - Whether alias IPs will be used for pod IPs in the cluster. required: false type: bool type: dict service_account_file: description: - The path of a Service Account JSON file if serviceaccount is selected as type. type: path service_account_email: description: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str private_cluster_config: description: - Configuration for a private cluster. required: false suboptions: enable_private_endpoint: description: - Whether the master's internal IP address is used as the cluster endpoint. required: false type: bool enable_private_nodes: description: - Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking. required: false type: bool master_ipv4_cidr_block: description: - The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network. required: false type: str type: dict enable_kubernetes_alpha: description: - Kubernetes alpha features are enabled on this cluster. This includes alpha API groups (e.g. v1alpha1) and features that may not be production ready in the kubernetes version of the master and nodes. required: false type: bool initial_cluster_version: description: - The software version of the master endpoint and kubelets used in the cluster when it was first created. The version can be upgraded over time. required: false type: str service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it. type: jsonarg default_max_pods_constraint: description: - The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster. - Only honored if cluster created with IP Alias support. required: false suboptions: max_pods_per_node: description: - Constraint enforced on the max num of pods per node. required: false type: str type: dict master_authorized_networks_config: description: - Configuration for controlling how IPs are allocated in the cluster. required: false suboptions: cidr_blocks: description: - Define up to 50 external networks that could access Kubernetes master through HTTPS. elements: dict required: false suboptions: cidr_block: description: - Block specified in CIDR notation. required: false type: str display_name: description: - Optional field used to identify cidr blocks. required: false type: str type: list enabled: description: - Whether or not master authorized networks is enabled. required: false type: bool type: dict
addonsConfig: contains: horizontalPodAutoscaling: contains: disabled: description: - Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that a Heapster pod is running in the cluster, which is also used by the Cloud Monitoring service. returned: success type: bool description: - Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. returned: success type: complex httpLoadBalancing: contains: disabled: description: - Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers. returned: success type: bool description: - Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. returned: success type: complex networkPolicyConfig: contains: disabled: description: - Whether NetworkPolicy is enabled for this cluster. returned: success type: bool description: - Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes. returned: success type: complex description: - Configurations for the various addons available to run in the cluster. returned: success type: complex binaryAuthorization: contains: enabled: description: - If enabled, all container images will be validated by Binary Authorization. returned: success type: bool description: - Configuration for the BinaryAuthorization feature. returned: success type: complex clusterIpv4Cidr: description: - The IP address range of the container pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8. returned: success type: str conditions: contains: code: description: - Machine-friendly representation of the condition. returned: success type: str message: description: - Human-friendly representation of the condition. returned: success type: str description: - Which conditions caused the current cluster state. returned: success type: complex createTime: description: - The time the cluster was created, in RFC3339 text format. returned: success type: str currentMasterVersion: description: - The current software version of the master endpoint. returned: success type: str currentNodeCount: description: - The number of nodes currently in the cluster. returned: success type: int currentNodeVersion: description: - The current version of the node software components. If they are currently at multiple versions because they're in the process of being upgraded, this reflects the minimum version of all nodes. returned: success type: str databaseEncryption: contains: keyName: description: - Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. - '`projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key` .' returned: success type: str state: description: - Denotes the state of etcd encryption. returned: success type: str description: - Configuration of etcd encryption. returned: success type: complex defaultMaxPodsConstraint: contains: maxPodsPerNode: description: - Constraint enforced on the max num of pods per node. returned: success type: str description: - The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster. - Only honored if cluster created with IP Alias support. returned: success type: complex description: description: - An optional description of this cluster. returned: success type: str enableKubernetesAlpha: description: - Kubernetes alpha features are enabled on this cluster. This includes alpha API groups (e.g. v1alpha1) and features that may not be production ready in the kubernetes version of the master and nodes. returned: success type: bool enableTpu: description: - (Optional) Whether to enable Cloud TPU resources in this cluster. - See the official documentation - U(https://cloud.google.com/tpu/docs/kubernetes-engine-setup) . returned: success type: bool endpoint: description: - The IP address of this cluster's master endpoint. - The endpoint can be accessed from the internet at https://username:password@endpoint/ See the masterAuth property of this resource for username and password information. returned: success type: str expireTime: description: - The time the cluster will be automatically deleted in RFC3339 text format. returned: success type: str initialClusterVersion: description: - The software version of the master endpoint and kubelets used in the cluster when it was first created. The version can be upgraded over time. returned: success type: str initialNodeCount: description: - The number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "nodeConfig") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. - This field has been deprecated. Please use nodePool.initial_node_count instead. returned: success type: int ipAllocationPolicy: contains: clusterIpv4CidrBlock: description: - The IP address range for the cluster pod IPs. If this field is set, then cluster.cluster_ipv4_cidr must be left blank. - This field is only applicable when useIpAliases is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. returned: success type: str clusterSecondaryRangeName: description: - The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. - This must be an existing secondary range associated with the cluster subnetwork . returned: success type: str createSubnetwork: description: - Whether a new subnetwork will be created automatically for the cluster. returned: success type: bool nodeIpv4CidrBlock: description: - The IP address range of the instance IPs in this cluster. - This is applicable only if createSubnetwork is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. returned: success type: str servicesIpv4CidrBlock: description: - The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. - This field is only applicable when useIpAliases is true. - Set to blank to have a range chosen with the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. returned: success type: str servicesSecondaryRangeName: description: - The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. returned: success type: str subnetworkName: description: - A custom subnetwork name to be used if createSubnetwork is true. - If this field is empty, then an automatic name will be chosen for the new subnetwork. returned: success type: str tpuIpv4CidrBlock: description: - The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. - This field is only applicable when useIpAliases is true. - If unspecified, the range will use the default size. - Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. returned: success type: str useIpAliases: description: - Whether alias IPs will be used for pod IPs in the cluster. returned: success type: bool description: - Configuration for controlling how IPs are allocated in the cluster. returned: success type: complex kubectlContext: description: - The name of the context for the kubectl config file. Will default to the cluster name. returned: success type: str kubectlPath: description: - The path that the kubectl config file will be written to. - The file will not be created if this path is unset. - Any existing file at this path will be completely overwritten. - This requires the PyYaml library. returned: success type: str labelFingerprint: description: - The fingerprint of the set of labels for this cluster. returned: success type: str legacyAbac: contains: enabled: description: - Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. returned: success type: bool description: - Configuration for the legacy ABAC authorization mode. returned: success type: complex location: description: - The location where the cluster is deployed. returned: success type: str locations: description: - The list of Google Compute Engine zones in which the cluster's nodes should be located. returned: success type: list loggingService: description: - 'The logging service the cluster should use to write logs. Currently available options: logging.googleapis.com - the Google Cloud Logging service.' - none - no logs will be exported from the cluster. - if left as an empty string,logging.googleapis.com will be used. returned: success type: str masterAuth: contains: clientCertificate: description: - Base64-encoded public certificate used by clients to authenticate to the cluster endpoint. returned: success type: str clientCertificateConfig: contains: issueClientCertificate: description: - Issue a client certificate. returned: success type: bool description: - Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued. returned: success type: complex clientKey: description: - Base64-encoded private key used by clients to authenticate to the cluster endpoint. returned: success type: str clusterCaCertificate: description: - Base64-encoded public certificate that is the root of trust for the cluster. returned: success type: str password: description: - The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password with a minimum of 16 characters. returned: success type: str username: description: - The username to use for HTTP basic authentication to the master endpoint. returned: success type: str description: - The authentication information for accessing the master endpoint. returned: success type: complex masterAuthorizedNetworksConfig: contains: cidrBlocks: contains: cidrBlock: description: - Block specified in CIDR notation. returned: success type: str displayName: description: - Optional field used to identify cidr blocks. returned: success type: str description: - Define up to 50 external networks that could access Kubernetes master through HTTPS. returned: success type: complex enabled: description: - Whether or not master authorized networks is enabled. returned: success type: bool description: - Configuration for controlling how IPs are allocated in the cluster. returned: success type: complex monitoringService: description: - The monitoring service the cluster should use to write metrics. - 'Currently available options: monitoring.googleapis.com - the Google Cloud Monitoring service.' - none - no metrics will be exported from the cluster. - if left as an empty string, monitoring.googleapis.com will be used. returned: success type: str name: description: - The name of this cluster. The name must be unique within this project and location, and can be up to 40 characters. Must be Lowercase letters, numbers, and hyphens only. Must start with a letter. Must end with a number or a letter. returned: success type: str network: description: - The name of the Google Compute Engine network to which the cluster is connected. If left unspecified, the default network will be used. returned: success type: str networkConfig: contains: defaultSnatStatus: description: - Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when defaultSnatStatus is disabled. returned: success type: bool enableIntraNodeVisibility: description: - Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network. returned: success type: bool network: description: - The relative name of the Google Compute Engine network to which the cluster is connected. - 'Example: projects/my-project/global/networks/my-network .' returned: success type: str subnetwork: description: - The relative name of the Google Compute Engine subnetwork to which the cluster is connected. - 'Example: projects/my-project/regions/us-central1/subnetworks/my-subnet .' returned: success type: str description: - Network configurations . returned: success type: complex networkPolicy: contains: enabled: description: - Whether network policy is enabled on the cluster. returned: success type: bool provider: description: - The selected network policy provider. returned: success type: str description: - Configuration options for the NetworkPolicy feature. returned: success type: complex nodeConfig: contains: accelerators: contains: acceleratorCount: description: - The number of accelerator cards exposed to an instance. returned: success type: str acceleratorType: description: - The accelerator type resource name. returned: success type: str description: - A list of hardware accelerators to be attached to each node. See U(https://cloud.google.com/compute/docs/gpus) for more information about support for GPUs. returned: success type: complex diskSizeGb: description: - Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. returned: success type: int diskType: description: - Type of the disk attached to each node (e.g. 'pd-standard' or 'pd-ssd') If unspecified, the default disk type is 'pd-standard' . returned: success type: str imageType: description: - The image type to use for this node. Note that for a given image type, the latest version of it will be used. returned: success type: str labels: description: - 'The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it''s best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object containing a list of "key": value pairs.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' returned: success type: dict localSsdCount: description: - The number of local SSD disks to be attached to the node. - 'The limit for this value is dependant upon the maximum number of disks available on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for more information.' returned: success type: int machineType: description: - The name of a Google Compute Engine machine type (e.g. - n1-standard-1). If unspecified, the default machine type is n1-standard-1. returned: success type: str metadata: description: - The metadata key/value pairs assigned to instances in the cluster. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the four reserved keys: "instance-template", "kube-env", "startup-script", and "user-data" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value''s size must be less than or equal to 32 KB.' - The total size of all keys and values must be less than 512 KB. - 'An object containing a list of "key": value pairs.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' returned: success type: dict minCpuPlatform: description: - Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. returned: success type: str oauthScopes: description: - The set of Google API scopes to be made available on all of the node VMs under the "default" service account. - 'The following scopes are recommended, but not required, and by default are not included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent storage on your nodes.' - U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating with gcr.io (the Google Container Registry). - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added. returned: success type: list preemptible: description: - 'Whether the nodes are created as preemptible VM instances. See: U(https://cloud.google.com/compute/docs/instances/preemptible) for more information about preemptible VM instances.' returned: success type: bool serviceAccount: description: - The Google Cloud Platform Service Account to be used by the node VMs. If no Service Account is specified, the "default" service account is used. returned: success type: str shieldedInstanceConfig: contains: enableIntegrityMonitoring: description: - Defines whether the instance has integrity monitoring enabled. - Enables monitoring and attestation of the boot integrity of the instance. - The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. returned: success type: bool enableSecureBoot: description: - Defines whether the instance has Secure Boot enabled. - Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. returned: success type: bool description: - Shielded Instance options. returned: success type: complex tags: description: - The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035. returned: success type: list taints: contains: effect: description: - Effect for taint. returned: success type: str key: description: - Key for taint. returned: success type: str value: description: - Value for taint. returned: success type: str description: - List of kubernetes taints to be applied to each node. - 'For more information, including usage and the valid values, see: U(https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) .' returned: success type: complex description: - Parameters used in creating the cluster's nodes. - For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "initialNodeCount") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. For responses, this field will be populated with the node configuration of the first node pool. If unspecified, the defaults are used. returned: success type: complex nodeIpv4CidrSize: description: - The size of the address space on each node for hosting containers. - This is provisioned from within the container_ipv4_cidr range. returned: success type: int nodePools: contains: name: description: - Name of the node pool. returned: success type: str description: - Node pools belonging to this cluster. returned: success type: complex privateClusterConfig: contains: enablePrivateEndpoint: description: - Whether the master's internal IP address is used as the cluster endpoint. returned: success type: bool enablePrivateNodes: description: - Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking. returned: success type: bool masterIpv4CidrBlock: description: - The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network. returned: success type: str privateEndpoint: description: - The internal IP address of this cluster's master endpoint. returned: success type: str publicEndpoint: description: - The external IP address of this cluster's master endpoint. returned: success type: str description: - Configuration for a private cluster. returned: success type: complex releaseChannel: contains: channel: description: - Which release channel the cluster is subscribed to. returned: success type: str description: - ReleaseChannel indicates which release channel a cluster is subscribed to. - Release channels are arranged in order of risk and frequency of updates. returned: success type: complex resourceLabels: description: - The resource labels for the cluster to use to annotate any related Google Compute Engine resources. returned: success type: dict servicesIpv4Cidr: description: - The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR. returned: success type: str shieldedNodes: contains: enabled: description: - Whether Shielded Nodes features are enabled on all nodes in this cluster. returned: success type: bool description: - Shielded Nodes configuration. returned: success type: complex status: description: - The current status of this cluster. returned: success type: str statusMessage: description: - Additional information about the current status of this cluster, if available. returned: success type: str subnetwork: description: - The name of the Google Compute Engine subnetwork to which the cluster is connected. returned: success type: str tpuIpv4CidrBlock: description: - The IP address range of the Cloud TPUs in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). returned: success type: str