Configuring a Google Cloud resource using Anthos Config Management

In the same way that you can keep your enrolled clusters in sync with a Git repository as a source of truth, you can sync configs for Google Cloud resources.

Prerequisites

Before continuing, install both Anthos Config Management and Config Connector.

Creating a config

While configs for Kubernetes objects persist in Kubernetes clusters, configs for Google Cloud resources persist in Google Cloud projects. For this reason, each Google Cloud is represented by a namespace directory within namespaces/. The namespace directory must match the name of the Google Cloud project ID exactly. These namespace directories can inherit from abstract namespaces.

Configs are stored in either YAML or JSON. Each type of resource has different required and optional fields. For details each type of resource, such as a Pub/Sub PubSubTopic, see Config Connector resources.

For example, assume that this config is stored in namespaces/myProject. When Anthos Config Management syncs with the repo, Config Connector creates a PubSubTopic called pubsubtopic-example in the myProject Google Cloud project.

apiVersion: pubsub.cnrm.cloud.google.com/v1alpha2
kind: PubSubTopic
metadata:
  labels:
    label-one: "value-one"
  name: pubsubtopic-sample

For more examples, see Config Connector resources.

Deleting or abandoning a resource

To delete a resource, remove its config from the repo. The resource is deleted from the Google Cloud project at the next sync.

To abandon a resource (to stop syncing a resource but leave it intact in the Google Cloud project), you create two separate commits to the repo:

• In the first commit, you add the annotation cnrm.cloud.google.com/deletion-policy: abandon to the resource.
• After that change is synced, you delete the config from the repo.

For example, to stop managing a SpannerInstance resource:

1. Edit its config and add a line like the bold line below:

   apiVersion: spanner.cnrm.cloud.google.com/v1alpha2
   kind: SpannerInstance
   metadata:
    labels:
      label-one: "value-one"
    annotations:
      cnrm.cloud.google.com/deletion-policy: abandon
    name: spannerinstance-sample
   spec:
    config: regional-us-central1
    displayName: Spanner Two
    numNodes: 1
   

   Commit and push the change.

2. In a second commit, delete the config. Commit and push the change.

The SpannerInstance is preserved in the Google Cloud project. However, its custom object no longer exists in the Anthos Config Management cluster and its config is no longer synced using Config Connector or Anthos Config Management.

What's next?

• Learn more about Config Connector
• Learn about managing Google Cloud resources using Config Connector