bmctl
is a command line tool for Google Distributed Cloud that simplifies
cluster creation and management. This document is a comprehensive reference for
bmctl
commands and related flags.
Before you begin
bmctl
uses Application Default Credentials (ADC) to
validate the location
value in the cluster spec (clusterOperations.location
)
when it isn't set to global
. This validation is required for many bmctl
commands. For ADC to work, you need to do one of the following:
Set the
GOOGLE_APPLICATION_CREDENTIALS
environment variable on you admin workstation to the path of a service account credential file.Use gcloud CLI your user credentials as Application Default Credentials (ADC):
gcloud auth application-default login
Some bmctl
commands let you specify a path to a credentials file with a flag.
backup
Back up Anthos clusters on bare metal information.
Options
-h, --help help for backup
backup cluster
Back up an Anthos on bare metal cluster and save the backup into a tar file.
backup cluster [flags]
Options
--backup-file string path to the output backup files.
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--use-disk Perform the backup using the disk instead of in-memory buffer. This option only works when the command is run by the root user or with sudo.
--yes Perform the backup and do not prompt for confirmation (non-interactive mode).
For more information about backing up and restoring clusters with bmctl
, see
Back up and restore clusters with bmctl.
check
Perform preflight or health checks on your clusters or your infrastructure.
Options
-h, --help help for check
check add-ons
Check the operational health of cluster add-ons, such as
stackdriver-log-aggregator
, stackdriver-log-forwarder
, and
gke-connect-agent
.
check add-ons [flags]
Examples
# Do a health check for add-ons
bmctl check add-ons --cluster=cluster1
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for add-ons
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
check cluster
Check the health of a cluster or generate a cluster snapshot.
check cluster [flags]
Examples
# Do a health check for cluster.
bmctl check cluster --cluster=cluster1
# Take a snapshot of the cluster (requires admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --admin-kubeconfig=admin-kubeconfig
# Take a snapshot of the cluster nodes only (does not require admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --snapshot-config=snapshot-config
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--login-user string The user to login to each node. This will be ignored when admin-kubeconfig is set. (default "root")
--node-ssh-key string The file contains ssh key to the nodes to capture snapshots against. While this flag is fully optional, when provided, nodes must also be provided.
--nodes strings The comma-separated IP address list of the nodes to capture snapshots against. While this flag is fully optional, when provided, node-ssh-key must also be provided.
--quiet During snapshot run suppress logging to stdout. (Console log is available in 'bmctl_diagnose_snapshot.log' file part of the snapshot)
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--service-account-key-file string The service account key file for uploading the snapshot. Please make sure this service account has the "roles/storage.admin" of its parent project for creating a Cloud Storage bucket and writing object to the bucket. Note that:
- this flag is defaulted to the environment variable GOOGLE_APPLICATION_CREDENTIALS, if not provided.
- this flag is ignored, if "--upload-to" flag is empty.
--since duration This Only returns logs newer than a relative duration like 5s, 4m, or 3h. It defaults to all logs.
--snapshot Takes a snapshot of the cluster's logs, configurations and other data if true.
--snapshot-config string The config file of the snapshot. When this flag is omitted, a default configuration is applied.
--snapshot-dry-run In dry-run mode, the command does not take the snapshot. Instead, it prints out the actions to be taken and the snapshot configuration.
--snapshot-output string The output file of the snapshot.
--snapshot-scenario string The scenario of the snapshot. This is ignored when --config flag is specified. The supported scenarios are:
- system: snapshot of system components, including their logs
- all: snapshot of all pods, including their logs (default "system")
--snapshot-temp-output-dir string The temporary landing directory for snapshot.
--upload-to string The Cloud Storage bucket name for uploading the snapshot. A new bucket will be created if it doesn't exist. Please follow the naming guidelines here(https://cloud.google.com/storage/docs/naming-buckets).
check config
Check the cluster configuration file.
check config [flags]
Examples
# Do check for cluster1.yaml file
bmctl check config --cluster=cluster1
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for config
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
check gcp
Cluster connectivity to Google Cloud health check.
check gcp [flags]
Examples
# Do a machines' Google Cloud connectivity health check for cluster
bmctl check gcp --cluster=cluster1
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for gcp
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
check kubernetes
Kubernetes health check.
check kubernetes [flags]
Examples
# Do a kubernetes health check for cluster
bmctl check kubernetes --cluster=cluster1
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for kubernetes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
check nodes
Check nodes health.
check nodes [flags]
Examples
# Do a health check for some provisioned nodes
bmctl check nodes --addresses=192.168.0.1,192.168.0.4
Options
--addresses strings Node addresses, addresses should be a comma separated list, each address needs be a single IP address(e.g., 192.168.0.1)
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for nodes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
check preflight
Preflight check.
Synopsis
Preflight check.
check preflight [flags]
Examples
# Do a preflight check for cluster1.yaml in bmctl-workspace/cluster1
bmctl check preflight --cluster=cluster1. If kubeconfig flag (for example, --kubeconfig=bmctl-workspace/cluster1/cluster1-kubeconfig) is included, the command will trigger a preflight check for upgrading the cluster
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for preflight
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
For more information about preflight checks, see Understand preflight checks.
create
Create a cluster configuration file, a cluster, or a Kubernetes service account (KSA).
Options
-h, --help help for create
create cluster
Create a cluster from a cluster configuration file.
Synopsis
Create Anthos bare metal resources. This command will emit a kubeconfig of created cluster. Be sure to keep this file safe as it contains credentials for your cluster. This command requires serviceusage.services.get permission to check API enablement for your Google Cloud project.
create cluster [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--force If true, ignore errors from preflight checks and validation except for Google Cloud check errors.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
For more information about creating clusters, see Cluster creation overview.
create config
Create a cluster configuration file. By default, this file is created in the bmctl-workspace/
create config [flags]
Options
-c, --cluster cluster name Cluster name, must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character
--create-service-accounts Auto create Google Cloud service accounts keys, if they do not already exist in workspace
--enable-apis Auto enable APIs used by Anthos Bare Metal cluster, for the Google Cloud project specified by project-id flag
--force Overwrite existing config
-h, --help help for config
--project-id string Google Cloud project where the new cluster will connect with via GKE hub and stackdriver logging/monitoring, required if --create-service-accounts or --enable-apis is true
create ksa
Create a Kubernetes service account with the cluster-admin role of the target cluster.
The default name of the Kubernetes service account is “kubernetes-service-account”, so the “--name” flag is optional.
The command generates a bearer token that you can use to log in to the cluster.
By default, the bearer token is stored in the bmctl-workspace/
create ksa [flags]
Options
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for ksa
--ksa-name string Name of the kubernetes service account and default value is kubernetes-service-account. (default "kubernetes-service-account")
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
disable
Disable Anthos VM Runtime in a cluster.
Options
-h, --help help for disable
disable vmruntime
Disable Anthos VM Runtime in a cluster.
disable vmruntime [flags]
Options
--force If true, delete all VM resources and disable vmruntime.
-h, --help help for vmruntime
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
For more information about enabling and disabling VM Runtime on GDC, see Enable or disable VM Runtime on GDC.
enable
Enable Anthos VM Runtime in a cluster.
Options
-h, --help help for enable
enable vmruntime
Enable Anthos VM Runtime in a cluster.
enable vmruntime [flags]
Options
-h, --help help for vmruntime
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
For more information about enabling and disabling VM Runtime on GDC, see Enable or disable VM Runtime on GDC.
enroll
Enroll a cluster so that it can be managed by the Anthos On-Prem API.
Options
-h, --help help for enroll
enroll cluster
Enroll a cluster so that it can be managed by the Anthos On-Prem API. This enrollment enables cluster management through clients, such as the Google Cloud console and the gcloud CLI.
enroll cluster [flags]
Options
-c, --cluster string Cluster name.
--cluster-resource-name string Unique cluster name within a Google Cloud project/fleet. It is defaulted to be the same as the --cluster-name and they should be the same if possible. In case there is already another cluster with the same name enrolled in the project/fleet previously (under another admin cluster), this flag can be used to rename the cluster within the Google Cloud project/fleet.
-h, --help help for cluster
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--location location The Google Cloud location to enroll the user cluster. The "us-west1" location is the default. (default us-west1)
For more information about enrolling a cluster, see Configure a cluster to be managed by the Google Distributed Cloud.
get
Get a cluster configuration or cluster credentials.
Options
-h, --help help for get
get config
Get the cluster configuration file. The command pulls custom resources of the target cluster and emits a configuration file.
get config [flags]
Options
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for config
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
get credentials
Get target cluster credentials. The command creates a kubeconfig file in the
get credentials [flags]
Options
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for credentials
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
install
Performs software installation operations.
Options
-h, --help help for install
install virtctl
Install virtctl into the current machine as a kubectl plugin. The virtctl plugin supports basic VM operations, such as create, connect, and change power state.
install virtctl [flags]
Options
-d, --dst-dir string The dir virtctl binary to be installed, this path must be a valid one within PATH env variable
-h, --help help for virtctl
move
Move Anthos bare metal resources and all dependencies between management clusters.
- Target cluster namespace can contain additional resources, conflicting resources are replaced.
move [flags]
Options
--cluster-move-timeout duration Cluster move timeout, default value is 15m. The input should contain the duration unit, e.g. 3600s, 60m or 1h. (default 15m0s)
--from-kubeconfig string kubeconfig file path for the source management cluster. If unspecified, will use the default discovered kubeconfig.
--from-kubeconfig-context string Context to be used within the kubeconfig file for the source management cluster. If empty, current context will be used.
-h, --help help for move
-n, --namespace string The namespace where the cluster resources are stored. If unspecified, the current context's namespace is used.
--to-kubeconfig string kubeconfig file path for the destination management cluster.
--to-kubeconfig-context string Context to be used within the kubeconfig file for the destination management cluster. If empty, current context will be used.
push
Push docker images to a private registry.
Options
-h, --help help for push
push images
Push local container images tar file to a private registry.
push images [flags]
Options
--cacert string Private registry CA certificate file path.
--dry-run Dry run.
--email string Email for private registry.
--force-push If set to true, will always push images even if images already exist in registry.
-h, --help help for images
--need-credential Whether credential is needed for private registry. (default true)
--password string Password for private registry authentication.
-r, --private-registry string Private registry path that stores all Anthos Bare Metal images.
Format should be <registry-name>/<optional-registry-namespace>.
--source string Path to Anthos Bare Metal container images compressed file.
-t, --threads int Push images with multiple threads. (default 4)
--username string Username for private registry authentication.
register bootstrap
Register bootstrap cluster to the Hub API.
Synopsis
Register the bootstrap cluster to the Hub API. This command registers a local Kind cluster as an admin cluster. The command waits for a cluster to be created in the Google Cloud console and exits once the cluster is created successfully.
register bootstrap [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
--cloud-operation-service-account-key string Optional, service account key file used to access Google cloud service, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gcr-service-account-key string Optional, service account key file used to pull GCR images, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gke-agent-service-account-key string Optional, service account key file used to connect the GKE cluster in Google Cloud, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gke-register-service-account-key string Optional, service account key file used to register the cluster in Google Cloud, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for bootstrap
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--name string Mandatory, Name of the bootstrap cluster. bmctl will register the bootstrap cluster with this name with GKE Connect.
--project-id string Optional, Google Cloud project for GKE Connect. bmctl will register this bootstrap cluster into Google Cloud project temporarily, and un-register it after cluster is provisioned successfully.
--registry-mirror-ca string Registry mirror CA file.
--registry-mirror-credential string Registry mirror credential file.
--registry-mirror-endpoint string Registry mirror endpoint.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-client-cert string Optional, Path of the SSH certificate. ABM will use this ssh key certificate while sshing in the machines.
--ssh-key string Mandatory, Path of the SSH key. ABM will use this ssh key while sshing in the machines.
reset
Reset cluster machines to the state prior to installation.
Synopsis
This command tries to undo changes performed in prior installation attempts. It's a best effort attempt meant to be used to recover from partial installation failures.
reset [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for reset
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
reset bootstrap
Delete the bootstrap cluster.
reset bootstrap [flags]
Examples
bmctl reset bootstrap
Options
-h, --help help for bootstrap
reset nodes
Reset specified nodes to the state that they were in prior to installing Anthos clusters on bare metal.
reset nodes [flags]
Examples
bmctl reset nodes --addresses 10.200.0.3,10.200.0.4 --ssh-private-key-path /root/.ssh/id_rsa --login-user root --gcr-service-account-key gcr.json
Options
--addresses strings Node addresses, addresses should be a comma separated list, each address needs be a single IP address(e.g., 192.168.0.1)
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--force Optional. If provided, nodes will be forcefully removed from the cluster without running reset jobs.
--gcr-service-account-key string Optional, path to the service account json key to pull gcr images. Mutually exclusive with --cluster flag. If not provided, the environment variable GOOGLE_APPLICATION_CREDENTIALS will be used.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for nodes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--login-user string login user to use to connect to the nodes. Mutually exclusive with --cluster flag. Optional and should be used together with --ssh-private-key-path. Default to root.
--registry-mirror-ca string Registry mirror CA file.
--registry-mirror-credential string Registry mirror credential file.
--registry-mirror-endpoint string Registry mirror endpoint.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-private-key-path string path to the ssh private key to connect to the nodes. Either --cluster or --ssh-private-key-path should be provided, but not both. Use this flag to reset the machines if the original cluster yaml is no longer available.
For more information about using bmctl reset nodes
to return cluster nodes to
their pre-installation state or deleting clusters, see
Reset nodes and delete clusters.
restore
Restore a cluster or attempt to regain quorum for a cluster.
Synopsis
Restore an Anthos on bare metal cluster. When used without the cluster sub-command, this command attempts to restore a high-availability cluster from a quorum loss. When used with the cluster sub-command, the command restores a cluster from a backup file.
restore [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--control-plane-node string IP for the surviving host address, should be a single IP address(e.g., 192.168.0.1).
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for restore
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string kubeconfig file path for the management cluster. This only needs to be provided if restoring a broken user cluster.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
restore cluster
Restore an Anthos on bare metal cluster from a backup file.
restore cluster [flags]
Options
--backup-file string path to the backup file of the cluster.
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string path to the kubeconfig of the management cluster.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--use-disk Perform the restore using the disk instead of in-memory buffer. This option only works when the command is run by the root user or with sudo.
For more information about backing up and restoring clusters with bmctl
, see
Back up and restore clusters with bmctl.
unenroll
Unenroll a cluster.
Options
-h, --help help for unenroll
unenroll cluster
Unenroll an Anthos on bare metal cluster. This command disables the ability to manage the cluster with the Anthos On-Prem API. Unenrollment disables the ability to manage the cluster through the Google Cloud console and the gcloud CLI.
unenroll cluster [flags]
Options
-c, --cluster string Cluster name.
-h, --help help for cluster
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
update
Update Anthos clusters on bare metal resources.
Options
-h, --help help for update
update cluster
Update cluster and node pool configurations. This command applies the changes made in the cluster configuration file. By default, the configuration file,
update cluster [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
For more information about updating clusters with bmctl
, see
Update clusters. To see which cluster
configuration files are mutable, see
Cluster configuration field reference.
update credentials
Update cluster credentials.
Synopsis
Update credentials of Anthos on bare metal clusters. This command updates admin cluster credentials and the credentials of user clusters managed by the admin cluster.
update credentials [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
--cloud-operations-service-account-key-path string New credential: path to cloud operations service account key.
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gcr-key-path string New credential: path to GCR service account key.
--gke-connect-agent-service-account-key-path string New credential: path to gke connect agent service account key.
--gke-connect-register-service-account-key-path string New credential: path to gke connect register service account key.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for credentials
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-private-key-path string New credential: path to ssh private key.
update credentials certificate-authorities
Update certificate authorities on Anthos on bare metal clusters.
Options
-h, --help help for certificate-authorities
Options inherited from parent commands
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
update credentials certificate-authorities rotate
Rotate certificate authorities.
update credentials certificate-authorities rotate [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for rotate
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
Options inherited from parent commands
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
upgrade
Upgrade an Anthos on bare metal cluster in-place to a new version.
Options
-h, --help help for upgrade
upgrade cluster
Upgrade an Anthos on bare metal cluster.
Synopsis
Upgrade an Anthos on bare metal cluster. This command reads the target version from the cluster configuration file and upgrades the target cluster to the specified version. All other changes in the cluster configuration file are ignored. The command requires serviceusage.services.get permission to check API enablement for the Google Cloud project specified in the configuration file.
upgrade cluster [flags]
Options
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--cluster-update-timeout duration Cluster update timeout, default value is 24h. The input should contain the duration unit, e.g. 3600s, 60m or 1h. (default 24h0m0s)
--force If true, ignore errors from preflight checks.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--skip-bootstrap-cidr-check If true, skip checking CIDR and the number of nodes to determine whether upgrade would succeed.
For more information about cluster upgrades, see the following documentation:
- Upgrade clusters
- Best practices for Google Distributed Cloud cluster upgrades
- Lifecycle and stages of cluster upgrades
version
Print the bmctl version.
version [flags]
Options
-h, --help help for version
-o, --output string Output format of version string. Support version, commit.