ComputeInstance
| Property | Value |
|---|---|
| Google Cloud Service Name | Compute Engine |
| Google Cloud Service Documentation | /compute/docs/ |
| Google Cloud REST Resource Name | v1.instances |
| Google Cloud REST Resource Documentation | /compute/docs/reference/rest/v1/instances |
| Config Connector Resource Short Names | gcpcomputeinstance gcpcomputeinstances computeinstance |
| Config Connector Service Name | compute.googleapis.com |
| Config Connector Resource Fully Qualified Name | computeinstances.compute.cnrm.cloud.google.com |
| Can Be Referenced by IAMPolicy/IAMPolicyMember | Yes |
| Supports IAM Conditions | Yes |
| Supports IAM Audit Configs | No |
| IAM External Reference Format |
projects/{{project}}/zones/{{zone}}/instances/{{name}} |
| Config Connector Default Average Reconcile Interval In Seconds | 600 |
Custom Resource Definition Properties
Annotations
| Fields | |
|---|---|
cnrm.cloud.google.com/allow-stopping-for-update |
|
cnrm.cloud.google.com/project-id |
|
Spec
Schema
advancedMachineFeatures:
enableNestedVirtualization: boolean
threadsPerCore: integer
visibleCoreCount: integer
attachedDisk:
- deviceName: string
diskEncryptionKeyRaw:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
diskEncryptionKeySha256: string
kmsKeyRef:
external: string
name: string
namespace: string
mode: string
sourceDiskRef:
external: string
name: string
namespace: string
bootDisk:
autoDelete: boolean
deviceName: string
diskEncryptionKeyRaw:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
diskEncryptionKeySha256: string
initializeParams:
labels: {}
resourceManagerTags: {}
size: integer
sourceImageRef:
external: string
name: string
namespace: string
type: string
kmsKeyRef:
external: string
name: string
namespace: string
mode: string
sourceDiskRef:
external: string
name: string
namespace: string
canIpForward: boolean
confidentialInstanceConfig:
enableConfidentialCompute: boolean
deletionProtection: boolean
description: string
desiredStatus: string
enableDisplay: boolean
guestAccelerator:
- count: integer
type: string
hostname: string
instanceTemplateRef:
external: string
name: string
namespace: string
machineType: string
metadata:
- key: string
value: string
metadataStartupScript: string
minCpuPlatform: string
networkInterface:
- accessConfig:
- natIpRef:
external: string
name: string
namespace: string
networkTier: string
publicPtrDomainName: string
aliasIpRange:
- ipCidrRange: string
subnetworkRangeName: string
internalIpv6PrefixLength: integer
ipv6AccessConfig:
- externalIpv6: string
externalIpv6PrefixLength: string
name: string
networkTier: string
publicPtrDomainName: string
ipv6AccessType: string
ipv6Address: string
name: string
networkIp: string
networkIpRef:
external: string
kind: string
name: string
namespace: string
networkRef:
external: string
name: string
namespace: string
nicType: string
queueCount: integer
stackType: string
subnetworkProject: string
subnetworkRef:
external: string
name: string
namespace: string
networkPerformanceConfig:
totalEgressBandwidthTier: string
params:
resourceManagerTags: {}
reservationAffinity:
specificReservation:
key: string
values:
- string
type: string
resourceID: string
resourcePolicies:
- external: string
name: string
namespace: string
scheduling:
automaticRestart: boolean
instanceTerminationAction: string
localSsdRecoveryTimeout:
nanos: integer
seconds: integer
maintenanceInterval: string
maxRunDuration:
nanos: integer
seconds: integer
minNodeCpus: integer
nodeAffinities:
- value: {}
onHostMaintenance: string
preemptible: boolean
provisioningModel: string
scratchDisk:
- interface: string
size: integer
serviceAccount:
scopes:
- string
serviceAccountRef:
external: string
name: string
namespace: string
shieldedInstanceConfig:
enableIntegrityMonitoring: boolean
enableSecureBoot: boolean
enableVtpm: boolean
tags:
- string
zone: string
| Fields | |
|---|---|
|
Optional |
Controls for advanced machine-related behavior features. |
|
Optional |
Whether to enable nested virtualization or not. |
|
Optional |
The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. |
|
Optional |
The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance\'s nominal CPU count and the underlying platform\'s SMT width. |
|
Optional |
List of disks attached to the instance. |
|
Optional |
|
|
Optional |
Name with which the attached disk is accessible under /dev/disk/by-id/. |
|
Optional |
A 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Optional |
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `KMSCryptoKey` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Read/write mode for the disk. One of "READ_ONLY" or "READ_WRITE". |
|
Required* |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeDisk` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. The boot disk for the instance. |
|
Optional |
Immutable. Whether the disk will be auto-deleted when the instance is deleted. |
|
Optional |
Immutable. Name with which attached disk will be accessible under /dev/disk/by-id/. |
|
Optional |
Immutable. A 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Optional |
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. |
|
Optional |
Immutable. Parameters with which a disk was created alongside the instance. |
|
Optional |
Immutable. A set of key/value label pairs assigned to the disk. |
|
Optional |
Immutable. A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored (both PUT & PATCH) when empty. |
|
Optional |
Immutable. The size of the image in gigabytes. |
|
Optional |
Immutable. The image from which to initialize this disk. |
|
Optional |
Allowed value: The `selfLink` field of a `ComputeImage` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. The Google Compute Engine disk type. Such as pd-standard, pd-ssd or pd-balanced. |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `KMSCryptoKey` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. Read/write mode for the disk. One of "READ_ONLY" or "READ_WRITE". |
|
Optional |
Immutable. The source disk used to create this disk. |
|
Optional |
Allowed value: The `selfLink` field of a `ComputeDisk` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Whether sending and receiving of packets with non-matching source or destination IPs is allowed. |
|
Optional |
Immutable. The Confidential VM config being used by the instance. on_host_maintenance has to be set to TERMINATE or this will fail to create. |
|
Required* |
Defines whether the instance should have confidential compute enabled. |
|
Optional |
Whether deletion protection is enabled on this instance. |
|
Optional |
Immutable. A brief description of the resource. |
|
Optional |
Desired status of the instance. Either "RUNNING" or "TERMINATED". |
|
Optional |
Whether the instance has virtual displays enabled. |
|
Optional |
Immutable. List of the type and count of accelerator cards attached to the instance. |
|
Optional |
|
|
Required* |
Immutable. The number of the guest accelerator cards exposed to this instance. |
|
Required* |
Immutable. The accelerator type resource exposed to this instance. E.g. nvidia-tesla-t4. |
|
Optional |
Immutable. A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. Valid format is a series of labels 1-63 characters long matching the regular expression [a-z]([-a-z0-9]*[a-z0-9]), concatenated with periods. The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created. |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeInstanceTemplate` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
The machine type to create. |
|
Optional |
|
|
Optional |
|
|
Required* |
|
|
Required* |
|
|
Optional |
Immutable. Metadata startup scripts made available within the instance. |
|
Optional |
The minimum CPU platform specified for the VM instance. |
|
Optional |
Immutable. The networks attached to the instance. |
|
Optional |
|
|
Optional |
Access configurations, i.e. IPs via which this instance can be accessed via the Internet. |
|
Optional |
|
|
Optional |
|
|
Optional |
Allowed value: The `address` field of a `ComputeAddress` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
The networking tier used for configuring this instance. One of PREMIUM or STANDARD. |
|
Optional |
The DNS domain name for the public PTR record. |
|
Optional |
An array of alias IP ranges for this network interface. |
|
Optional |
|
|
Required* |
The IP CIDR range represented by this alias IP range. |
|
Optional |
The subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. |
|
Optional |
The prefix length of the primary internal IPv6 range. |
|
Optional |
An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access. |
|
Optional |
|
|
Optional |
Immutable. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork. |
|
Optional |
Immutable. The prefix length of the external IPv6 range. |
|
Optional |
Immutable. The name of this access configuration. In ipv6AccessConfigs, the recommended name is External IPv6. |
|
Required* |
The service-level to be provided for IPv6 traffic when the subnet has an external subnet. Only PREMIUM tier is valid for IPv6. |
|
Optional |
The domain name to be used when creating DNSv6 records for the external IPv6 ranges. |
|
Optional |
One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. |
|
Optional |
An IPv6 internal network address for this network interface. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork. |
|
Optional |
The name of the interface. |
|
Optional |
DEPRECATED. Although this field is still available, there is limited support. We recommend that you use `spec.networkInterface.networkIpRef` instead. |
|
Optional |
|
|
Optional |
Allowed value: The `address` field of a `ComputeAddress` resource. |
|
Optional |
Kind of the referent. Allowed values: ComputeAddress |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeNetwork` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. The type of vNIC to be used on this interface. Possible values:GVNIC, VIRTIO_NET. |
|
Optional |
Immutable. The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It will be empty if not specified. |
|
Optional |
The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. |
|
Optional |
The project in which the subnetwork belongs. |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeSubnetwork` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. Configures network performance settings for the instance. If not specified, the instance will be created with its default network performance configuration. |
|
Required* |
Immutable. The egress bandwidth tier to enable. Possible values:TIER_1, DEFAULT. |
|
Optional |
Immutable. Stores additional params passed with the request, but not persisted as part of resource payload. |
|
Optional |
Immutable. A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored (both PUT & PATCH) when empty. |
|
Optional |
Immutable. Specifies the reservations that this instance can consume from. |
|
Optional |
Immutable. Specifies the label selector for the reservation to use. |
|
Required* |
Immutable. Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify compute.googleapis.com/reservation-name as the key and specify the name of your reservation as the only value. |
|
Required* |
Immutable. Corresponds to the label values of a reservation resource. |
|
Required* |
|
|
Required* |
Immutable. The type of reservation from which this instance can consume resources. |
|
Optional |
Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. |
|
Optional |
|
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeResourcePolicy` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
The scheduling strategy being used by the instance. |
|
Optional |
Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). |
|
Optional |
Specifies the action GCE should take when SPOT VM is preempted. |
|
Optional |
Immutable. Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour. |
|
Optional |
Immutable. Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. |
|
Required* |
Immutable. Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. |
|
Optional |
Specifies the frequency of planned maintenance events. The accepted values are: PERIODIC. |
|
Optional |
Immutable. The timeout for new network connections to hosts. |
|
Optional |
Immutable. Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. |
|
Required* |
Immutable. Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. |
|
Optional |
|
|
Optional |
|
|
Optional |
|
|
Optional |
|
|
Optional |
Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE,. |
|
Optional |
Immutable. Whether the instance is preemptible. |
|
Optional |
Immutable. Whether the instance is spot. If this is set as SPOT. |
|
Optional |
Immutable. The scratch disks attached to the instance. |
|
Optional |
|
|
Required* |
The disk interface used for attaching this disk. One of SCSI or NVME. |
|
Optional |
Immutable. The size of the disk in gigabytes. One of 375 or 3000. |
|
Optional |
The service account to attach to the instance. |
|
Required* |
A list of service scopes. |
|
Required* |
|
|
Optional |
|
|
Optional |
Allowed value: The `email` field of an `IAMServiceAccount` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
The shielded vm config being used by the instance. |
|
Optional |
Whether integrity monitoring is enabled for the instance. |
|
Optional |
Whether secure boot is enabled for the instance. |
|
Optional |
Whether the instance uses vTPM. |
|
Optional |
The list of tags attached to the instance. |
|
Optional |
|
|
Optional |
Immutable. The zone of the instance. If self_link is provided, this value is ignored. If neither self_link nor zone are provided, the provider zone is used. |
* Field is required when parent field is specified
Status
Schema
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
cpuPlatform: string
currentStatus: string
instanceId: string
labelFingerprint: string
metadataFingerprint: string
observedGeneration: integer
selfLink: string
tagsFingerprint: string
| Fields | |
|---|---|
conditions |
Conditions represent the latest available observation of the resource's current state. |
conditions[] |
|
conditions[].lastTransitionTime |
Last time the condition transitioned from one status to another. |
conditions[].message |
Human-readable message indicating details about last transition. |
conditions[].reason |
Unique, one-word, CamelCase reason for the condition's last transition. |
conditions[].status |
Status is the status of the condition. Can be True, False, Unknown. |
conditions[].type |
Type is the type of the condition. |
cpuPlatform |
The CPU platform used by this instance. |
currentStatus |
Current status of the instance. This could be one of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see [Instance life cycle](https://cloud.google.com/compute/docs/instances/instance-life-cycle). |
instanceId |
The server-assigned unique identifier of this instance. |
labelFingerprint |
The unique fingerprint of the labels. |
metadataFingerprint |
The unique fingerprint of the metadata. |
observedGeneration |
ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. |
selfLink |
The URI of the created resource. |
tagsFingerprint |
The unique fingerprint of the tags. |
Sample YAML(s)
Cloud Machine Instance
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
annotations:
cnrm.cloud.google.com/allow-stopping-for-update: "true"
name: computeinstance-sample-cloudmachine
labels:
created-from: "image"
network-type: "subnetwork"
spec:
machineType: n1-standard-1
zone: us-west1-a
bootDisk:
initializeParams:
size: 24
type: pd-ssd
sourceImageRef:
external: debian-cloud/debian-11
networkInterface:
- subnetworkRef:
name: computeinstance-dep-cloudmachine
aliasIpRange:
- ipCidrRange: /24
subnetworkRangeName: cloudrange
attachedDisk:
- sourceDiskRef:
name: computeinstance-dep1-cloudmachine
mode: READ_ONLY
deviceName: proxycontroldisk
diskEncryptionKeyRaw:
valueFrom:
secretKeyRef:
name: computeinstance-dep-cloudmachine
key: diskEncryptionKey
- sourceDiskRef:
name: computeinstance-dep2-cloudmachine
mode: READ_WRITE
deviceName: persistentdisk
minCpuPlatform: "Intel Skylake"
serviceAccount:
serviceAccountRef:
name: inst-dep-cloudmachine
scopes:
- compute-rw
- logging-write
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep1-cloudmachine
spec:
description: a sample encrypted, blank disk
physicalBlockSizeBytes: 4096
size: 1
type: pd-ssd
location: us-west1-a
diskEncryptionKey:
rawKey:
valueFrom:
secretKeyRef:
name: computeinstance-dep-cloudmachine
key: diskEncryptionKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep2-cloudmachine
spec:
size: 1
type: pd-ssd
location: us-west1-a
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
name: computeinstance-dep-cloudmachine
spec:
routingMode: REGIONAL
autoCreateSubnetworks: false
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSubnetwork
metadata:
name: computeinstance-dep-cloudmachine
spec:
networkRef:
name: computeinstance-dep-cloudmachine
ipCidrRange: 10.2.0.0/16
region: us-west1
secondaryIpRange:
- rangeName: cloudrange
ipCidrRange: 10.3.16.0/20
---
apiVersion: iam.cnrm.cloud.google.com/v1beta1
kind: IAMServiceAccount
metadata:
name: inst-dep-cloudmachine
---
apiVersion: v1
kind: Secret
metadata:
name: computeinstance-dep-cloudmachine
stringData:
diskEncryptionKey: "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
Instance From Template
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
annotations:
cnrm.cloud.google.com/allow-stopping-for-update: "false"
name: computeinstance-sample-fromtemplate
labels:
created-from: "template"
override-type: "largermachine"
spec:
machineType: n1-standard-2
instanceTemplateRef:
name: computeinstance-dep-fromtemplate
zone: us-west1-c
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep-fromtemplate
spec:
physicalBlockSizeBytes: 4096
size: 1
type: pd-ssd
location: us-west1-c
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstanceTemplate
metadata:
name: computeinstance-dep-fromtemplate
spec:
machineType: n1-standard-1
region: us-west1
disk:
- sourceDiskRef:
name: computeinstance-dep-fromtemplate
boot: true
networkInterface:
- networkRef:
name: computeinstance-dep-fromtemplate
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
name: computeinstance-dep-fromtemplate
spec:
routingMode: REGIONAL
autoCreateSubnetworks: true
Instance With Networkipref
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
annotations:
cnrm.cloud.google.com/allow-stopping-for-update: "true"
name: computeinstance-sample-networkipref
labels:
label-one: "value-one"
spec:
description: an basic instance example
machineType: n1-standard-1
zone: us-west1-a
bootDisk:
sourceDiskRef:
name: computeinstance-dep1-networkipref
autoDelete: false
attachedDisk:
- sourceDiskRef:
name: computeinstance-dep2-networkipref
serviceAccount:
serviceAccountRef:
name: inst-dep-networkipref
scopes:
- cloud-platform
networkInterface:
- networkRef:
name: computeinstance-dep-networkipref
networkIpRef:
kind: ComputeAddress
name: computeinstance-dep-networkipref
metadataStartupScript: "echo hi > /test.txt"
metadata:
- key: foo
value: bar
- key: bar
value: baz
scheduling:
preemptible: true
automaticRestart: false
onHostMaintenance: TERMINATE
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
name: computeinstance-dep-networkipref
spec:
description: a external address for the test compute instance
location: us-west1
addressType: INTERNAL
purpose: GCE_ENDPOINT
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep1-networkipref
spec:
location: us-west1-a
imageRef:
external: debian-cloud/debian-11
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep2-networkipref
spec:
description: "an attached disk for Compute Instance"
location: us-west1-a
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
name: computeinstance-dep-networkipref
spec:
routingMode: REGIONAL
autoCreateSubnetworks: true
---
apiVersion: iam.cnrm.cloud.google.com/v1beta1
kind: IAMServiceAccount
metadata:
name: inst-dep-networkipref
Network Worker Instance
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
annotations:
cnrm.cloud.google.com/allow-stopping-for-update: "false"
name: computeinstance-sample-networkworker
labels:
created-from: "disk"
network-type: "global"
spec:
machineType: n1-standard-1
zone: us-west2-a
bootDisk:
sourceDiskRef:
name: computeinstance-dep-networkworker
autoDelete: false
deviceName: proxycontroldisk
mode: READ_ONLY
diskEncryptionKeyRaw:
valueFrom:
secretKeyRef:
name: computeinstance-dep-networkworker
key: diskEncryptionKey
networkInterface:
- networkRef:
name: computeinstance-dep-networkworker
subnetworkRef:
name: computeinstance-dep-networkworker
networkIp: "10.2.0.4"
accessConfig:
- natIpRef:
name: computeinstance-dep-networkworker
scratchDisk:
- interface: SCSI
- interface: NVME
scheduling:
preemptible: true
automaticRestart: false
onHostMaintenance: TERMINATE
canIpForward: true
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
name: computeinstance-dep-networkworker
spec:
description: a sample external address
location: us-west2
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computeinstance-dep-networkworker
spec:
description: a sample encrypted, blank disk
physicalBlockSizeBytes: 4096
size: 1
type: pd-ssd
location: us-west2-a
diskEncryptionKey:
rawKey:
valueFrom:
secretKeyRef:
name: computeinstance-dep-networkworker
key: diskEncryptionKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
name: computeinstance-dep-networkworker
spec:
routingMode: REGIONAL
autoCreateSubnetworks: false
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSubnetwork
metadata:
name: computeinstance-dep-networkworker
spec:
ipCidrRange: 10.2.0.0/16
region: us-west2
description: a sample subnetwork
privateIpGoogleAccess: false
networkRef:
name: computeinstance-dep-networkworker
logConfig:
aggregationInterval: INTERVAL_10_MIN
flowSampling: 0.5
metadata: INCLUDE_ALL_METADATA
---
apiVersion: v1
kind: Secret
metadata:
name: computeinstance-dep-networkworker
stringData:
diskEncryptionKey: "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="