ComputeInstanceTemplate

Property Value
Google Cloud Service Name Compute Engine
Google Cloud Service Documentation /compute/docs/
Google Cloud REST Resource Name v1.instancetemplates
Google Cloud REST Resource Documentation /compute/docs/reference/rest/v1/instanceTemplates
Config Connector Resource Short Names gcpcomputeinstancetemplate
gcpcomputeinstancetemplates
computeinstancetemplate
Config Connector Service Name compute.googleapis.com
Config Connector Resource Fully Qualified Name computeinstancetemplates.compute.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember No

Custom Resource Definition Properties

Annotations

Fields
cnrm.cloud.google.com/project-id

Spec

Schema

  advancedMachineFeatures:
    enableNestedVirtualization: boolean
    threadsPerCore: integer
  canIpForward: boolean
  confidentialInstanceConfig:
    enableConfidentialCompute: boolean
  description: string
  disk:
  - autoDelete: boolean
    boot: boolean
    deviceName: string
    diskEncryptionKey:
      kmsKeyRef:
        external: string
        name: string
        namespace: string
    diskName: string
    diskSizeGb: integer
    diskType: string
    interface: string
    labels:
      string: string
    mode: string
    resourcePolicies:
    - external: string
      name: string
      namespace: string
    sourceDiskRef:
      external: string
      name: string
      namespace: string
    sourceImageRef:
      external: string
      name: string
      namespace: string
    type: string
  enableDisplay: boolean
  guestAccelerator:
  - count: integer
    type: string
  instanceDescription: string
  machineType: string
  metadata:
  - key: string
    value: string
  metadataStartupScript: string
  minCpuPlatform: string
  namePrefix: string
  networkInterface:
  - accessConfig:
    - natIpRef:
        external: string
        name: string
        namespace: string
      networkTier: string
      publicPtrDomainName: string
    aliasIpRange:
    - ipCidrRange: string
      subnetworkRangeName: string
    name: string
    networkIp: string
    networkRef:
      external: string
      name: string
      namespace: string
    nicType: string
    subnetworkProject: string
    subnetworkRef:
      external: string
      name: string
      namespace: string
  networkPerformanceConfig:
    totalEgressBandwidthTier: string
  region: string
  reservationAffinity:
    specificReservation:
      key: string
      values:
      - string
    type: string
  resourceID: string
  scheduling:
    automaticRestart: boolean
    minNodeCpus: integer
    nodeAffinities:
    - value: {}
    onHostMaintenance: string
    preemptible: boolean
  serviceAccount:
    scopes:
    - string
    serviceAccountRef:
      external: string
      name: string
      namespace: string
  shieldedInstanceConfig:
    enableIntegrityMonitoring: boolean
    enableSecureBoot: boolean
    enableVtpm: boolean
  tags:
  - string
Fields

advancedMachineFeatures

Optional

object

Immutable. Controls for advanced machine-related behavior features.

advancedMachineFeatures.enableNestedVirtualization

Optional

boolean

Immutable. Whether to enable nested virtualization or not.

advancedMachineFeatures.threadsPerCore

Optional

integer

Immutable. The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.

canIpForward

Optional

boolean

Immutable. Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

confidentialInstanceConfig

Optional

object

Immutable. The Confidential VM config being used by the instance. on_host_maintenance has to be set to TERMINATE or this will fail to create.

confidentialInstanceConfig.enableConfidentialCompute

Required*

boolean

Immutable. Defines whether the instance should have confidential compute enabled.

description

Optional

string

Immutable. A brief description of this resource.

disk

Required

list (object)

Immutable. Disks to attach to instances created from this template. This can be specified multiple times for multiple disks.

disk.[]

Required

object

disk.[].autoDelete

Optional

boolean

Immutable. Whether or not the disk should be auto-deleted. This defaults to true.

disk.[].boot

Optional

boolean

Immutable. Indicates that this is a boot disk.

disk.[].deviceName

Optional

string

Immutable. A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. If not specified, the server chooses a default device name to apply to this disk.

disk.[].diskEncryptionKey

Optional

object

Immutable. Encrypts or decrypts a disk using a customer-supplied encryption key.

disk.[].diskEncryptionKey.kmsKeyRef

Required*

object

disk.[].diskEncryptionKey.kmsKeyRef.external

Optional

string

The selfLink of a KMSCryptoKey.

disk.[].diskEncryptionKey.kmsKeyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

disk.[].diskEncryptionKey.kmsKeyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

disk.[].diskName

Optional

string

Immutable. Name of the disk. When not provided, this defaults to the name of the instance.

disk.[].diskSizeGb

Optional

integer

Immutable. The size of the image in gigabytes. If not specified, it will inherit the size of its base image. For SCRATCH disks, the size must be exactly 375GB.

disk.[].diskType

Optional

string

Immutable. The Google Compute Engine disk type. Can be either "pd-ssd", "local-ssd", "pd-balanced" or "pd-standard".

disk.[].interface

Optional

string

Immutable. Specifies the disk interface to use for attaching this disk.

disk.[].labels

Optional

map (key: string, value: string)

Immutable. A set of key/value label pairs to assign to disks,

disk.[].mode

Optional

string

Immutable. The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If you are attaching or creating a boot disk, this must read-write mode.

disk.[].resourcePolicies

Optional

list (object)

disk.[].resourcePolicies.[]

Optional

object

disk.[].resourcePolicies.[].external

Optional

string

The selfLink of a ComputeResourcePolicy.

disk.[].resourcePolicies.[].name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

disk.[].resourcePolicies.[].namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

disk.[].sourceDiskRef

Optional

object

disk.[].sourceDiskRef.external

Optional

string

The name of a ComputeDisk.

disk.[].sourceDiskRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

disk.[].sourceDiskRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

disk.[].sourceImageRef

Optional

object

disk.[].sourceImageRef.external

Optional

string

The selfLink of a ComputeImage.

disk.[].sourceImageRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

disk.[].sourceImageRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

disk.[].type

Optional

string

Immutable. The type of Google Compute Engine disk, can be either "SCRATCH" or "PERSISTENT".

enableDisplay

Optional

boolean

Immutable. Enable Virtual Displays on this instance. Note: allow_stopping_for_update must be set to true in order to update this field.

guestAccelerator

Optional

list (object)

Immutable. List of the type and count of accelerator cards attached to the instance.

guestAccelerator.[]

Optional

object

guestAccelerator.[].count

Required*

integer

Immutable. The number of the guest accelerator cards exposed to this instance.

guestAccelerator.[].type

Required*

string

Immutable. The accelerator type resource to expose to this instance. E.g. nvidia-tesla-k80.

instanceDescription

Optional

string

Immutable. A description of the instance.

machineType

Required

string

Immutable. The machine type to create. To create a machine with a custom type (such as extended memory), format the value like custom-VCPUS-MEM_IN_MB like custom-6-20480 for 6 vCPU and 20GB of RAM.

metadata

Optional

list (object)

metadata.[]

Optional

object

metadata.[].key

Required*

string

metadata.[].value

Required*

string

metadataStartupScript

Optional

string

Immutable. An alternative to using the startup-script metadata key, mostly to match the compute_instance resource. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously.

minCpuPlatform

Optional

string

Immutable. Specifies a minimum CPU platform. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake.

namePrefix

Optional

string

Immutable. Creates a unique name beginning with the specified prefix. Conflicts with name.

networkInterface

Optional

list (object)

Immutable. Networks to attach to instances created from this template. This can be specified multiple times for multiple networks.

networkInterface.[]

Optional

object

networkInterface.[].accessConfig

Optional

list (object)

networkInterface.[].accessConfig.[]

Optional

object

networkInterface.[].accessConfig.[].natIpRef

Optional

object

networkInterface.[].accessConfig.[].natIpRef.external

Optional

string

The address of a ComputeAddress.

networkInterface.[].accessConfig.[].natIpRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].accessConfig.[].natIpRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkInterface.[].accessConfig.[].networkTier

Optional

string

Immutable. The networking tier used for configuring this instance template. This field can take the following values: PREMIUM or STANDARD. If this field is not specified, it is assumed to be PREMIUM.

networkInterface.[].accessConfig.[].publicPtrDomainName

Optional

string

The DNS domain name for the public PTR record.The DNS domain name for the public PTR record.

networkInterface.[].aliasIpRange

Optional

list (object)

Immutable. An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.

networkInterface.[].aliasIpRange.[]

Optional

object

networkInterface.[].aliasIpRange.[].ipCidrRange

Required*

string

Immutable. The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. At the time of writing only a netmask (e.g. /24) may be supplied, with a CIDR format resulting in an API error.

networkInterface.[].aliasIpRange.[].subnetworkRangeName

Optional

string

Immutable. The subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used.

networkInterface.[].name

Optional

string

The name of the network_interface.

networkInterface.[].networkIp

Optional

string

Immutable. The private IP address to assign to the instance. If empty, the address will be automatically assigned.

networkInterface.[].networkRef

Optional

object

networkInterface.[].networkRef.external

Optional

string

The selfLink of a ComputeNetwork.

networkInterface.[].networkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].networkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkInterface.[].nicType

Optional

string

Immutable. The type of vNIC to be used on this interface. Possible values:GVNIC, VIRTIO_NET

networkInterface.[].subnetworkProject

Optional

string

Immutable. The ID of the project in which the subnetwork belongs. If it is not provided, the provider project is used.

networkInterface.[].subnetworkRef

Optional

object

networkInterface.[].subnetworkRef.external

Optional

string

The selfLink of a ComputeSubnetwork.

networkInterface.[].subnetworkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].subnetworkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkPerformanceConfig

Optional

object

Immutable. Configures network performance settings for the instance. If not specified, the instance will be created with its default network performance configuration.

networkPerformanceConfig.totalEgressBandwidthTier

Required*

string

Immutable. The egress bandwidth tier to enable. Possible values:TIER_1, DEFAULT

region

Optional

string

Immutable. An instance template is a global resource that is not bound to a zone or a region. However, you can still specify some regional resources in an instance template, which restricts the template to the region where that resource resides. For example, a custom subnetwork resource is tied to a specific region. Defaults to the region of the Provider if no value is given.

reservationAffinity

Optional

object

Immutable. Specifies the reservations that this instance can consume from.

reservationAffinity.specificReservation

Optional

object

Immutable. Specifies the label selector for the reservation to use.

reservationAffinity.specificReservation.key

Required*

string

Immutable. Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify compute.googleapis.com/reservation-name as the key and specify the name of your reservation as the only value.

reservationAffinity.specificReservation.values

Required*

list (string)

Immutable. Corresponds to the label values of a reservation resource.

reservationAffinity.specificReservation.values.[]

Required*

string

reservationAffinity.type

Required*

string

Immutable. The type of reservation from which this instance can consume resources.

resourceID

Optional

string

Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.

scheduling

Optional

object

Immutable. The scheduling strategy to use.

scheduling.automaticRestart

Optional

boolean

Immutable. Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). This defaults to true.

scheduling.minNodeCpus

Optional

integer

Minimum number of cpus for the instance.

scheduling.nodeAffinities

Optional

list (object)

scheduling.nodeAffinities.[]

Optional

object

scheduling.nodeAffinities.[].value

Optional

object

scheduling.onHostMaintenance

Optional

string

Immutable. Defines the maintenance behavior for this instance.

scheduling.preemptible

Optional

boolean

Immutable. Allows instance to be preempted. This defaults to false.

serviceAccount

Optional

object

Immutable. Service account to attach to the instance.

serviceAccount.scopes

Required*

list (string)

Immutable. A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. To allow full access to all Cloud APIs, use the cloud-platform scope.

serviceAccount.scopes.[]

Required*

string

serviceAccount.serviceAccountRef

Optional

object

serviceAccount.serviceAccountRef.external

Optional

string

The email of an IAMServiceAccount.

serviceAccount.serviceAccountRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

serviceAccount.serviceAccountRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

shieldedInstanceConfig

Optional

object

Immutable. Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Note: shielded_instance_config can only be used with boot images with shielded vm support.

shieldedInstanceConfig.enableIntegrityMonitoring

Optional

boolean

Immutable. Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. Defaults to true.

shieldedInstanceConfig.enableSecureBoot

Optional

boolean

Immutable. Verify the digital signature of all boot components, and halt the boot process if signature verification fails. Defaults to false.

shieldedInstanceConfig.enableVtpm

Optional

boolean

Immutable. Use a virtualized trusted platform module, which is a specialized computer chip you can use to encrypt objects like keys and certificates. Defaults to true.

tags

Optional

list (string)

Immutable. Tags to attach to the instance.

tags.[]

Optional

string

* Field is required when parent field is specified

Status

Schema

  conditions:
  - lastTransitionTime: string
    message: string
    reason: string
    status: string
    type: string
  metadataFingerprint: string
  observedGeneration: integer
  selfLink: string
  tagsFingerprint: string
Fields
conditions

list (object)

Conditions represent the latest available observation of the resource's current state.

conditions.[]

object

conditions.[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions.[].message

string

Human-readable message indicating details about last transition.

conditions.[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions.[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions.[].type

string

Type is the type of the condition.

metadataFingerprint

string

The unique fingerprint of the metadata.

observedGeneration

integer

ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.

selfLink

string

The URI of the created resource.

tagsFingerprint

string

The unique fingerprint of the tags.

Sample YAML(s)

Typical Use Case

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeInstanceTemplate
  metadata:
    name: instancetemplate-sample
    labels:
      env: "dev"
  spec:
    description: a sample instance template
    tags:
      - foo
      - bar
    instanceDescription: a sample instance created from the sample instance template
    machineType: n1-standard-1
    region: us-west1
    disk:
      - sourceDiskRef:
          name: instancetemplate-dep
        autoDelete: false
        boot: true
      - sourceImageRef:
          name: instancetemplate-dep
        autoDelete: true
        boot: false
        diskName: sample-attached-disk
        deviceName: attachment
        interface: SCSI
        diskType: pd-ssd
        diskSizeGb: 10
        type: PERSISTENT
    networkInterface:
      - networkRef:
          name: instancetemplate-dep
        subnetworkRef:
          name: instancetemplate-dep
        networkIp: "10.2.0.1"
        aliasIpRange:
          - ipCidrRange: /16
            subnetworkRangeName: sub-range
    canIpForward: false
    scheduling:
      automaticRestart: true
      onHostMaintenance: "MIGRATE"
      preemptible: false
    metadataStartupScript: "echo hi > /test.txt"
    serviceAccount:
      serviceAccountRef:
        name: instancetemplate-dep
      scopes:
        - userinfo-email
        - compute-ro
        - storage-ro
    guestAccelerator:
      - type: nvidia-tesla-k80
        count: 1
    minCpuPlatform: "Intel Skylake"
    shieldedInstanceConfig:
      enableSecureBoot: false
      enableVtpm: true
      enableIntegrityMonitoring: true
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeDisk
  metadata:
    name: instancetemplate-dep
  spec:
    description: a sample encrypted, blank disk
    physicalBlockSizeBytes: 4096
    size: 1
    type: pd-ssd
    location: us-west1-c
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeImage
  metadata:
    name: instancetemplate-dep
  spec:
    description: A sample image created from an empty disk resource
    diskRef:
      name: instancetemplate-dep
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeNetwork
  metadata:
    name: instancetemplate-dep
  spec:
    routingMode: REGIONAL
    autoCreateSubnetworks: false
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeSubnetwork
  metadata:
    name: instancetemplate-dep
  spec:
    ipCidrRange: 10.2.0.0/16
    region: us-west1
    description: a sample subnetwork
    privateIpGoogleAccess: false
    networkRef:
      name: instancetemplate-dep
    logConfig:
      aggregationInterval: INTERVAL_10_MIN
      flowSampling: 0.5
      metadata: INCLUDE_ALL_METADATA
  ---
  apiVersion: iam.cnrm.cloud.google.com/v1beta1
  kind: IAMServiceAccount
  metadata:
    name: instancetemplate-dep
  spec:
    displayName: a sample Service Account