ContainerCluster

Property Value
Google Cloud Service Name Kubernetes Engine
Google Cloud Service Documentation /kubernetes-engine/docs/
Google Cloud REST Resource Name v1.projects.locations.clusters
Google Cloud REST Resource Documentation /kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters
Config Connector Resource Short Names gcpcontainercluster
gcpcontainerclusters
containercluster
Config Connector Service Name container.googleapis.com
Config Connector Resource Fully Qualified Name containerclusters.container.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember No

Custom Resource Definition Properties

Annotations

Fields
cnrm.cloud.google.com/project-id
cnrm.cloud.google.com/remove-default-node-pool

Spec

Schema

addonsConfig:
  cloudrunConfig:
    disabled: boolean
  configConnectorConfig:
    enabled: boolean
  dnsCacheConfig:
    enabled: boolean
  gcePersistentDiskCsiDriverConfig:
    enabled: boolean
  horizontalPodAutoscaling:
    disabled: boolean
  httpLoadBalancing:
    disabled: boolean
  istioConfig:
    auth: string
    disabled: boolean
  kalmConfig:
    enabled: boolean
  networkPolicyConfig:
    disabled: boolean
authenticatorGroupsConfig:
  securityGroup: string
clusterAutoscaling:
  autoProvisioningDefaults:
    minCpuPlatform: string
    oauthScopes:
    - string
    serviceAccountRef:
      external: string
      name: string
      namespace: string
  autoscalingProfile: string
  enabled: boolean
  resourceLimits:
  - maximum: integer
    minimum: integer
    resourceType: string
clusterIpv4Cidr: string
databaseEncryption:
  keyName: string
  state: string
defaultMaxPodsPerNode: integer
description: string
enableBinaryAuthorization: boolean
enableIntranodeVisibility: boolean
enableKubernetesAlpha: boolean
enableLegacyAbac: boolean
enableShieldedNodes: boolean
enableTpu: boolean
initialNodeCount: integer
ipAllocationPolicy:
  clusterIpv4CidrBlock: string
  clusterSecondaryRangeName: string
  servicesIpv4CidrBlock: string
  servicesSecondaryRangeName: string
location: string
loggingService: string
maintenancePolicy:
  dailyMaintenanceWindow:
    duration: string
    startTime: string
  recurringWindow:
    endTime: string
    recurrence: string
    startTime: string
masterAuth:
  clientCertificate: string
  clientCertificateConfig:
    issueClientCertificate: boolean
  clientKey: string
  clusterCaCertificate: string
  password:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  username: string
masterAuthorizedNetworksConfig:
  cidrBlocks:
  - cidrBlock: string
    displayName: string
minMasterVersion: string
monitoringService: string
networkPolicy:
  enabled: boolean
  provider: string
networkRef:
  external: string
  name: string
  namespace: string
nodeConfig:
  bootDiskKMSCryptoKeyRef:
    external: string
    name: string
    namespace: string
  diskSizeGb: integer
  diskType: string
  guestAccelerator:
  - count: integer
    type: string
  imageType: string
  labels:
    string: string
  localSsdCount: integer
  machineType: string
  metadata:
    string: string
  minCpuPlatform: string
  oauthScopes:
  - string
  preemptible: boolean
  sandboxConfig:
    sandboxType: string
  serviceAccountRef:
    external: string
    name: string
    namespace: string
  shieldedInstanceConfig:
    enableIntegrityMonitoring: boolean
    enableSecureBoot: boolean
  tags:
  - string
  taint:
  - effect: string
    key: string
    value: string
  workloadMetadataConfig:
    nodeMetadata: string
nodeLocations:
- string
nodeVersion: string
podSecurityPolicyConfig:
  enabled: boolean
privateClusterConfig:
  enablePrivateEndpoint: boolean
  enablePrivateNodes: boolean
  masterIpv4CidrBlock: string
  peeringName: string
  privateEndpoint: string
  publicEndpoint: string
releaseChannel:
  channel: string
resourceUsageExportConfig:
  bigqueryDestination:
    datasetId: string
  enableNetworkEgressMetering: boolean
  enableResourceConsumptionMetering: boolean
subnetworkRef:
  external: string
  name: string
  namespace: string
verticalPodAutoscaling:
  enabled: boolean
workloadIdentityConfig:
  identityNamespace: string
Fields

addonsConfig

Optional

object

The configuration for addons supported by GKE.

addonsConfig.cloudrunConfig

Optional

object

The status of the CloudRun addon. It is disabled by default. Set disabled = false to enable.

addonsConfig.cloudrunConfig.disabled

Required*

boolean

addonsConfig.configConnectorConfig

Optional

object

The of the Config Connector addon.

addonsConfig.configConnectorConfig.enabled

Required*

boolean

addonsConfig.dnsCacheConfig

Optional

object

The status of the NodeLocal DNSCache addon. It is disabled by default. Set enabled = true to enable.

addonsConfig.dnsCacheConfig.enabled

Required*

boolean

addonsConfig.gcePersistentDiskCsiDriverConfig

Optional

object

Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. Defaults to disabled; set enabled = true to enable.

addonsConfig.gcePersistentDiskCsiDriverConfig.enabled

Required*

boolean

addonsConfig.horizontalPodAutoscaling

Optional

object

The status of the Horizontal Pod Autoscaling addon, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. It ensures that a Heapster pod is running in the cluster, which is also used by the Cloud Monitoring service. It is enabled by default; set disabled = true to disable.

addonsConfig.horizontalPodAutoscaling.disabled

Required*

boolean

addonsConfig.httpLoadBalancing

Optional

object

The status of the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. It is enabled by default; set disabled = true to disable.

addonsConfig.httpLoadBalancing.disabled

Required*

boolean

addonsConfig.istioConfig

Optional

object

The status of the Istio addon.

addonsConfig.istioConfig.auth

Optional

string

The authentication type between services in Istio. Available options include AUTH_MUTUAL_TLS.

addonsConfig.istioConfig.disabled

Required*

boolean

The status of the Istio addon, which makes it easy to set up Istio for services in a cluster. It is disabled by default. Set disabled = false to enable.

addonsConfig.kalmConfig

Optional

object

Configuration for the KALM addon, which manages the lifecycle of k8s. It is disabled by default; Set enabled = true to enable.

addonsConfig.kalmConfig.enabled

Required*

boolean

addonsConfig.networkPolicyConfig

Optional

object

Whether we should enable the network policy addon for the master. This must be enabled in order to enable network policy for the nodes. To enable this, you must also define a network_policy block, otherwise nothing will happen. It can only be disabled if the nodes already do not have network policies enabled. Defaults to disabled; set disabled = false to enable.

addonsConfig.networkPolicyConfig.disabled

Required*

boolean

authenticatorGroupsConfig

Optional

object

Configuration for the Google Groups for GKE feature.

authenticatorGroupsConfig.securityGroup

Required*

string

The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com.

clusterAutoscaling

Optional

object

Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster's workload. See the guide to using Node Auto-Provisioning for more details.

clusterAutoscaling.autoProvisioningDefaults

Optional

object

Contains defaults for a node pool created by NAP.

clusterAutoscaling.autoProvisioningDefaults.minCpuPlatform

Optional

string

Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as Intel Haswell.

clusterAutoscaling.autoProvisioningDefaults.oauthScopes

Optional

list (string)

clusterAutoscaling.autoProvisioningDefaults.oauthScopes.[]

Optional

string

clusterAutoscaling.autoProvisioningDefaults.serviceAccountRef

Optional

object

clusterAutoscaling.autoProvisioningDefaults.serviceAccountRef.external

Optional

string

The email of an IAMServiceAccount.

clusterAutoscaling.autoProvisioningDefaults.serviceAccountRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

clusterAutoscaling.autoProvisioningDefaults.serviceAccountRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

clusterAutoscaling.autoscalingProfile

Optional

string

Configuration options for the Autoscaling profile feature, which lets you choose whether the cluster autoscaler should optimize for resource utilization or resource availability when deciding to remove nodes from a cluster. Can be BALANCED or OPTIMIZE_UTILIZATION. Defaults to BALANCED.

clusterAutoscaling.enabled

Required*

boolean

Whether node auto-provisioning is enabled. Resource limits for cpu and memory must be defined to enable node auto-provisioning.

clusterAutoscaling.resourceLimits

Optional

list (object)

clusterAutoscaling.resourceLimits.[]

Optional

object

clusterAutoscaling.resourceLimits.[].maximum

Optional

integer

Maximum amount of the resource in the cluster.

clusterAutoscaling.resourceLimits.[].minimum

Optional

integer

Minimum amount of the resource in the cluster.

clusterAutoscaling.resourceLimits.[].resourceType

Required*

string

The type of the resource. For example, cpu and memory. See the guide to using Node Auto-Provisioning for a list of types.

clusterIpv4Cidr

Optional

string

The IP address range of the Kubernetes pods in this cluster in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8. This field will only work for routes-based clusters, where ip_allocation_policy is not defined.

databaseEncryption

Optional

object

Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key_name is the name of a CloudKMS key.

databaseEncryption.keyName

Optional

string

The key to use to encrypt/decrypt secrets.

databaseEncryption.state

Required*

string

ENCRYPTED or DECRYPTED.

defaultMaxPodsPerNode

Optional

integer

The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled.

description

Optional

string

Description of the cluster.

enableBinaryAuthorization

Optional

boolean

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization.

enableIntranodeVisibility

Optional

boolean

Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

enableKubernetesAlpha

Optional

boolean

Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

enableLegacyAbac

Optional

boolean

Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. Defaults to false.

enableShieldedNodes

Optional

boolean

Enable Shielded Nodes features on all nodes in this cluster. Defaults to false.

enableTpu

Optional

boolean

Whether to enable Cloud TPU resources in this cluster.

initialNodeCount

Optional

integer

The number of nodes to create in this cluster's default node pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Must be set if node_pool is not set. If you're using google_container_node_pool objects with no default node pool, you'll need to set this to a value of at least 1, alongside setting remove_default_node_pool to true.

ipAllocationPolicy

Optional

object

Configuration of cluster IP allocation for VPC-native clusters. Adding this block enables IP aliasing, making the cluster VPC-native instead of routes-based.

ipAllocationPolicy.clusterIpv4CidrBlock

Optional

string

The IP address range for the cluster pod IPs. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

ipAllocationPolicy.clusterSecondaryRangeName

Optional

string

The IP address range of the services IPs in this cluster. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

ipAllocationPolicy.servicesIpv4CidrBlock

Optional

string

The IP address range of the services IPs in this cluster. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. /14) to have a range chosen with a specific netmask. Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

ipAllocationPolicy.servicesSecondaryRangeName

Optional

string

The name of the existing secondary range in the cluster's subnetwork to use for service ClusterIPs. Alternatively, services_ipv4_cidr_block can be used to automatically create a GKE-managed one.

location

Required

string

The location (region or zone) in which the cluster master will be created, as well as the default node location. If you specify a zone (such as us-central1-a), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such as us-west1), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well.

loggingService

Optional

string

The logging service that the cluster should write logs to. Available options include logging.googleapis.com(Legacy Stackdriver), logging.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Logging), and none. Defaults to logging.googleapis.com/kubernetes.

maintenancePolicy

Optional

object

The maintenance policy to use for the cluster.

maintenancePolicy.dailyMaintenanceWindow

Optional

object

Time window specified for daily maintenance operations. Specify start_time in RFC3339 format "HH:MM”, where HH : [00-23] and MM : [00-59] GMT.

maintenancePolicy.dailyMaintenanceWindow.duration

Optional

string

maintenancePolicy.dailyMaintenanceWindow.startTime

Required*

string

maintenancePolicy.recurringWindow

Optional

object

Time window for recurring maintenance operations.

maintenancePolicy.recurringWindow.endTime

Required*

string

maintenancePolicy.recurringWindow.recurrence

Required*

string

maintenancePolicy.recurringWindow.startTime

Required*

string

masterAuth

Optional

object

The authentication information for accessing the Kubernetes master. Some values in this block are only returned by the API if your service account has permission to get credentials for your GKE cluster. If you see an unexpected diff removing a username/password or unsetting your client cert, ensure you have the container.clusters.getCredentials permission.

masterAuth.clientCertificate

Optional

string

Base64 encoded public certificate used by clients to authenticate to the cluster endpoint.

masterAuth.clientCertificateConfig

Optional

object

Whether client certificate authorization is enabled for this cluster.

masterAuth.clientCertificateConfig.issueClientCertificate

Required*

boolean

Whether client certificate authorization is enabled for this cluster.

masterAuth.clientKey

Optional

string

Base64 encoded private key used by clients to authenticate to the cluster endpoint.

masterAuth.clusterCaCertificate

Optional

string

Base64 encoded public certificate that is the root of trust for the cluster.

masterAuth.password

Optional

object

The password to use for HTTP basic authentication when accessing the Kubernetes master endpoint.

masterAuth.password.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

masterAuth.password.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

masterAuth.password.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

masterAuth.password.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

masterAuth.password.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

masterAuth.username

Optional

string

The username to use for HTTP basic authentication when accessing the Kubernetes master endpoint. If not present basic auth will be disabled.

masterAuthorizedNetworksConfig

Optional

object

The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).

masterAuthorizedNetworksConfig.cidrBlocks

Optional

list (object)

masterAuthorizedNetworksConfig.cidrBlocks.[]

Optional

object

masterAuthorizedNetworksConfig.cidrBlocks.[].cidrBlock

Required*

string

External network that can access Kubernetes master through HTTPS. Must be specified in CIDR notation.

masterAuthorizedNetworksConfig.cidrBlocks.[].displayName

Optional

string

Field for users to identify CIDR blocks.

minMasterVersion

Optional

string

The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version--use the read-only master_version field to obtain that. If unset, the cluster's version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version).

monitoringService

Optional

string

The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com(Legacy Stackdriver), monitoring.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Monitoring), and none. Defaults to monitoring.googleapis.com/kubernetes.

networkPolicy

Optional

object

Configuration options for the NetworkPolicy feature.

networkPolicy.enabled

Required*

boolean

Whether network policy is enabled on the cluster.

networkPolicy.provider

Optional

string

The selected network policy provider. Defaults to PROVIDER_UNSPECIFIED.

networkRef

Optional

object

networkRef.external

Optional

string

The selfLink of a ComputeNetwork.

networkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

nodeConfig

Optional

object

nodeConfig.bootDiskKMSCryptoKeyRef

Optional

object

nodeConfig.bootDiskKMSCryptoKeyRef.external

Optional

string

The selfLink of a KMSCryptoKey.

nodeConfig.bootDiskKMSCryptoKeyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

nodeConfig.bootDiskKMSCryptoKeyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

nodeConfig.diskSizeGb

Optional

integer

nodeConfig.diskType

Optional

string

nodeConfig.guestAccelerator

Optional

list (object)

nodeConfig.guestAccelerator.[]

Optional

object

nodeConfig.guestAccelerator.[].count

Required*

integer

nodeConfig.guestAccelerator.[].type

Required*

string

nodeConfig.imageType

Optional

string

nodeConfig.labels

Optional

map (key: string, value: string)

nodeConfig.localSsdCount

Optional

integer

nodeConfig.machineType

Optional

string

nodeConfig.metadata

Optional

map (key: string, value: string)

nodeConfig.minCpuPlatform

Optional

string

nodeConfig.oauthScopes

Optional

list (string)

nodeConfig.oauthScopes.[]

Optional

string

nodeConfig.preemptible

Optional

boolean

nodeConfig.sandboxConfig

Optional

object

nodeConfig.sandboxConfig.sandboxType

Required*

string

nodeConfig.serviceAccountRef

Optional

object

nodeConfig.serviceAccountRef.external

Optional

string

The email of an IAMServiceAccount.

nodeConfig.serviceAccountRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

nodeConfig.serviceAccountRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

nodeConfig.shieldedInstanceConfig

Optional

object

nodeConfig.shieldedInstanceConfig.enableIntegrityMonitoring

Optional

boolean

nodeConfig.shieldedInstanceConfig.enableSecureBoot

Optional

boolean

nodeConfig.tags

Optional

list (string)

nodeConfig.tags.[]

Optional

string

nodeConfig.taint

Optional

list (object)

nodeConfig.taint.[]

Optional

object

nodeConfig.taint.[].effect

Required*

string

nodeConfig.taint.[].key

Required*

string

nodeConfig.taint.[].value

Required*

string

nodeConfig.workloadMetadataConfig

Optional

object

nodeConfig.workloadMetadataConfig.nodeMetadata

Required*

string

nodeLocations

Optional

list (string)

nodeLocations.[]

Optional

string

nodeVersion

Optional

string

podSecurityPolicyConfig

Optional

object

Configuration for the PodSecurityPolicy feature.

podSecurityPolicyConfig.enabled

Required*

boolean

Enable the PodSecurityPolicy controller for this cluster. If enabled, pods must be valid under a PodSecurityPolicy to be created.

privateClusterConfig

Optional

object

Configuration for private clusters, clusters with private nodes.

privateClusterConfig.enablePrivateEndpoint

Required*

boolean

Enables the private cluster feature, creating a private endpoint on the cluster. In a private cluster, nodes only have RFC 1918 private addresses and communicate with the master's private endpoint via private networking.

privateClusterConfig.enablePrivateNodes

Optional

boolean

When true, the cluster's private endpoint is used as the cluster endpoint and access through the public endpoint is disabled. When false, either endpoint can be used. This field only applies to private clusters, when enable_private_nodes is true.

privateClusterConfig.masterIpv4CidrBlock

Optional

string

The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning private IP addresses to the cluster master(s) and the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network, and it must be a /28 subnet. See Private Cluster Limitations for more details. This field only applies to private clusters, when enable_private_nodes is true.

privateClusterConfig.peeringName

Optional

string

The name of the peering between this cluster and the Google owned VPC.

privateClusterConfig.privateEndpoint

Optional

string

The internal IP address of this cluster's master endpoint.

privateClusterConfig.publicEndpoint

Optional

string

The external IP address of this cluster's master endpoint.

releaseChannel

Optional

object

Configuration options for the Release channel feature, which provide more control over automatic upgrades of your GKE clusters.

releaseChannel.channel

Required*

string

The selected release channel.

resourceUsageExportConfig

Optional

object

Configuration for the ResourceUsageExportConfig feature.

resourceUsageExportConfig.bigqueryDestination

Required*

object

Parameters for using BigQuery as the destination of resource usage export.

resourceUsageExportConfig.bigqueryDestination.datasetId

Required*

string

The ID of a BigQuery Dataset.

resourceUsageExportConfig.enableNetworkEgressMetering

Optional

boolean

Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic.

resourceUsageExportConfig.enableResourceConsumptionMetering

Optional

boolean

Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. Defaults to true.

subnetworkRef

Optional

object

subnetworkRef.external

Optional

string

The selfLink of a ComputeSubnetwork.

subnetworkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

subnetworkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

verticalPodAutoscaling

Optional

object

Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it.

verticalPodAutoscaling.enabled

Required*

boolean

Enables vertical pod autoscaling.

workloadIdentityConfig

Optional

object

workloadIdentityConfig.identityNamespace

Required*

string

* Field is required when parent field is specified

Status

Schema

conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
endpoint: string
instanceGroupUrls:
- string
labelFingerprint: string
masterVersion: string
operation: string
servicesIpv4Cidr: string
tpuIpv4CidrBlock: string
Fields
conditions

list (object)

conditions.[]

object

conditions.[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions.[].message

string

Human-readable message indicating details about last transition.

conditions.[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions.[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions.[].type

string

Type is the type of the condition.

endpoint

string

The IP address of this cluster's Kubernetes master.

instanceGroupUrls

list (string)

instanceGroupUrls.[]

string

labelFingerprint

string

The fingerprint of the set of labels for this cluster.

masterVersion

string

The current version of the master in the cluster. This may be different than the min_master_version set in the config if the master has been updated by GKE.

operation

string

servicesIpv4Cidr

string

The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR.

tpuIpv4CidrBlock

string

The IP address range of the Cloud TPUs in this cluster, in CIDR notation (e.g. 1.2.3.4/29).

Sample YAML(s)

Typical Use Case

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: container.cnrm.cloud.google.com/v1beta1
kind: ContainerCluster
metadata:
  annotations:
    cnrm.cloud.google.com/remove-default-node-pool: "false"
  labels:
    label-one: "value-one"
  name: containercluster-sample
spec:
  location: us-central1-a
  initialNodeCount: 1
  loggingService: logging.googleapis.com/kubernetes
  monitoringService: monitoring.googleapis.com/kubernetes
  masterAuth:
    username: "user"
    password:
      valueFrom:
        secretKeyRef:
          name: containercluster-dep
          key: password
    clientCertificateConfig:
      issueClientCertificate: false
---
apiVersion: v1
kind: Secret
metadata:
  name: containercluster-dep
stringData:
  password: password12345678