gcloud beta filestore instances create

NAME
gcloud beta filestore instances create - create a Filestore instance
SYNOPSIS
gcloud beta filestore instances create (INSTANCE : --zone=ZONE) --file-share=[capacity=CAPACITY],[name=NAME],[nfs-export-options=NFS-EXPORT-OPTIONS],[source-backup=SOURCE-BACKUP],[source-backup-region=SOURCE-BACKUP-REGION] --network=[connect-mode=CONNECT-MODE],[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE] [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,…]] [--location=LOCATION] [--managed-ad=[computer=COMPUTER],[domain=DOMAIN]] [--protocol=PROTOCOL; default="NFS_V3"] [--region=REGION] [--source-instance=SOURCE_INSTANCE] [--tags=[KEY=VALUE,…]] [--tier=TIER; default="BASIC_HDD"] [--deletion-protection : --deletion-protection-reason=DELETION_PROTECTION_REASON] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(BETA) Create a Filestore instance.
EXAMPLES
The following command creates a Filestore instance named NAME with a single volume.
gcloud beta filestore instances create NAME --description=DESCRIPTION --tier=TIER --protocol=PROTOCOL --file-share=name=VOLUME_NAME,capacity=CAPACITY --network=name=NETWORK_NAME,reserved-ip-range=RESERVED_IP_RANGE,connect-mode=CONNECT_MODE --zone=ZONE --kms-key=KMS-KEY --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT --managed-ad=domain=DOMAIN,computer=COMPUTER --flags-file=FLAGS_FILE --source-instance=SOURCE_INSTANCE
Example json configuration file:

{ "--file-share": {"capacity": "61440", "name": "my_vol", "nfs-export-options": [ { "access-mode": "READ_WRITE", "ip-ranges": [ "10.0.0.0/8", ], "squash-mode": "NO_ROOT_SQUASH", "security-flavors": [ "AUTH_SYS", "KRB5P", ], }, { "access-mode": "READ_ONLY", "ip-ranges": [ "192.168.0.0/24" ], "squash-mode": "ROOT_SQUASH" "anon_uid": 1003, "anon_gid": 1003 } ], } }

POSITIONAL ARGUMENTS
Instance resource - The instance to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument instance on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

INSTANCE
ID of the instance or fully qualified identifier for the instance.

To set the instance attribute:

  • provide the argument instance on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--zone=ZONE
The zone of the instance.

To set the zone attribute:

  • provide the argument instance on the command line with a fully specified name;
  • provide the argument --zone on the command line;
  • provide the argument region on the command line;
  • provide the argument location on the command line;
  • set the property filestore/zone;
  • set the property filestore/region;
  • set the property filestore/location.
REQUIRED FLAGS
--file-share=[capacity=CAPACITY],[name=NAME],[nfs-export-options=NFS-EXPORT-OPTIONS],[source-backup=SOURCE-BACKUP],[source-backup-region=SOURCE-BACKUP-REGION]
File share configuration for an instance. Specifying both name and capacity is required.
capacity
The desired capacity of the volume in GB or TB units. If no capacity unit is specified, GB is assumed. Acceptable instance capacities for each tier are as follows:
  • BASIC_HDD: 1TB-63.9TB in 1GB increments or its multiples.
  • BASIC_SSD: 2.5TB-63.9TB in 1GB increments or its multiples.
  • HIGH_SCALE_SSD: 10TB-100TB in 2.5TB increments or its multiples.
  • ZONAL: 1TB-100TB:
    • 1TB-9.75TB in 256GB increments or its multiples.
    • 10TB-100TB in 2.5TB increments or its multiples.
  • ENTERPRISE: 1TB-10TB in 256GB increments or its multiples.
  • REGIONAL: 1TB-100TB:
    • 1TB-9.75TB in 256GB increments or its multiples.
    • 10TB-100TB in 2.5TB increments or its multiples.
name
The desired logical name of the volume.
nfs-export-options
The NfsExportOptions for the Cloud Filestore instance file share. Configuring NfsExportOptions is optional and can only be set using flags-file. Use the --flags-file flag to specify the path to a JSON or YAML configuration file that contains the required NfsExportOptions flags.
ip-ranges
A list of IPv4 addresses or CIDR ranges that are allowed to mount the file share. IPv4 addresses format: {octet 1}.{octet 2}.{octet 3}.{octet 4}. CIDR range format: {octet 1}.{octet 2}.{octet 3}.{octet 4}/{mask size}. Overlapping IP ranges are allowed for all tiers other than BASIC_HDD and BASIC_SSD. The limit of IP ranges/addresses for each FileShareConfig among all NfsExportOptions is 64 per instance.
access-mode
The type of access allowed for the specified IP-addresses or CIDR ranges. READ_ONLY: Allows only read requests on the exported file share. READ_WRITE: Allows both read and write requests on the exported file share. The default setting is READ_WRITE.
squash-mode
Enables or disables root squash for the specified IP addresses or CIDR ranges. NO_ROOT_SQUASH: Disables root squash to allow root access on the exported file share. ROOT_SQUASH. Enables root squash to remove root access on the exported file share. The default setting is NO_ROOT_SQUASH.
anon_uid
An integer that represents the user ID of anonymous users. Anon_uid may only be set when squash_mode is set to ROOT_SQUASH. If NO_ROOT_SQUASH is specified, an error will be returned. The default value is 65534.
anon_gid
An integer that represents the group ID of anonymous groups. Anon_gid may only be set when squash_mode is set to ROOT_SQUASH. If NO_ROOT_SQUASH is specified, an error will be returned. The default value is 65534.
security-flavors
A list of security flavors that are allowed to be used during mount command in NFSv4.1 filestore instances. The security flavors supported are:
  • SECURITY_FLAVOR_UNSPECIFIED: SecurityFlavor not set. Defaults to AUTH_SYS.
    • AUTH_SYS: The user's UNIX user-id and group-ids are passed in the clear.
    • KRB5: The end-user authentication is done using Kerberos V5.
    • KRB5I: KRB5 plus integrity protection (data packets are tamper proof).
    • KRB5P: KRB5I plus privacy protection (data packets are tamper proof and encrypted).
source-backup
The name of the backup to restore from.
source-backup-region
The region of the source backup.
--network=[connect-mode=CONNECT-MODE],[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE]
Network configuration for a Cloud Filestore instance. Specifying reserved-ip-range and connect-mode is optional.
name
The name of the Google Compute Engine VPC network to which the instance is connected.
reserved-ip-range
The reserved-ip-range can have one of the following two types of values: a CIDR range value when using DIRECT_PEERING connect mode or an allocated IP address range (https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier or a /24 CIDR block for High Scale, Zonal, Enterprise or Regional tier in one of the internal IP address ranges (https://www.arin.net/knowledge/address_filters.html) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/24. The range you specify can't overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
connect-mode
Network connection mode used by instances. CONNECT_MODE must be one of: DIRECT_PEERING or PRIVATE_SERVICE_ACCESS.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
--description=DESCRIPTION
A description of the Cloud Filestore instance.
--labels=[KEY=VALUE,…]
List of label KEY=VALUE pairs to add.

Keys must start with a lowercase character and contain only hyphens (-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.

--location=LOCATION
Location of the Cloud Filestore instance/operation.
--managed-ad=[computer=COMPUTER],[domain=DOMAIN]
Managed Active Directory configuration for an instance. Specifies both the domain name and a computer name (unique to the domain) to be created by the filestore instance.
domain
   The desired domain full uri. i.e:
   projects/PROJECT/locations/global/domains/DOMAIN
computer
   The desired active directory computer name to be created by
   the filestore instance when connecting to the domain.
--protocol=PROTOCOL; default="NFS_V3"
The service protocol for the Cloud Filestore instance. PROTOCOL must be one of:
nfs-v3
NFSv3 protocol.
nfs-v4-1
NFSv4.1 protocol.
--region=REGION
Region of the Cloud Filestore instance.
--source-instance=SOURCE_INSTANCE
The replication source instance of the Cloud Filestore instance.
--tags=[KEY=VALUE,…]
List of tags KEY=VALUE pairs to bind. Each item must be expressed as <tag-key-namespaced-name>=<tag-value-short-name>.

Example: 123/environment=production,123/costCenter=marketing

--tier=TIER; default="BASIC_HDD"
The service tier for the Cloud Filestore instance. For more details, see: https://cloud.google.com/filestore/docs/instance-tiers

TIER must be one of:

basic-hdd
Performant NFS storage system using HDD.
basic-ssd
Performant NFS storage system using SSD.
enterprise
Enterprise instance. Use REGIONAL instead whenever possible.
high-scale-ssd
High Scale SSD instance, an alias for ZONAL. Use ZONAL instead whenever possible.
premium
Premium Filestore instance, An alias for BASIC_SSD. Use BASIC_SSD instead whenever possible.
regional
Regional instances offer the features and availability needed for mission-critical workloads.
standard
Standard Filestore instance, An alias for BASIC_HDD. Use BASIC_HDD instead whenever possible.
zonal
Zonal instances offer NFS storage system suitable for high performance computing application requirements. It offers fast performance that scales with capacity and allows you to grow and shrink capacity.
Deletion protection control options. When deletion protection is enabled, the instance cannot be deleted.
--deletion-protection
Enables deletion protection for the instance.

This flag argument must be specified if any of the other arguments in this group are specified.

--deletion-protection-reason=DELETION_PROTECTION_REASON
The reason for enabling deletion protection for the instance.
Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the instance. The 'Filestore Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. The arguments in this group can be used to specify the attributes of this resource.
--kms-key=KMS_KEY
ID of the key or fully qualified identifier for the key.

To set the kms-key attribute:

  • provide the argument --kms-key on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--kms-keyring=KMS_KEYRING
The KMS keyring of the key.

To set the kms-keyring attribute:

  • provide the argument --kms-key on the command line with a fully specified name;
  • provide the argument --kms-keyring on the command line.
--kms-location=KMS_LOCATION
The Google Cloud location for the key.

To set the kms-location attribute:

  • provide the argument --kms-key on the command line with a fully specified name;
  • provide the argument --kms-location on the command line.
--kms-project=KMS_PROJECT
The Google Cloud project for the key.

To set the kms-project attribute:

  • provide the argument --kms-key on the command line with a fully specified name;
  • provide the argument --kms-project on the command line;
  • set the property core/project.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in beta and might change without notice. These variants are also available:
gcloud filestore instances create
gcloud alpha filestore instances create