feat: [edgecontainer] add storage schema to local control plane config (

#5775) * feat: add storage schema to local control plane config feat: add VM service config to system addons config feat: add resource state to control plane encryption feat: add connection state to cluster feat: add resource state to local disk encryption feat: add storage schema to node config feat: add config data to zone metadata feat: add maintenance exclusion window to maintenance policy feat: add status reason to operation metadata PiperOrigin-RevId: 690689315 Source-Link: googleapis/googleapis@ba8ea80 Source-Link: googleapis/googleapis-gen@f8ac54d Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWVkZ2Vjb250YWluZXIvLk93bEJvdC55YW1sIiwiaCI6ImY4YWM1NGQzYjFjYmVhMDYzNTUyOWYxMDc0NjEzMTY0MjYxM2JmNWUifQ== * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
googleapis · Oct 29, 2024 · 5f913f7 · 5f913f7
1 parent c4badb0
commit 5f913f7
Show file tree

Hide file tree

Showing 6 changed files with 2,163 additions and 101 deletions.
diff --git a/packages/google-cloud-edgecontainer/README.md b/packages/google-cloud-edgecontainer/README.md
@@ -44,7 +44,7 @@ Google APIs Client Libraries, in [Client Libraries Explained][explained].
 1.  [Select or create a Cloud Platform project][projects].
 1.  [Enable billing for your project][billing].
 1.  [Enable the Distributed Cloud Edge Container API API][enable_api].
-1.  [Set up authentication with a service account][auth] so you can access the
+1.  [Set up authentication][auth] so you can access the
     API from your local workstation.
 
 ### Installing the client library
@@ -206,4 +206,4 @@ See [LICENSE](https://github.com/googleapis/google-cloud-node/blob/main/LICENSE)
 [projects]: https://console.cloud.google.com/project
 [billing]: https://support.google.com/cloud/answer/6293499#enable-billing
 [enable_api]: https://console.cloud.google.com/flows/enableapi?apiid=edgecontainer.googleapis.com
-[auth]: https://cloud.google.com/docs/authentication/getting-started
+[auth]: https://cloud.google.com/docs/authentication/external/set-up-adc-local
diff --git a/packages/google-cloud-edgecontainer/protos/google/cloud/edgecontainer/v1/resources.proto b/packages/google-cloud-edgecontainer/protos/google/cloud/edgecontainer/v1/resources.proto
@@ -52,6 +52,18 @@ enum KmsKeyState {
   KMS_KEY_STATE_KEY_UNAVAILABLE = 2;
 }
 
+// Represents if the resource is in lock down state or pending.
+enum ResourceState {
+  // Default value.
+  RESOURCE_STATE_UNSPECIFIED = 0;
+
+  // The resource is in LOCK DOWN state.
+  RESOURCE_STATE_LOCK_DOWN = 1;
+
+  // The resource is pending lock down.
+  RESOURCE_STATE_LOCK_DOWN_PENDING = 2;
+}
+
 // A Google Distributed Cloud Edge Kubernetes cluster.
 message Cluster {
   option (google.api.resource) = {
@@ -86,6 +98,14 @@ message Cluster {
 
       // Policy configuration about how user applications are deployed.
       SharedDeploymentPolicy shared_deployment_policy = 4;
+
+      // Optional. Name for the storage schema of control plane nodes.
+      //
+      // Warning: Configurable node local storage schema feature is an
+      // experimental feature, and is not recommended for general use
+      // in production clusters/nodepools.
+      string control_plane_node_storage_schema = 5
+          [(google.api.field_behavior) = OPTIONAL];
     }
 
     // Represents the policy configuration about how user applications are
@@ -131,19 +151,28 @@ message Cluster {
       string ipv4_vip = 2 [(google.api.field_behavior) = OPTIONAL];
     }
 
+    // VMServiceConfig defines the configuration for GDCE VM Service.
+    message VMServiceConfig {
+      // Optional. Whether VMM is enabled.
+      bool vmm_enabled = 1 [(google.api.field_behavior) = OPTIONAL];
+    }
+
     // Optional. Config for Ingress.
     Ingress ingress = 1 [(google.api.field_behavior) = OPTIONAL];
+
+    // Optional. Config for VM Service.
+    VMServiceConfig vm_service_config = 4
+        [(google.api.field_behavior) = OPTIONAL];
   }
 
-  // Configuration for Customer-managed KMS key support for remote control plane
-  // cluster disk encryption.
+  // Configuration for Customer-managed KMS key support for control plane nodes.
   message ControlPlaneEncryption {
-    // Immutable. The Cloud KMS CryptoKey e.g.
+    // Optional. The Cloud KMS CryptoKey e.g.
     // projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}
     // to use for protecting control plane disks. If not specified, a
     // Google-managed key will be used instead.
     string kms_key = 1 [
-      (google.api.field_behavior) = IMMUTABLE,
+      (google.api.field_behavior) = OPTIONAL,
       (google.api.resource_reference) = {
         type: "cloudkms.googleapis.com/CryptoKey"
       }
@@ -170,6 +199,10 @@ message Cluster {
     // error status reported by Cloud KMS.
     google.rpc.Status kms_status = 4
         [(google.api.field_behavior) = OUTPUT_ONLY];
+
+    // Output only. The current resource state associated with the cmek.
+    ResourceState resource_state = 5
+        [(google.api.field_behavior) = OUTPUT_ONLY];
   }
 
   // A Maintenance Event is an operation that could cause temporary disruptions
@@ -263,6 +296,33 @@ message Cluster {
         [(google.api.field_behavior) = OPTIONAL];
   }
 
+  // ConnectionState holds the current connection state from the cluster to
+  // Google.
+  message ConnectionState {
+    // The connection state.
+    enum State {
+      // Unknown connection state.
+      STATE_UNSPECIFIED = 0;
+
+      // This cluster is currently disconnected from Google.
+      DISCONNECTED = 1;
+
+      // This cluster is currently connected to Google.
+      CONNECTED = 2;
+
+      // This cluster is currently connected to Google, but may have recently
+      // reconnected after a disconnection. It is still syncing back.
+      CONNECTED_AND_SYNCING = 3;
+    }
+
+    // Output only. The current connection state.
+    State state = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+    // Output only. The time when the connection state was last changed.
+    google.protobuf.Timestamp update_time = 2
+        [(google.api.field_behavior) = OUTPUT_ONLY];
+  }
+
   // Indicates the status of the cluster.
   enum Status {
     // Status unknown.
@@ -396,6 +456,10 @@ message Cluster {
   // balancing.
   repeated string external_load_balancer_ipv6_address_pools = 25
       [(google.api.field_behavior) = OPTIONAL];
+
+  // Output only. The current connection state of the cluster.
+  ConnectionState connection_state = 27
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // Cluster-wide networking configuration.
@@ -458,12 +522,12 @@ message NodePool {
 
   // Configuration for CMEK support for edge machine local disk encryption.
   message LocalDiskEncryption {
-    // Immutable. The Cloud KMS CryptoKey e.g.
+    // Optional. The Cloud KMS CryptoKey e.g.
     // projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}
     // to use for protecting node local disks. If not specified, a
     // Google-managed key will be used instead.
     string kms_key = 1 [
-      (google.api.field_behavior) = IMMUTABLE,
+      (google.api.field_behavior) = OPTIONAL,
       (google.api.resource_reference) = {
         type: "cloudkms.googleapis.com/CryptoKey"
       }
@@ -490,12 +554,23 @@ message NodePool {
     // error status reported by Cloud KMS.
     google.rpc.Status kms_status = 4
         [(google.api.field_behavior) = OUTPUT_ONLY];
+
+    // Output only. The current resource state associated with the cmek.
+    ResourceState resource_state = 5
+        [(google.api.field_behavior) = OUTPUT_ONLY];
   }
 
   // Configuration for each node in the NodePool
   message NodeConfig {
     // Optional. The Kubernetes node labels
     map<string, string> labels = 1 [(google.api.field_behavior) = OPTIONAL];
+
+    // Optional. Name for the storage schema of worker nodes.
+    //
+    // Warning: Configurable node local storage schema feature is an
+    // experimental feature, and is not recommended for general use
+    // in production clusters/nodepools.
+    string node_storage_schema = 2 [(google.api.field_behavior) = OPTIONAL];
   }
 
   // Required. The resource name of the node pool.
@@ -602,12 +677,7 @@ message VpnConnection {
     // the cluster project.
     string project_id = 1;
 
-    // Optional. The service account in the VPC project configured by user. It
-    // is used to create/delete Cloud Router and Cloud HA VPNs for VPN
-    // connection. If this SA is changed during/after a VPN connection is
-    // created, you need to remove the Cloud Router and Cloud VPN resources in
-    // |project_id|. It is in the form of
-    // service-{project_number}@gcp-sa-edgecontainer.iam.gserviceaccount.com.
+    // Optional. Deprecated: do not use.
     string service_account = 2
         [deprecated = true, (google.api.field_behavior) = OPTIONAL];
   }
@@ -746,6 +816,18 @@ message ZoneMetadata {
 
   // The map keyed by rack name and has value of RackType.
   map<string, RackType> rack_types = 2;
+
+  // Config data for the zone.
+  ConfigData config_data = 3;
+}
+
+// Config data holds all the config related data for the zone.
+message ConfigData {
+  // list of available v4 ip pools for external loadbalancer
+  repeated string available_external_lb_pools_ipv4 = 1;
+
+  // list of available v6 ip pools for external loadbalancer
+  repeated string available_external_lb_pools_ipv6 = 2;
 }
 
 // Represents quota for Edge Container resources.
@@ -764,6 +846,13 @@ message Quota {
 message MaintenancePolicy {
   // Specifies the maintenance window in which maintenance may be performed.
   MaintenanceWindow window = 1;
+
+  // Optional. Exclusions to automatic maintenance. Non-emergency maintenance
+  // should not occur in these windows. Each exclusion has a unique name and may
+  // be active or expired. The max number of maintenance exclusions allowed at a
+  // given time is 3.
+  repeated MaintenanceExclusionWindow maintenance_exclusions = 2
+      [(google.api.field_behavior) = OPTIONAL];
 }
 
 // Maintenance window configuration
@@ -783,6 +872,15 @@ message RecurringTimeWindow {
   string recurrence = 2;
 }
 
+// Represents a maintenance exclusion window.
+message MaintenanceExclusionWindow {
+  // Optional. The time window.
+  TimeWindow window = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. A unique (per cluster) id for the window.
+  string id = 2 [(google.api.field_behavior) = OPTIONAL];
+}
+
 // Represents an arbitrary window of time.
 message TimeWindow {
   // The time that the window first starts.

diff --git a/packages/google-cloud-edgecontainer/protos/google/cloud/edgecontainer/v1/service.proto b/packages/google-cloud-edgecontainer/protos/google/cloud/edgecontainer/v1/service.proto
@@ -22,6 +22,7 @@ import "google/api/field_behavior.proto";
 import "google/api/resource.proto";
 import "google/cloud/edgecontainer/v1/resources.proto";
 import "google/longrunning/operations.proto";
+import "google/protobuf/empty.proto";
 import "google/protobuf/field_mask.proto";
 import "google/protobuf/timestamp.proto";
 
@@ -258,6 +259,15 @@ service EdgeContainer {
 
 // Long-running operation metadata for Edge Container API methods.
 message OperationMetadata {
+  // Indicates the reason for the status of the operation.
+  enum StatusReason {
+    // Reason unknown.
+    STATUS_REASON_UNSPECIFIED = 0;
+
+    // The cluster upgrade is currently paused.
+    UPGRADE_PAUSED = 1;
+  }
+
   // The time the operation was created.
   google.protobuf.Timestamp create_time = 1;
 
@@ -285,6 +295,9 @@ message OperationMetadata {
   // Warnings that do not block the operation, but still hold relevant
   // information for the end user to receive.
   repeated string warnings = 8;
+
+  // Machine-readable status of the operation, if any.
+  StatusReason status_reason = 9;
 }
 
 // Lists clusters in a location.