container

class pulumi_gcp.container.Cluster(resource_name, opts=None, additional_zones=None, addons_config=None, cluster_ipv4_cidr=None, description=None, enable_binary_authorization=None, enable_kubernetes_alpha=None, enable_legacy_abac=None, enable_tpu=None, initial_node_count=None, ip_allocation_policy=None, logging_service=None, maintenance_policy=None, master_auth=None, master_authorized_networks_config=None, master_ipv4_cidr_block=None, min_master_version=None, monitoring_service=None, name=None, network=None, network_policy=None, node_config=None, node_pools=None, node_version=None, pod_security_policy_config=None, private_cluster=None, private_cluster_config=None, project=None, region=None, remove_default_node_pool=None, resource_labels=None, subnetwork=None, zone=None, __name__=None, __opts__=None)

Creates a Google Kubernetes Engine (GKE) cluster. For more information see the official documentation and API.

Note: All arguments including the username and password will be stored in the raw state as plain-text. Read more about sensitive data in state.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • additional_zones (pulumi.Input[list]) – The list of additional Google Compute Engine locations in which the cluster’s nodes should be located. If additional zones are configured, the number of nodes specified in initial_node_count is created in all specified zones.
  • addons_config (pulumi.Input[dict]) – The configuration for addons supported by GKE. Structure is documented below.
  • cluster_ipv4_cidr (pulumi.Input[str]) – The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR.
  • description (pulumi.Input[str]) – Description of the cluster.
  • enable_binary_authorization (pulumi.Input[bool]) – Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.
  • enable_kubernetes_alpha (pulumi.Input[bool]) – Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.
  • enable_legacy_abac (pulumi.Input[bool]) – Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. Defaults to false
  • enable_tpu (pulumi.Input[bool]) –

    Whether to enable Cloud TPU resources in this cluster. See the official documentation. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

  • initial_node_count (pulumi.Input[int]) – The number of nodes to create in this cluster (not including the Kubernetes master). Must be set if node_pool is not set.
  • ip_allocation_policy (pulumi.Input[dict]) –

    Configuration for cluster IP allocation. As of now, only pre-allocated subnetworks (custom type with secondary ranges) are supported. This will activate IP aliases. See the official documentation Structure is documented below.

  • logging_service (pulumi.Input[str]) – The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none. Defaults to logging.googleapis.com
  • maintenance_policy (pulumi.Input[dict]) – The maintenance policy to use for the cluster. Structure is documented below.
  • master_auth (pulumi.Input[dict]) – The authentication information for accessing the Kubernetes master. Structure is documented below.
  • master_authorized_networks_config (pulumi.Input[dict]) – The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).
  • master_ipv4_cidr_block (pulumi.Input[str]) –

    Specifies a private RFC1918 block for the master’s VPC. The master range must not overlap with any subnet in your cluster’s VPC. The master and your cluster use VPC peering. Must be specified in CIDR notation and must be /28 subnet. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields. This field is deprecated, use private_cluster_config.master_ipv4_cidr_block instead.

  • min_master_version (pulumi.Input[str]) – The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version–use the read-only master_version field to obtain that. If unset, the cluster’s version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version).
  • monitoring_service (pulumi.Input[str]) – The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none. Defaults to monitoring.googleapis.com
  • name (pulumi.Input[str]) – The name of the cluster, unique within the project and zone.
  • network (pulumi.Input[str]) – The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.
  • network_policy (pulumi.Input[dict]) – Configuration options for the NetworkPolicy feature. Structure is documented below.
  • node_config (pulumi.Input[dict]) – Parameters used in creating the cluster’s nodes. Structure is documented below.
  • node_pools (pulumi.Input[list]) – List of node pools associated with this cluster. See google_container_node_pool for schema. Warning: node pools defined inside a cluster can’t be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say “these are the only node pools associated with this cluster”, use the google_container_node_pool resource instead of this property.
  • node_version (pulumi.Input[str]) – The Kubernetes version on the nodes. Must either be unset or set to the same value as min_master_version on create. Defaults to the default version set by GKE which is not necessarily the latest version.
  • pod_security_policy_config (pulumi.Input[dict]) –

    Configuration for the PodSecurityPolicy feature. Structure is documented below. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

  • private_cluster (pulumi.Input[bool]) –

    If true, a private cluster will be created, meaning nodes do not get public IP addresses. It is mandatory to specify master_ipv4_cidr_block and ip_allocation_policy with this option. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields. This field is deprecated, use private_cluster_config.enable_private_nodes instead.

  • private_cluster_config (pulumi.Input[dict]) –

    A set of options for creating a private cluster. Structure is documented below. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

:param pulumi.Input[str] region :param pulumi.Input[bool] remove_default_node_pool: If true, deletes the default node pool upon cluster creation. :param pulumi.Input[dict] resource_labels: The GCE resource labels (a map of key/value pairs) to be applied to the cluster. :param pulumi.Input[str] subnetwork: The name or self_link of the Google Compute Engine subnetwork in

which the cluster’s instances are launched.
Parameters:zone (pulumi.Input[str]) – The zone that the master and the number of nodes specified in initial_node_count should be created in. Only one of zone and region may be set. If neither zone nor region are set, the provider zone is used.
additional_zones = None

The list of additional Google Compute Engine locations in which the cluster’s nodes should be located. If additional zones are configured, the number of nodes specified in initial_node_count is created in all specified zones.

addons_config = None

The configuration for addons supported by GKE. Structure is documented below.

cluster_ipv4_cidr = None

The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR.

description = None

Description of the cluster.

enable_binary_authorization = None

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

enable_kubernetes_alpha = None

Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

enable_legacy_abac = None

Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. Defaults to false

enable_tpu = None

Whether to enable Cloud TPU resources in this cluster. See the official documentation. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

endpoint = None

The IP address of this cluster’s Kubernetes master.

initial_node_count = None

The number of nodes to create in this cluster (not including the Kubernetes master). Must be set if node_pool is not set.

instance_group_urls = None

List of instance group URLs which have been assigned to the cluster.

ip_allocation_policy = None

Configuration for cluster IP allocation. As of now, only pre-allocated subnetworks (custom type with secondary ranges) are supported. This will activate IP aliases. See the official documentation Structure is documented below.

logging_service = None

The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none. Defaults to logging.googleapis.com

maintenance_policy = None

The maintenance policy to use for the cluster. Structure is documented below.

master_auth = None

The authentication information for accessing the Kubernetes master. Structure is documented below.

master_authorized_networks_config = None

The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).

master_ipv4_cidr_block = None

Specifies a private RFC1918 block for the master’s VPC. The master range must not overlap with any subnet in your cluster’s VPC. The master and your cluster use VPC peering. Must be specified in CIDR notation and must be /28 subnet. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields. This field is deprecated, use private_cluster_config.master_ipv4_cidr_block instead.

master_version = None

The current version of the master in the cluster. This may be different than the min_master_version set in the config if the master has been updated by GKE.

min_master_version = None

The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version–use the read-only master_version field to obtain that. If unset, the cluster’s version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version).

monitoring_service = None

The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none. Defaults to monitoring.googleapis.com

name = None

The name of the cluster, unique within the project and zone.

network = None

The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.

network_policy = None

Configuration options for the NetworkPolicy feature. Structure is documented below.

node_config = None

Parameters used in creating the cluster’s nodes. Structure is documented below.

node_pools = None

List of node pools associated with this cluster. See google_container_node_pool for schema. Warning: node pools defined inside a cluster can’t be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say “these are the only node pools associated with this cluster”, use the google_container_node_pool resource instead of this property.

node_version = None

The Kubernetes version on the nodes. Must either be unset or set to the same value as min_master_version on create. Defaults to the default version set by GKE which is not necessarily the latest version.

pod_security_policy_config = None

Configuration for the PodSecurityPolicy feature. Structure is documented below. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

private_cluster = None

If true, a private cluster will be created, meaning nodes do not get public IP addresses. It is mandatory to specify master_ipv4_cidr_block and ip_allocation_policy with this option. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields. This field is deprecated, use private_cluster_config.enable_private_nodes instead.

private_cluster_config = None

A set of options for creating a private cluster. Structure is documented below. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

project = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

remove_default_node_pool = None

If true, deletes the default node pool upon cluster creation.

resource_labels = None

The GCE resource labels (a map of key/value pairs) to be applied to the cluster.

subnetwork = None

The name or self_link of the Google Compute Engine subnetwork in which the cluster’s instances are launched.

zone = None

The zone that the master and the number of nodes specified in initial_node_count should be created in. Only one of zone and region may be set. If neither zone nor region are set, the provider zone is used.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_gcp.container.GetClusterResult(additional_zones=None, addons_configs=None, cluster_autoscalings=None, cluster_ipv4_cidr=None, description=None, enable_binary_authorization=None, enable_kubernetes_alpha=None, enable_legacy_abac=None, enable_tpu=None, endpoint=None, initial_node_count=None, instance_group_urls=None, ip_allocation_policies=None, logging_service=None, maintenance_policies=None, master_auths=None, master_authorized_networks_configs=None, master_ipv4_cidr_block=None, master_version=None, min_master_version=None, monitoring_service=None, network=None, network_policies=None, node_configs=None, node_pools=None, node_version=None, pod_security_policy_configs=None, private_cluster=None, private_cluster_configs=None, remove_default_node_pool=None, resource_labels=None, subnetwork=None, id=None)

A collection of values returned by getCluster.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_gcp.container.GetEngineVersionsResult(default_cluster_version=None, latest_master_version=None, latest_node_version=None, valid_master_versions=None, valid_node_versions=None, id=None)

A collection of values returned by getEngineVersions.

default_cluster_version = None

Version of Kubernetes the service deploys by default.

latest_master_version = None

The latest version available in the given zone for use with master instances.

latest_node_version = None

The latest version available in the given zone for use with node instances.

valid_master_versions = None

A list of versions available in the given zone for use with master instances.

valid_node_versions = None

A list of versions available in the given zone for use with node instances.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_gcp.container.GetRegistryImageResult(image_url=None, project=None, id=None)

A collection of values returned by getRegistryImage.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_gcp.container.GetRegistryRepositoryResult(project=None, repository_url=None, id=None)

A collection of values returned by getRegistryRepository.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_gcp.container.NodePool(resource_name, opts=None, autoscaling=None, cluster=None, initial_node_count=None, management=None, max_pods_per_node=None, name=None, name_prefix=None, node_config=None, node_count=None, project=None, region=None, version=None, zone=None, __name__=None, __opts__=None)

Manages a Node Pool resource within GKE. For more information see the official documentation and API.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • autoscaling (pulumi.Input[dict]) – Configuration required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. Structure is documented below.
  • cluster (pulumi.Input[str]) – The cluster to create the node pool for. Cluster must be present in zone provided for zonal clusters.
  • initial_node_count (pulumi.Input[int]) – The initial node count for the pool. Changing this will force recreation of the resource.
  • management (pulumi.Input[dict]) – Node management configuration, wherein auto-repair and auto-upgrade is configured. Structure is documented below.
  • max_pods_per_node (pulumi.Input[int]) –

    The maximum number of pods per node in this node pool. Note that this does not work on node pools which are “route-based” - that is, node pools belonging to clusters that do not have IP Aliasing enabled. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

  • name (pulumi.Input[str]) – The name of the node pool. If left blank, Terraform will auto-generate a unique name.
  • name_prefix (pulumi.Input[str]) – Creates a unique name for the node pool beginning with the specified prefix. Conflicts with name.
  • node_config (pulumi.Input[dict]) – The node configuration of the pool. See google_container_cluster for schema.
  • node_count (pulumi.Input[int]) – The number of nodes per instance group. This field can be used to update the number of nodes per instance group but should not be used alongside autoscaling.
  • project (pulumi.Input[str]) – The ID of the project in which to create the node pool. If blank, the provider-configured project will be used.
  • region (pulumi.Input[str]) –

    The region in which the cluster resides (for regional clusters). This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

  • version (pulumi.Input[str]) – The Kubernetes version for the nodes in this pool. Note that if this field and auto_upgrade are both specified, they will fight each other for what the node version should be, so setting both is highly discouraged.
  • zone (pulumi.Input[str]) – The zone in which the cluster resides.
autoscaling = None

Configuration required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. Structure is documented below.

cluster = None

The cluster to create the node pool for. Cluster must be present in zone provided for zonal clusters.

initial_node_count = None

The initial node count for the pool. Changing this will force recreation of the resource.

management = None

Node management configuration, wherein auto-repair and auto-upgrade is configured. Structure is documented below.

max_pods_per_node = None

The maximum number of pods per node in this node pool. Note that this does not work on node pools which are “route-based” - that is, node pools belonging to clusters that do not have IP Aliasing enabled. This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

name = None

The name of the node pool. If left blank, Terraform will auto-generate a unique name.

name_prefix = None

Creates a unique name for the node pool beginning with the specified prefix. Conflicts with name.

node_config = None

The node configuration of the pool. See google_container_cluster for schema.

node_count = None

The number of nodes per instance group. This field can be used to update the number of nodes per instance group but should not be used alongside autoscaling.

project = None

The ID of the project in which to create the node pool. If blank, the provider-configured project will be used.

region = None

The region in which the cluster resides (for regional clusters). This property is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta fields.

version = None

The Kubernetes version for the nodes in this pool. Note that if this field and auto_upgrade are both specified, they will fight each other for what the node version should be, so setting both is highly discouraged.

zone = None

The zone in which the cluster resides.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
pulumi_gcp.container.get_cluster(name=None, project=None, region=None, zone=None)

Get info about a cluster within GKE from its name and zone.

pulumi_gcp.container.get_engine_versions(project=None, region=None, zone=None)

Provides access to available Google Container Engine versions in a zone or region for a given project.

pulumi_gcp.container.get_registry_image(digest=None, name=None, project=None, region=None, tag=None)

This data source fetches the project name, and provides the appropriate URLs to use for container registry for this project.

The URLs are computed entirely offline - as long as the project exists, they will be valid, but this data source does not contact Google Container Registry (GCR) at any point.

pulumi_gcp.container.get_registry_repository(project=None, region=None)

This data source fetches the project name, and provides the appropriate URLs to use for container registry for this project.

The URLs are computed entirely offline - as long as the project exists, they will be valid, but this data source does not contact Google Container Registry (GCR) at any point.