feat: add a flag to toggle the Kubelet read only port

Google APIs · copybara-github · commit 5b2d46f59088 · 2023-07-03T03:08:48.000-07:00
A new optional field `InsecureKubeletReadonlyPortEnabled` is available in
`NodeKubeletConfig` and `AutoProvisioningNodePoolDefaults`.

Setting the field to `false` turns off the read-only port.
If un-set, the default for the GKE version is used.

---
feat: publicize tpu topology in beta API

---
feat: add a Pod IP Utilization API

Users can use `cluster describe` command to check the Pod IP ranges utilizations consumed by all the node pools within the same cluster. This percentage can be seen at cluster default Pod range, additional Pod ranges, and node pool level Pod ranges.

PiperOrigin-RevId: 545172252
diff --git a/google/container/v1beta1/cluster_service.proto b/google/container/v1beta1/cluster_service.proto
@@ -606,6 +606,9 @@ message NodeKubeletConfig {
   // Controls the maximum number of processes allowed to run in a pod. The value
   // must be greater than or equal to 1024 and less than 4194304.
   int64 pod_pids_limit = 4;
+
+  // Enable or disable Kubelet read only port.
+  optional bool insecure_kubelet_readonly_port_enabled = 7;
 }
 
 // Parameters that describe the nodes in a cluster.
@@ -918,6 +921,12 @@ message NodeNetworkConfig {
   // Example: max_pods_per_node of 30 will result in 32 IPs (/27) when
   // overprovisioning is disabled.
   PodCIDROverprovisionConfig pod_cidr_overprovision_config = 13;
+
+  // Output only. [Output only] The utilization of the IPv4 range for pod.
+  // The ratio is Usage/[Total number of IPs in the secondary range],
+  // Usage=numNodes*numZones*podIPsPerNode.
+  double pod_ipv4_range_utilization = 16
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // A set of Shielded Instance options.
@@ -1636,6 +1645,12 @@ message IPAllocationPolicy {
   // IPAllocationPolicy.
   AdditionalPodRangesConfig additional_pod_ranges_config = 24
       [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. [Output only] The utilization of the cluster default IPv4
+  // range for pod. The ratio is Usage/[Total number of IPs in the secondary
+  // range], Usage=numNodes*numZones*podIPsPerNode.
+  double default_pod_ipv4_range_utilization = 25
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // Configuration for Binary Authorization.
@@ -2464,6 +2479,19 @@ message ClusterUpdate {
 message AdditionalPodRangesConfig {
   // Name for pod secondary ipv4 range which has the actual range defined ahead.
   repeated string pod_range_names = 1;
+
+  // Output only. [Output only] Information for additional pod range.
+  repeated RangeInfo pod_range_info = 2
+      [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
+// RangeInfo contains the range name and the range utilization by this cluster.
+message RangeInfo {
+  // Output only. [Output only] Name of a range.
+  string range_name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. [Output only] The utilization of the range.
+  double utilization = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // This operation resource represents operations that may have happened or are
@@ -3709,6 +3737,10 @@ message NodePool {
 
     // The type of placement.
     Type type = 1;
+
+    // TPU placement topology for pod slice node pool.
+    // https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies
+    string tpu_topology = 2;
   }
 
   // The name of the node pool.
@@ -4174,6 +4206,9 @@ message AutoprovisioningNodePoolDefaults {
   // https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for
   // available image types.
   string image_type = 10;
+
+  // Enable or disable Kubelet read only port.
+  optional bool insecure_kubelet_readonly_port_enabled = 13;
 }
 
 // Contains information about amount of some resource in the cluster.
