feat: add a API field to enable FQDN Network Policy on clusters

Google APIs · copybara-github · commit e1de7d7cfac0 · 2023-06-05T08:33:58.000-07:00
---
feat: turn on public visibility for best effort provision

---
feat: add CheckAutopilotCompatibility API to get autopilot compatibility issues for a given standard cluster
PiperOrigin-RevId: 537883922
diff --git a/google/container/v1beta1/cluster_service.proto b/google/container/v1beta1/cluster_service.proto
@@ -489,6 +489,15 @@ service ClusterManager {
     option (google.api.method_signature) = "parent";
   }
 
+  // Checks the cluster compatibility with Autopilot mode, and returns a list of
+  // compatibility issues.
+  rpc CheckAutopilotCompatibility(CheckAutopilotCompatibilityRequest)
+      returns (CheckAutopilotCompatibilityResponse) {
+    option (google.api.http) = {
+      get: "/v1beta1/{name=projects/*/locations/*/clusters/*}:checkAutopilotCompatibility"
+    };
+  }
+
   // Fetches locations that offer Google Kubernetes Engine.
   rpc ListLocations(ListLocationsRequest) returns (ListLocationsResponse) {
     option (google.api.http) = {
@@ -1843,6 +1852,9 @@ message Cluster {
   // creation.
   bool enable_kubernetes_alpha = 14;
 
+  // Kubernetes open source beta apis enabled on the cluster. Only beta apis.
+  K8sBetaAPIConfig enable_k8s_beta_apis = 143;
+
   // The resource labels for the cluster to use to annotate any related
   // Google Compute Engine resources.
   map<string, string> resource_labels = 15;
@@ -2088,6 +2100,12 @@ message Cluster {
   Fleet fleet = 140;
 }
 
+// Kubernetes open source beta apis enabled on the cluster.
+message K8sBetaAPIConfig {
+  // api name, e.g. storage.k8s.io/v1beta1/csistoragecapacities.
+  repeated string enabled_apis = 1;
+}
+
 // WorkloadConfig defines the flags to enable or disable the
 // workload configurations for the cluster.
 message WorkloadConfig {
@@ -2383,6 +2401,15 @@ message ClusterUpdate {
   // The pod ranges specified here must have been specified earlier in the
   // 'additional_pod_ranges_config' argument.
   AdditionalPodRangesConfig removed_additional_pod_ranges_config = 121;
+
+  // Kubernetes open source beta apis enabled on the cluster. Only beta apis
+  K8sBetaAPIConfig enable_k8s_beta_apis = 122;
+
+  // Enable/Disable FQDN Network Policy for the cluster.
+  optional bool desired_enable_fqdn_network_policy = 126;
+
+  // Beta APIs enabled for cluster.
+  K8sBetaAPIConfig desired_k8s_beta_apis = 131;
 }
 
 // AdditionalPodRangesConfig is the configuration for additional pod secondary
@@ -3291,6 +3318,19 @@ message ServerConfig {
   map<string, WindowsVersions> windows_version_maps = 10;
 }
 
+// Best effort provisioning.
+message BestEffortProvisioning {
+  // When this is enabled, cluster/node pool creations will ignore non-fatal
+  // errors like stockout to best provision as many nodes as possible right now
+  // and eventually bring up all target number of nodes
+  bool enabled = 1;
+
+  // Minimum number of nodes to be provisioned to be considered as succeeded,
+  // and the rest of nodes will be provisioned gradually and eventually when
+  // stockout issue has been resolved.
+  int32 min_provision_nodes = 2;
+}
+
 // Windows server versions.
 message WindowsVersions {
   // Windows server version.
@@ -3706,6 +3746,9 @@ message NodePool {
   // fields, and may be sent on update requests to ensure the client has an
   // up-to-date value before proceeding.
   string etag = 110;
+
+  // Enable best effort provisioning for nodes
+  BestEffortProvisioning best_effort_provisioning = 113;
 }
 
 // NodeManagement defines the set of node management services turned on for the
@@ -4556,6 +4599,9 @@ message NetworkConfig {
   // GatewayAPIConfig contains the desired config of Gateway API on this
   // cluster.
   GatewayAPIConfig gateway_api_config = 16;
+
+  // Whether FQDN Network Policy is enabled on this cluster.
+  optional bool enable_fqdn_network_policy = 19;
 }
 
 // GatewayAPIConfig contains the desired config of Gateway API on this cluster.
@@ -4953,6 +4999,64 @@ message GetJSONWebKeysResponse {
   repeated Jwk keys = 1;
 }
 
+// CheckAutopilotCompatibilityRequest requests getting the blockers for the
+// given operation in the cluster.
+message CheckAutopilotCompatibilityRequest {
+  // The name (project, location, cluster) of the cluster to retrieve.
+  // Specified in the format `projects/*/locations/*/clusters/*`.
+  string name = 1;
+}
+
+// AutopilotCompatibilityIssue contains information about a specific
+// compatibility issue with Autopilot mode.
+message AutopilotCompatibilityIssue {
+  // The type of the reported issue.
+  enum IssueType {
+    // Default value, should not be used.
+    UNSPECIFIED = 0;
+
+    // Indicates that the issue is a known incompatibility between the
+    // cluster and Autopilot mode.
+    INCOMPATIBILITY = 1;
+
+    // Indicates the issue is an incompatibility if customers take no further
+    // action to resolve.
+    ADDITIONAL_CONFIG_REQUIRED = 2;
+
+    // Indicates the issue is not an incompatibility, but depending on the
+    // workloads business logic, there is a potential that they won't work on
+    // Autopilot.
+    PASSED_WITH_OPTIONAL_CONFIG = 3;
+  }
+
+  // The last time when this issue was observed.
+  google.protobuf.Timestamp last_observation = 1;
+
+  // The constraint type of the issue.
+  string constraint_type = 2;
+
+  // The incompatibility type of this issue.
+  IssueType incompatibility_type = 3;
+
+  // The name of the resources which are subject to this issue.
+  repeated string subjects = 4;
+
+  // A URL to a public documnetation, which addresses resolving this issue.
+  string documentation_url = 5;
+
+  // The description of the issue.
+  string description = 6;
+}
+
+// CheckAutopilotCompatibilityResponse has a list of compatibility issues.
+message CheckAutopilotCompatibilityResponse {
+  // The list of issues for the given operation.
+  repeated AutopilotCompatibilityIssue issues = 1;
+
+  // The summary of the autopilot compatibility response.
+  string summary = 2;
+}
+
 // ReleaseChannel indicates which release channel a cluster is
 // subscribed to. Release channels are arranged in order of risk.
 //
