Instance is the Schema for the Instances API. Manages a VM instance resource within GCE.
Type
CRD
Group
compute.gcp.upbound.io
Version
v1beta1
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
InstanceSpec defines the desired state of Instance
No description provided.
Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below
Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.
A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set.
The boot disk for the instance. Structure is documented below.
A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set.
Parameters for a new disk that will be created alongside the new instance. Either initialize_params or source must be set. Structure is documented below.
Reference to a Image to populate image.
Policies for referencing.
Selector for a Image to populate image.
Policies for selection.
Enable Confidential Mode on this VM. Structure is documented below
List of the type and count of accelerator cards attached to the instance. Structure documented below. Note: GPU accelerators can only be used with on_host_maintenance option set to TERMINATE. Note: This field uses attr-as-block mode to avoid breaking users during the 0.12 upgrade. To explicitly send a list of zero objects you must use the following syntax: example=[] For more details about this behavior, see this section.
Networks to attach to the instance. This can be specified multiple times. Structure is documented below.
Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet.g. via tunnel or because it is running on another cloud instance on that network). This block can be repeated multiple times. Structure documented below.
An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks. Structure documented below.
An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access. Structure documented below.
Reference to a Network to populate network.
Policies for referencing.
Selector for a Network to populate network.
Policies for selection.
Reference to a Subnetwork to populate subnetwork.
Policies for referencing.
Selector for a Subnetwork to populate subnetwork.
Policies for selection.
Specifies the reservations that this instance can consume from. Structure is documented below.
- A list of self_links of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.
The scheduling strategy to use. More details about this configuration option are detailed below.
Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. Read more on sole-tenant node creation here. Structure documented below.
Service account to attach to the instance. Structure is documented below. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
Reference to a ServiceAccount in cloudplatform to populate email.
Policies for referencing.
Selector for a ServiceAccount in cloudplatform to populate email.
Policies for selection.
A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. To allow full access to all Cloud APIs, use the cloud-platform scope. See a complete list of scopes here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shielded_instance_config can only be used with boot images with shielded vm support. See the complete list here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
A list of network tags to attach to the instance.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. InitProvider holds the same fields as ForProvider, with the exception of Identifier and other resource reference fields. The fields that are in InitProvider are merged into ForProvider when the resource is created. The same fields are also added to the terraform ignore_changes hook, to avoid updating them after creation. This is useful for fields that are required on creation, but we do not desire to update them after creation, for example because of an external controller is managing them, like an autoscaler.
Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below
Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.
The boot disk for the instance. Structure is documented below.
Enable Confidential Mode on this VM. Structure is documented below
List of the type and count of accelerator cards attached to the instance. Structure documented below. Note: GPU accelerators can only be used with on_host_maintenance option set to TERMINATE. Note: This field uses attr-as-block mode to avoid breaking users during the 0.12 upgrade. To explicitly send a list of zero objects you must use the following syntax: example=[] For more details about this behavior, see this section.
Networks to attach to the instance. This can be specified multiple times. Structure is documented below.
Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet.g. via tunnel or because it is running on another cloud instance on that network). This block can be repeated multiple times. Structure documented below.
An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks. Structure documented below.
An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access. Structure documented below.
Specifies the reservations that this instance can consume from. Structure is documented below.
- A list of self_links of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.
The scheduling strategy to use. More details about this configuration option are detailed below.
Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. Read more on sole-tenant node creation here. Structure documented below.
Service account to attach to the instance. Structure is documented below. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. To allow full access to all Cloud APIs, use the cloud-platform scope. See a complete list of scopes here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shielded_instance_config can only be used with boot images with shielded vm support. See the complete list here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
A list of network tags to attach to the instance.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
InstanceStatus defines the observed state of Instance.
No description provided.
Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below
Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.
The boot disk for the instance. Structure is documented below.
Enable Confidential Mode on this VM. Structure is documented below
List of the type and count of accelerator cards attached to the instance. Structure documented below. Note: GPU accelerators can only be used with on_host_maintenance option set to TERMINATE. Note: This field uses attr-as-block mode to avoid breaking users during the 0.12 upgrade. To explicitly send a list of zero objects you must use the following syntax: example=[] For more details about this behavior, see this section.
Networks to attach to the instance. This can be specified multiple times. Structure is documented below.
Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet.g. via tunnel or because it is running on another cloud instance on that network). This block can be repeated multiple times. Structure documented below.
An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks. Structure documented below.
An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access. Structure documented below.
Specifies the reservations that this instance can consume from. Structure is documented below.
- A list of self_links of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.
The scheduling strategy to use. More details about this configuration option are detailed below.
Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. Read more on sole-tenant node creation here. Structure documented below.
Service account to attach to the instance. Structure is documented below. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. To allow full access to all Cloud APIs, use the cloud-platform scope. See a complete list of scopes here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shielded_instance_config can only be used with boot images with shielded vm support. See the complete list here. Note: allow_stopping_for_update must be set to true or your instance must have a desired_status of TERMINATED in order to update this field.
A list of network tags to attach to the instance.
Conditions of the resource.
target-instance
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/targetinstance
labels:
testing.upbound.io/example-name: target-instance
name: target-instance
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
networkInterface:
- network: default
zone: us-central1-a
network-endpoint
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/networkendpoint
labels:
testing.upbound.io/example-name: network-endpoint
name: network-endpoint
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
networkInterface:
- networkIp: 10.2.0.21
networkSelector:
matchLabels:
testing.upbound.io/example-name: network-endpoint
subnetworkSelector:
matchLabels:
testing.upbound.io/example-name: network-endpoint
zone: us-central1-a
example-instance
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/instance
labels:
testing.upbound.io/example-name: example_instance
name: example-instance
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
metadata:
environment: dev
metadataStartupScript: echo 'Upbound!' > /test.txt
networkInterface:
- accessConfig:
- {}
networkSelector:
matchLabels:
testing.upbound.io/example-name: example_instance_network
subnetworkSelector:
matchLabels:
testing.upbound.io/example-name: example_instance_network
serviceAccount:
- emailSelector:
matchLabels:
testing.upbound.io/example-name: example_instance_sa
scopes:
- cloud-platform
tags:
- foo
- bar
zone: us-central1-a
packet-mirroring
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/packetmirroring
labels:
testing.upbound.io/example-name: packet-mirroring
name: packet-mirroring
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
networkInterface:
- accessConfig:
- {}
networkSelector:
matchLabels:
testing.upbound.io/example-name: packet-mirroring
subnetworkSelector:
matchLabels:
testing.upbound.io/example-name: packet-mirroring
zone: us-central1-a
instance-iam-member
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/instanceiammember
labels:
testing.upbound.io/example-name: instance-iam-member
name: instance-iam-member
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
networkInterface:
- network: default
zone: us-central1-a
forwarding-rule
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/forwardingrule
labels:
testing.upbound.io/example-name: forwarding-rule
name: forwarding-rule
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-small
networkInterface:
- networkSelector:
matchLabels:
testing.upbound.io/example-name: forwarding-rule
subnetworkSelector:
matchLabels:
testing.upbound.io/example-name: forwarding-rule-ilb
zone: us-central1-a
attached-disk-instance
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Instance
metadata:
annotations:
meta.upbound.io/example-id: compute/v1beta1/attacheddisk
labels:
testing.upbound.io/example-name: attached-disk
name: attached-disk-instance
spec:
forProvider:
bootDisk:
- initializeParams:
- image: debian-cloud/debian-11
machineType: e2-medium
networkInterface:
- network: default
zone: us-central1-a