def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
client = holder.client
messages = client.messages
disk_ref = disks_flags.MakeDiskArg(plural=False).ResolveAsResource(
args, holder.resources)
resource_policies = []
for policy in args.resource_policies:
resource_policy_ref = util.ParseResourcePolicyWithZone(
holder.resources,
policy,
project=disk_ref.project,
zone=disk_ref.zone)
resource_policies.append(resource_policy_ref.SelfLink())
add_request = messages.ComputeDisksAddResourcePoliciesRequest(
disk=disk_ref.Name(),
project=disk_ref.project,
zone=disk_ref.zone,
disksAddResourcePoliciesRequest=messages.
DisksAddResourcePoliciesRequest(
resourcePolicies=resource_policies))
return client.MakeRequests([(client.apitools_client.disks,
'AddResourcePolicies', add_request)])
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
client = holder.client
messages = client.messages
instance_ref = instance_flags.INSTANCE_ARG.ResolveAsResource(
args,
holder.resources,
scope_lister=instance_flags.GetInstanceZoneScopeLister(client))
resource_policies = []
for policy in args.resource_policies:
resource_policy_ref = util.ParseResourcePolicyWithZone(
holder.resources,
policy,
project=instance_ref.project,
zone=instance_ref.zone)
resource_policies.append(resource_policy_ref.SelfLink())
add_request = messages.ComputeInstancesAddResourcePoliciesRequest(
instance=instance_ref.Name(),
project=instance_ref.project,
zone=instance_ref.zone,
instancesAddResourcePoliciesRequest=messages.
InstancesAddResourcePoliciesRequest(
resourcePolicies=resource_policies))
return client.MakeRequests([(client.apitools_client.instances,
'AddResourcePolicies', add_request)])
def _CreateRequests(
self, args, instance_refs, compute_client, resource_parser, holder):
# gcloud creates default values for some fields in Instance resource
# when no value was specified on command line.
# When --source-instance-template was specified, defaults are taken from
# Instance Template and gcloud flags are used to override them - by default
# fields should not be initialized.
source_instance_template = self.GetSourceInstanceTemplate(
args, resource_parser)
skip_defaults = source_instance_template is not None
source_machine_image = self.GetSourceMachineImage(
args, resource_parser)
skip_defaults = skip_defaults or source_machine_image is not None
scheduling = instance_utils.GetScheduling(
args, compute_client, skip_defaults, support_node_affinity=True,
support_min_node_cpus=self._support_min_node_cpus,
support_location_hint=self._support_location_hint)
tags = instance_utils.GetTags(args, compute_client)
labels = instance_utils.GetLabels(args, compute_client)
metadata = instance_utils.GetMetadata(args, compute_client, skip_defaults)
boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args)
network_interfaces = self._GetNetworkInterfacesWithValidation(
args, resource_parser, compute_client, holder, instance_refs,
skip_defaults)
machine_type_uris = instance_utils.GetMachineTypeUris(
args, compute_client, holder, instance_refs, skip_defaults)
create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk or [])
image_uri = self._GetImageUri(
args, compute_client, create_boot_disk, instance_refs, resource_parser)
shielded_instance_config = self._BuildShieldedInstanceConfigMessage(
messages=compute_client.messages, args=args)
if self._support_confidential_compute:
confidential_instance_config = (
self._BuildConfidentialInstanceConfigMessage(
messages=compute_client.messages, args=args))
# TODO(b/80138906): Release track should not be used like this.
# These feature are only exposed in alpha/beta
allow_rsa_encrypted = False
if self.ReleaseTrack() in [base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA]:
allow_rsa_encrypted = True
csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted)
disks_messages = self._GetDiskMessages(
args, skip_defaults, instance_refs, compute_client, resource_parser,
create_boot_disk, boot_disk_size_gb, image_uri, csek_keys)
project_to_sa = self._GetProjectToServiceAccountMap(
args, instance_refs, compute_client, skip_defaults)
requests = []
for instance_ref, machine_type_uri, disks in zip(
instance_refs, machine_type_uris, disks_messages):
can_ip_forward = instance_utils.GetCanIpForward(args, skip_defaults)
guest_accelerators = instance_utils.GetAccelerators(
args, compute_client, resource_parser, instance_ref)
instance = compute_client.messages.Instance(
canIpForward=can_ip_forward,
deletionProtection=args.deletion_protection,
description=args.description,
disks=disks,
guestAccelerators=guest_accelerators,
hostname=args.hostname,
labels=labels,
machineType=machine_type_uri,
metadata=metadata,
minCpuPlatform=args.min_cpu_platform,
name=instance_ref.Name(),
networkInterfaces=network_interfaces,
serviceAccounts=project_to_sa[instance_ref.project],
scheduling=scheduling,
tags=tags)
resource_policies = getattr(
args, 'resource_policies', None)
if resource_policies:
parsed_resource_policies = []
for policy in resource_policies:
resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone(
resource_parser,
policy,
project=instance_ref.project,
zone=instance_ref.zone)
parsed_resource_policies.append(resource_policy_ref.SelfLink())
instance.resourcePolicies = parsed_resource_policies
if shielded_instance_config:
instance.shieldedInstanceConfig = shielded_instance_config
if self._support_confidential_compute and confidential_instance_config:
instance.confidentialInstanceConfig = confidential_instance_config
if self._support_erase_vss and \
args.IsSpecified('erase_windows_vss_signature'):
instance.eraseWindowsVssSignature = args.erase_windows_vss_signature
request = compute_client.messages.ComputeInstancesInsertRequest(
instance=instance,
project=instance_ref.project,
zone=instance_ref.zone)
if source_instance_template:
request.sourceInstanceTemplate = source_instance_template
if source_machine_image:
request.instance.sourceMachineImage = source_machine_image
if args.IsSpecified('source_machine_image_csek_key_file'):
key = instance_utils.GetSourceMachineImageKey(
args, self.SOURCE_MACHINE_IMAGE, compute_client, holder)
request.instance.sourceMachineImageEncryptionKey = key
if self._support_machine_image_key and \
args.IsSpecified('source_machine_image_csek_key_file'):
if not args.IsSpecified('source_machine_image'):
raise exceptions.RequiredArgumentException(
'`--source-machine-image`',
'`--source-machine-image-csek-key-file` requires '
'`--source-machine-image` to be specified`')
if args.IsSpecified('enable_display_device'):
request.instance.displayDevice = compute_client.messages.DisplayDevice(
enableDisplay=args.enable_display_device)
request.instance.reservationAffinity = instance_utils.GetReservationAffinity(
args, compute_client)
requests.append(
(compute_client.apitools_client.instances, 'Insert', request))
return requests
def _CreateRequests(self, args, instance_refs, compute_client,
resource_parser, holder):
# gcloud creates default values for some fields in Instance resource
# when no value was specified on command line.
# When --source-instance-template was specified, defaults are taken from
# Instance Template and gcloud flags are used to override them - by default
# fields should not be initialized.
source_instance_template = self.GetSourceInstanceTemplate(
args, resource_parser)
skip_defaults = source_instance_template is not None
scheduling = instance_utils.GetScheduling(
args,
compute_client,
skip_defaults,
support_node_affinity=self._support_node_affinity)
tags = instance_utils.GetTags(args, compute_client)
labels = instance_utils.GetLabels(args, compute_client)
metadata = instance_utils.GetMetadata(args, compute_client,
skip_defaults)
boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args)
network_interfaces = self._GetNetworkInterfacesWithValidation(
args, resource_parser, compute_client, holder, instance_refs,
skip_defaults)
machine_type_uris = instance_utils.GetMachineTypeUris(
args, compute_client, holder, instance_refs, skip_defaults)
create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk
or [])
image_uri = self._GetImageUri(args, compute_client, create_boot_disk,
instance_refs, resource_parser)
# TODO(b/80138906): Release track should not be used like this.
# These feature are only exposed in alpha/beta
shielded_vm_config = None
allow_rsa_encrypted = False
if self.ReleaseTrack() in [
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA
]:
allow_rsa_encrypted = True
shielded_vm_config = self._BuildShieldedVMConfigMessage(
messages=compute_client.messages, args=args)
csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted)
disks_messages = self._GetDiskMessagess(args, skip_defaults,
instance_refs, compute_client,
resource_parser,
create_boot_disk,
boot_disk_size_gb, image_uri,
csek_keys)
project_to_sa = self._GetProjectToServiceAccountMap(
args, instance_refs, compute_client, skip_defaults)
requests = []
for instance_ref, machine_type_uri, disks in zip(
instance_refs, machine_type_uris, disks_messages):
can_ip_forward = instance_utils.GetCanIpForward(
args, skip_defaults)
guest_accelerators = instance_utils.GetAccelerators(
args, compute_client, resource_parser, instance_ref)
instance = compute_client.messages.Instance(
canIpForward=can_ip_forward,
deletionProtection=args.deletion_protection,
description=args.description,
disks=disks,
guestAccelerators=guest_accelerators,
labels=labels,
machineType=machine_type_uri,
metadata=metadata,
minCpuPlatform=args.min_cpu_platform,
name=instance_ref.Name(),
networkInterfaces=network_interfaces,
serviceAccounts=project_to_sa[instance_ref.project],
scheduling=scheduling,
tags=tags)
sole_tenancy_host = self._GetGetSoleTenancyHost(
args, resource_parser, instance_ref)
if sole_tenancy_host:
instance.host = sole_tenancy_host
resource_policies = getattr(args, 'resource_policies', None)
if resource_policies:
parsed_resource_policies = []
for policy in resource_policies:
resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone(
resource_parser,
policy,
project=instance_ref.project,
zone=instance_ref.zone)
parsed_resource_policies.append(
resource_policy_ref.SelfLink())
instance.resourcePolicies = parsed_resource_policies
if shielded_vm_config:
instance.shieldedVmConfig = shielded_vm_config
request = compute_client.messages.ComputeInstancesInsertRequest(
instance=instance,
project=instance_ref.project,
zone=instance_ref.zone)
if source_instance_template:
request.sourceInstanceTemplate = source_instance_template
requests.append(
(compute_client.apitools_client.instances, 'Insert', request))
return requests
def _CreateRequests(self, args, instance_refs, project, zone,
compute_client, resource_parser, holder):
# gcloud creates default values for some fields in Instance resource
# when no value was specified on command line.
# When --source-instance-template was specified, defaults are taken from
# Instance Template and gcloud flags are used to override them - by default
# fields should not be initialized.
source_instance_template = self.GetSourceInstanceTemplate(
args, resource_parser)
skip_defaults = source_instance_template is not None
source_machine_image = self.GetSourceMachineImage(
args, resource_parser)
skip_defaults = skip_defaults or source_machine_image is not None
scheduling = instance_utils.GetScheduling(
args,
compute_client,
skip_defaults,
support_node_affinity=True,
support_min_node_cpu=self._support_min_node_cpu,
support_location_hint=self._support_location_hint)
tags = instance_utils.GetTags(args, compute_client)
labels = instance_utils.GetLabels(args, compute_client)
metadata = instance_utils.GetMetadata(args, compute_client,
skip_defaults)
boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args)
network_interfaces = create_utils.GetNetworkInterfacesWithValidation(
args=args,
resource_parser=resource_parser,
compute_client=compute_client,
holder=holder,
project=project,
location=zone,
scope=compute_scopes.ScopeEnum.ZONE,
skip_defaults=skip_defaults,
support_public_dns=self._support_public_dns)
create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk
or [])
image_uri = create_utils.GetImageUri(args, compute_client,
create_boot_disk, project,
resource_parser)
shielded_instance_config = create_utils.BuildShieldedInstanceConfigMessage(
messages=compute_client.messages, args=args)
if self._support_confidential_compute:
confidential_instance_config = (
create_utils.BuildConfidentialInstanceConfigMessage(
messages=compute_client.messages, args=args))
csek_keys = csek_utils.CsekKeyStore.FromArgs(
args, self._support_rsa_encrypted)
project_to_sa = create_utils.GetProjectToServiceAccountMap(
args, instance_refs, compute_client, skip_defaults)
requests = []
for instance_ref in instance_refs:
disks = []
if create_utils.CheckSpecifiedDiskArgs(
args=args,
skip_defaults=skip_defaults,
support_kms=self._support_kms):
disks = create_utils.CreateDiskMessages(
args=args,
instance_name=instance_ref.Name(),
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE,
compute_client=compute_client,
resource_parser=resource_parser,
boot_disk_size_gb=boot_disk_size_gb,
image_uri=image_uri,
create_boot_disk=create_boot_disk,
csek_keys=csek_keys,
support_kms=self._support_kms,
support_nvdimm=self._support_nvdimm,
support_disk_resource_policy=self.
_support_disk_resource_policy,
support_source_snapshot_csek=self.
_support_source_snapshot_csek,
support_boot_snapshot_uri=self._support_boot_snapshot_uri,
support_image_csek=self._support_image_csek,
support_create_disk_snapshots=self.
_support_create_disk_snapshots)
machine_type_uri = None
if instance_utils.CheckSpecifiedMachineTypeArgs(
args, skip_defaults):
machine_type_uri = instance_utils.CreateMachineTypeUri(
args=args,
compute_client=compute_client,
resource_parser=resource_parser,
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE)
can_ip_forward = instance_utils.GetCanIpForward(
args, skip_defaults)
guest_accelerators = create_utils.GetAccelerators(
args=args,
compute_client=compute_client,
resource_parser=resource_parser,
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE)
instance = compute_client.messages.Instance(
canIpForward=can_ip_forward,
deletionProtection=args.deletion_protection,
description=args.description,
disks=disks,
guestAccelerators=guest_accelerators,
hostname=args.hostname,
labels=labels,
machineType=machine_type_uri,
metadata=metadata,
minCpuPlatform=args.min_cpu_platform,
name=instance_ref.Name(),
networkInterfaces=network_interfaces,
serviceAccounts=project_to_sa[instance_ref.project],
scheduling=scheduling,
tags=tags)
if args.private_ipv6_google_access_type is not None:
instance.privateIpv6GoogleAccess = (
instances_flags.GetPrivateIpv6GoogleAccessTypeFlagMapper(
compute_client.messages).GetEnumForChoice(
args.private_ipv6_google_access_type))
resource_policies = getattr(args, 'resource_policies', None)
if resource_policies:
parsed_resource_policies = []
for policy in resource_policies:
resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone(
resource_parser,
policy,
project=instance_ref.project,
zone=instance_ref.zone)
parsed_resource_policies.append(
resource_policy_ref.SelfLink())
instance.resourcePolicies = parsed_resource_policies
if shielded_instance_config:
instance.shieldedInstanceConfig = shielded_instance_config
if self._support_confidential_compute and confidential_instance_config:
instance.confidentialInstanceConfig = confidential_instance_config
if self._support_erase_vss and \
args.IsSpecified('erase_windows_vss_signature'):
instance.eraseWindowsVssSignature = args.erase_windows_vss_signature
if self._support_post_key_revocation_action_type and args.IsSpecified(
'post_key_revocation_action_type'):
instance.postKeyRevocationActionType = arg_utils.ChoiceToEnum(
args.post_key_revocation_action_type,
compute_client.messages.Instance.
PostKeyRevocationActionTypeValueValuesEnum)
request = compute_client.messages.ComputeInstancesInsertRequest(
instance=instance,
project=instance_ref.project,
zone=instance_ref.zone)
if source_instance_template:
request.sourceInstanceTemplate = source_instance_template
if source_machine_image:
request.instance.sourceMachineImage = source_machine_image
if args.IsSpecified('source_machine_image_csek_key_file'):
key = instance_utils.GetSourceMachineImageKey(
args, self.SOURCE_MACHINE_IMAGE, compute_client,
holder)
request.instance.sourceMachineImageEncryptionKey = key
if self._support_machine_image_key and \
args.IsSpecified('source_machine_image_csek_key_file'):
if not args.IsSpecified('source_machine_image'):
raise exceptions.RequiredArgumentException(
'`--source-machine-image`',
'`--source-machine-image-csek-key-file` requires '
'`--source-machine-image` to be specified`')
if args.IsSpecified('enable_display_device'):
request.instance.displayDevice = compute_client.messages.DisplayDevice(
enableDisplay=args.enable_display_device)
request.instance.reservationAffinity = instance_utils.GetReservationAffinity(
args, compute_client)
requests.append(
(compute_client.apitools_client.instances, 'Insert', request))
return requests
def _Run(self, args, supports_kms_keys=False):
compute_holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
client = compute_holder.client
self.show_unformated_message = not (
args.IsSpecified('image') or args.IsSpecified('image_family')
or args.IsSpecified('source_snapshot'))
disk_refs = self.ValidateAndParseDiskRefs(args, compute_holder)
from_image = self.GetFromImage(args)
size_gb = self.GetDiskSizeGb(args, from_image)
self.WarnAboutScopeDeprecationsAndMaintainance(disk_refs, client)
project_to_source_image = self.GetProjectToSourceImageDict(
args, disk_refs, compute_holder, from_image)
snapshot_uri = self.GetSnapshotUri(args, compute_holder)
# Those features are only exposed in alpha/beta, it would be nice to have
# code supporting them only in alpha and beta versions of the command.
labels = self.GetLabels(args, client)
allow_rsa_encrypted = self.ReleaseTrack() in [
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA
]
csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted)
for project in project_to_source_image:
source_image_uri = project_to_source_image[project].uri
project_to_source_image[project].keys = (
csek_utils.MaybeLookupKeyMessagesByUri(
csek_keys, compute_holder.resources,
[source_image_uri, snapshot_uri], client.apitools_client))
resource_policies = getattr(args, 'resource_policies', None)
# end of alpha/beta features.
guest_os_feature_messages = _ParseGuestOsFeaturesToMessages(
args, client.messages)
requests = []
for disk_ref in disk_refs:
type_uri = self.GetDiskTypeUri(args, disk_ref, compute_holder)
# Those features are only exposed in alpha/beta, it would be nice to have
# code supporting them only in alpha and beta versions of the command.
# TODO(b/65161039): Stop checking release path in the middle of GA code.
kwargs = {}
if csek_keys:
disk_key_or_none = csek_keys.LookupKey(
disk_ref, args.require_csek_key_create)
disk_key_message_or_none = csek_utils.MaybeToMessage(
disk_key_or_none, client.apitools_client)
kwargs['diskEncryptionKey'] = disk_key_message_or_none
kwargs['sourceImageEncryptionKey'] = (
project_to_source_image[disk_ref.project].keys[0])
kwargs['sourceSnapshotEncryptionKey'] = (
project_to_source_image[disk_ref.project].keys[1])
if labels:
kwargs['labels'] = labels
if supports_kms_keys:
kwargs['diskEncryptionKey'] = kms_utils.MaybeGetKmsKey(
args, client.messages, kwargs.get('diskEncryptionKey',
None))
if resource_policies:
if disk_ref.Collection() == 'compute.regionDisks':
raise exceptions.InvalidArgumentException(
'--resource-policies',
'Resource policies are not supported for regional disks.'
)
parsed_resource_policies = []
for policy in resource_policies:
resource_policy_ref = resource_util.ParseResourcePolicyWithZone(
compute_holder.resources,
policy,
project=disk_ref.project,
zone=disk_ref.zone)
parsed_resource_policies.append(
resource_policy_ref.SelfLink())
kwargs['resourcePolicies'] = parsed_resource_policies
# end of alpha/beta features.
disk = client.messages.Disk(name=disk_ref.Name(),
description=args.description,
sizeGb=size_gb,
sourceSnapshot=snapshot_uri,
type=type_uri,
**kwargs)
if guest_os_feature_messages:
disk.guestOsFeatures = guest_os_feature_messages
disk.licenses = self.ParseLicenses(args)
if disk_ref.Collection() == 'compute.disks':
request = client.messages.ComputeDisksInsertRequest(
disk=disk,
project=disk_ref.project,
sourceImage=project_to_source_image[disk_ref.project].uri,
zone=disk_ref.zone)
request = (client.apitools_client.disks, 'Insert', request)
elif disk_ref.Collection() == 'compute.regionDisks':
disk.replicaZones = self.GetReplicaZones(
args, compute_holder, disk_ref)
request = client.messages.ComputeRegionDisksInsertRequest(
disk=disk,
project=disk_ref.project,
sourceImage=project_to_source_image[disk_ref.project].uri,
region=disk_ref.region)
request = (client.apitools_client.regionDisks, 'Insert',
request)
requests.append(request)
return client.MakeRequests(requests)
def _CreateRequests(self, args, instance_refs, project, zone,
compute_client, resource_parser, holder):
# gcloud creates default values for some fields in Instance resource
# when no value was specified on command line.
# When --source-instance-template was specified, defaults are taken from
# Instance Template and gcloud flags are used to override them - by default
# fields should not be initialized.
source_instance_template = self.GetSourceInstanceTemplate(
args, resource_parser)
skip_defaults = source_instance_template is not None
source_machine_image = self.GetSourceMachineImage(
args, resource_parser)
skip_defaults = skip_defaults or source_machine_image is not None
scheduling = instance_utils.GetScheduling(
args,
compute_client,
skip_defaults,
support_node_affinity=True,
support_node_project=self._support_node_project,
support_host_error_timeout_seconds=self.
_support_host_error_timeout_seconds,
support_max_run_duration=self._support_max_run_duration)
tags = instance_utils.GetTags(args, compute_client)
labels = instance_utils.GetLabels(args, compute_client)
metadata = instance_utils.GetMetadata(args, compute_client,
skip_defaults)
boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args)
network_interfaces = create_utils.GetNetworkInterfacesWithValidation(
args=args,
resource_parser=resource_parser,
compute_client=compute_client,
holder=holder,
project=project,
location=zone,
scope=compute_scopes.ScopeEnum.ZONE,
skip_defaults=skip_defaults,
support_public_dns=self._support_public_dns,
support_ipv6_assignment=self._support_ipv6_assignment)
confidential_vm = (args.IsSpecified('confidential_compute')
and args.confidential_compute)
create_boot_disk = not (
instance_utils.UseExistingBootDisk((args.disk or []) +
(args.create_disk or [])))
image_uri = create_utils.GetImageUri(
args,
compute_client,
create_boot_disk,
project,
resource_parser,
confidential_vm,
image_family_scope=args.image_family_scope,
support_image_family_scope=True)
shielded_instance_config = create_utils.BuildShieldedInstanceConfigMessage(
messages=compute_client.messages, args=args)
confidential_instance_config = (
create_utils.BuildConfidentialInstanceConfigMessage(
messages=compute_client.messages, args=args))
csek_keys = csek_utils.CsekKeyStore.FromArgs(
args, self._support_rsa_encrypted)
project_to_sa = create_utils.GetProjectToServiceAccountMap(
args, instance_refs, compute_client, skip_defaults)
requests = []
for instance_ref in instance_refs:
disks = []
if create_utils.CheckSpecifiedDiskArgs(
args=args,
skip_defaults=skip_defaults,
support_kms=self._support_kms):
disks = create_utils.CreateDiskMessages(
args=args,
instance_name=instance_ref.Name(),
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE,
compute_client=compute_client,
resource_parser=resource_parser,
boot_disk_size_gb=boot_disk_size_gb,
image_uri=image_uri,
create_boot_disk=create_boot_disk,
csek_keys=csek_keys,
holder=holder,
support_kms=self._support_kms,
support_nvdimm=self._support_nvdimm,
support_source_snapshot_csek=self.
_support_source_snapshot_csek,
support_boot_snapshot_uri=self._support_boot_snapshot_uri,
support_image_csek=self._support_image_csek,
support_create_disk_snapshots=self.
_support_create_disk_snapshots,
support_replica_zones=self._support_replica_zones,
support_multi_writer=self._support_multi_writer,
support_disk_architecture=self._support_disk_architecture)
machine_type_uri = None
if instance_utils.CheckSpecifiedMachineTypeArgs(
args, skip_defaults):
machine_type_uri = instance_utils.CreateMachineTypeUri(
args=args,
compute_client=compute_client,
resource_parser=resource_parser,
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE,
confidential_vm=confidential_vm)
can_ip_forward = instance_utils.GetCanIpForward(
args, skip_defaults)
guest_accelerators = create_utils.GetAccelerators(
args=args,
compute_client=compute_client,
resource_parser=resource_parser,
project=instance_ref.project,
location=instance_ref.zone,
scope=compute_scopes.ScopeEnum.ZONE)
instance = compute_client.messages.Instance(
canIpForward=can_ip_forward,
deletionProtection=args.deletion_protection,
description=args.description,
disks=disks,
guestAccelerators=guest_accelerators,
hostname=args.hostname,
labels=labels,
machineType=machine_type_uri,
metadata=metadata,
minCpuPlatform=args.min_cpu_platform,
name=instance_ref.Name(),
networkInterfaces=network_interfaces,
serviceAccounts=project_to_sa[instance_ref.project],
scheduling=scheduling,
tags=tags)
if self._support_instance_kms and args.CONCEPTS.instance_kms_key:
instance.instanceEncryptionKey = kms_utils.MaybeGetKmsKey(
args,
compute_client.messages,
instance.instanceEncryptionKey,
instance_prefix=True)
if self._support_secure_tag and args.secure_tags:
instance.secureTags = secure_tags_utils.GetSecureTags(
args.secure_tags)
if args.resource_manager_tags:
ret_resource_manager_tags = resource_manager_tags_utils.GetResourceManagerTags(
args.resource_manager_tags)
if ret_resource_manager_tags is not None:
params = compute_client.messages.InstanceParams
instance.params = params(
resourceManagerTags=params.ResourceManagerTagsValue(
additionalProperties=[
params.ResourceManagerTagsValue.
AdditionalProperty(key=key, value=value)
for key, value in sorted(
six.iteritems(ret_resource_manager_tags))
]))
if args.private_ipv6_google_access_type is not None:
instance.privateIpv6GoogleAccess = (
instances_flags.GetPrivateIpv6GoogleAccessTypeFlagMapper(
compute_client.messages).GetEnumForChoice(
args.private_ipv6_google_access_type))
has_visible_core_count = (self._support_visible_core_count
and args.visible_core_count is not None)
if (args.enable_nested_virtualization is not None
or args.threads_per_core is not None
or (self._support_numa_node_count
and args.numa_node_count is not None)
or has_visible_core_count
or args.enable_uefi_networking is not None):
visible_core_count = args.visible_core_count if has_visible_core_count else None
instance.advancedMachineFeatures = (
instance_utils.CreateAdvancedMachineFeaturesMessage(
compute_client.messages,
args.enable_nested_virtualization,
args.threads_per_core, args.numa_node_count
if self._support_numa_node_count else None,
visible_core_count, args.enable_uefi_networking))
resource_policies = getattr(args, 'resource_policies', None)
if resource_policies:
parsed_resource_policies = []
for policy in resource_policies:
resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone(
resource_parser,
policy,
project=instance_ref.project,
zone=instance_ref.zone)
parsed_resource_policies.append(
resource_policy_ref.SelfLink())
instance.resourcePolicies = parsed_resource_policies
if shielded_instance_config:
instance.shieldedInstanceConfig = shielded_instance_config
if confidential_instance_config:
instance.confidentialInstanceConfig = confidential_instance_config
if self._support_erase_vss and args.IsSpecified(
'erase_windows_vss_signature'):
instance.eraseWindowsVssSignature = args.erase_windows_vss_signature
if self._support_post_key_revocation_action_type and args.IsSpecified(
'post_key_revocation_action_type'):
instance.postKeyRevocationActionType = arg_utils.ChoiceToEnum(
args.post_key_revocation_action_type,
compute_client.messages.Instance.
PostKeyRevocationActionTypeValueValuesEnum)
if self._support_key_revocation_action_type and args.IsSpecified(
'key_revocation_action_type'):
instance.keyRevocationActionType = arg_utils.ChoiceToEnum(
args.key_revocation_action_type, compute_client.messages.
Instance.KeyRevocationActionTypeValueValuesEnum)
if args.IsSpecified('network_performance_configs'):
instance.networkPerformanceConfig = instance_utils.GetNetworkPerformanceConfig(
args, compute_client)
request = compute_client.messages.ComputeInstancesInsertRequest(
instance=instance,
project=instance_ref.project,
zone=instance_ref.zone)
if source_instance_template:
request.sourceInstanceTemplate = source_instance_template
if source_machine_image:
request.instance.sourceMachineImage = source_machine_image
if args.IsSpecified('source_machine_image_csek_key_file'):
key = instance_utils.GetSourceMachineImageKey(
args, self.SOURCE_MACHINE_IMAGE, compute_client,
holder)
request.instance.sourceMachineImageEncryptionKey = key
if self._support_machine_image_key and args.IsSpecified(
'source_machine_image_csek_key_file'):
if not args.IsSpecified('source_machine_image'):
raise exceptions.RequiredArgumentException(
'`--source-machine-image`',
'`--source-machine-image-csek-key-file` requires '
'`--source-machine-image` to be specified`')
if args.IsSpecified('enable_display_device'):
request.instance.displayDevice = compute_client.messages.DisplayDevice(
enableDisplay=args.enable_display_device)
request.instance.reservationAffinity = instance_utils.GetReservationAffinity(
args, compute_client)
requests.append(
(compute_client.apitools_client.instances, 'Insert', request))
return requests
