def Args(parser):
_Args(parser)
group = parser.add_mutually_exclusive_group()
_AddAdditionalZonesFlag(group, deprecated=True)
flags.AddNodeLocationsFlag(group)
flags.AddAlphaAddonsFlags(parser)
flags.AddClusterAutoscalingFlags(parser)
flags.AddMaxPodsPerNodeFlag(parser)
flags.AddEnableAutoRepairFlag(parser, for_create=True)
flags.AddEnableBinAuthzFlag(parser)
flags.AddEnableKubernetesAlphaFlag(parser)
flags.AddEnableLegacyAuthorizationFlag(parser)
flags.AddIPAliasFlags(parser)
flags.AddIstioConfigFlag(parser)
flags.AddLabelsFlag(parser)
flags.AddLocalSSDAndLocalSSDVolumeConfigsFlag(parser)
flags.AddMaintenanceWindowFlag(parser)
flags.AddMasterAuthorizedNetworksFlags(parser)
flags.AddMinCpuPlatformFlag(parser)
flags.AddWorkloadMetadataFromNodeFlag(parser)
flags.AddNetworkPolicyFlags(parser)
flags.AddAutoprovisioningFlags(parser, hidden=False)
flags.AddAutoscalingProfilesFlag(parser, hidden=True)
flags.AddNodeTaintsFlag(parser)
flags.AddPreemptibleFlag(parser)
flags.AddPodSecurityPolicyFlag(parser)
flags.AddAllowRouteOverlapFlag(parser)
flags.AddPrivateClusterFlags(parser, with_deprecated=True, with_alpha=True)
flags.AddClusterNodeIdentityFlags(parser)
flags.AddTpuFlags(parser, hidden=False, enable_tpu_service_networking=True)
flags.AddEnableStackdriverKubernetesFlag(parser)
flags.AddManagedPodIdentityFlags(parser)
flags.AddWorkloadIdentityFlags(parser)
flags.AddResourceUsageExportFlags(parser)
flags.AddAuthenticatorSecurityGroupFlags(parser)
flags.AddVerticalPodAutoscalingFlag(parser)
flags.AddSecurityProfileForCreateFlags(parser)
flags.AddInitialNodePoolNameArg(parser, hidden=False)
flags.AddEnablePrivateIpv6AccessFlag(parser, hidden=True)
flags.AddEnableShieldedContainersFlags(parser)
versioning_groups = parser.add_mutually_exclusive_group("""\
`--release-channel` cannot be specified if `--cluster-version` or
`--node-version` are specified.
""")
flags.AddReleaseChannelFlag(versioning_groups)
cluster_version_group = versioning_groups.add_group()
flags.AddClusterVersionFlag(cluster_version_group)
flags.AddNodeVersionFlag(cluster_version_group)
flags.AddEnableAutoUpgradeFlag(parser, default=True)
kms_flag_overrides = {
'kms-key': '--database-encryption-key',
'kms-keyring': '--database-encryption-key-keyring',
'kms-location': '--database-encryption-key-location',
'kms-project': '--database-encryption-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def AddKmsKeyFlag(parser, resource):
permission_info = '{} must hold permission {}'.format(
"The 'AI Platform Service Agent' service account",
"'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(parser,
resource,
permission_info=permission_info)
def Args(cls, parser):
dataproc = dp.Dataproc(cls.ReleaseTrack())
base.ASYNC_FLAG.AddToParser(parser)
flags.AddClusterResourceArg(parser, 'create', dataproc.api_version)
clusters.ArgsForClusterRef(
parser,
dataproc,
cls.BETA,
include_ttl_config=True,
include_gke_platform_args=cls.BETA)
# Add arguments for failure action for primary workers
if not cls.BETA:
parser.add_argument(
'--action-on-failed-primary-workers',
choices={
'NO_ACTION': 'take no action',
'DELETE': 'delete the failed primary workers',
'FAILURE_ACTION_UNSPECIFIED': 'failure action is not specified'
},
type=arg_utils.ChoiceToEnumName,
help="""
Failure action to take when primary workers fail during cluster creation
""")
# Add gce-pd-kms-key args
kms_flag_overrides = {
'kms-key': '--gce-pd-kms-key',
'kms-keyring': '--gce-pd-kms-key-keyring',
'kms-location': '--gce-pd-kms-key-location',
'kms-project': '--gce-pd-kms-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def Args(parser):
"""Register flags for this command."""
parser.add_argument(
'--organization',
required=True,
metavar='ORGANIZATION_ID',
completer=completers.OrganizationCompleter,
help='Organization to update Logs Router CMEK settings for.')
group = parser.add_mutually_exclusive_group(required=True)
kms_resource_args.AddKmsKeyResourceArg(
group,
resource='logs being processed by the Cloud Logging Logs Router',
permission_info=(
'The Cloud KMS CryptoKey Encrypter/Decryper role must '
'be assigned to the Cloud Logging Logs Router service '
'account'),
name='--kms-key-name')
group.add_argument(
'--clear-kms-key',
action='store_true',
help=('Disable CMEK for the Logs Router by clearing out Cloud KMS '
'cryptokey in the organization\'s CMEK settings.'))
def AddKmsKeyResourceArg(parser, resource):
"""Add the --kms-key resource arg to the given parser."""
permission_info = (
"The 'AI Platform Service Agent' service account must hold"
" permission 'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(parser,
resource,
permission_info=permission_info)
def AddKmsKeyArg(parser):
permission_info = '{} must hold permission {}'.format(
"The 'Filestore Service Agent' service account",
"'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(parser=parser,
resource='instance',
permission_info=permission_info,
required=False)
def Args(cls, parser):
super(CreateBeta, cls).Args(parser)
permission_info = '{} must hold permission {}'.format(
"The 'Cloud Composer Service Agent' service account",
"'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(parser,
'environment',
permission_info=permission_info)
flags.AddMaintenanceWindowFlagsGroup(parser)
def _CommonArgs(parser, beta=False):
"""Register flags common to all tracks."""
base.ASYNC_FLAG.AddToParser(parser)
parser.add_argument('name', help='The name of this cluster.')
clusters.ArgsForClusterRef(parser, beta)
# Add gce-pd-kms-key args
kms_flag_overrides = {'kms-key': '--gce-pd-kms-key',
'kms-keyring': '--gce-pd-kms-key-keyring',
'kms-location': '--gce-pd-kms-key-location',
'kms-project': '--gce-pd-kms-key-project'}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def Args(parser):
_CommonArgs(parser, beta=True)
clusters.BetaArgsForClusterRef(parser)
# Add gce-pd-kms-key args
kms_flag_overrides = {
'kms-key': '--gce-pd-kms-key',
'kms-keyring': '--gce-pd-kms-key-keyring',
'kms-location': '--gce-pd-kms-key-location',
'kms-project': '--gce-pd-kms-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def Args(cls, parser):
dataproc = dp.Dataproc(cls.ReleaseTrack())
base.ASYNC_FLAG.AddToParser(parser)
flags.AddClusterResourceArg(parser, 'create', dataproc.api_version)
clusters.ArgsForClusterRef(parser, cls.BETA, include_ttl_config=True)
# Add gce-pd-kms-key args
kms_flag_overrides = {
'kms-key': '--gce-pd-kms-key',
'kms-keyring': '--gce-pd-kms-key-keyring',
'kms-location': '--gce-pd-kms-key-location',
'kms-project': '--gce-pd-kms-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def Args(parser):
_Args(parser)
group = parser.add_mutually_exclusive_group()
_AddAdditionalZonesFlag(group, deprecated=True)
flags.AddNodeLocationsFlag(group)
flags.AddBetaAddonsFlags(parser)
flags.AddClusterAutoscalingFlags(parser)
flags.AddMaxPodsPerNodeFlag(parser)
flags.AddEnableAutoRepairFlag(parser, for_create=True)
flags.AddEnableBinAuthzFlag(parser)
flags.AddEnableKubernetesAlphaFlag(parser)
flags.AddEnableLegacyAuthorizationFlag(parser)
flags.AddIPAliasFlags(parser)
flags.AddIstioConfigFlag(parser)
flags.AddLabelsFlag(parser)
flags.AddLocalSSDFlag(parser)
flags.AddMaintenanceWindowFlag(parser)
flags.AddMasterAuthorizedNetworksFlags(parser)
flags.AddMinCpuPlatformFlag(parser)
flags.AddWorkloadMetadataFromNodeFlag(parser)
flags.AddNetworkPolicyFlags(parser)
flags.AddNodeTaintsFlag(parser)
flags.AddPreemptibleFlag(parser)
flags.AddPodSecurityPolicyFlag(parser)
flags.AddAllowRouteOverlapFlag(parser)
flags.AddClusterNodeIdentityFlags(parser)
flags.AddPrivateClusterFlags(parser,
with_deprecated=True,
with_alpha=False)
flags.AddEnableStackdriverKubernetesFlag(parser)
flags.AddTpuFlags(parser, hidden=False)
flags.AddAutoprovisioningFlags(parser)
flags.AddVerticalPodAutoscalingFlag(parser)
flags.AddResourceUsageExportFlags(parser)
flags.AddAuthenticatorSecurityGroupFlags(parser)
flags.AddEnableIntraNodeVisibilityFlag(parser)
flags.AddWorkloadIdentityFlags(parser)
flags.AddEnableShieldedNodesFlags(parser)
flags.AddClusterVersionFlag(parser)
flags.AddNodeVersionFlag(parser)
flags.AddEnableAutoUpgradeFlag(parser, default=True)
kms_flag_overrides = {
'kms-key': '--database-encryption-key',
'kms-keyring': '--database-encryption-key-keyring',
'kms-location': '--database-encryption-key-location',
'kms-project': '--database-encryption-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
def Args(parser):
"""Register flags for this command."""
parser.add_argument(
'--organization',
required=True,
metavar='ORGANIZATION_ID',
completer=completers.OrganizationCompleter,
help='Organization to update Logs Router CMEK settings for.')
kms_resource_args.AddKmsKeyResourceArg(
parser,
resource='logs being processed by the Stackdriver Logs Router',
required=True,
permission_info=('The Cloud KMS CryptoKey Encrypter/Decryper role must '
'be assigned to the Stackdriver Logs Router service '
'account.'),
name='--kms-key-name')
def Args(parser):
"""Register flags for this command."""
parent_group = parser.add_mutually_exclusive_group(required=True)
parent_group.add_argument(
'--organization',
required=False,
metavar='ORGANIZATION_ID',
completer=completers.OrganizationCompleter,
help='Organization to update Logs Router settings for.')
parent_group.add_argument(
'--folder',
required=False,
metavar='FOLDER_ID',
help='Folder to update Logs Router settings for.')
parser.add_argument(
'--storage-location',
required=False,
help='Update the storage location for _Default bucket and _Required '
'bucket. Note: It only applies to the newly created projects and '
'will not affect the projects created before.')
parser.add_argument(
'--disable-default-sink',
action='store_true',
help='Enable or disable _Default sink for the _Default bucket. '
'Specify --no-disable-default-sink to enable a disabled _Default sink. '
'Note: It only applies to the newly created projects and '
'will not affect the projects created before.')
group = parser.add_mutually_exclusive_group(required=False)
kms_resource_args.AddKmsKeyResourceArg(
group,
resource='logs being processed by the Cloud Logging Logs Router',
permission_info=(
'The Cloud KMS CryptoKey Encrypter/Decryper role must '
'be assigned to the Cloud Logging Logs Router service '
'account'),
name='--kms-key-name')
group.add_argument(
'--clear-kms-key',
action='store_true',
help=('Disable CMEK for the Logs Router by clearing out Cloud KMS '
'cryptokey in the organization\'s CMEK settings.'))
def Args(parser):
"""Args is called by calliope to gather arguments for this command."""
AddBaseArgs(parser)
AddBetaArgs(parser)
flags.AddDatabaseVersion(parser, restrict_choices=False)
kms_flag_overrides = {
'kms-key': '--disk-encryption-key',
'kms-keyring': '--disk-encryption-key-keyring',
'kms-location': '--disk-encryption-key-location',
'kms-project': '--disk-encryption-key-project'
}
permission_info = (
'Please ensure that you have the '
'`resourcemanager.projects.setIamPolicy` permission for the project '
'associated with the key')
kms_resource_args.AddKmsKeyResourceArg(
parser,
'instance',
flag_overrides=kms_flag_overrides,
permission_info=permission_info)
def Args(parser):
CreateBeta.Args(parser)
# Adding alpha arguments
parser.add_argument(
'--airflow-executor-type',
hidden=True,
choices={
'CELERY': 'Task instances will run by CELERY executor',
'KUBERNETES': 'Task instances will run by KUBERNETES executor'
},
help="""The type of executor by which task instances are run on Airflow;
currently supported executor types are CELERY and KUBERNETES.
Defaults to CELERY. Cannot be updated.""")
# Workaround to add hidden resource flag, as per b/130564349.
group_parser = parser.add_argument_group(hidden=True)
permission_info = '{} must hold permission {}'.format(
"The 'Cloud Composer Service Agent' service account",
"'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(
group_parser, 'environment', permission_info=permission_info)
def Args(parser):
_CommonArgs(parser, beta=True)
flags.AddMinCpuPlatformArgs(parser, base.ReleaseTrack.BETA)
parser.add_argument('--max-idle',
type=arg_parsers.Duration(),
help="""\
The duration before cluster is auto-deleted after last job completes,
such as "2h" or "1d".
See $ gcloud topic datetimes for information on duration formats.
""")
auto_delete_group = parser.add_mutually_exclusive_group()
auto_delete_group.add_argument('--max-age',
type=arg_parsers.Duration(),
help="""\
The lifespan of the cluster before it is auto-deleted, such as
"2h" or "1d".
See $ gcloud topic datetimes for information on duration formats.
""")
auto_delete_group.add_argument('--expiration-time',
type=arg_parsers.Datetime.Parse,
help="""\
The time when cluster will be auto-deleted, such as
"2017-08-29T18:52:51.142Z". See $ gcloud topic datetimes for
information on time formats.
""")
# Add gce-pd-kms-key args
kms_flag_overrides = {
'kms-key': '--gce-pd-kms-key',
'kms-keyring': '--gce-pd-kms-key-keyring',
'kms-location': '--gce-pd-kms-key-location',
'kms-project': '--gce-pd-kms-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser, 'cluster', flag_overrides=kms_flag_overrides)
for instance_type in ('master', 'worker'):
help_msg = """\
Attaches accelerators (e.g. GPUs) to the {instance_type}
instance(s).
""".format(instance_type=instance_type)
if instance_type == 'worker':
help_msg += """
Note:
No accelerators will be attached to preemptible workers, because
preemptible VMs do not support accelerators.
"""
help_msg += """
*type*::: The specific type (e.g. nvidia-tesla-k80 for nVidia Tesla
K80) of accelerator to attach to the instances. Use 'gcloud compute
accelerator-types list' to learn about all available accelerator
types.
*count*::: The number of pieces of the accelerator to attach to each
of the instances. The default value is 1.
"""
parser.add_argument('--{0}-accelerator'.format(instance_type),
type=arg_parsers.ArgDict(spec={
'type': str,
'count': int,
}),
metavar='type=TYPE,[count=COUNT]',
help=help_msg)
def AddKerberosGroup(parser):
"""Adds the argument group to handle Kerberos configurations."""
kerberos_group = parser.add_argument_group(
mutex=True,
help='Specifying these flags will enable Kerberos for the cluster.')
# Not mutually exclusive
kerberos_flag_group = kerberos_group.add_argument_group()
kerberos_flag_group.add_argument('--kerberos-root-principal-password-uri',
required=True,
help="""\
Google Cloud Storage URI of a KMS encrypted file containing
the root principal password. Must be a URL beginning with 'gs://'.
""")
# Add kerberos-kms-key args
kerberos_kms_flag_overrides = \
{'kms-key': '--kerberos-kms-key',
'kms-keyring': '--kerberos-kms-key-keyring',
'kms-location': '--kerberos-kms-key-location',
'kms-project': '--kerberos-kms-key-project'}
kms_resource_args.AddKmsKeyResourceArg(
kerberos_flag_group,
'password',
flag_overrides=kerberos_kms_flag_overrides,
required=True,
name='--kerberos-kms-key')
kerberos_group.add_argument('--kerberos-config-file',
help="""\
Path to a YAML (or JSON) file containing the configuration for Kerberos on the
cluster. If you pass `-` as the value of the flag the file content will be read
from stdin.
The YAML file is formatted as follows:
```
# Optional. Flag to indicate whether to Kerberize the cluster.
# The default value is true.
enable_kerberos: true
# Required. The Google Cloud Storage URI of a KMS encrypted file
# containing the root principal password.
root_principal_password_uri: gs://bucket/password.encrypted
# Required. The URI of the KMS key used to encrypt various
# sensitive files.
kms_key_uri:
projects/myproject/locations/global/keyRings/mykeyring/cryptoKeys/my-key
# Configuration of SSL encryption. If specified, all sub-fields
# are required. Otherwise, Dataproc will provide a self-signed
# certificate and generate the passwords.
ssl:
# Optional. The Google Cloud Storage URI of the keystore file.
keystore_uri: gs://bucket/keystore.jks
# Optional. The Google Cloud Storage URI of a KMS encrypted
# file containing the password to the keystore.
keystore_password_uri: gs://bucket/keystore_password.encrypted
# Optional. The Google Cloud Storage URI of a KMS encrypted
# file containing the password to the user provided key.
key_password_uri: gs://bucket/key_password.encrypted
# Optional. The Google Cloud Storage URI of the truststore
# file.
truststore_uri: gs://bucket/truststore.jks
# Optional. The Google Cloud Storage URI of a KMS encrypted
# file containing the password to the user provided
# truststore.
truststore_password_uri:
gs://bucket/truststore_password.encrypted
# Configuration of cross realm trust.
cross_realm_trust:
# Optional. The remote realm the Dataproc on-cluster KDC will
# trust, should the user enable cross realm trust.
realm: REMOTE.REALM
# Optional. The KDC (IP or hostname) for the remote trusted
# realm in a cross realm trust relationship.
kdc: kdc.remote.realm
# Optional. The admin server (IP or hostname) for the remote
# trusted realm in a cross realm trust relationship.
admin_server: admin-server.remote.realm
# Optional. The Google Cloud Storage URI of a KMS encrypted
# file containing the shared password between the on-cluster
# Kerberos realm and the remote trusted realm, in a cross
# realm trust relationship.
shared_password_uri:
gs://bucket/cross-realm.password.encrypted
# Optional. The Google Cloud Storage URI of a KMS encrypted file
# containing the master key of the KDC database.
kdc_db_key_uri: gs://bucket/kdc_db_key.encrypted
# Optional. The lifetime of the ticket granting ticket, in
# hours. If not specified, or user specifies 0, then default
# value 10 will be used.
tgt_lifetime_hours: 1
# Optional. The name of the Kerberos realm. If not specified,
# the uppercased domain name of the cluster will be used.
realm: REALM.NAME
```
""")
def AddBaseArgs(parser, is_alpha=False):
"""Declare flag and positional arguments for this command parser."""
# TODO(b/35705305): move common flags to command_lib.sql.flags
base.ASYNC_FLAG.AddToParser(parser)
parser.display_info.AddFormat(flags.GetInstanceListFormat())
flags.AddActivationPolicy(parser)
flags.AddActiveDirectoryDomain(parser)
flags.AddAssignIp(parser)
flags.AddAuthorizedNetworks(parser)
flags.AddAvailabilityType(parser)
parser.add_argument(
'--backup',
required=False,
action='store_true',
default=True,
help='Enables daily backup.')
flags.AddBackupStartTime(parser)
flags.AddBackupLocation(parser, allow_empty=False)
flags.AddCPU(parser)
flags.AddInstanceCollation(parser)
flags.AddDatabaseFlags(parser)
flags.AddEnableBinLog(parser, show_negated_in_help=False)
flags.AddRetainedBackupsCount(parser)
flags.AddRetainedTransactionLogDays(parser)
parser.add_argument(
'--failover-replica-name',
required=False,
help='Also create a failover replica with the specified name.')
parser.add_argument(
'instance',
type=command_validate.InstanceNameRegexpValidator(),
help='Cloud SQL instance ID.')
flags.AddMaintenanceReleaseChannel(parser)
flags.AddMaintenanceWindowDay(parser)
flags.AddMaintenanceWindowHour(parser)
flags.AddDenyMaintenancePeriodStartDate(parser)
flags.AddDenyMaintenancePeriodEndDate(parser)
flags.AddDenyMaintenancePeriodTime(parser)
flags.AddInsightsConfigQueryInsightsEnabled(parser, show_negated_in_help=True)
flags.AddInsightsConfigQueryStringLength(parser)
flags.AddInsightsConfigRecordApplicationTags(
parser, show_negated_in_help=True)
flags.AddInsightsConfigRecordClientAddress(parser, show_negated_in_help=True)
flags.AddInsightsConfigQueryPlansPerMinute(parser)
parser.add_argument(
'--master-instance-name',
required=False,
help=('Name of the instance which will act as master in the '
'replication setup. The newly created instance will be a read '
'replica of the specified master instance.'))
flags.AddMemory(parser)
flags.AddPasswordPolicyMinLength(parser)
flags.AddPasswordPolicyComplexity(parser)
flags.AddPasswordPolicyReuseInterval(parser)
flags.AddPasswordPolicyDisallowUsernameSubstring(parser)
flags.AddPasswordPolicyPasswordChangeInterval(parser)
flags.AddPasswordPolicyEnablePasswordPolicy(parser)
parser.add_argument(
'--replica-type',
choices=['READ', 'FAILOVER'],
help='The type of replica to create.')
flags.AddReplication(parser)
parser.add_argument(
'--require-ssl',
required=False,
action='store_true',
default=None,
help='Specified if users connecting over IP must use SSL.')
flags.AddRootPassword(parser)
flags.AddStorageAutoIncrease(parser)
flags.AddStorageSize(parser)
parser.add_argument(
'--storage-type',
required=False,
choices=['SSD', 'HDD'],
default=None,
help='The storage type for the instance. The default is SSD.')
flags.AddTier(parser, is_alpha=is_alpha)
kms_flag_overrides = {
'kms-key': '--disk-encryption-key',
'kms-keyring': '--disk-encryption-key-keyring',
'kms-location': '--disk-encryption-key-location',
'kms-project': '--disk-encryption-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser,
'instance',
flag_overrides=kms_flag_overrides)
flags.AddEnablePointInTimeRecovery(parser)
flags.AddNetwork(parser)
def AddCreateInstanceFlags(parser):
"""Construct groups and arguments specific to the instance creation."""
accelerator_choices = [
'NVIDIA_TESLA_K80', 'NVIDIA_TESLA_P100', 'NVIDIA_TESLA_V100',
'NVIDIA_TESLA_P4', 'NVIDIA_TESLA_T4', 'NVIDIA_TESLA_T4_VWS',
'NVIDIA_TESLA_P100_VWS', 'NVIDIA_TESLA_P4_VWS', 'TPU_V2', 'TPU_V3'
]
boot_disk_choices = ['PD_STANDARD', 'PD_SSD']
encryption_choices = ['GMEK', 'CMEK']
AddInstanceResource(parser)
environment_group = parser.add_group(mutex=True, required=True)
GetEnvironmentResourceArg((
'User-defined unique name of this environment. The environment name '
'must be 1 to 63 characters long and contain only lowercase letters, '
'numeric characters, and dashes. The first character must be a lowercase '
'letter and the last character cannot be a dash.'),
positional=False,
required=False).AddToParser(environment_group)
vm_source_group = environment_group.add_group()
vm_mutex_group = vm_source_group.add_group(mutex=True, required=True)
container_group = environment_group.add_group()
vm_source_group.add_argument(
'--vm-image-project',
help=(
'The ID of the Google Cloud project that this VM image belongs to. '
'Format: projects/`{project_id}`.'),
required=True)
vm_mutex_group.add_argument(
'--vm-image-name', help='Use this VM image name to find the image.')
vm_mutex_group.add_argument(
'--vm-image-family',
help=('Use this VM image family to find the image; the newest image '
'in this family will be used.'))
container_group.add_argument(
'--container-repository',
help=('The path to the container image repository. '
'For example: gcr.io/`{project_id}`/`{image_name}`.'),
required=True)
container_group.add_argument(
'--container-tag',
help=('The tag of the container image. If not specified, '
'this defaults to the latest tag.'))
parser.add_argument(
'--post-startup-script',
help=
('Path to a Bash script that automatically runs after a notebook '
'instance fully boots up. The path must be a URL or Cloud Storage path '
'(gs://`path-to-file`/`file-name`).'))
parser.add_argument(
'--service-account',
help=
('The service account on this instance, giving access to other '
'Google Cloud services. You can use any service account within the '
'same project, but you must have the service account user permission '
'to use the instance. If not specified, the [Compute Engine default '
'service account](/compute/docs/access/service-accounts#default_'
'service_account) is used.'))
parser.add_argument(
'--machine-type',
help=
'The [Compute Engine machine type](/compute/docs/machine-types) of this instance.',
required=True)
parser.add_argument(
'--instance-owners',
help=
('The owners of this instance after creation. Format: '
'`[email protected]`. Currently supports one owner only. If not specified'
", all of the service account users of the VM instance\'s service "
'account can use the instance.'))
accelerator_group = parser.add_group(help=(
'The hardware accelerator used on this instance. If you use '
'accelerators, make sure that your configuration has [enough vCPUs and '
'memory to support the `machine_type` you have selected](/compute/'
'docs/gpus/#gpus-list).'))
accelerator_group.add_argument('--accelerator-type',
help='Type of this accelerator.',
choices=accelerator_choices,
default=None)
accelerator_group.add_argument('--accelerator-core-count',
help='Count of cores of this accelerator.',
type=int)
gpu_group = parser.add_group(help='GPU driver configurations.')
gpu_group.add_argument(
'--install-gpu-driver',
action='store_true',
dest='install_gpu_driver',
help=
('Whether the end user authorizes Google Cloud to install a GPU '
'driver on this instance. If this field is empty or set to false, the '
'GPU driver won\'t be installed. Only applicable to instances with GPUs.'
))
gpu_group.add_argument(
'--custom-gpu-driver-path',
help=
('Specify a custom Cloud Storage path where the GPU driver is '
'stored. If not specified, we\'ll automatically choose from official '
'GPU drivers.'))
boot_group = parser.add_group(help='Boot disk configurations.')
boot_group.add_argument(
'--boot-disk-type',
choices=boot_disk_choices,
default=None,
help=(
'The type of disk attached to this instance, defaults to standard '
'persistent disk (`PD_STANDARD`).'))
boot_group.add_argument(
'--boot-disk-size',
type=int,
help=('The size of the disk in GB attached to this instance, up to a '
'maximum of 64000 GB (64 TB). The minimum recommended value '
'is 100 GB. If not specified, this defaults to 100.'))
encryption_group = parser.add_group(help='Disk encryption configurations.')
encryption_group.add_argument(
'--disk-encryption',
choices=encryption_choices,
default=None,
help='Disk encryption method used on the boot disk, defaults to GMEK.')
kms_resource_args.AddKmsKeyResourceArg(encryption_group, 'instance')
network_group = parser.add_group(help='Network configs.')
network_group.add_argument('--no-public-ip',
action='store_true',
dest='no_public_ip',
help="""\
If specified, no public IP will be assigned to this instance.""")
network_group.add_argument('--no-proxy-access',
action='store_true',
dest='no_proxy_access',
help="""\
If true, the notebook instance will not register with the proxy.""")
AddNetworkArgument(
('The name of the VPC that this instance is in. Format: '
'projects/`{project_id}`/global/networks/`{network_id}`.'),
network_group)
AddSubnetArgument(
('The name of the subnet that this instance is in. Format: projects/'
'`{project_id}`/regions/`{region}`/subnetworks/`{subnetwork_id}`.'),
network_group)
parser.add_argument(
'--labels',
help=('Labels to apply to this instance. These can be later modified '
'by the setLabels method.'),
type=arg_parsers.ArgDict(),
metavar='KEY=VALUE')
parser.add_argument('--metadata',
help='Custom metadata to apply to this instance.',
type=arg_parsers.ArgDict(),
metavar='KEY=VALUE')
def _CommonArgs(parser, support_max_pods_per_node):
"""Common arguments that apply to all ReleaseTracks."""
resource_args.AddEnvironmentResourceArg(parser, 'to create')
base.ASYNC_FLAG.AddToParser(parser)
parser.add_argument(
'--node-count',
type=int,
help='The number of nodes to create to run the environment.')
parser.add_argument(
'--zone',
help='The Compute Engine zone in which the environment will '
'be created. For example `--zone=us-central1-a`.')
parser.add_argument(
'--machine-type',
help='The Compute Engine machine type '
'(https://cloud.google.com/compute/docs/machine-types) to use for '
'nodes. For example `--machine-type=n1-standard-1`.')
parser.add_argument(
'--disk-size',
default='100GB',
type=arg_parsers.BinarySize(lower_bound='20GB',
upper_bound='64TB',
suggested_binary_size_scales=['GB', 'TB']),
help='The disk size for each VM node in the environment. The minimum '
'size is 20GB, and the maximum is 64TB. Specified value must be an '
'integer multiple of gigabytes. Cannot be updated after the '
'environment has been created. If units are not provided, defaults to '
'GB.')
networking_group = parser.add_group(
help='Virtual Private Cloud networking')
networking_group.add_argument(
'--network',
required=True,
help='The Compute Engine Network to which the environment will '
'be connected. If a \'Custom Subnet Network\' is provided, '
'`--subnetwork` must be specified as well.')
networking_group.add_argument(
'--subnetwork',
help='The Compute Engine subnetwork '
'(https://cloud.google.com/compute/docs/subnetworks) to which the '
'environment will be connected.')
labels_util.AddCreateLabelsFlags(parser)
flags.CREATE_ENV_VARS_FLAG.AddToParser(parser)
# Default is provided by API server.
parser.add_argument(
'--service-account',
help='The Google Cloud Platform service account to be used by the node '
'VMs. If a service account is not specified, the "default" Compute '
'Engine service account for the project is used. Cannot be updated.')
# Default is provided by API server.
parser.add_argument(
'--oauth-scopes',
help='The set of Google API scopes to be made available on all of the '
'node VMs. Defaults to '
'[\'https://www.googleapis.com/auth/cloud-platform\']. Cannot be '
'updated.',
type=arg_parsers.ArgList(),
metavar='SCOPE',
action=arg_parsers.UpdateAction)
parser.add_argument(
'--tags',
help='The set of instance tags applied to all node VMs. Tags are used '
'to identify valid sources or targets for network firewalls. Each tag '
'within the list must comply with RFC 1035. Cannot be updated.',
type=arg_parsers.ArgList(),
metavar='TAG',
action=arg_parsers.UpdateAction)
# API server will validate key/value pairs.
parser.add_argument('--airflow-configs',
help="""\
A list of Airflow software configuration override KEY=VALUE pairs to set. For
information on how to structure KEYs and VALUEs, run
`$ {top_command} help composer environments update`.""",
type=arg_parsers.ArgDict(),
metavar='KEY=VALUE',
action=arg_parsers.UpdateAction)
parser.add_argument(
'--python-version',
type=str,
choices={
'2': 'Created environment will use Python 2',
'3': 'Created environment will use Python 3'
},
help='The Python version to be used within the created environment. '
'Supplied value should represent the desired major Python version. '
'Cannot be updated.')
version_group = parser.add_mutually_exclusive_group()
airflow_version_type = arg_parsers.RegexpValidator(
r'^(\d+\.\d+(?:\.\d+)?)', 'must be in the form X.Y[.Z].')
version_group.add_argument(
'--airflow-version',
type=airflow_version_type,
help="""Version of Airflow to run in the environment.
Must be of the form `X.Y[.Z]`.
The latest supported Cloud Composer version will be used within
the created environment.""")
image_version_type = arg_parsers.RegexpValidator(
r'^composer-(\d+\.\d+.\d+(?:-[a-z]+\.\d+)?|latest)-airflow-(\d+\.\d+(?:\.\d+)?)',
'must be in the form \'composer-A.B.C[-D.E]-airflow-X.Y[.Z]\' or '
'\'latest\' can be provided in place of the Cloud Composer version '
'string. For example: \'composer-latest-airflow-1.10.0\'.')
version_group.add_argument(
'--image-version',
type=image_version_type,
help="""Version of the image to run in the environment.
The image version encapsulates the versions of both Cloud Composer
and Apache Airflow. Must be of the form
`composer-A.B.C[-D.E]-airflow-X.Y[.Z]`.
The Cloud Composer and Airflow versions are semantic versions.
`latest` can be provided instead of an explicit Cloud Composer
version number indicating that the server will replace `latest`
with the current Cloud Composer version. For the Apache Airflow
portion, the patch version can be omitted and the current
version will be selected. The version numbers that are used will
be stored.""")
flags.AddIpAliasEnvironmentFlags(parser, support_max_pods_per_node)
flags.AddPrivateIpEnvironmentFlags(parser)
web_server_group = parser.add_mutually_exclusive_group()
flags.WEB_SERVER_ALLOW_IP.AddToParser(web_server_group)
flags.WEB_SERVER_ALLOW_ALL.AddToParser(web_server_group)
flags.WEB_SERVER_DENY_ALL.AddToParser(web_server_group)
flags.CLOUD_SQL_MACHINE_TYPE.AddToParser(parser)
flags.WEB_SERVER_MACHINE_TYPE.AddToParser(parser)
permission_info = '{} must hold permission {}'.format(
"The 'Cloud Composer Service Agent' service account",
"'Cloud KMS CryptoKey Encrypter/Decrypter'")
kms_resource_args.AddKmsKeyResourceArg(parser,
'environment',
permission_info=permission_info)
def AddBaseArgs(parser):
"""Declare flag and positional arguments for this command parser."""
# TODO(b/35705305): move common flags to command_lib.sql.flags
base.ASYNC_FLAG.AddToParser(parser)
parser.display_info.AddFormat(flags.GetInstanceListFormat())
flags.AddActivationPolicy(parser)
flags.AddAssignIp(parser)
flags.AddAuthorizedNetworks(parser)
flags.AddAvailabilityType(parser)
parser.add_argument(
'--backup',
required=False,
action='store_true',
default=True,
help='Enables daily backup.')
flags.AddBackupStartTime(parser)
flags.AddCPU(parser)
flags.AddDatabaseFlags(parser)
flags.AddEnableBinLog(parser, show_negated_in_help=False)
parser.add_argument(
'--failover-replica-name',
required=False,
help='Also create a failover replica with the specified name.')
parser.add_argument(
'instance',
type=command_validate.InstanceNameRegexpValidator(),
help='Cloud SQL instance ID.')
flags.AddMaintenanceReleaseChannel(parser)
flags.AddMaintenanceWindowDay(parser)
flags.AddMaintenanceWindowHour(parser)
parser.add_argument(
'--master-instance-name',
required=False,
help=('Name of the instance which will act as master in the '
'replication setup. The newly created instance will be a read '
'replica of the specified master instance.'))
flags.AddMemory(parser)
# TODO(b/31989340): add remote completion
# TODO(b/73362371): Make specifying a location required.
location_group = parser.add_mutually_exclusive_group()
location_group.add_argument(
'--region',
required=False,
default='us-central',
help=('Regional location (e.g. asia-east1, us-east1). See the full '
'list of regions at '
'https://cloud.google.com/sql/docs/instance-locations.'))
flags.AddZone(
location_group,
help_text=('Preferred Compute Engine zone (e.g. us-central1-a, '
'us-central1-b, etc.).'))
parser.add_argument(
'--replica-type',
choices=['READ', 'FAILOVER'],
help='The type of replica to create.')
flags.AddReplication(parser)
parser.add_argument(
'--require-ssl',
required=False,
action='store_true',
default=None,
help='Specified if users connecting over IP must use SSL.')
flags.AddRootPassword(parser)
flags.AddStorageAutoIncrease(parser)
flags.AddStorageSize(parser)
parser.add_argument(
'--storage-type',
required=False,
choices=['SSD', 'HDD'],
default=None,
help='The storage type for the instance. The default is SSD.')
flags.AddTier(parser)
kms_flag_overrides = {
'kms-key': '--disk-encryption-key',
'kms-keyring': '--disk-encryption-key-keyring',
'kms-location': '--disk-encryption-key-location',
'kms-project': '--disk-encryption-key-project'
}
kms_resource_args.AddKmsKeyResourceArg(
parser,
'instance',
flag_overrides=kms_flag_overrides)
def Args(parser):
"""Adds args for this command."""
iot_resource_args.AddDeviceResourceArg(parser, 'test', positional=True)
kms_resource_args.AddKmsKeyResourceArg(parser,
'test',
region_fallthrough=True)
