Skip to main content

clusters

Creates, updates, deletes, gets or lists a clusters resource.

Overview

Nameclusters
TypeResource
Idgoogle.container.clusters

Fields

NameDatatypeDescription
idstringOutput only. Unique id for the cluster.
namestringThe name of this cluster. The name must be unique within this project and location (e.g. zone or region), and can be up to 40 characters with the following restrictions: Lowercase letters, numbers, and hyphens only. Must start with a letter. * Must end with a number or a letter.
descriptionstringAn optional description of this cluster.
addonsConfigobjectConfiguration for the addons that can be automatically spun up in the cluster, enabling additional functionality.
authenticatorGroupsConfigobjectConfiguration for returning group information from authenticators.
autopilotobjectAutopilot is the configuration for Autopilot settings on the cluster.
autoscalingobjectClusterAutoscaling contains global, per-cluster information required by Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs.
binaryAuthorizationobjectConfiguration for Binary Authorization.
clusterIpv4CidrstringThe IP address range of the container pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8.
compliancePostureConfigobjectCompliancePostureConfig defines the settings needed to enable/disable features for the Compliance Posture.
conditionsarrayWhich conditions caused the current cluster state.
confidentialNodesobjectConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.
costManagementConfigobjectConfiguration for fine-grained cost management feature.
createTimestringOutput only. The time the cluster was created, in RFC3339 text format.
currentMasterVersionstringOutput only. The current software version of the master endpoint.
currentNodeCountintegerOutput only. The number of nodes currently in the cluster. Deprecated. Call Kubernetes API directly to retrieve node information.
currentNodeVersionstringOutput only. Deprecated, use NodePools.version instead. The current version of the node software components. If they are currently at multiple versions because they're in the process of being upgraded, this reflects the minimum version of all nodes.
databaseEncryptionobjectConfiguration of etcd encryption.
defaultMaxPodsConstraintobjectConstraints applied to pods.
enableK8sBetaApisobjectK8sBetaAPIConfig , configuration for beta APIs
enableKubernetesAlphabooleanKubernetes alpha features are enabled on this cluster. This includes alpha API groups (e.g. v1alpha1) and features that may not be production ready in the kubernetes version of the master and nodes. The cluster has no SLA for uptime and master/node upgrades are disabled. Alpha enabled clusters are automatically deleted thirty days after creation.
enableTpubooleanEnable the ability to use Cloud TPUs in this cluster.
endpointstringOutput only. The IP address of this cluster's master endpoint. The endpoint can be accessed from the internet at https://username:password@endpoint/. See the masterAuth property of this resource for username and password information.
enterpriseConfigobjectEnterpriseConfig is the cluster enterprise configuration.
etagstringThis checksum is computed by the server based on the value of cluster fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding.
expireTimestringOutput only. The time the cluster will be automatically deleted in RFC3339 text format.
fleetobjectFleet is the fleet configuration for the cluster.
identityServiceConfigobjectIdentityServiceConfig is configuration for Identity Service which allows customers to use external identity providers with the K8S API
initialClusterVersionstringThe initial Kubernetes version for this cluster. Valid versions are those found in validMasterVersions returned by getServerConfig. The version can be upgraded over time; such upgrades are reflected in currentMasterVersion and currentNodeVersion. Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - "latest": picks the highest valid Kubernetes version - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an explicit Kubernetes version - "","-": picks the default Kubernetes version
initialNodeCountintegerThe number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "node_config") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. This field is deprecated, use node_pool.initial_node_count instead.
instanceGroupUrlsarrayOutput only. Deprecated. Use node_pools.instance_group_urls.
ipAllocationPolicyobjectConfiguration for controlling how IPs are allocated in the cluster.
labelFingerprintstringThe fingerprint of the set of labels for this cluster.
legacyAbacobjectConfiguration for the legacy Attribute Based Access Control authorization mode.
locationstringOutput only. The name of the Google Compute Engine zone or region in which the cluster resides.
locationsarrayThe list of Google Compute Engine zones in which the cluster's nodes should be located. This field provides a default value if NodePool.Locations are not specified during node pool creation. Warning: changing cluster locations will update the NodePool.Locations of all node pools and will result in nodes being added and/or removed.
loggingConfigobjectLoggingConfig is cluster logging configuration.
loggingServicestringThe logging service the cluster should use to write logs. Currently available options: logging.googleapis.com/kubernetes - The Cloud Logging service with a Kubernetes-native resource model logging.googleapis.com - The legacy Cloud Logging service (no longer available as of GKE 1.15). * none - no logs will be exported from the cluster. If left as an empty string,logging.googleapis.com/kubernetes will be used for GKE 1.14+ or logging.googleapis.com for earlier versions.
maintenancePolicyobjectMaintenancePolicy defines the maintenance policy to be used for the cluster.
masterAuthobjectThe authentication information for accessing the master endpoint. Authentication can be done using HTTP basic auth or using client certificates.
masterAuthorizedNetworksConfigobjectConfiguration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.
meshCertificatesobjectConfiguration for issuance of mTLS keys and certificates to Kubernetes pods.
monitoringConfigobjectMonitoringConfig is cluster monitoring configuration.
monitoringServicestringThe monitoring service the cluster should use to write metrics. Currently available options: "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring service with a Kubernetes-native resource model monitoring.googleapis.com - The legacy Cloud Monitoring service (no longer available as of GKE 1.15). * none - No metrics will be exported from the cluster. If left as an empty string,monitoring.googleapis.com/kubernetes will be used for GKE 1.14+ or monitoring.googleapis.com for earlier versions.
networkstringThe name of the Google Compute Engine network to which the cluster is connected. If left unspecified, the default network will be used.
networkConfigobjectNetworkConfig reports the relative names of network & subnetwork.
networkPolicyobjectConfiguration options for the NetworkPolicy feature. https://kubernetes.io/docs/concepts/services-networking/networkpolicies/
nodeConfigobjectParameters that describe the nodes in a cluster. GKE Autopilot clusters do not recognize parameters in NodeConfig. Use AutoprovisioningNodePoolDefaults instead.
nodeIpv4CidrSizeintegerOutput only. The size of the address space on each node for hosting containers. This is provisioned from within the container_ipv4_cidr range. This field will only be set when cluster is in route-based network mode.
nodePoolAutoConfigobjectNode pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters.
nodePoolDefaultsobjectSubset of Nodepool message that has defaults.
nodePoolsarrayThe node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified.
notificationConfigobjectNotificationConfig is the configuration of notifications.
parentProductConfigobjectParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster.
privateClusterConfigobjectConfiguration options for private clusters.
rbacBindingConfigobjectRBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings that can be created.
releaseChannelobjectReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.
resourceLabelsobjectThe resource labels for the cluster to use to annotate any related Google Compute Engine resources.
resourceUsageExportConfigobjectConfiguration for exporting cluster resource usages.
satisfiesPzibooleanOutput only. Reserved for future use.
satisfiesPzsbooleanOutput only. Reserved for future use.
secretManagerConfigobjectSecretManagerConfig is config for secret manager enablement.
securityPostureConfigobjectSecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.
selfLinkstringOutput only. Server-defined URL for the resource.
servicesIpv4CidrstringOutput only. The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR.
shieldedNodesobjectConfiguration of Shielded Nodes feature.
statusstringOutput only. The current status of this cluster.
statusMessagestringOutput only. Deprecated. Use conditions instead. Additional information about the current status of this cluster, if available.
subnetworkstringThe name of the Google Compute Engine subnetwork to which the cluster is connected.
tpuIpv4CidrBlockstringOutput only. The IP address range of the Cloud TPUs in this cluster, in CIDR notation (e.g. 1.2.3.4/29).
verticalPodAutoscalingobjectVerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.
workloadIdentityConfigobjectConfiguration for the use of Kubernetes Service Accounts in GCP IAM policies.
zonestringOutput only. The name of the Google Compute Engine zone in which the cluster resides. This field is deprecated, use location instead.

Methods

NameAccessible byRequired ParamsDescription
projects_locations_clusters_getSELECTclustersId, locationsId, projectsIdGets the details of a specific cluster.
projects_locations_clusters_listSELECTlocationsId, projectsIdLists all clusters owned by a project in either the specified zone or all zones.
projects_zones_clusters_getSELECTclusterId, projectId, zoneGets the details of a specific cluster.
projects_zones_clusters_listSELECTprojectId, zoneLists all clusters owned by a project in either the specified zone or all zones.
projects_locations_clusters_createINSERTlocationsId, projectsIdCreates a cluster, consisting of the specified number and type of Google Compute Engine instances. By default, the cluster is created in the project's default network. One firewall is added for the cluster. After cluster creation, the Kubelet creates routes for each node to allow the containers on that node to communicate with all other instances in the cluster. Finally, an entry is added to the project's global metadata indicating which CIDR range the cluster is using.
projects_zones_clusters_createINSERTprojectId, zoneCreates a cluster, consisting of the specified number and type of Google Compute Engine instances. By default, the cluster is created in the project's default network. One firewall is added for the cluster. After cluster creation, the Kubelet creates routes for each node to allow the containers on that node to communicate with all other instances in the cluster. Finally, an entry is added to the project's global metadata indicating which CIDR range the cluster is using.
projects_locations_clusters_deleteDELETEclustersId, locationsId, projectsIdDeletes the cluster, including the Kubernetes endpoint and all worker nodes. Firewalls and routes that were configured during cluster creation are also deleted. Other Google Compute Engine resources that might be in use by the cluster, such as load balancer resources, are not deleted if they weren't present when the cluster was initially created.
projects_zones_clusters_deleteDELETEclusterId, projectId, zoneDeletes the cluster, including the Kubernetes endpoint and all worker nodes. Firewalls and routes that were configured during cluster creation are also deleted. Other Google Compute Engine resources that might be in use by the cluster, such as load balancer resources, are not deleted if they weren't present when the cluster was initially created.
projects_locations_clusters_updateREPLACEclustersId, locationsId, projectsIdUpdates the settings of a specific cluster.
projects_zones_clusters_updateREPLACEclusterId, projectId, zoneUpdates the settings of a specific cluster.
projects_locations_clusters_check_autopilot_compatibilityEXECclustersId, locationsId, projectsIdChecks the cluster compatibility with Autopilot mode, and returns a list of compatibility issues.
projects_locations_clusters_complete_ip_rotationEXECclustersId, locationsId, projectsIdCompletes master IP rotation.
projects_locations_clusters_set_addonsEXECclustersId, locationsId, projectsIdSets the addons for a specific cluster.
projects_locations_clusters_set_legacy_abacEXECclustersId, locationsId, projectsIdEnables or disables the ABAC authorization mechanism on a cluster.
projects_locations_clusters_set_locationsEXECclustersId, locationsId, projectsIdSets the locations for a specific cluster. Deprecated. Use projects.locations.clusters.update instead.
projects_locations_clusters_set_loggingEXECclustersId, locationsId, projectsIdSets the logging service for a specific cluster.
projects_locations_clusters_set_maintenance_policyEXECclustersId, locationsId, projectsIdSets the maintenance policy for a cluster.
projects_locations_clusters_set_master_authEXECclustersId, locationsId, projectsIdSets master auth materials. Currently supports changing the admin password or a specific cluster, either via password generation or explicitly setting the password.
projects_locations_clusters_set_monitoringEXECclustersId, locationsId, projectsIdSets the monitoring service for a specific cluster.
projects_locations_clusters_set_network_policyEXECclustersId, locationsId, projectsIdEnables or disables Network Policy for a cluster.
projects_locations_clusters_set_resource_labelsEXECclustersId, locationsId, projectsIdSets labels on a cluster.
projects_locations_clusters_start_ip_rotationEXECclustersId, locationsId, projectsIdStarts master IP rotation.
projects_zones_clusters_complete_ip_rotationEXECclusterId, projectId, zoneCompletes master IP rotation.
projects_zones_clusters_legacy_abacEXECclusterId, projectId, zoneEnables or disables the ABAC authorization mechanism on a cluster.
projects_zones_clusters_locationsEXECclusterId, projectId, zoneSets the locations for a specific cluster. Deprecated. Use projects.locations.clusters.update instead.
projects_zones_clusters_loggingEXECclusterId, projectId, zoneSets the logging service for a specific cluster.
projects_zones_clusters_masterEXECclusterId, projectId, zoneUpdates the master for a specific cluster.
projects_zones_clusters_monitoringEXECclusterId, projectId, zoneSets the monitoring service for a specific cluster.
projects_zones_clusters_resource_labelsEXECclusterId, projectId, zoneSets labels on a cluster.
projects_zones_clusters_set_maintenance_policyEXECclusterId, projectId, zoneSets the maintenance policy for a cluster.
projects_zones_clusters_set_master_authEXECclusterId, projectId, zoneSets master auth materials. Currently supports changing the admin password or a specific cluster, either via password generation or explicitly setting the password.
projects_zones_clusters_set_network_policyEXECclusterId, projectId, zoneEnables or disables Network Policy for a cluster.
projects_zones_clusters_start_ip_rotationEXECclusterId, projectId, zoneStarts master IP rotation.

SELECT examples

Lists all clusters owned by a project in either the specified zone or all zones.

SELECT
id,
name,
description,
addonsConfig,
authenticatorGroupsConfig,
autopilot,
autoscaling,
binaryAuthorization,
clusterIpv4Cidr,
compliancePostureConfig,
conditions,
confidentialNodes,
costManagementConfig,
createTime,
currentMasterVersion,
currentNodeCount,
currentNodeVersion,
databaseEncryption,
defaultMaxPodsConstraint,
enableK8sBetaApis,
enableKubernetesAlpha,
enableTpu,
endpoint,
enterpriseConfig,
etag,
expireTime,
fleet,
identityServiceConfig,
initialClusterVersion,
initialNodeCount,
instanceGroupUrls,
ipAllocationPolicy,
labelFingerprint,
legacyAbac,
location,
locations,
loggingConfig,
loggingService,
maintenancePolicy,
masterAuth,
masterAuthorizedNetworksConfig,
meshCertificates,
monitoringConfig,
monitoringService,
network,
networkConfig,
networkPolicy,
nodeConfig,
nodeIpv4CidrSize,
nodePoolAutoConfig,
nodePoolDefaults,
nodePools,
notificationConfig,
parentProductConfig,
privateClusterConfig,
rbacBindingConfig,
releaseChannel,
resourceLabels,
resourceUsageExportConfig,
satisfiesPzi,
satisfiesPzs,
secretManagerConfig,
securityPostureConfig,
selfLink,
servicesIpv4Cidr,
shieldedNodes,
status,
statusMessage,
subnetwork,
tpuIpv4CidrBlock,
verticalPodAutoscaling,
workloadIdentityConfig,
zone
FROM google.container.clusters
WHERE projectId = '{{ projectId }}'
AND zone = '{{ zone }}';

INSERT example

Use the following StackQL query and manifest file to create a new clusters resource.

/*+ create */
INSERT INTO google.container.clusters (
projectId,
zone,
projectId,
zone,
cluster,
parent
)
SELECT 
'{{ projectId }}',
'{{ zone }}',
'{{ projectId }}',
'{{ zone }}',
'{{ cluster }}',
'{{ parent }}'
;

REPLACE example

Replaces all fields in the specified clusters resource.

/*+ update */
REPLACE google.container.clusters
SET 
projectId = '{{ projectId }}',
zone = '{{ zone }}',
clusterId = '{{ clusterId }}',
update = '{{ update }}',
name = '{{ name }}'
WHERE 
clusterId = '{{ clusterId }}'
AND projectId = '{{ projectId }}'
AND zone = '{{ zone }}';

DELETE example

Deletes the specified clusters resource.

/*+ delete */
DELETE FROM google.container.clusters
WHERE clusterId = '{{ clusterId }}'
AND projectId = '{{ projectId }}'
AND zone = '{{ zone }}';