create-gcp-environment

subtitle

Creates a new GCP environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

version

0.9.128

Description

Creates a new GCP environment.

Synopsis

  create-gcp-environment
--environment-name <value>
--credential-name <value>
--region <value>
--public-key <value>
--use-public-ip | --no-use-public-ip
--existing-network-params <value>
[--security-access <value>]
[--log-storage <value>]
[--description <value>]
[--enable-tunnel | --no-enable-tunnel]
[--workload-analytics | --no-workload-analytics]
[--report-deployment-logs | --no-report-deployment-logs]
[--free-ipa <value>]
[--endpoint-access-gateway-scheme <value>]
[--endpoint-access-gateway-subnet-ids <value>]
[--tags <value>]
[--proxy-config-name <value>]
[--encryption-key <value>]
[--availability-zones <value>]
[--custom-docker-registry <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton]

Options

--environment-name (string)

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

--credential-name (string)

Name of the credential to use for the environment.

--region (string)

The region of the environment.

--public-key (string)

Public SSH key string. The associated private key can be used to get root-level access to the Data Lake instance and Data Hub cluster instances.

--use-public-ip | --no-use-public-ip (boolean)

Whether to associate public ip’s to the resources within the network.

--existing-network-params (object)

Request object for creating an GCP environment using existing VPC and subnets.

networkName -> (string)

The name of the GCP VPC.

subnetNames -> (array)

One or more subnet names within the VPC. Google VPC’s are global, please give subnets from single geographic region only to reduce latency.

item -> (string)

sharedProjectId -> (string)

The ID of the Google project associated with the VPC.

Shorthand Syntax:

networkName=string,subnetNames=string,string,sharedProjectId=string

JSON Syntax:

{
  "networkName": "string",
  "subnetNames": ["string", ...],
  "sharedProjectId": "string"
}

--security-access (object)

Firewall rules for FreeIPA, Data Lake and Data Hub deployment.

securityGroupIdForKnox -> (string)

Firewall rule for Knox hosts.

defaultSecurityGroupId -> (string)

Firewall rule for other hosts.

Shorthand Syntax:

securityGroupIdForKnox=string,defaultSecurityGroupId=string

JSON Syntax:

{
  "securityGroupIdForKnox": "string",
  "defaultSecurityGroupId": "string"
}

--log-storage (object)

GCP storage configuration for cluster and audit logs.

storageLocationBase -> (string)

The Google storage bucket to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email id of the service account to be associated with the instances. This service account should have “storage.ObjectCreator” role on the given storage bucket.

backupStorageLocationBase -> (string)

The Google storage bucket to use. This should be a gs:// url.

Shorthand Syntax:

storageLocationBase=string,serviceAccountEmail=string,backupStorageLocationBase=string

JSON Syntax:

{
  "storageLocationBase": "string",
  "serviceAccountEmail": "string",
  "backupStorageLocationBase": "string"
}

--description (string)

A description of the environment.

--enable-tunnel | --no-enable-tunnel (boolean)

Whether to enable SSH tunneling for the environment.

--workload-analytics | --no-workload-analytics (boolean)

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

--report-deployment-logs | --no-report-deployment-logs (boolean)

When true, this will report additional diagnostic information back to Cloudera.

--free-ipa (object)

Request object for creating FreeIPA in the environment.

instanceCountByGroup -> (integer)

The number of FreeIPA instances to create per group when creating FreeIPA in the environment

recipes -> (array)

The recipes for the FreeIPA cluster.

item -> (string)

instanceType -> (string)

Custom instance type of FreeIPA instances.

Shorthand Syntax:

instanceCountByGroup=integer,recipes=string,string,instanceType=string

JSON Syntax:

{
  "instanceCountByGroup": integer,
  "recipes": ["string", ...],
  "instanceType": "string"
}

--endpoint-access-gateway-scheme (string)

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.

Possible values:

  • PUBLIC

  • PRIVATE

--endpoint-access-gateway-subnet-ids (array)

The subnets to use for endpoint access gateway.

Syntax:

"string" "string" ...

--tags (array)

Tags that can be attached to GCP resources. Please refer to Google documentation for the rules https://cloud.google.com/compute/docs/labeling-resources#label_format.

Shorthand Syntax:

key=string,value=string ... (separate items with spaces)

JSON Syntax:

[
  {
    "key": "string",
    "value": "string"
  }
  ...
]

--proxy-config-name (string)

Name of the proxy config to use for the environment.

--encryption-key (string)

Key Resource ID of the customer managed encryption key to encrypt GCP resources.

--availability-zones (array)

The zones of the environment in the given region. Multi-zone selection is not supported in GCP yet. It accepts only one zone until support is added.

Syntax:

"string" "string" ...

--custom-docker-registry (object)

The desired custom docker registry for data services to be used.

crn -> (string)

The CRN of the desired custom docker registry for data services to be used.

Shorthand Syntax:

crn=string

JSON Syntax:

{
  "crn": "string"
}

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.

Output

environment -> (object)

The environment.

environmentName -> (string)

Name of the environment.

crn -> (string)

CRN of the environment.

status -> (string)

Status of the environment.

region -> (string)

Region of the environment.

cloudPlatform -> (string)

Cloud platform of the environment.

credentialName -> (string)

Name of the credential of the environment.

network -> (object)

The network.

networkName -> (string)

Name or id of the network

subnetIds -> (array)

Subnet names or ids of the network.

item -> (string)

endpointAccessGatewayScheme -> (string)

The scheme for the endpoint gateway. PUBLIC indicates an external endpoint that can be accessed over the Internet.

endpointAccessGatewaySubnetIds -> (array)

The subnets to use for endpoint access gateway.

item -> (string)

aws -> (object)

AWS network parameters.

vpcId -> (string)

VPC ids of the specified networks.

azure -> (object)

Azure network parameters.

networkId -> (string)

The id of the Azure VNet.

resourceGroupName -> (string)

The name of the resource group associated with the VNet.

usePublicIp -> (boolean)

Whether to associate public ip’s to the resources within the network.

databasePrivateDnsZoneId -> (string)

The full Azure resource ID of the existing Private DNS Zone used for Flexible Server and Single Server Databases.

aksPrivateDnsZoneId -> (string)

The full Azure resource ID of an existing Private DNS zone used for the AKS.

enableOutboundLoadBalancer -> (boolean)

Whether the outbound load balancer was created for this environment.

flexibleServerSubnetIds -> (array)

The subnets delegated for Flexible Server database. Accepts either the name or the full resource id.

item -> (string)

gcp -> (object)

GCP network parameters.

networkName -> (string)

The name of the GCP VPC.

usePublicIp -> (boolean)

Whether to associate public ip’s to the resources within the network.

sharedProjectId -> (string)

The ID of the Google project associated with the VPC.

networkCidr -> (string)

The range of private IPv4 addresses that resources will use under this network.

subnetMetadata -> (map)

Additional subnet metadata of the network.

key -> (string)

value -> (object)

Information about a cloud provider subnet.

subnetId -> (string)

The id of the subnet.

subnetName -> (string)

The name of the subnet.

availabilityZone -> (string)

The availability zone of the subnet.

cidr -> (string)

The CIDR IP range of the subnet.

logStorage -> (object)

Storage configuration for cluster and audit logs.

enabled -> (boolean)

Whether external log storage is enabled.

awsDetails -> (object)

AWS-specific log storage configuration information.

storageLocationBase -> (string)

The base location to store logs in S3. This should be an s3a:// url.

instanceProfile -> (string)

The AWS instance profile that which contains the necessary permissions to access the S3 storage location.

azureDetails -> (object)

Azure-specific log storage configuration information.

storageLocationBase -> (string)

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

managedIdentity -> (string)

The managed identity associated with the logger. This identity should have Storage Blob Data Contributor role on the given storage account.

gcpDetails -> (object)

GCP-specific log storage configuration information.

storageLocationBase -> (string)

The storage location to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email ID of the service account associated with the logging instances.

backupStorage -> (object)

Storage configuration for backup.

enabled -> (boolean)

Whether external backup storage is enabled. The default value is disabled.

awsDetails -> (object)

AWS-specific backup storage configuration information.

storageLocationBase -> (string)

The base location to store backup in S3. This should be an s3a:// url.

instanceProfile -> (string)

The AWS instance profile which contains the necessary permissions to access the S3 storage location.

azureDetails -> (object)

Azure-specific backup storage configuration information.

storageLocationBase -> (string)

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

managedIdentity -> (string)

The managed identity associated with the backup. This identity should have Storage Blob Data Contributor role on the given storage account.

gcpDetails -> (object)

GCP-specific backup storage configuration information.

storageLocationBase -> (string)

The storage location to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email ID of the service account associated with the backup instances.

authentication -> (object)

Additional SSH key authentication configuration for accessing cluster node instances.

publicKey -> (string)

SSH Public key string.

publicKeyId -> (string)

Public SSH key ID already registered in the cloud provider.

loginUserName -> (string)

The SSH user name created on the nodes for SSH access.

securityAccess -> (object)

Security control configuration for FreeIPA and Datalake deployment.

cidr -> (string)

CIDR range which is allowed for inbound traffic. Either IPv4 or IPv6 is allowed.

securityGroupIdForKnox -> (string)

Security group where Knox-enabled hosts are placed.

defaultSecurityGroupId -> (string)

Security group where all other hosts are placed.

description -> (string)

Description of the environment

statusReason -> (string)

The status reason.

created -> (datetime)

Creation date

creator -> (string)

The CRN of the user who has created the given environment.

awsDetails -> (object)

AWS-specific environment configuration information.

azureDetails -> (object)

Azure specific environment configuration information.

resourceGroupName -> (string)

Name of an existing Azure resource group to be used for the environment. If it is not specified then new resource groups will be generated.

resourceEncryptionParameters -> (object)

Object containing details of encryption parameters for Azure cloud.

encryptionKeyUrl -> (string)

URL of the key which is used to encrypt the Azure Managed Disks.

encryptionKeyResourceGroupName -> (string)

Name of the existing Azure resource group hosting the Azure Key Vault containing customer managed key which is used to encrypt the Azure Managed Disks.

diskEncryptionSetId -> (string)

ID of the Disk Encryption Set created in Azure which is used to encrypt Managed Disks of FreeIPA, Data Lake, Data Hub and PostgreSQL.

encryptionUserManagedIdentity -> (string)

User managed identity for encryption.

gcpDetails -> (object)

GCP specific environment configuration information.

sharedProjectId -> (string)

ID of the Google project where the resources are created.

workloadAnalytics -> (boolean)

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

reportDeploymentLogs -> (boolean)

When true, this will report additional diagnostic information back to Cloudera.

freeipa -> (object)

Details of a FreeIPA cluster.

crn -> (string)

CRN of the FreeIPA cluster.

domain -> (string)

The domain name of the FreeIPA cluster.

hostname -> (string)

The hostname of the FreeIPA cluster.

serverIP -> (array)

The IP addresses of the FreeIPA cluster.

item -> (string)

recipes -> (array)

The recipes for the FreeIPA cluster.

item -> (string)

instances -> (array)

The instances of the FreeIPA cluster.

item -> (object)

Object for a FreeIPA instance providing specific information about the instance.

availabilityZone -> (string)

The availability zone of the instance.

discoveryFQDN -> (string)

The fully qualified domain name of the instance in the service discovery cluster.

instanceId -> (string)

The instance ID for the instance.

instanceGroup -> (string)

The instance group that contains the instance.

instanceStatus -> (string)

The status of the instance.

instanceStatusReason -> (string)

The status reason for the instance.

instanceType -> (string)

The type of the instance (either GATEWAY or GATEWAY_PRIMARY).

instanceVmType -> (string)

The VM type of the instance. Supported values depend on the cloud platform.

lifeCycle -> (string)

The life cycle type for the instance (either NORMAL or SPOT).

privateIP -> (string)

The private IP of the instance.

publicIP -> (string)

The public IP of the instance.

sshPort -> (integer)

The SSH port of the instance.

subnetId -> (string)

The subnet ID of the instance.

attachedVolumes -> (array)

List of volumes attached to this instance.

item -> (object)

The attached volume configuration.

count -> (integer)

The number of volumes.

volumeType -> (string)

The type of volumes.

size -> (integer)

The size of each volume in GB.

instanceCountByGroup -> (integer)

The number of FreeIPA instances to create per group when creating FreeIPA in environment.

multiAz -> (boolean)

Whether the given FreeIPA is deployed in a multi-availability zone way or not.

proxyConfig -> (object)

A proxy config object.

proxyConfigName -> (string)

The name of the proxy config.

crn -> (string)

The CRN of the proxy config.

protocol -> (string)

The protocol.

host -> (string)

The proxy host.

port -> (integer)

The proxy port.

description -> (string)

A description for the proxy config.

noProxyHosts -> (string)

Comma-separated list of ‘CIDR’, ‘[.]host[:port]’ (can be a subdomain as well) and ‘IP[:port]’ entries that should not be proxied. Wildcards are not accepted. For example .cloudera.com,192.168.1.1

user -> (string)

The proxy user.

password -> (string)

The proxy password.

inboundProxyCidr -> (array)

Allow these CIDR for Inbound communication.

item -> (string)

tags -> (object)

Environment tags object containing the tag values defined for the environment.

userDefined -> (map)

Map of tag names to values, for user-defined tags.

key -> (string)

value -> (string)

Tag value for the user-defined tag.

defaults -> (map)

Map of tag names to values, for default tags.

key -> (string)

value -> (string)

Tag value for the default tag.

dataServices -> (object)

Data Services parameters response of the environment.

azure -> (object)

Azure-specific Data Service parameters response.

sharedManagedIdentity -> (string)

User-assigned managed identity used by the AKS control plane.

customDockerRegistry -> (object)

The configured custom docker registry for data services.

crn -> (string)

The CRN of the configured custom docker registry for data services on the environment.

awsComputeClusterConfiguration -> (object)

Externalized compute cluster configuration for the environment.

privateCluster -> (boolean)

If true, creates private cluster.

kubeApiAuthorizedIpRanges -> (array)

Kubernetes API authorized IP ranges in CIDR notation.

item -> (string)

workerNodeSubnets -> (array)

Subnets for Kubernetes Worker Nodes

item -> (string)

azureComputeClusterConfiguration -> (object)

Externalized compute cluster configuration for the environment.

privateCluster -> (boolean)

If true, creates private cluster.

kubeApiAuthorizedIpRanges -> (array)

Kubernetes API authorized IP ranges in CIDR notation.

item -> (string)

outboundType -> (string)

Cluster egress with defined outbound type in Azure Kubernetes Service.

workerNodeSubnets -> (array)

Subnets for Kubernetes Worker Nodes

item -> (string)

computeClusterEnabled -> (boolean)

Compute clusters enabled

Form Factors

public, private