create-gcp-environment

subtitle

Creates a new GCP environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

version

0.9.66

Description

Creates a new GCP environment.

Synopsis

  create-gcp-environment
--environment-name <value>
--credential-name <value>
--region <value>
--public-key <value>
--use-public-ip | --no-use-public-ip
--existing-network-params <value>
[--security-access <value>]
[--log-storage <value>]
[--description <value>]
[--enable-tunnel | --no-enable-tunnel]
[--workload-analytics | --no-workload-analytics]
[--report-deployment-logs | --no-report-deployment-logs]
[--free-ipa <value>]
[--tags <value>]
[--proxy-config-name <value>]
[--encryption-key <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton]

Options

--environment-name (string)

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

--credential-name (string)

Name of the credential to use for the environment.

--region (string)

The region of the environment.

--public-key (string)

Public SSH key string. The associated private key can be used to get root-level access to the Data Lake instance and Data Hub cluster instances.

--use-public-ip | --no-use-public-ip (boolean)

Whether to associate public ip’s to the resources within the network.

--existing-network-params (object)

Request object for creating an GCP environment using existing VPC and subnets.

networkName -> (string)

The name of the GCP VPC.

subnetNames -> (array)

One or more subnet names within the VPC. Google VPC’s are global, please give subnets from single geographic region only to reduce latency.

item -> (string)

sharedProjectId -> (string)

The ID of the Google project associated with the VPC.

Shorthand Syntax:

networkName=string,subnetNames=string,string,sharedProjectId=string

JSON Syntax:

{
  "networkName": "string",
  "subnetNames": ["string", ...],
  "sharedProjectId": "string"
}

--security-access (object)

Firewall rules for FreeIPA, Data Lake and Data Hub deployment.

securityGroupIdForKnox -> (string)

Firewall rule for Knox hosts.

defaultSecurityGroupId -> (string)

Firewall rule for other hosts.

Shorthand Syntax:

securityGroupIdForKnox=string,defaultSecurityGroupId=string

JSON Syntax:

{
  "securityGroupIdForKnox": "string",
  "defaultSecurityGroupId": "string"
}

--log-storage (object)

GCP storage configuration for cluster and audit logs.

storageLocationBase -> (string)

The Google storage bucket to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email id of the service account to be associated with the instances. This service account should have “storage.ObjectCreator” role on the given storage bucket.

backupStorageLocationBase -> (string)

The Google storage bucket to use. This should be a gs:// url.

Shorthand Syntax:

storageLocationBase=string,serviceAccountEmail=string,backupStorageLocationBase=string

JSON Syntax:

{
  "storageLocationBase": "string",
  "serviceAccountEmail": "string",
  "backupStorageLocationBase": "string"
}

--description (string)

A description of the environment.

--enable-tunnel | --no-enable-tunnel (boolean)

Whether to enable SSH tunneling for the environment.

--workload-analytics | --no-workload-analytics (boolean)

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

--report-deployment-logs | --no-report-deployment-logs (boolean)

When true, this will report additional diagnostic information back to Cloudera.

--free-ipa (object)

Request object for creating FreeIPA in the environment.

instanceCountByGroup -> (integer)

The number of FreeIPA instances to create per group when creating FreeIPA in the environment

Shorthand Syntax:

instanceCountByGroup=integer

JSON Syntax:

{
  "instanceCountByGroup": integer
}

--tags (array)

Tags that can be attached to GCP resources. Please refer to Google documentation for the rules https://cloud.google.com/compute/docs/labeling-resources#label_format.

Shorthand Syntax:

key=string,value=string ... (separate items with spaces)

JSON Syntax:

[
  {
    "key": "string",
    "value": "string"
  }
  ...
]

--proxy-config-name (string)

Name of the proxy config to use for the environment.

--encryption-key (string)

Key Resource ID of the customer managed encryption key to encrypt GCP resources.

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.

Output

environment -> (object)

The environment.

environmentName -> (string)

Name of the environment.

crn -> (string)

CRN of the environment.

status -> (string)

Status of the environment.

region -> (string)

Region of the environment.

cloudPlatform -> (string)

Cloud platform of the environment.

credentialName -> (string)

Name of the credential of the environment.

network -> (object)

The network.

networkName -> (string)

Name or id of the network

subnetIds -> (array)

Subnet names or ids of the network.

item -> (string)

endpointAccessGatewayScheme -> (string)

The scheme for the endpoint gateway. PUBLIC indicates an external endpoint that can be accessed over the Internet.

endpointAccessGatewaySubnetIds -> (array)

The subnets to use for endpoint access gateway.

item -> (string)

aws -> (object)

AWS network parameters.

vpcId -> (string)

VPC ids of the specified networks.

azure -> (object)

Azure network parameters.

networkId -> (string)

The id of the Azure VNet.

resourceGroupName -> (string)

The name of the resource group associated with the VNet.

usePublicIp -> (boolean)

Whether to associate public ip’s to the resources within the network.

databasePrivateDnsZoneId -> (string)

The ID of an existing private DNS zone used for the database.

gcp -> (object)

GCP network parameters.

networkName -> (string)

The name of the GCP VPC.

usePublicIp -> (boolean)

Whether to associate public ip’s to the resources within the network.

sharedProjectId -> (string)

The ID of the Google project associated with the VPC.

networkCidr -> (string)

The range of private IPv4 addresses that resources will use under this network.

subnetMetadata -> (map)

Additional subnet metadata of the network.

key -> (string)

value -> (object)

Information about a cloud provider subnet.

subnetId -> (string)

The id of the subnet.

subnetName -> (string)

The name of the subnet.

availabilityZone -> (string)

The availability zone of the subnet.

cidr -> (string)

The CIDR IP range of the subnet.

logStorage -> (object)

Storage configuration for cluster and audit logs.

enabled -> (boolean)

Whether external log storage is enabled.

awsDetails -> (object)

AWS-specific log storage configuration information.

storageLocationBase -> (string)

The base location to store logs in S3. This should be an s3a:// url.

instanceProfile -> (string)

The AWS instance profile that which contains the necessary permissions to access the S3 storage location.

azureDetails -> (object)

Azure-specific log storage configuration information.

storageLocationBase -> (string)

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

managedIdentity -> (string)

The managed identity associated with the logger. This identity should have Storage Blob Data Contributor role on the given storage account.

gcpDetails -> (object)

GCP-specific log storage configuration information.

storageLocationBase -> (string)

The storage location to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email ID of the service account associated with the logging instances.

backupStorage -> (object)

Storage configuration for backup.

enabled -> (boolean)

Whether external backup storage is enabled. The default value is disabled.

awsDetails -> (object)

AWS-specific backup storage configuration information.

storageLocationBase -> (string)

The base location to store backup in S3. This should be an s3a:// url.

instanceProfile -> (string)

The AWS instance profile which contains the necessary permissions to access the S3 storage location.

azureDetails -> (object)

Azure-specific backup storage configuration information.

storageLocationBase -> (string)

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

managedIdentity -> (string)

The managed identity associated with the backup. This identity should have Storage Blob Data Contributor role on the given storage account.

gcpDetails -> (object)

GCP-specific backup storage configuration information.

storageLocationBase -> (string)

The storage location to use. This should be a gs:// url.

serviceAccountEmail -> (string)

Email ID of the service account associated with the backup instances.

authentication -> (object)

Additional SSH key authentication configuration for accessing cluster node instances.

publicKey -> (string)

SSH Public key string.

publicKeyId -> (string)

Public SSH key ID already registered in the cloud provider.

loginUserName -> (string)

The SSH user name created on the nodes for SSH access.

securityAccess -> (object)

Security control configuration for FreeIPA and Datalake deployment.

cidr -> (string)

CIDR range which is allowed for inbound traffic. Either IPv4 or IPv6 is allowed.

securityGroupIdForKnox -> (string)

Security group where Knox-enabled hosts are placed.

defaultSecurityGroupId -> (string)

Security group where all other hosts are placed.

description -> (string)

Description of the environment

statusReason -> (string)

The status reason.

created -> (datetime)

Creation date

creator -> (string)

The CRN of the user who has created the given environment.

awsDetails -> (object)

AWS-specific environment configuration information.

s3GuardTableName -> (string)

The name for the DynamoDB table backing S3Guard.

gcpDetails -> (object)

GCP specific environment configuration information.

sharedProjectId -> (string)

ID of the Google project where the resources are created.

workloadAnalytics -> (boolean)

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

reportDeploymentLogs -> (boolean)

When true, this will report additional diagnostic information back to Cloudera.

freeipa -> (object)

Details of a FreeIPA cluster.

crn -> (string)

CRN of the FreeIPA cluster.

domain -> (string)

The domain name of the FreeIPA cluster.

hostname -> (string)

The hostname of the FreeIPA cluster.

serverIP -> (array)

The IP addresses of the FreeIPA cluster.

item -> (string)

proxyConfig -> (object)

A proxy config object.

proxyConfigName -> (string)

The name of the proxy config.

crn -> (string)

The CRN of the proxy config.

protocol -> (string)

The protocol.

host -> (string)

The proxy host.

port -> (integer)

The proxy port.

description -> (string)

A description for the proxy config.

noProxyHosts -> (string)

Comma-separated list of ‘CIDR’, ‘[.]host[:port]’ (can be a subdomain as well) and ‘IP[:port]’ entries that should not be proxied. Wildcards are not accepted. For example .cloudera.com,192.168.1.1

user -> (string)

The proxy user.

password -> (string)

The proxy password.

Form Factors

public, private