feat: add a flag to toggle the Kubelet read only port (#383)

* feat: Add `KUBE_DNS` option to `DNSConfig.cluster_dns`

---
feat: add Tier 1 cluster-level API network_performance_config
PiperOrigin-RevId: 544446757

Source-Link: googleapis/googleapis@becb844

Source-Link: googleapis/googleapis-gen@0ffa236
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMGZmYTIzNjE5NjdlMmY3NzZhMGY5M2ZlNWUzM2MwMWRhN2I2MGViYSJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* feat: add a flag to toggle the Kubelet read only port

A new optional field `InsecureKubeletReadonlyPortEnabled` is available in
`NodeKubeletConfig` and `AutoProvisioningNodePoolDefaults`.

Setting the field to `false` turns off the read-only port.
If un-set, the default for the GKE version is used.

---
feat: publicize tpu topology in beta API

---
feat: add a Pod IP Utilization API

Users can use `cluster describe` command to check the Pod IP ranges utilizations consumed by all the node pools within the same cluster. This percentage can be seen at cluster default Pod range, additional Pod ranges, and node pool level Pod ranges.

PiperOrigin-RevId: 545172252

Source-Link: googleapis/googleapis@5b2d46f

Source-Link: googleapis/googleapis-gen@efa201a
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiZWZhMjAxYTJiZGQwNjQyYmQ1ZGZkZWNmOTJmN2MzYTBjMzhkY2E4NSJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

packages/google-cloud-container/google/cloud/container_v1beta1/__init__.py

@@ -142,6 +142,7 @@
     PrivateClusterMasterGlobalAccessConfig,
     PrivateIPv6GoogleAccess,
     ProtectConfig,
+    RangeInfo,
     RecurringTimeWindow,
     ReleaseChannel,
     ReservationAffinity,
@@ -319,6 +320,7 @@
     "PrivateClusterMasterGlobalAccessConfig",
     "PrivateIPv6GoogleAccess",
     "ProtectConfig",
+    "RangeInfo",
     "RecurringTimeWindow",
     "ReleaseChannel",
     "ReservationAffinity",

packages/google-cloud-container/google/cloud/container_v1beta1/types/__init__.py

@@ -136,6 +136,7 @@
     PrivateClusterMasterGlobalAccessConfig,
     PrivateIPv6GoogleAccess,
     ProtectConfig,
+    RangeInfo,
     RecurringTimeWindow,
     ReleaseChannel,
     ReservationAffinity,
@@ -308,6 +309,7 @@
     "PrivateClusterConfig",
     "PrivateClusterMasterGlobalAccessConfig",
     "ProtectConfig",
+    "RangeInfo",
     "RecurringTimeWindow",
     "ReleaseChannel",
     "ReservationAffinity",

packages/google-cloud-container/google/cloud/container_v1beta1/types/cluster_service.py

@@ -89,6 +89,7 @@
         "NodePoolAutoConfig",
         "ClusterUpdate",
         "AdditionalPodRangesConfig",
+        "RangeInfo",
         "Operation",
         "OperationProgress",
         "CreateClusterRequest",
@@ -391,6 +392,8 @@ class OSVersion(proto.Enum):
 class NodeKubeletConfig(proto.Message):
     r"""Node kubelet configs.
 
+    .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
+
     Attributes:
         cpu_manager_policy (str):
             Control the CPU management policy on the node. See
@@ -431,6 +434,10 @@ class NodeKubeletConfig(proto.Message):
             Controls the maximum number of processes allowed
             to run in a pod. The value must be greater than
             or equal to 1024 and less than 4194304.
+        insecure_kubelet_readonly_port_enabled (bool):
+            Enable or disable Kubelet read only port.
+
+            This field is a member of `oneof`_ ``_insecure_kubelet_readonly_port_enabled``.
     """
 
     cpu_manager_policy: str = proto.Field(
@@ -450,6 +457,11 @@ class NodeKubeletConfig(proto.Message):
         proto.INT64,
         number=4,
     )
+    insecure_kubelet_readonly_port_enabled: bool = proto.Field(
+        proto.BOOL,
+        number=7,
+        optional=True,
+    )
 
 
 class NodeConfig(proto.Message):
@@ -571,7 +583,7 @@ class NodeConfig(proto.Message):
             Whether the nodes are created as preemptible
             VM instances. See:
             https://cloud.google.com/compute/docs/instances/preemptible
-            for more inforamtion about preemptible VM
+            for more information about preemptible VM
             instances.
         accelerators (MutableSequence[google.cloud.container_v1beta1.types.AcceleratorConfig]):
             A list of hardware accelerators to be
@@ -936,6 +948,10 @@ class NodeNetworkConfig(proto.Message):
             off to next power of 2) Example: max_pods_per_node of 30
             will result in 32 IPs (/27) when overprovisioning is
             disabled.
+        pod_ipv4_range_utilization (float):
+            Output only. [Output only] The utilization of the IPv4 range
+            for pod. The ratio is Usage/[Total number of IPs in the
+            secondary range], Usage=numNodes\ *numZones*\ podIPsPerNode.
     """
 
     class NetworkPerformanceConfig(proto.Message):
@@ -1011,6 +1027,10 @@ class Tier(proto.Enum):
         number=13,
         message="PodCIDROverprovisionConfig",
     )
+    pod_ipv4_range_utilization: float = proto.Field(
+        proto.DOUBLE,
+        number=16,
+    )
 
 
 class ShieldedInstanceConfig(proto.Message):
@@ -2239,6 +2259,11 @@ class IPAllocationPolicy(proto.Message):
             are added to the cluster. These pod ranges can be used by
             new node pools to allocate pod IPs automatically. Once the
             range is removed it will not show up in IPAllocationPolicy.
+        default_pod_ipv4_range_utilization (float):
+            Output only. [Output only] The utilization of the cluster
+            default IPv4 range for pod. The ratio is Usage/[Total number
+            of IPs in the secondary range],
+            Usage=numNodes\ *numZones*\ podIPsPerNode.
     """
 
     class StackType(proto.Enum):
@@ -2359,6 +2384,10 @@ class IPv6AccessType(proto.Enum):
         number=24,
         message="AdditionalPodRangesConfig",
     )
+    default_pod_ipv4_range_utilization: float = proto.Field(
+        proto.DOUBLE,
+        number=25,
+    )
 
 
 class BinaryAuthorization(proto.Message):
@@ -3691,6 +3720,8 @@ class ClusterUpdate(proto.Message):
         desired_security_posture_config (google.cloud.container_v1beta1.types.SecurityPostureConfig):
             Enable/Disable Security Posture API features
             for the cluster.
+        desired_network_performance_config (google.cloud.container_v1beta1.types.NetworkConfig.ClusterNetworkPerformanceConfig):
+            The desired network performance config.
         desired_enable_fqdn_network_policy (bool):
             Enable/Disable FQDN Network Policy for the
             cluster.
@@ -3958,6 +3989,11 @@ class ClusterUpdate(proto.Message):
         number=124,
         message="SecurityPostureConfig",
     )
+    desired_network_performance_config: "NetworkConfig.ClusterNetworkPerformanceConfig" = proto.Field(
+        proto.MESSAGE,
+        number=125,
+        message="NetworkConfig.ClusterNetworkPerformanceConfig",
+    )
     desired_enable_fqdn_network_policy: bool = proto.Field(
         proto.BOOL,
         number=126,
@@ -3983,12 +4019,41 @@ class AdditionalPodRangesConfig(proto.Message):
         pod_range_names (MutableSequence[str]):
             Name for pod secondary ipv4 range which has
             the actual range defined ahead.
+        pod_range_info (MutableSequence[google.cloud.container_v1beta1.types.RangeInfo]):
+            Output only. [Output only] Information for additional pod
+            range.
     """
 
     pod_range_names: MutableSequence[str] = proto.RepeatedField(
         proto.STRING,
         number=1,
     )
+    pod_range_info: MutableSequence["RangeInfo"] = proto.RepeatedField(
+        proto.MESSAGE,
+        number=2,
+        message="RangeInfo",
+    )
+
+
+class RangeInfo(proto.Message):
+    r"""RangeInfo contains the range name and the range utilization
+    by this cluster.
+
+    Attributes:
+        range_name (str):
+            Output only. [Output only] Name of a range.
+        utilization (float):
+            Output only. [Output only] The utilization of the range.
+    """
+
+    range_name: str = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    utilization: float = proto.Field(
+        proto.DOUBLE,
+        number=2,
+    )
 
 
 class Operation(proto.Message):
@@ -6221,6 +6286,9 @@ class PlacementPolicy(proto.Message):
         Attributes:
             type_ (google.cloud.container_v1beta1.types.NodePool.PlacementPolicy.Type):
                 The type of placement.
+            tpu_topology (str):
+                TPU placement topology for pod slice node pool.
+                https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies
         """
 
         class Type(proto.Enum):
@@ -6243,6 +6311,10 @@ class Type(proto.Enum):
             number=1,
             enum="NodePool.PlacementPolicy.Type",
         )
+        tpu_topology: str = proto.Field(
+            proto.STRING,
+            number=2,
+        )
 
     name: str = proto.Field(
         proto.STRING,
@@ -6908,6 +6980,9 @@ class AutoprovisioningNodePoolDefaults(proto.Message):
     r"""AutoprovisioningNodePoolDefaults contains defaults for a node
     pool created by NAP.
 
+
+    .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
+
     Attributes:
         oauth_scopes (MutableSequence[str]):
             The set of Google API scopes to be made available on all of
@@ -6977,6 +7052,10 @@ class AutoprovisioningNodePoolDefaults(proto.Message):
             Please see
             https://cloud.google.com/kubernetes-engine/docs/concepts/node-images
             for available image types.
+        insecure_kubelet_readonly_port_enabled (bool):
+            Enable or disable Kubelet read only port.
+
+            This field is a member of `oneof`_ ``_insecure_kubelet_readonly_port_enabled``.
     """
 
     oauth_scopes: MutableSequence[str] = proto.RepeatedField(
@@ -7022,6 +7101,11 @@ class AutoprovisioningNodePoolDefaults(proto.Message):
         proto.STRING,
         number=10,
     )
+    insecure_kubelet_readonly_port_enabled: bool = proto.Field(
+        proto.BOOL,
+        number=13,
+        optional=True,
+    )
 
 
 class ResourceLimit(proto.Message):
@@ -7899,13 +7983,48 @@ class NetworkConfig(proto.Message):
         gateway_api_config (google.cloud.container_v1beta1.types.GatewayAPIConfig):
             GatewayAPIConfig contains the desired config
             of Gateway API on this cluster.
+        network_performance_config (google.cloud.container_v1beta1.types.NetworkConfig.ClusterNetworkPerformanceConfig):
+            Network bandwidth tier configuration.
         enable_fqdn_network_policy (bool):
             Whether FQDN Network Policy is enabled on
             this cluster.
 
             This field is a member of `oneof`_ ``_enable_fqdn_network_policy``.
     """
 
+    class ClusterNetworkPerformanceConfig(proto.Message):
+        r"""Configuration of all network bandwidth tiers
+
+        .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
+
+        Attributes:
+            total_egress_bandwidth_tier (google.cloud.container_v1beta1.types.NetworkConfig.ClusterNetworkPerformanceConfig.Tier):
+                Specifies the total network bandwidth tier
+                for the NodePool.
+
+                This field is a member of `oneof`_ ``_total_egress_bandwidth_tier``.
+        """
+
+        class Tier(proto.Enum):
+            r"""Node network tier
+
+            Values:
+                TIER_UNSPECIFIED (0):
+                    Default value
+                TIER_1 (1):
+                    Higher bandwidth, actual values based on VM
+                    size.
+            """
+            TIER_UNSPECIFIED = 0
+            TIER_1 = 1
+
+        total_egress_bandwidth_tier: "NetworkConfig.ClusterNetworkPerformanceConfig.Tier" = proto.Field(
+            proto.ENUM,
+            number=1,
+            optional=True,
+            enum="NetworkConfig.ClusterNetworkPerformanceConfig.Tier",
+        )
+
     network: str = proto.Field(
         proto.STRING,
         number=1,
@@ -7952,6 +8071,11 @@ class NetworkConfig(proto.Message):
         number=16,
         message="GatewayAPIConfig",
     )
+    network_performance_config: ClusterNetworkPerformanceConfig = proto.Field(
+        proto.MESSAGE,
+        number=18,
+        message=ClusterNetworkPerformanceConfig,
+    )
     enable_fqdn_network_policy: bool = proto.Field(
         proto.BOOL,
         number=19,
@@ -8286,10 +8410,13 @@ class Provider(proto.Enum):
                 DNS resolution.
             CLOUD_DNS (2):
                 Use CloudDNS for DNS resolution.
+            KUBE_DNS (3):
+                Use KubeDNS for DNS resolution
         """
         PROVIDER_UNSPECIFIED = 0
         PLATFORM_DEFAULT = 1
         CLOUD_DNS = 2
+        KUBE_DNS = 3
 
     class DNSScope(proto.Enum):
         r"""DNSScope lists the various scopes of access to cluster DNS

packages/google-cloud-container/samples/generated_samples/snippet_metadata_google.container.v1.json

@@ -8,7 +8,7 @@
     ],
     "language": "PYTHON",
     "name": "google-cloud-container",
-    "version": "2.25.0"
+    "version": "0.1.0"
   },
   "snippets": [
     {

packages/google-cloud-container/samples/generated_samples/snippet_metadata_google.container.v1beta1.json

@@ -8,7 +8,7 @@
     ],
     "language": "PYTHON",
     "name": "google-cloud-container",
-    "version": "2.25.0"
+    "version": "0.1.0"
   },
   "snippets": [
     {