Google Compute Engine

If you are not familiar with Google Compute Engine or any of the terms used below, please consult Compute Engine’s reference documentation.

Resource Mapping

Account

In Google Compute Engine (GCE), an Account maps to a credential able to authenticate against a given Google Cloud Platform (GCP) project - see the setup guide.

Load Balancer

A Spinnaker load balancer maps to a GCE load balancer.

GCE supports many different types of load balancers, including: HTTPS(S), SSL Proxy, Network and Internal. Each of these is supported by Spinnaker.

Server Group

A Spinnaker server group maps to a GCE Managed Instance Group.

GCE allows for both zonal and regional Managed Instance Groups, and Spinnaker supports both types.

Instance

A Spinnaker instance maps to a GCE Virtual Machine Instance.

GCE supports predefined machine types as well as custom machine types, and Spinnaker has support for the full range.

Security Group

A Spinnaker security group maps to a GCE Firewall.

Spinnaker has user-friendly support for associating a new server group with a set of security groups, and the correct target tags will be set on the newly-provisioned server group.

Operation Mapping

Deploy

Deploys a GCE managed instance group.

A new GCE instance template is created for each new managed instance group.

If a deployed server group is load-balanced, Spinnaker uses instance metadata to store the relationship between the server group and load balancer. This is necessary to represent the object models in Spinnaker’s UI and to remember server group to load balancer relationships during server group enable and disable operations. Note that manipulating infrastructure (MIGs, load balancers) in GCE directly does not create the relationship metadata, and will most likely cause Spinnaker to misbehave.

Clone

Clones a GCE managed instance group.

Similar to a deploy operation, except that most of the attributes are optional. Any elided attributes will be inherited from the source managed instance group being cloned.

Destroy

Destroys a GCE managed instance group and its instance template.

If a managed instance group is serving traffic, it will first be disabled.

Resize

Resizes a GCE managed instance group.

If the managed instance group has an autoscaler configured, resize affects its min/max settings.

Enable

Registers a GCE managed instance group with its associated load balancers and discovery service so that it can receive traffic.

Disable

Deregisters a GCE managed instance group from its associated load balancers and discovery service so that it no longer receives traffic.

Rollback

Enables one server group and disables another. The disable is only initiated once the newly-enabled server group’s instances are all determined to be healthy.

Reboot Instance

Performs a hard reset on an instance.

Terminate Instance

Deletes an instance. In most cases, the managed instance group will provision a new instance to replace the terminated instance.

Terminate Instance and Shrink Server Group

Atomically deletes an instance and shrinks the target size of the managed instance group.

Create Load Balancer

Upserts and wires together all of the necessary resources to support Network, HTTP(S), Internal or SSL load balancing.

Depending on the type of load balancing desired, an assortment of regional/gobal forwarding rules, target pools/proxies, URL maps, backend services and health checks are required to be assembled. The create load balancer operation performs all of this configuration implicitly.

Edit Load Balancer

Modifies the attributes of an existing load balancer.

Delete Load Balancer

Deletes a load balancer and all of its resources.

This operation is not permitted unless there are no instances associated with the load balancer.

Create Security Group

Creates a firewall rule.

Target tags can be explicitly specified, or one can be automatically generated. Supports source filtering based on both tags and CIDRs.

Clone Security Group

Clones a firewall rule.

Supported only via the ui. The create security group wizard is pre-populated with the attributes of the security group

Edit Inbound Rules

Modifies the source filters, target tags and ingress rules of an existing firewall rule.

Delete Security Group

Deletes a firewall rule.