Merge remote-tracking branch 'origin/develop' into resource-policy

Author: jamOne-

community/examples/AMD/hpc-amd-slurm.yaml

@@ -168,7 +168,7 @@ deployment_groups:
         # these images must match the images used by Slurm modules below because
         # we are building OpenMPI with PMI support in libraries contained in
         # Slurm installation
-        family: slurm-gcp-6-11-hpc-rocky-linux-8
+        family: slurm-gcp-6-12-hpc-rocky-linux-8
         project: schedmd-slurm-public
 
   - id: low_cost_nodeset

community/examples/hpc-build-slurm-image.yaml

@@ -23,7 +23,7 @@ vars:
   image_build_machine_type: n2d-standard-16
   build_from_image_family: hpc-rocky-linux-8
   build_from_image_project: cloud-hpc-image-public
-  build_from_git_ref: 6.10.6
+  build_from_git_ref: 6.12.1
   built_image_family: my-custom-slurm
   built_instance_image:
     family: $(vars.built_image_family)

community/examples/hpc-slurm-kms.yaml

@@ -0,0 +1,134 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+
+blueprint_name: hpc-slurm-kms
+
+vars:
+  project_id: ## Set GCP Project ID Here ##
+  deployment_name: hpc-slurm-kms
+  region: us-central1
+  zone: us-central1-a
+  kms_key: "projects/my-project/locations/us-central1/keyRings/my-keyring/cryptoKeys/my-key"
+  kms_service_account: "my-sa@my-project.iam.gserviceaccount.com"
+
+# Documentation for each of the modules used below can be found at
+# https://github.com/GoogleCloudPlatform/hpc-toolkit/blob/main/modules/README.md
+
+deployment_groups:
+- group: primary
+  modules:
+  # Source is an embedded module, denoted by "modules/*" without ./, ../, /
+  # as a prefix. To refer to a local module, prefix with ./, ../ or /
+  - id: network
+    source: modules/network/vpc
+
+  # Private Service Access (PSA) requires the compute.networkAdmin role which is
+  # included in the Owner role, but not Editor.
+  # PSA is a best practice for Filestore instances, but can be optionally
+  # removed by deleting the private_service_access module and any references to
+  # the module by Filestore modules.
+  # https://cloud.google.com/vpc/docs/configure-private-services-access#permissions
+  - id: private_service_access
+    source: modules/network/private-service-access
+    use: [network]
+
+  - id: homefs
+    source: modules/file-system/filestore
+    use: [network, private_service_access]
+    settings:
+      local_mount: /home
+
+  - id: debug_nodeset
+    source: community/modules/compute/schedmd-slurm-gcp-v6-nodeset
+    use: [network]
+    settings:
+      node_count_dynamic_max: 4
+      machine_type: n2-standard-2
+      allow_automatic_updates: false
+      disk_encryption_key_service_account: $(vars.kms_service_account)
+      disk_encryption_key: $(vars.kms_key)
+
+  - id: debug_partition
+    source: community/modules/compute/schedmd-slurm-gcp-v6-partition
+    use:
+    - debug_nodeset
+    settings:
+      partition_name: debug
+      exclusive: false # allows nodes to stay up after jobs are done
+      is_default: true
+
+  - id: compute_nodeset
+    source: community/modules/compute/schedmd-slurm-gcp-v6-nodeset
+    use: [network]
+    settings:
+      node_count_dynamic_max: 20
+      bandwidth_tier: gvnic_enabled
+      allow_automatic_updates: false
+      disk_encryption_key: $(vars.kms_key)
+      disk_encryption_key_service_account: $(vars.kms_service_account)
+
+  - id: compute_partition
+    source: community/modules/compute/schedmd-slurm-gcp-v6-partition
+    use:
+    - compute_nodeset
+    settings:
+      partition_name: compute
+
+  - id: h3_nodeset
+    source: community/modules/compute/schedmd-slurm-gcp-v6-nodeset
+    use: [network]
+    settings:
+      node_count_dynamic_max: 20
+      # Note that H3 is available in only specific zones. https://cloud.google.com/compute/docs/regions-zones
+      machine_type: h3-standard-88
+      # H3 does not support pd-ssd and pd-standard
+      # https://cloud.google.com/compute/docs/compute-optimized-machines#h3_disks
+      disk_type: pd-balanced
+      bandwidth_tier: gvnic_enabled
+      allow_automatic_updates: false
+      disk_encryption_key: $(vars.kms_key)
+      disk_encryption_key_service_account: $(vars.kms_service_account)
+
+  - id: h3_partition
+    source: community/modules/compute/schedmd-slurm-gcp-v6-partition
+    use:
+    - h3_nodeset
+    settings:
+      partition_name: h3
+
+  - id: slurm_login
+    source: community/modules/scheduler/schedmd-slurm-gcp-v6-login
+    use: [network]
+    settings:
+      machine_type: n2-standard-4
+      enable_login_public_ips: true
+      disk_encryption_key: $(vars.kms_key)
+      disk_encryption_key_service_account: $(vars.kms_service_account)
+
+  - id: slurm_controller
+    source: community/modules/scheduler/schedmd-slurm-gcp-v6-controller
+    use:
+    - network
+    - debug_partition
+    - compute_partition
+    - h3_partition
+    - homefs
+    - slurm_login
+    settings:
+      enable_controller_public_ips: true
+      disk_encryption_key: $(vars.kms_key)
+      disk_encryption_key_service_account: $(vars.kms_service_account)
+      slurm_bucket_kms_key: $(vars.kms_key)

community/examples/hpc-slurm-ubuntu2204.yaml

@@ -24,7 +24,7 @@ vars:
   slurm_image:
     # Please refer to the following link for the latest images:
     # https://github.com/GoogleCloudPlatform/slurm-gcp/blob/master/docs/images.md#supported-operating-systems
-    family: slurm-gcp-6-11-ubuntu-2204-lts-nvidia-570
+    family: slurm-gcp-6-12-ubuntu-2204-lts-nvidia-570
     project: schedmd-slurm-public
 
 deployment_groups:

community/examples/hpc-slurm6-apptainer.yaml

@@ -60,7 +60,7 @@ deployment_groups:
     settings:
       source_image_project_id: [schedmd-slurm-public]
       # see latest in https://github.com/GoogleCloudPlatform/slurm-gcp/blob/master/docs/images.md#published-image-family
-      source_image_family: slurm-gcp-6-11-hpc-rocky-linux-8
+      source_image_family: slurm-gcp-6-12-hpc-rocky-linux-8
       # You can find size of source image by using following command
       # gcloud compute images describe-from-family <source_image_family> --project schedmd-slurm-public
       disk_size: $(vars.disk_size)

community/examples/xpk-n2-filestore/xpk-n2-filestore.yaml

@@ -101,15 +101,10 @@ deployment_groups:
       - source: $(vars.storage_crd_path)
         # Server-side applies avoid last-applied-configuration and associated annotation length issues
       - source: https://raw.githubusercontent.com/kubernetes-sigs/kjob/$(vars.kjob_version)/config/crd/bases/kjobctl.x-k8s.io_applicationprofiles.yaml
-        server_side_apply: true
       - source: https://raw.githubusercontent.com/kubernetes-sigs/kjob/$(vars.kjob_version)/config/crd/bases/kjobctl.x-k8s.io_jobtemplates.yaml
-        server_side_apply: true
       - source: https://raw.githubusercontent.com/kubernetes-sigs/kjob/$(vars.kjob_version)/config/crd/bases/kjobctl.x-k8s.io_rayclustertemplates.yaml
-        server_side_apply: true
       - source: https://raw.githubusercontent.com/kubernetes-sigs/kjob/$(vars.kjob_version)/config/crd/bases/kjobctl.x-k8s.io_rayjobtemplates.yaml
-        server_side_apply: true
       - source: https://raw.githubusercontent.com/kubernetes-sigs/kjob/$(vars.kjob_version)/config/crd/bases/kjobctl.x-k8s.io_volumebundles.yaml
-        server_side_apply: true
 
   - id: homefs
     source: modules/file-system/filestore

community/front-end/ofe/requirements.txt

@@ -13,7 +13,7 @@ cfgv==3.5.0
 charset-normalizer==3.4.4
 click==8.3.1
 crispy-bootstrap5==2026.3
-cryptography==46.0.5
+cryptography==46.0.6
 decorator==5.2.1
 defusedxml==0.7.1
 dill==0.4.1
@@ -81,7 +81,7 @@ python3-openid==3.2.0
 pytz==2023.3
 PyYAML==6.0.3
 referencing==0.37.0
-requests==2.32.5
+requests==2.33.0
 requests-oauthlib==2.0.0
 retry==0.9.2
 rpds-py==0.30.0

community/front-end/ofe/website/ghpcfe/templates/blueprint/cluster_config.yaml.j2

@@ -80,7 +80,7 @@ deployment_groups:
     id: slurm_controller
     settings:
       instance_image:
-        family: slurm-gcp-6-11-hpc-rocky-linux-8
+        family: slurm-gcp-6-12-hpc-rocky-linux-8
         project: schedmd-slurm-public
       cloud_parameters:
         resume_rate: 0
@@ -118,7 +118,7 @@ deployment_groups:
     id: slurm_login
     settings:
       instance_image:
-        family: slurm-gcp-6-11-hpc-rocky-linux-8
+        family: slurm-gcp-6-12-hpc-rocky-linux-8
         project: schedmd-slurm-public
       num_instances: {{ cluster.num_login_nodes }}
       subnetwork_self_link: "projects/{{ cluster.project_id }}/regions/{{ cluster.cloud_region }}/subnetworks/{{ cluster.subnet.cloud_id }}"

community/front-end/ofe/website/ghpcfe/templates/blueprint/partition_config.yaml.j2

@@ -49,7 +49,7 @@ limitations under the License.
       family: {% if part.image.source_image_family == "Imported" %}{{ part.image.family }}{% else %}image-{{ part.image.family }}{% endif %}
       project: {{ cluster.project_id }}
     {% else %}
-      family: slurm-gcp-6-11-hpc-rocky-linux-8
+      family: slurm-gcp-6-12-hpc-rocky-linux-8
       project: schedmd-slurm-public
     {% endif %}
     {% if part.additional_disk_count > 0 %}

community/modules/compute/schedmd-slurm-gcp-v6-nodeset-dynamic/README.md

@@ -102,7 +102,7 @@ No resources.
 | <a name="input_enable_spot_vm"></a> [enable\_spot\_vm](#input\_enable\_spot\_vm) | Enable the partition to use spot VMs (https://cloud.google.com/spot-vms). | `bool` | `false` | no |
 | <a name="input_feature"></a> [feature](#input\_feature) | The node feature, used to bind nodes to the nodeset. If not set, the nodeset name will be used. | `string` | `null` | no |
 | <a name="input_guest_accelerator"></a> [guest\_accelerator](#input\_guest\_accelerator) | List of the type and count of accelerator cards attached to the instance. | <pre>list(object({<br/>    type  = string,<br/>    count = number<br/>  }))</pre> | `[]` | no |
-| <a name="input_instance_image"></a> [instance\_image](#input\_instance\_image) | Defines the image that will be used in the Slurm node group VM instances.<br/><br/>Expected Fields:<br/>name: The name of the image. Mutually exclusive with family.<br/>family: The image family to use. Mutually exclusive with name.<br/>project: The project where the image is hosted.<br/><br/>For more information on creating custom images that comply with Slurm on GCP<br/>see the "Slurm on GCP Custom Images" section in docs/vm-images.md. | `map(string)` | <pre>{<br/>  "family": "slurm-gcp-6-11-hpc-rocky-linux-8",<br/>  "project": "schedmd-slurm-public"<br/>}</pre> | no |
+| <a name="input_instance_image"></a> [instance\_image](#input\_instance\_image) | Defines the image that will be used in the Slurm node group VM instances.<br/><br/>Expected Fields:<br/>name: The name of the image. Mutually exclusive with family.<br/>family: The image family to use. Mutually exclusive with name.<br/>project: The project where the image is hosted.<br/><br/>For more information on creating custom images that comply with Slurm on GCP<br/>see the "Slurm on GCP Custom Images" section in docs/vm-images.md. | `map(string)` | <pre>{<br/>  "family": "slurm-gcp-6-12-hpc-rocky-linux-8",<br/>  "project": "schedmd-slurm-public"<br/>}</pre> | no |
 | <a name="input_instance_image_custom"></a> [instance\_image\_custom](#input\_instance\_image\_custom) | A flag that designates that the user is aware that they are requesting<br/>to use a custom and potentially incompatible image for this Slurm on<br/>GCP module.<br/><br/>If the field is set to false, only the compatible families and project<br/>names will be accepted.  The deployment will fail with any other image<br/>family or name.  If set to true, no checks will be done.<br/><br/>See: https://goo.gle/hpc-slurm-images | `bool` | `false` | no |
 | <a name="input_labels"></a> [labels](#input\_labels) | Labels to add to partition compute instances. Key-value pairs. | `map(string)` | `{}` | no |
 | <a name="input_machine_type"></a> [machine\_type](#input\_machine\_type) | Compute Platform machine type to use for this partition compute nodes. | `string` | `"c2-standard-60"` | no |