Skip to content

Commit

Permalink
Added private_endpoint_subnetwork parameters to GKE module (#2380)
Browse files Browse the repository at this point in the history
  • Loading branch information
@luigi-bitonti
luigi-bitonti authored Jun 25, 2024
1 parent 08ff364 commit 750cff0
Show file tree
Hide file tree
Showing 6 changed files with 18 additions and 14 deletions.
2 changes: 1 addition & 1 deletion modules/gke-cluster-autopilot/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ module "cluster-1" {
| [location](variables.tf#L113) | Autopilot clusters are always regional. | <code>string</code> || |
| [name](variables.tf#L190) | Cluster name. | <code>string</code> || |
| [project_id](variables.tf#L226) | Cluster project ID. | <code>string</code> || |
| [vpc_config](variables.tf#L242) | VPC-level configuration. | <code title="object&#40;&#123;&#10; network &#61; string&#10; subnetwork &#61; string&#10; master_ipv4_cidr_block &#61; optional&#40;string&#41;&#10; secondary_range_blocks &#61; optional&#40;object&#40;&#123;&#10; pods &#61; string&#10; services &#61; string&#10; &#125;&#41;&#41;&#10; secondary_range_names &#61; optional&#40;object&#40;&#123;&#10; pods &#61; optional&#40;string, &#34;pods&#34;&#41;&#10; services &#61; optional&#40;string, &#34;services&#34;&#41;&#10; &#125;&#41;&#41;&#10; additional_ranges &#61; optional&#40;list&#40;string&#41;&#41;&#10; master_authorized_ranges &#61; optional&#40;map&#40;string&#41;&#41;&#10; stack_type &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [vpc_config](variables.tf#L242) | VPC-level configuration. | <code title="object&#40;&#123;&#10; network &#61; string&#10; subnetwork &#61; string&#10; master_ipv4_cidr_block &#61; optional&#40;string&#41;&#10; master_endpoint_subnetwork &#61; optional&#40;string&#41;&#10; secondary_range_blocks &#61; optional&#40;object&#40;&#123;&#10; pods &#61; string&#10; services &#61; string&#10; &#125;&#41;&#41;&#10; secondary_range_names &#61; optional&#40;object&#40;&#123;&#10; pods &#61; optional&#40;string, &#34;pods&#34;&#41;&#10; services &#61; optional&#40;string, &#34;services&#34;&#41;&#10; &#125;&#41;&#41;&#10; additional_ranges &#61; optional&#40;list&#40;string&#41;&#41;&#10; master_authorized_ranges &#61; optional&#40;map&#40;string&#41;&#41;&#10; stack_type &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | <code title="object&#40;&#123;&#10; enable_backup_agent &#61; optional&#40;bool, false&#41;&#10; backup_plans &#61; optional&#40;map&#40;object&#40;&#123;&#10; encryption_key &#61; optional&#40;string&#41;&#10; include_secrets &#61; optional&#40;bool, true&#41;&#10; include_volume_data &#61; optional&#40;bool, true&#41;&#10; labels &#61; optional&#40;map&#40;string&#41;&#41;&#10; namespaces &#61; optional&#40;list&#40;string&#41;&#41;&#10; region &#61; string&#10; schedule &#61; string&#10; retention_policy_days &#61; optional&#40;string&#41;&#10; retention_policy_lock &#61; optional&#40;bool, false&#41;&#10; retention_policy_delete_lock_days &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [deletion_protection](variables.tf#L38) | Whether or not to allow Terraform to destroy the cluster. Unless this field is set to false in Terraform state, a terraform destroy or terraform apply that would delete the cluster will fail. | <code>bool</code> | | <code>true</code> |
| [description](variables.tf#L45) | Cluster description. | <code>string</code> | | <code>null</code> |
Expand Down
7 changes: 4 additions & 3 deletions modules/gke-cluster-autopilot/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,9 +275,10 @@ resource "google_container_cluster" "cluster" {
var.private_cluster_config != null ? [""] : []
)
content {
enable_private_nodes = true
enable_private_endpoint = var.private_cluster_config.enable_private_endpoint
master_ipv4_cidr_block = try(var.vpc_config.master_ipv4_cidr_block, null)
enable_private_nodes = true
enable_private_endpoint = var.private_cluster_config.enable_private_endpoint
private_endpoint_subnetwork = try(var.vpc_config.master_endpoint_subnetwork, null)
master_ipv4_cidr_block = try(var.vpc_config.master_ipv4_cidr_block, null)
master_global_access_config {
enabled = var.private_cluster_config.master_global_access
}
Expand Down
7 changes: 4 additions & 3 deletions modules/gke-cluster-autopilot/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,9 +242,10 @@ variable "release_channel" {
variable "vpc_config" {
description = "VPC-level configuration."
type = object({
network = string
subnetwork = string
master_ipv4_cidr_block = optional(string)
network = string
subnetwork = string
master_ipv4_cidr_block = optional(string)
master_endpoint_subnetwork = optional(string)
secondary_range_blocks = optional(object({
pods = string
services = string
Expand Down
2 changes: 1 addition & 1 deletion modules/gke-cluster-standard/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@ module "cluster-1" {
| [location](variables.tf#L237) | Cluster zone or region. | <code>string</code> || |
| [name](variables.tf#L371) | Cluster name. | <code>string</code> || |
| [project_id](variables.tf#L410) | Cluster project id. | <code>string</code> || |
| [vpc_config](variables.tf#L421) | VPC-level configuration. | <code title="object&#40;&#123;&#10; network &#61; string&#10; subnetwork &#61; string&#10; master_ipv4_cidr_block &#61; optional&#40;string&#41;&#10; secondary_range_blocks &#61; optional&#40;object&#40;&#123;&#10; pods &#61; string&#10; services &#61; string&#10; &#125;&#41;&#41;&#10; secondary_range_names &#61; optional&#40;object&#40;&#123;&#10; pods &#61; optional&#40;string, &#34;pods&#34;&#41;&#10; services &#61; optional&#40;string, &#34;services&#34;&#41;&#10; &#125;&#41;&#41;&#10; additional_ranges &#61; optional&#40;list&#40;string&#41;&#41;&#10; master_authorized_ranges &#61; optional&#40;map&#40;string&#41;&#41;&#10; stack_type &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [vpc_config](variables.tf#L421) | VPC-level configuration. | <code title="object&#40;&#123;&#10; network &#61; string&#10; subnetwork &#61; string&#10; master_ipv4_cidr_block &#61; optional&#40;string&#41;&#10; master_endpoint_subnetwork &#61; optional&#40;string&#41;&#10; secondary_range_blocks &#61; optional&#40;object&#40;&#123;&#10; pods &#61; string&#10; services &#61; string&#10; &#125;&#41;&#41;&#10; secondary_range_names &#61; optional&#40;object&#40;&#123;&#10; pods &#61; optional&#40;string, &#34;pods&#34;&#41;&#10; services &#61; optional&#40;string, &#34;services&#34;&#41;&#10; &#125;&#41;&#41;&#10; additional_ranges &#61; optional&#40;list&#40;string&#41;&#41;&#10; master_authorized_ranges &#61; optional&#40;map&#40;string&#41;&#41;&#10; stack_type &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | <code title="object&#40;&#123;&#10; enable_backup_agent &#61; optional&#40;bool, false&#41;&#10; backup_plans &#61; optional&#40;map&#40;object&#40;&#123;&#10; region &#61; string&#10; applications &#61; optional&#40;map&#40;list&#40;string&#41;&#41;&#41;&#10; encryption_key &#61; optional&#40;string&#41;&#10; include_secrets &#61; optional&#40;bool, true&#41;&#10; include_volume_data &#61; optional&#40;bool, true&#41;&#10; labels &#61; optional&#40;map&#40;string&#41;&#41;&#10; namespaces &#61; optional&#40;list&#40;string&#41;&#41;&#10; schedule &#61; optional&#40;string&#41;&#10; retention_policy_days &#61; optional&#40;number&#41;&#10; retention_policy_lock &#61; optional&#40;bool, false&#41;&#10; retention_policy_delete_lock_days &#61; optional&#40;number&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [cluster_autoscaling](variables.tf#L39) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, true&#41;&#10; autoscaling_profile &#61; optional&#40;string, &#34;BALANCED&#34;&#41;&#10; auto_provisioning_defaults &#61; optional&#40;object&#40;&#123;&#10; boot_disk_kms_key &#61; optional&#40;string&#41;&#10; disk_size &#61; optional&#40;number&#41;&#10; disk_type &#61; optional&#40;string, &#34;pd-standard&#34;&#41;&#10; image_type &#61; optional&#40;string&#41;&#10; oauth_scopes &#61; optional&#40;list&#40;string&#41;&#41;&#10; service_account &#61; optional&#40;string&#41;&#10; management &#61; optional&#40;object&#40;&#123;&#10; auto_repair &#61; optional&#40;bool, true&#41;&#10; auto_upgrade &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;&#41;&#10; shielded_instance_config &#61; optional&#40;object&#40;&#123;&#10; integrity_monitoring &#61; optional&#40;bool, true&#41;&#10; secure_boot &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;&#41;&#10; upgrade_settings &#61; optional&#40;object&#40;&#123;&#10; blue_green &#61; optional&#40;object&#40;&#123;&#10; node_pool_soak_duration &#61; optional&#40;string&#41;&#10; standard_rollout_policy &#61; optional&#40;object&#40;&#123;&#10; batch_percentage &#61; optional&#40;number&#41;&#10; batch_node_count &#61; optional&#40;number&#41;&#10; batch_soak_duration &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;&#10; surge &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; unavailable &#61; optional&#40;number&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;&#10; cpu_limits &#61; optional&#40;object&#40;&#123;&#10; min &#61; number&#10; max &#61; number&#10; &#125;&#41;&#41;&#10; mem_limits &#61; optional&#40;object&#40;&#123;&#10; min &#61; number&#10; max &#61; number&#10; &#125;&#41;&#41;&#10; gpu_resources &#61; optional&#40;list&#40;object&#40;&#123;&#10; resource_type &#61; string&#10; min &#61; number&#10; max &#61; number&#10; &#125;&#41;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [default_nodepool](variables.tf#L118) | Enable default nodepool. | <code title="object&#40;&#123;&#10; remove_pool &#61; optional&#40;bool, true&#41;&#10; initial_node_count &#61; optional&#40;number, 1&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
Expand Down
7 changes: 4 additions & 3 deletions modules/gke-cluster-standard/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -454,9 +454,10 @@ resource "google_container_cluster" "cluster" {
var.private_cluster_config != null ? [""] : []
)
content {
enable_private_nodes = true
enable_private_endpoint = var.private_cluster_config.enable_private_endpoint
master_ipv4_cidr_block = try(var.vpc_config.master_ipv4_cidr_block, null)
enable_private_nodes = true
enable_private_endpoint = var.private_cluster_config.enable_private_endpoint
private_endpoint_subnetwork = try(var.vpc_config.master_endpoint_subnetwork, null)
master_ipv4_cidr_block = try(var.vpc_config.master_ipv4_cidr_block, null)
master_global_access_config {
enabled = var.private_cluster_config.master_global_access
}
Expand Down
7 changes: 4 additions & 3 deletions modules/gke-cluster-standard/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -421,9 +421,10 @@ variable "release_channel" {
variable "vpc_config" {
description = "VPC-level configuration."
type = object({
network = string
subnetwork = string
master_ipv4_cidr_block = optional(string)
network = string
subnetwork = string
master_ipv4_cidr_block = optional(string)
master_endpoint_subnetwork = optional(string)
secondary_range_blocks = optional(object({
pods = string
services = string
Expand Down

0 comments on commit 750cff0

Please sign in to comment.