From c2e031798f2b417f4f2f0d99b3899692ecac294b Mon Sep 17 00:00:00 2001 From: Miren Esnaola Date: Mon, 24 Oct 2022 18:02:11 +0200 Subject: [PATCH] Added managed_prometheus monitoring_config --- blueprints/gke/multitenant-fleet/README.md | 28 ++++++++--------- blueprints/gke/multitenant-fleet/variables.tf | 9 ++++-- fast/stages/03-gke-multitenant/dev/README.md | 30 +++++++++---------- .../03-gke-multitenant/dev/variables.tf | 9 ++++-- modules/gke-cluster/README.md | 14 ++++----- modules/gke-cluster/main.tf | 5 +++- modules/gke-cluster/variables.tf | 10 +++++-- .../modules/gke_cluster/fixture/variables.tf | 7 +++++ 8 files changed, 67 insertions(+), 45 deletions(-) diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md index ab8c6247da..bd6df94518 100644 --- a/blueprints/gke/multitenant-fleet/README.md +++ b/blueprints/gke/multitenant-fleet/README.md @@ -246,20 +246,20 @@ module "gke" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [billing_account_id](variables.tf#L17) | Billing account id. | string | ✓ | | -| [folder_id](variables.tf#L129) | Folder used for the GKE project in folders/nnnnnnnnnnn format. | string | ✓ | | -| [prefix](variables.tf#L176) | Prefix used for resources that need unique names. | string | ✓ | | -| [project_id](variables.tf#L181) | ID of the project that will contain all the clusters. | string | ✓ | | -| [vpc_config](variables.tf#L193) | Shared VPC project and VPC details. | object({…}) | ✓ | | -| [clusters](variables.tf#L22) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | -| [fleet_configmanagement_clusters](variables.tf#L67) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | -| [fleet_configmanagement_templates](variables.tf#L74) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | -| [fleet_features](variables.tf#L109) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | -| [fleet_workload_identity](variables.tf#L122) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | -| [group_iam](variables.tf#L134) | Project-level IAM bindings for groups. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | -| [iam](variables.tf#L141) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | -| [labels](variables.tf#L148) | Project-level labels. | map(string) | | {} | -| [nodepools](variables.tf#L154) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | -| [project_services](variables.tf#L186) | Additional project services to enable. | list(string) | | [] | +| [folder_id](variables.tf#L132) | Folder used for the GKE project in folders/nnnnnnnnnnn format. | string | ✓ | | +| [prefix](variables.tf#L179) | Prefix used for resources that need unique names. | string | ✓ | | +| [project_id](variables.tf#L184) | ID of the project that will contain all the clusters. | string | ✓ | | +| [vpc_config](variables.tf#L196) | Shared VPC project and VPC details. | object({…}) | ✓ | | +| [clusters](variables.tf#L22) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | +| [fleet_configmanagement_clusters](variables.tf#L70) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | +| [fleet_configmanagement_templates](variables.tf#L77) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | +| [fleet_features](variables.tf#L112) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | +| [fleet_workload_identity](variables.tf#L125) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | +| [group_iam](variables.tf#L137) | Project-level IAM bindings for groups. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | +| [iam](variables.tf#L144) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | +| [labels](variables.tf#L151) | Project-level labels. | map(string) | | {} | +| [nodepools](variables.tf#L157) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | +| [project_services](variables.tf#L189) | Additional project services to enable. | list(string) | | [] | ## Outputs diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf index d046429868..8d6c69ae1a 100644 --- a/blueprints/gke/multitenant-fleet/variables.tf +++ b/blueprints/gke/multitenant-fleet/variables.tf @@ -39,9 +39,12 @@ variable "clusters" { recurring_window = null maintenance_exclusion = [] }) - max_pods_per_node = optional(number, 110) - min_master_version = optional(string) - monitoring_config = optional(list(string), ["SYSTEM_COMPONENTS"]) + max_pods_per_node = optional(number, 110) + min_master_version = optional(string) + monitoring_config = optional(object({ + enable_components = optional(list(string), ["SYSTEM_COMPONENTS"]) + managed_prometheus = optional(bool) + })) node_locations = optional(list(string)) private_cluster_config = optional(any) release_channel = optional(string) diff --git a/fast/stages/03-gke-multitenant/dev/README.md b/fast/stages/03-gke-multitenant/dev/README.md index ac4e03d39d..f3abf494e1 100644 --- a/fast/stages/03-gke-multitenant/dev/README.md +++ b/fast/stages/03-gke-multitenant/dev/README.md @@ -142,21 +142,21 @@ terraform apply |---|---|:---:|:---:|:---:|:---:| | [automation](variables.tf#L21) | Automation resources created by the bootstrap stage. | object({…}) | ✓ | | 00-bootstrap | | [billing_account](variables.tf#L29) | Billing account id and organization id ('nnnnnnnn' or null). | object({…}) | ✓ | | 00-bootstrap | -| [folder_ids](variables.tf#L146) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. | object({…}) | ✓ | | 01-resman | -| [host_project_ids](variables.tf#L168) | Host project for the shared VPC. | object({…}) | ✓ | | 02-networking | -| [prefix](variables.tf#L210) | Prefix used for resources that need unique names. | string | ✓ | | | -| [vpc_self_links](variables.tf#L222) | Self link for the shared VPC. | object({…}) | ✓ | | 02-networking | -| [clusters](variables.tf#L38) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | | -| [fleet_configmanagement_clusters](variables.tf#L83) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | | -| [fleet_configmanagement_templates](variables.tf#L91) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | | -| [fleet_features](variables.tf#L126) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | | -| [fleet_workload_identity](variables.tf#L139) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | | -| [group_iam](variables.tf#L154) | Project-level authoritative IAM bindings for groups in {GROUP_EMAIL => [ROLES]} format. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | | -| [iam](variables.tf#L161) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | -| [labels](variables.tf#L176) | Project-level labels. | map(string) | | {} | | -| [nodepools](variables.tf#L182) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | | -| [outputs_location](variables.tf#L204) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | | -| [project_services](variables.tf#L215) | Additional project services to enable. | list(string) | | [] | | +| [folder_ids](variables.tf#L149) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. | object({…}) | ✓ | | 01-resman | +| [host_project_ids](variables.tf#L171) | Host project for the shared VPC. | object({…}) | ✓ | | 02-networking | +| [prefix](variables.tf#L213) | Prefix used for resources that need unique names. | string | ✓ | | | +| [vpc_self_links](variables.tf#L225) | Self link for the shared VPC. | object({…}) | ✓ | | 02-networking | +| [clusters](variables.tf#L38) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | | +| [fleet_configmanagement_clusters](variables.tf#L86) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | | +| [fleet_configmanagement_templates](variables.tf#L94) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | | +| [fleet_features](variables.tf#L129) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | | +| [fleet_workload_identity](variables.tf#L142) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | | +| [group_iam](variables.tf#L157) | Project-level authoritative IAM bindings for groups in {GROUP_EMAIL => [ROLES]} format. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | | +| [iam](variables.tf#L164) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | +| [labels](variables.tf#L179) | Project-level labels. | map(string) | | {} | | +| [nodepools](variables.tf#L185) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | | +| [outputs_location](variables.tf#L207) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | | +| [project_services](variables.tf#L218) | Additional project services to enable. | list(string) | | [] | | ## Outputs diff --git a/fast/stages/03-gke-multitenant/dev/variables.tf b/fast/stages/03-gke-multitenant/dev/variables.tf index 1a17da4b51..9c5a1d388e 100644 --- a/fast/stages/03-gke-multitenant/dev/variables.tf +++ b/fast/stages/03-gke-multitenant/dev/variables.tf @@ -55,9 +55,12 @@ variable "clusters" { recurring_window = null maintenance_exclusion = [] }) - max_pods_per_node = optional(number, 110) - min_master_version = optional(string) - monitoring_config = optional(list(string), ["SYSTEM_COMPONENTS"]) + max_pods_per_node = optional(number, 110) + min_master_version = optional(string) + monitoring_config = optional(object({ + enable_components = optional(list(string), ["SYSTEM_COMPONENTS"]) + managed_prometheus = optional(bool) + })) node_locations = optional(list(string)) private_cluster_config = optional(any) release_channel = optional(string) diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index be0a9f62f3..4e759da025 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -77,9 +77,9 @@ module "cluster-1" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [location](variables.tf#L117) | Cluster zone or region. | string | ✓ | | -| [name](variables.tf#L169) | Cluster name. | string | ✓ | | -| [project_id](variables.tf#L195) | Cluster project id. | string | ✓ | | -| [vpc_config](variables.tf#L206) | VPC-level configuration. | object({…}) | ✓ | | +| [name](variables.tf#L175) | Cluster name. | string | ✓ | | +| [project_id](variables.tf#L201) | Cluster project id. | string | ✓ | | +| [vpc_config](variables.tf#L212) | VPC-level configuration. | object({…}) | ✓ | | | [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null | | [description](variables.tf#L38) | Cluster description. | string | | null | | [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} | @@ -90,10 +90,10 @@ module "cluster-1" { | [maintenance_config](variables.tf#L128) | Maintenance window configuration. | object({…}) | | {…} | | [max_pods_per_node](variables.tf#L151) | Maximum number of pods per node in this cluster. | number | | 110 | | [min_master_version](variables.tf#L157) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | -| [monitoring_config](variables.tf#L163) | Monitoring components. | list(string) | | ["SYSTEM_COMPONENTS"] | -| [node_locations](variables.tf#L174) | Zones in which the cluster's nodes are located. | list(string) | | [] | -| [private_cluster_config](variables.tf#L181) | Private cluster configuration. | object({…}) | | null | -| [release_channel](variables.tf#L200) | Release channel for GKE upgrades. | string | | null | +| [monitoring_config](variables.tf#L163) | Monitoring components. | object({…) | | {…} | +| [node_locations](variables.tf#L180) | Zones in which the cluster's nodes are located. | list(string) | | [] | +| [private_cluster_config](variables.tf#L187) | Private cluster configuration. | object({…}) | | null | +| [release_channel](variables.tf#L206) | Release channel for GKE upgrades. | string | | null | ## Outputs diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf index 9981d9b4eb..d8005ccbd1 100644 --- a/modules/gke-cluster/main.tf +++ b/modules/gke-cluster/main.tf @@ -240,7 +240,10 @@ resource "google_container_cluster" "cluster" { dynamic "monitoring_config" { for_each = var.monitoring_config != null && !var.enable_features.autopilot ? [""] : [] content { - enable_components = var.monitoring_config + enable_components = var.monitoring_config.enable_components + managed_prometheus = { + enabled = var.monitoring_config.managed_prometheus + } } } diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf index a227d5c730..6db18abd02 100644 --- a/modules/gke-cluster/variables.tf +++ b/modules/gke-cluster/variables.tf @@ -162,8 +162,14 @@ variable "min_master_version" { variable "monitoring_config" { description = "Monitoring components." - type = list(string) - default = ["SYSTEM_COMPONENTS"] + type = object({ + enable_components = optional(list(string)) + managed_prometheus = optional(bool) + } + ) + default = { + enable_components = ["SYSTEM_COMPONENTS"] + } } variable "name" { diff --git a/tests/modules/gke_cluster/fixture/variables.tf b/tests/modules/gke_cluster/fixture/variables.tf index 1b539d20b3..97fc6a6359 100644 --- a/tests/modules/gke_cluster/fixture/variables.tf +++ b/tests/modules/gke_cluster/fixture/variables.tf @@ -28,3 +28,10 @@ variable "enable_features" { workload_identity = true } } + +variable "monitoring_config" { + type = any + default = { + managed_prometheus = true + } +}