Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request to Modify GKE Cluster Creation to Support Custom Service Accounts for Default Node Pool Creation #1700

Closed
barya1993 opened this issue Sep 21, 2023 · 3 comments
Assignees

Comments

@barya1993
Copy link

To set up a GKE cluster, we attempted to utilize the "gke-cluster-standard" module from GitHub at github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules//gke-cluster-standard?ref=v26.0.0. However, within our GCP projects, the default service account for GCE resources was disabled, posing a challenge for us.

During the initial cluster creation in our project, the module encountered issues attempting to delete the default node pool because the default GCE service was disabled in our project. To address this, we have been managing the situation by explicitly providing our own service account to the node_config block in the "google_container_cluster" resource. Given that we prefer not to use the default GCE service account in any of our environments, we are reaching out to inquire if it's possible to update the cluster creation resource to support user-defined service accounts. This would enable the deletion of the default node pool.

Here is the current configuration for the "google_container_cluster" resource:

resource "google_container_cluster" "cluster" {
  node_config {
    service_account = var.default_node_pool_service_account
    dynamic "shielded_instance_config" {
      for_each = var.enable_features.shielded_nodes ? [""] : []
      content {
        enable_secure_boot          = true
        enable_integrity_monitoring = true
      }
    }
    tags = var.tags
  }
}
@barya1993 barya1993 changed the title Request to Modify GKE Cluster Creation to Support Custom Service Accounts for Default Node Pool Deletion Request to Modify GKE Cluster Creation to Support Custom Service Accounts for Default Node Pool Creation Sep 21, 2023
@ludoo ludoo self-assigned this Sep 22, 2023
@juliocc
Copy link
Collaborator

juliocc commented Sep 22, 2023

@barya1993, @ludoo pushed #1701 which should fix this. Can you give it a try and report back?

@barya1993
Copy link
Author

@juliocc that fixed the issue. Are you going to publish a new release with this change? Thanks.

@ludoo
Copy link
Collaborator

ludoo commented Sep 23, 2023

Thanks for confirming. You can easily use the module via the nightly tag, you don't need to wait for a release which we typically do once a month.

@ludoo ludoo closed this as completed Sep 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants