diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md
index fa9fe83385..f554d23a1d 100644
--- a/blueprints/gke/multitenant-fleet/README.md
+++ b/blueprints/gke/multitenant-fleet/README.md
@@ -252,7 +252,7 @@ module "gke" {
| [iam](variables.tf#L136) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string))
| | {}
|
| [iam_by_principals](variables.tf#L143) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string))
| | {}
|
| [labels](variables.tf#L150) | Project-level labels. | map(string)
| | {}
|
-| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…})))
| | {}
|
+| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…})))
| | {}
|
| [project_services](variables.tf#L203) | Additional project services to enable. | list(string)
| | []
|
## Outputs
diff --git a/blueprints/gke/multitenant-fleet/gke-nodepools.tf b/blueprints/gke/multitenant-fleet/gke-nodepools.tf
index 692b52ac72..46c9cae339 100644
--- a/blueprints/gke/multitenant-fleet/gke-nodepools.tf
+++ b/blueprints/gke/multitenant-fleet/gke-nodepools.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2022 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -36,7 +36,7 @@ module "gke-nodepool" {
cluster_name = module.gke-cluster[each.value.cluster].name
location = module.gke-cluster[each.value.cluster].location
gke_version = each.value.gke_version
- labels = each.value.labels
+ k8s_labels = each.value.k8s_labels
max_pods_per_node = each.value.max_pods_per_node
node_config = each.value.node_config
node_count = each.value.node_count
diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf
index d8cb9cfc40..96ed616c9a 100644
--- a/blueprints/gke/multitenant-fleet/variables.tf
+++ b/blueprints/gke/multitenant-fleet/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -157,7 +157,7 @@ variable "nodepools" {
description = "Nodepools configuration. Refer to the gke-nodepool module for type details."
type = map(map(object({
gke_version = optional(string)
- labels = optional(map(string), {})
+ k8s_labels = optional(map(string), {})
max_pods_per_node = optional(number)
name = optional(string)
node_config = optional(any, {
diff --git a/fast/stages/3-gke-multitenant/dev/README.md b/fast/stages/3-gke-multitenant/dev/README.md
index 85fb985545..9603d91a28 100644
--- a/fast/stages/3-gke-multitenant/dev/README.md
+++ b/fast/stages/3-gke-multitenant/dev/README.md
@@ -229,7 +229,7 @@ Leave all these variables unset (or set to `null`) to disable fleet management.
| [iam](variables.tf#L149) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string))
| | {}
| |
| [iam_by_principals](variables.tf#L156) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string))
| | {}
| |
| [labels](variables.tf#L163) | Project-level labels. | map(string)
| | {}
| |
-| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…})))
| | {}
| |
+| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…})))
| | {}
| |
| [outputs_location](variables.tf#L202) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string
| | null
| |
| [project_services](variables.tf#L208) | Additional project services to enable. | list(string)
| | []
| |
diff --git a/fast/stages/3-gke-multitenant/dev/variables.tf b/fast/stages/3-gke-multitenant/dev/variables.tf
index 0002386012..80feb23a7e 100644
--- a/fast/stages/3-gke-multitenant/dev/variables.tf
+++ b/fast/stages/3-gke-multitenant/dev/variables.tf
@@ -170,7 +170,7 @@ variable "nodepools" {
description = "Nodepools configuration. Refer to the gke-nodepool module for type details."
type = map(map(object({
gke_version = optional(string)
- labels = optional(map(string), {})
+ k8s_labels = optional(map(string), {})
max_pods_per_node = optional(number)
name = optional(string)
node_config = optional(any, {
diff --git a/modules/gke-cluster-standard/README.md b/modules/gke-cluster-standard/README.md
index dd8ad0f444..84f8a9d1b4 100644
--- a/modules/gke-cluster-standard/README.md
+++ b/modules/gke-cluster-standard/README.md
@@ -310,10 +310,10 @@ module "cluster-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [location](variables.tf#L235) | Cluster zone or region. | string
| ✓ | |
-| [name](variables.tf#L370) | Cluster name. | string
| ✓ | |
-| [project_id](variables.tf#L406) | Cluster project id. | string
| ✓ | |
-| [vpc_config](variables.tf#L417) | VPC-level configuration. | object({…})
| ✓ | |
+| [location](variables.tf#L236) | Cluster zone or region. | string
| ✓ | |
+| [name](variables.tf#L371) | Cluster name. | string
| ✓ | |
+| [project_id](variables.tf#L410) | Cluster project id. | string
| ✓ | |
+| [vpc_config](variables.tf#L421) | VPC-level configuration. | object({…})
| ✓ | |
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | object({…})
| | {}
|
| [cluster_autoscaling](variables.tf#L39) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…})
| | null
|
| [default_nodepool](variables.tf#L118) | Enable default nodepool. | object({…})
| | {}
|
@@ -322,16 +322,16 @@ module "cluster-1" {
| [enable_addons](variables.tf#L149) | Addons enabled in the cluster (true means enabled). | object({…})
| | {…}
|
| [enable_features](variables.tf#L173) | Enable cluster-level features. Certain features allow configuration. | object({…})
| | {…}
|
| [issue_client_certificate](variables.tf#L223) | Enable issuing client certificate. | bool
| | false
|
-| [labels](variables.tf#L229) | Cluster resource labels. | map(string)
| | null
|
-| [logging_config](variables.tf#L240) | Logging configuration. | object({…})
| | {}
|
-| [maintenance_config](variables.tf#L261) | Maintenance window configuration. | object({…})
| | {…}
|
-| [max_pods_per_node](variables.tf#L284) | Maximum number of pods per node in this cluster. | number
| | 110
|
-| [min_master_version](variables.tf#L290) | Minimum version of the master, defaults to the version of the most recent official release. | string
| | null
|
-| [monitoring_config](variables.tf#L296) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…})
| | {}
|
-| [node_config](variables.tf#L375) | Node-level configuration. | object({…})
| | {}
|
-| [node_locations](variables.tf#L385) | Zones in which the cluster's nodes are located. | list(string)
| | []
|
-| [private_cluster_config](variables.tf#L392) | Private cluster configuration. | object({…})
| | null
|
-| [release_channel](variables.tf#L411) | Release channel for GKE upgrades. | string
| | null
|
+| [labels](variables.tf#L229) | Cluster resource labels. | map(string)
| | {}
|
+| [logging_config](variables.tf#L241) | Logging configuration. | object({…})
| | {}
|
+| [maintenance_config](variables.tf#L262) | Maintenance window configuration. | object({…})
| | {…}
|
+| [max_pods_per_node](variables.tf#L285) | Maximum number of pods per node in this cluster. | number
| | 110
|
+| [min_master_version](variables.tf#L291) | Minimum version of the master, defaults to the version of the most recent official release. | string
| | null
|
+| [monitoring_config](variables.tf#L297) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…})
| | {}
|
+| [node_config](variables.tf#L376) | Node-level configuration. | object({…})
| | {}
|
+| [node_locations](variables.tf#L389) | Zones in which the cluster's nodes are located. | list(string)
| | []
|
+| [private_cluster_config](variables.tf#L396) | Private cluster configuration. | object({…})
| | null
|
+| [release_channel](variables.tf#L415) | Release channel for GKE upgrades. | string
| | null
|
## Outputs
diff --git a/modules/gke-cluster-standard/main.tf b/modules/gke-cluster-standard/main.tf
index bc743fc5ce..ddc96b41f8 100644
--- a/modules/gke-cluster-standard/main.tf
+++ b/modules/gke-cluster-standard/main.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -54,6 +54,8 @@ resource "google_container_cluster" "cluster" {
boot_disk_kms_key = var.node_config.boot_disk_kms_key
service_account = var.node_config.service_account
tags = var.node_config.tags
+ labels = var.node_config.k8s_labels
+ resource_labels = var.node_config.labels
dynamic "shielded_instance_config" {
for_each = var.enable_features.shielded_nodes ? [""] : []
content {
diff --git a/modules/gke-cluster-standard/variables.tf b/modules/gke-cluster-standard/variables.tf
index 2436b467cd..4de2276978 100644
--- a/modules/gke-cluster-standard/variables.tf
+++ b/modules/gke-cluster-standard/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -229,7 +229,8 @@ variable "issue_client_certificate" {
variable "labels" {
description = "Cluster resource labels."
type = map(string)
- default = null
+ default = {}
+ nullable = false
}
variable "location" {
@@ -376,10 +377,13 @@ variable "node_config" {
description = "Node-level configuration."
type = object({
boot_disk_kms_key = optional(string)
+ k8s_labels = optional(map(string))
+ labels = optional(map(string))
service_account = optional(string)
tags = optional(list(string))
})
- default = {}
+ default = {}
+ nullable = false
}
variable "node_locations" {
diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md
index e3a3f0a791..41338cfacb 100644
--- a/modules/gke-nodepool/README.md
+++ b/modules/gke-nodepool/README.md
@@ -76,7 +76,7 @@ module "cluster-1-nodepool-1" {
cluster_name = "cluster-1"
location = "europe-west1-b"
name = "nodepool-1"
- labels = { environment = "dev" }
+ k8s_labels = { environment = "dev" }
service_account = {
create = true
email = "nodepool-1" # optional
@@ -112,7 +112,7 @@ module "cluster-1-nodepool-gpu-1" {
cluster_name = "cluster-1"
location = "europe-west4-a"
name = "nodepool-gpu-1"
- labels = { environment = "dev" }
+ k8s_labels = { environment = "dev" }
service_account = {
create = true
email = "nodepool-gpu-1" # optional
@@ -142,23 +142,24 @@ module "cluster-1-nodepool-gpu-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [cluster_name](variables.tf#L23) | Cluster name. | string
| ✓ | |
-| [location](variables.tf#L41) | Cluster location. | string
| ✓ | |
-| [project_id](variables.tf#L170) | Cluster project id. | string
| ✓ | |
+| [location](variables.tf#L48) | Cluster location. | string
| ✓ | |
+| [project_id](variables.tf#L177) | Cluster project id. | string
| ✓ | |
| [cluster_id](variables.tf#L17) | Cluster id. Optional, but providing cluster_id is recommended to prevent cluster misconfiguration in some of the edge cases. | string
| | null
|
| [gke_version](variables.tf#L28) | Kubernetes nodes version. Ignored if auto_upgrade is set in management_config. | string
| | null
|
-| [labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string)
| | {}
|
-| [max_pods_per_node](variables.tf#L46) | Maximum number of pods per node. | number
| | null
|
-| [name](variables.tf#L52) | Optional nodepool name. | string
| | null
|
-| [node_config](variables.tf#L58) | Node-level configuration. | object({…})
| | {…}
|
-| [node_count](variables.tf#L117) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…})
| | {…}
|
-| [node_locations](variables.tf#L129) | Node locations. | list(string)
| | null
|
-| [nodepool_config](variables.tf#L135) | Nodepool-level configuration. | object({…})
| | null
|
-| [pod_range](variables.tf#L157) | Pod secondary range configuration. | object({…})
| | null
|
-| [reservation_affinity](variables.tf#L175) | Configuration of the desired reservation which instances could take capacity from. | object({…})
| | null
|
-| [service_account](variables.tf#L185) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…})
| | {}
|
-| [sole_tenant_nodegroup](variables.tf#L196) | Sole tenant node group. | string
| | null
|
-| [tags](variables.tf#L202) | Network tags applied to nodes. | list(string)
| | null
|
-| [taints](variables.tf#L208) | Kubernetes taints applied to all nodes. | map(object({…}))
| | {}
|
+| [k8s_labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string)
| | {}
|
+| [labels](variables.tf#L41) | The resource labels to be applied each node (vm). | map(string)
| | {}
|
+| [max_pods_per_node](variables.tf#L53) | Maximum number of pods per node. | number
| | null
|
+| [name](variables.tf#L59) | Optional nodepool name. | string
| | null
|
+| [node_config](variables.tf#L65) | Node-level configuration. | object({…})
| | {…}
|
+| [node_count](variables.tf#L124) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…})
| | {…}
|
+| [node_locations](variables.tf#L136) | Node locations. | list(string)
| | null
|
+| [nodepool_config](variables.tf#L142) | Nodepool-level configuration. | object({…})
| | null
|
+| [pod_range](variables.tf#L164) | Pod secondary range configuration. | object({…})
| | null
|
+| [reservation_affinity](variables.tf#L182) | Configuration of the desired reservation which instances could take capacity from. | object({…})
| | null
|
+| [service_account](variables.tf#L192) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…})
| | {}
|
+| [sole_tenant_nodegroup](variables.tf#L203) | Sole tenant node group. | string
| | null
|
+| [tags](variables.tf#L209) | Network tags applied to nodes. | list(string)
| | null
|
+| [taints](variables.tf#L215) | Kubernetes taints applied to all nodes. | map(object({…}))
| | {}
|
## Outputs
diff --git a/modules/gke-nodepool/main.tf b/modules/gke-nodepool/main.tf
index 7283cc8b66..659dfc4b7e 100644
--- a/modules/gke-nodepool/main.tf
+++ b/modules/gke-nodepool/main.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -134,7 +134,8 @@ resource "google_container_node_pool" "nodepool" {
disk_size_gb = var.node_config.disk_size_gb
disk_type = var.node_config.disk_type
image_type = var.node_config.image_type
- labels = var.labels
+ labels = var.k8s_labels
+ resource_labels = var.labels
local_ssd_count = var.node_config.local_ssd_count
machine_type = var.node_config.machine_type
metadata = local.node_metadata
diff --git a/modules/gke-nodepool/variables.tf b/modules/gke-nodepool/variables.tf
index 10db6adb53..066390e438 100644
--- a/modules/gke-nodepool/variables.tf
+++ b/modules/gke-nodepool/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -31,13 +31,20 @@ variable "gke_version" {
default = null
}
-variable "labels" {
+variable "k8s_labels" {
description = "Kubernetes labels applied to each node."
type = map(string)
default = {}
nullable = false
}
+variable "labels" {
+ description = "The resource labels to be applied each node (vm)."
+ type = map(string)
+ default = {}
+ nullable = false
+}
+
variable "location" {
description = "Cluster location."
type = string