diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md index fa9fe83385..f554d23a1d 100644 --- a/blueprints/gke/multitenant-fleet/README.md +++ b/blueprints/gke/multitenant-fleet/README.md @@ -252,7 +252,7 @@ module "gke" { | [iam](variables.tf#L136) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | [iam_by_principals](variables.tf#L143) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string)) | | {} | | [labels](variables.tf#L150) | Project-level labels. | map(string) | | {} | -| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | +| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | | [project_services](variables.tf#L203) | Additional project services to enable. | list(string) | | [] | ## Outputs diff --git a/blueprints/gke/multitenant-fleet/gke-nodepools.tf b/blueprints/gke/multitenant-fleet/gke-nodepools.tf index 692b52ac72..46c9cae339 100644 --- a/blueprints/gke/multitenant-fleet/gke-nodepools.tf +++ b/blueprints/gke/multitenant-fleet/gke-nodepools.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -36,7 +36,7 @@ module "gke-nodepool" { cluster_name = module.gke-cluster[each.value.cluster].name location = module.gke-cluster[each.value.cluster].location gke_version = each.value.gke_version - labels = each.value.labels + k8s_labels = each.value.k8s_labels max_pods_per_node = each.value.max_pods_per_node node_config = each.value.node_config node_count = each.value.node_count diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf index d8cb9cfc40..96ed616c9a 100644 --- a/blueprints/gke/multitenant-fleet/variables.tf +++ b/blueprints/gke/multitenant-fleet/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -157,7 +157,7 @@ variable "nodepools" { description = "Nodepools configuration. Refer to the gke-nodepool module for type details." type = map(map(object({ gke_version = optional(string) - labels = optional(map(string), {}) + k8s_labels = optional(map(string), {}) max_pods_per_node = optional(number) name = optional(string) node_config = optional(any, { diff --git a/fast/stages/3-gke-multitenant/dev/README.md b/fast/stages/3-gke-multitenant/dev/README.md index 85fb985545..9603d91a28 100644 --- a/fast/stages/3-gke-multitenant/dev/README.md +++ b/fast/stages/3-gke-multitenant/dev/README.md @@ -229,7 +229,7 @@ Leave all these variables unset (or set to `null`) to disable fleet management. | [iam](variables.tf#L149) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | | [iam_by_principals](variables.tf#L156) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string)) | | {} | | | [labels](variables.tf#L163) | Project-level labels. | map(string) | | {} | | -| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | | +| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | | | [outputs_location](variables.tf#L202) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | | | [project_services](variables.tf#L208) | Additional project services to enable. | list(string) | | [] | | diff --git a/fast/stages/3-gke-multitenant/dev/variables.tf b/fast/stages/3-gke-multitenant/dev/variables.tf index 0002386012..80feb23a7e 100644 --- a/fast/stages/3-gke-multitenant/dev/variables.tf +++ b/fast/stages/3-gke-multitenant/dev/variables.tf @@ -170,7 +170,7 @@ variable "nodepools" { description = "Nodepools configuration. Refer to the gke-nodepool module for type details." type = map(map(object({ gke_version = optional(string) - labels = optional(map(string), {}) + k8s_labels = optional(map(string), {}) max_pods_per_node = optional(number) name = optional(string) node_config = optional(any, { diff --git a/modules/gke-cluster-standard/README.md b/modules/gke-cluster-standard/README.md index dd8ad0f444..84f8a9d1b4 100644 --- a/modules/gke-cluster-standard/README.md +++ b/modules/gke-cluster-standard/README.md @@ -310,10 +310,10 @@ module "cluster-1" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [location](variables.tf#L235) | Cluster zone or region. | string | ✓ | | -| [name](variables.tf#L370) | Cluster name. | string | ✓ | | -| [project_id](variables.tf#L406) | Cluster project id. | string | ✓ | | -| [vpc_config](variables.tf#L417) | VPC-level configuration. | object({…}) | ✓ | | +| [location](variables.tf#L236) | Cluster zone or region. | string | ✓ | | +| [name](variables.tf#L371) | Cluster name. | string | ✓ | | +| [project_id](variables.tf#L410) | Cluster project id. | string | ✓ | | +| [vpc_config](variables.tf#L421) | VPC-level configuration. | object({…}) | ✓ | | | [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | object({…}) | | {} | | [cluster_autoscaling](variables.tf#L39) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null | | [default_nodepool](variables.tf#L118) | Enable default nodepool. | object({…}) | | {} | @@ -322,16 +322,16 @@ module "cluster-1" { | [enable_addons](variables.tf#L149) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} | | [enable_features](variables.tf#L173) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} | | [issue_client_certificate](variables.tf#L223) | Enable issuing client certificate. | bool | | false | -| [labels](variables.tf#L229) | Cluster resource labels. | map(string) | | null | -| [logging_config](variables.tf#L240) | Logging configuration. | object({…}) | | {} | -| [maintenance_config](variables.tf#L261) | Maintenance window configuration. | object({…}) | | {…} | -| [max_pods_per_node](variables.tf#L284) | Maximum number of pods per node in this cluster. | number | | 110 | -| [min_master_version](variables.tf#L290) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | -| [monitoring_config](variables.tf#L296) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…}) | | {} | -| [node_config](variables.tf#L375) | Node-level configuration. | object({…}) | | {} | -| [node_locations](variables.tf#L385) | Zones in which the cluster's nodes are located. | list(string) | | [] | -| [private_cluster_config](variables.tf#L392) | Private cluster configuration. | object({…}) | | null | -| [release_channel](variables.tf#L411) | Release channel for GKE upgrades. | string | | null | +| [labels](variables.tf#L229) | Cluster resource labels. | map(string) | | {} | +| [logging_config](variables.tf#L241) | Logging configuration. | object({…}) | | {} | +| [maintenance_config](variables.tf#L262) | Maintenance window configuration. | object({…}) | | {…} | +| [max_pods_per_node](variables.tf#L285) | Maximum number of pods per node in this cluster. | number | | 110 | +| [min_master_version](variables.tf#L291) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | +| [monitoring_config](variables.tf#L297) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…}) | | {} | +| [node_config](variables.tf#L376) | Node-level configuration. | object({…}) | | {} | +| [node_locations](variables.tf#L389) | Zones in which the cluster's nodes are located. | list(string) | | [] | +| [private_cluster_config](variables.tf#L396) | Private cluster configuration. | object({…}) | | null | +| [release_channel](variables.tf#L415) | Release channel for GKE upgrades. | string | | null | ## Outputs diff --git a/modules/gke-cluster-standard/main.tf b/modules/gke-cluster-standard/main.tf index bc743fc5ce..ddc96b41f8 100644 --- a/modules/gke-cluster-standard/main.tf +++ b/modules/gke-cluster-standard/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -54,6 +54,8 @@ resource "google_container_cluster" "cluster" { boot_disk_kms_key = var.node_config.boot_disk_kms_key service_account = var.node_config.service_account tags = var.node_config.tags + labels = var.node_config.k8s_labels + resource_labels = var.node_config.labels dynamic "shielded_instance_config" { for_each = var.enable_features.shielded_nodes ? [""] : [] content { diff --git a/modules/gke-cluster-standard/variables.tf b/modules/gke-cluster-standard/variables.tf index 2436b467cd..4de2276978 100644 --- a/modules/gke-cluster-standard/variables.tf +++ b/modules/gke-cluster-standard/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -229,7 +229,8 @@ variable "issue_client_certificate" { variable "labels" { description = "Cluster resource labels." type = map(string) - default = null + default = {} + nullable = false } variable "location" { @@ -376,10 +377,13 @@ variable "node_config" { description = "Node-level configuration." type = object({ boot_disk_kms_key = optional(string) + k8s_labels = optional(map(string)) + labels = optional(map(string)) service_account = optional(string) tags = optional(list(string)) }) - default = {} + default = {} + nullable = false } variable "node_locations" { diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index e3a3f0a791..41338cfacb 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -76,7 +76,7 @@ module "cluster-1-nodepool-1" { cluster_name = "cluster-1" location = "europe-west1-b" name = "nodepool-1" - labels = { environment = "dev" } + k8s_labels = { environment = "dev" } service_account = { create = true email = "nodepool-1" # optional @@ -112,7 +112,7 @@ module "cluster-1-nodepool-gpu-1" { cluster_name = "cluster-1" location = "europe-west4-a" name = "nodepool-gpu-1" - labels = { environment = "dev" } + k8s_labels = { environment = "dev" } service_account = { create = true email = "nodepool-gpu-1" # optional @@ -142,23 +142,24 @@ module "cluster-1-nodepool-gpu-1" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [cluster_name](variables.tf#L23) | Cluster name. | string | ✓ | | -| [location](variables.tf#L41) | Cluster location. | string | ✓ | | -| [project_id](variables.tf#L170) | Cluster project id. | string | ✓ | | +| [location](variables.tf#L48) | Cluster location. | string | ✓ | | +| [project_id](variables.tf#L177) | Cluster project id. | string | ✓ | | | [cluster_id](variables.tf#L17) | Cluster id. Optional, but providing cluster_id is recommended to prevent cluster misconfiguration in some of the edge cases. | string | | null | | [gke_version](variables.tf#L28) | Kubernetes nodes version. Ignored if auto_upgrade is set in management_config. | string | | null | -| [labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string) | | {} | -| [max_pods_per_node](variables.tf#L46) | Maximum number of pods per node. | number | | null | -| [name](variables.tf#L52) | Optional nodepool name. | string | | null | -| [node_config](variables.tf#L58) | Node-level configuration. | object({…}) | | {…} | -| [node_count](variables.tf#L117) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…}) | | {…} | -| [node_locations](variables.tf#L129) | Node locations. | list(string) | | null | -| [nodepool_config](variables.tf#L135) | Nodepool-level configuration. | object({…}) | | null | -| [pod_range](variables.tf#L157) | Pod secondary range configuration. | object({…}) | | null | -| [reservation_affinity](variables.tf#L175) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null | -| [service_account](variables.tf#L185) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | -| [sole_tenant_nodegroup](variables.tf#L196) | Sole tenant node group. | string | | null | -| [tags](variables.tf#L202) | Network tags applied to nodes. | list(string) | | null | -| [taints](variables.tf#L208) | Kubernetes taints applied to all nodes. | map(object({…})) | | {} | +| [k8s_labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string) | | {} | +| [labels](variables.tf#L41) | The resource labels to be applied each node (vm). | map(string) | | {} | +| [max_pods_per_node](variables.tf#L53) | Maximum number of pods per node. | number | | null | +| [name](variables.tf#L59) | Optional nodepool name. | string | | null | +| [node_config](variables.tf#L65) | Node-level configuration. | object({…}) | | {…} | +| [node_count](variables.tf#L124) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…}) | | {…} | +| [node_locations](variables.tf#L136) | Node locations. | list(string) | | null | +| [nodepool_config](variables.tf#L142) | Nodepool-level configuration. | object({…}) | | null | +| [pod_range](variables.tf#L164) | Pod secondary range configuration. | object({…}) | | null | +| [reservation_affinity](variables.tf#L182) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null | +| [service_account](variables.tf#L192) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | +| [sole_tenant_nodegroup](variables.tf#L203) | Sole tenant node group. | string | | null | +| [tags](variables.tf#L209) | Network tags applied to nodes. | list(string) | | null | +| [taints](variables.tf#L215) | Kubernetes taints applied to all nodes. | map(object({…})) | | {} | ## Outputs diff --git a/modules/gke-nodepool/main.tf b/modules/gke-nodepool/main.tf index 7283cc8b66..659dfc4b7e 100644 --- a/modules/gke-nodepool/main.tf +++ b/modules/gke-nodepool/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -134,7 +134,8 @@ resource "google_container_node_pool" "nodepool" { disk_size_gb = var.node_config.disk_size_gb disk_type = var.node_config.disk_type image_type = var.node_config.image_type - labels = var.labels + labels = var.k8s_labels + resource_labels = var.labels local_ssd_count = var.node_config.local_ssd_count machine_type = var.node_config.machine_type metadata = local.node_metadata diff --git a/modules/gke-nodepool/variables.tf b/modules/gke-nodepool/variables.tf index 10db6adb53..066390e438 100644 --- a/modules/gke-nodepool/variables.tf +++ b/modules/gke-nodepool/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,13 +31,20 @@ variable "gke_version" { default = null } -variable "labels" { +variable "k8s_labels" { description = "Kubernetes labels applied to each node." type = map(string) default = {} nullable = false } +variable "labels" { + description = "The resource labels to be applied each node (vm)." + type = map(string) + default = {} + nullable = false +} + variable "location" { description = "Cluster location." type = string