diff --git a/google-beta/resource_container_cluster.go b/google-beta/resource_container_cluster.go index 6348cd137ec..1301de4ddbb 100644 --- a/google-beta/resource_container_cluster.go +++ b/google-beta/resource_container_cluster.go @@ -632,6 +632,13 @@ func resourceContainerCluster() *schema.Resource { Computed: true, Type: schema.TypeString, }, + + "default_max_pods_per_node": { + Type: schema.TypeInt, + Optional: true, + ForceNew: true, + Computed: true, + }, }, } } @@ -685,6 +692,10 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er ResourceLabels: expandStringMap(d, "resource_labels"), } + if v, ok := d.GetOk("default_max_pods_per_node"); ok { + cluster.DefaultMaxPodsConstraint = expandDefaultMaxPodsConstraint(v) + } + // Only allow setting node_version on create if it's set to the equivalent master version, // since `InitialClusterVersion` only accepts valid master-style versions. if v, ok := d.GetOk("node_version"); ok { @@ -859,6 +870,9 @@ func resourceContainerClusterRead(d *schema.ResourceData, meta interface{}) erro d.Set("enable_binary_authorization", cluster.BinaryAuthorization != nil && cluster.BinaryAuthorization.Enabled) d.Set("enable_tpu", cluster.EnableTpu) d.Set("tpu_ipv4_cidr_block", cluster.TpuIpv4CidrBlock) + if cluster.DefaultMaxPodsConstraint != nil { + d.Set("default_max_pods_per_node", cluster.DefaultMaxPodsConstraint.MaxPodsPerNode) + } if err := d.Set("cluster_autoscaling", flattenClusterAutoscaling(cluster.Autoscaling)); err != nil { return err } @@ -1719,6 +1733,16 @@ func expandPodSecurityPolicyConfig(configured interface{}) *containerBeta.PodSec } } +func expandDefaultMaxPodsConstraint(v interface{}) *containerBeta.MaxPodsConstraint { + if v == nil { + return nil + } + + return &containerBeta.MaxPodsConstraint{ + MaxPodsPerNode: int64(v.(int)), + } +} + func flattenNetworkPolicy(c *containerBeta.NetworkPolicy) []map[string]interface{} { result := []map[string]interface{}{} if c != nil { diff --git a/google-beta/resource_container_cluster_test.go b/google-beta/resource_container_cluster_test.go index c19fe7fbb03..7e546b4e23b 100644 --- a/google-beta/resource_container_cluster_test.go +++ b/google-beta/resource_container_cluster_test.go @@ -568,6 +568,7 @@ func TestAccContainerCluster_withPrivateClusterConfig(t *testing.T) { }, }) } + func TestAccContainerCluster_withLegacyAbac(t *testing.T) { t.Parallel() @@ -1451,6 +1452,29 @@ func TestAccContainerCluster_withBinaryAuthorization(t *testing.T) { }) } +func TestAccContainerCluster_withFlexiblePodCIDR(t *testing.T) { + t.Parallel() + + cluster := fmt.Sprintf("cluster-test-%s", acctest.RandString(10)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckContainerClusterDestroy, + Steps: []resource.TestStep{ + { + Config: testAccContainerCluster_withFlexiblePodCIDR(cluster), + }, + { + ResourceName: "google_container_cluster.with_flexible_cidr", + ImportStateIdPrefix: "us-central1-a/", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccCheckContainerClusterDestroy(s *terraform.State) error { config := testAccProvider.Meta().(*Config) @@ -2774,3 +2798,57 @@ resource "google_container_cluster" "with_binary_authorization" { } `, clusterName, enabled) } + +// Tests default_max_pods_per_node +func testAccContainerCluster_withFlexiblePodCIDR(cluster string) string { + return fmt.Sprintf(` +resource "google_compute_network" "container_network" { + name = "container-net-%s" + + auto_create_subnetworks = false + +} + +resource "google_compute_subnetwork" "container_subnetwork" { + name = "${google_compute_network.container_network.name}" + network = "${google_compute_network.container_network.name}" + ip_cidr_range = "10.0.35.0/24" + region = "us-central1" + private_ip_google_access = true + + secondary_ip_range { + range_name = "pod" + ip_cidr_range = "10.1.0.0/19" + } + + secondary_ip_range { + range_name = "svc" + ip_cidr_range = "10.2.0.0/22" + } +} + +resource "google_container_cluster" "with_flexible_cidr" { + name = "%s" + zone = "us-central1-a" + initial_node_count = 3 + + network = "${google_compute_network.container_network.name}" + subnetwork = "${google_compute_subnetwork.container_subnetwork.name}" + + private_cluster_config { + enable_private_endpoint = true + enable_private_nodes = true + master_ipv4_cidr_block = "10.42.0.0/28" + } + + master_authorized_networks_config { cidr_blocks = [] } + + ip_allocation_policy { + cluster_secondary_range_name = "${google_compute_subnetwork.container_subnetwork.secondary_ip_range.0.range_name}" + services_secondary_range_name = "${google_compute_subnetwork.container_subnetwork.secondary_ip_range.1.range_name}" + } + + default_max_pods_per_node = 100 +} +`, cluster, cluster) +}