From c5fad28be96193cd515a81d6194b9176f6288e24 Mon Sep 17 00:00:00 2001 From: pp Date: Mon, 19 Aug 2019 18:21:16 +0300 Subject: [PATCH] Added support for resource usage export config * Based on PR https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/230 * Add support for beta feature resource_usage_export_config (Fixes #232) * Fixed `google-beta` provider version --- CHANGELOG.md | 2 ++ autogen/cluster.tf | 3 ++- autogen/main.tf | 6 +++--- autogen/variables.tf | 1 + autogen/versions.tf | 4 ++++ examples/deploy_service/main.tf | 4 +--- examples/disable_client_cert/main.tf | 6 ++---- examples/node_pool/main.tf | 6 ++---- examples/shared_vpc/main.tf | 6 ++---- examples/simple_regional/main.tf | 6 ++---- examples/simple_regional_beta/main.tf | 2 -- examples/simple_regional_private/main.tf | 3 +-- examples/simple_regional_private_beta/main.tf | 1 - examples/simple_zonal/main.tf | 6 ++---- examples/simple_zonal_private/main.tf | 3 +-- examples/stub_domains/main.tf | 6 ++---- examples/stub_domains_private/main.tf | 3 +-- examples/stub_domains_upstream_nameservers/main.tf | 6 ++---- examples/upstream_nameservers/main.tf | 6 ++---- examples/workload_metadata_config/main.tf | 3 +-- modules/beta-private-cluster/cluster.tf | 3 ++- modules/beta-private-cluster/main.tf | 6 +++--- modules/beta-private-cluster/variables.tf | 1 + modules/beta-private-cluster/versions.tf | 4 ++++ modules/beta-public-cluster/cluster.tf | 3 ++- modules/beta-public-cluster/main.tf | 6 +++--- modules/beta-public-cluster/variables.tf | 1 + modules/beta-public-cluster/versions.tf | 4 ++++ modules/private-cluster/versions.tf | 4 ++++ versions.tf | 4 ++++ 30 files changed, 61 insertions(+), 58 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 61d6432d64..2efa03933c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ Extending the adopted spec, each change should have a link to its corresponding ## [Unreleased] ### Added +* Added support for resource usage export config [#238] * Support for Intranode Visbiility (IV) and Veritical Pod Autoscaling (VPA) beta features [#216] * Support for Workload Identity beta feature [#234] @@ -168,6 +169,7 @@ Extending the adopted spec, each change should have a link to its corresponding [v0.3.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.2.0...v0.3.0 [v0.2.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.1.0...v0.2.0 +[#238]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/238 [#234]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/234 [#216]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/216 [#214]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/214 diff --git a/autogen/cluster.tf b/autogen/cluster.tf index 8aa6c4f0d8..5719d5560d 100644 --- a/autogen/cluster.tf +++ b/autogen/cluster.tf @@ -66,12 +66,13 @@ resource "google_container_cluster" "primary" { enabled = pod_security_policy_config.value.enabled } } + dynamic "resource_usage_export_config" { for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : [] content { enable_network_egress_metering = true bigquery_destination { - dataset_id = resource_usage_export_dataset_id.value + dataset_id = resource_usage_export_config.value } } } diff --git a/autogen/main.tf b/autogen/main.tf index ea7be214dd..cf67bd9e08 100644 --- a/autogen/main.tf +++ b/autogen/main.tf @@ -98,10 +98,10 @@ locals { {% if beta_cluster %} # BETA features - cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true" - cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false" + cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config.0.disabled + cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config.0.enabled cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility - cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false" + cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled # /BETA features {% endif %} diff --git a/autogen/variables.tf b/autogen/variables.tf index 2293585887..b0a70ea322 100644 --- a/autogen/variables.tf +++ b/autogen/variables.tf @@ -361,6 +361,7 @@ variable "pod_security_policy_config" { } variable "resource_usage_export_dataset_id" { + type = string description = "The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic." default = "" } diff --git a/autogen/versions.tf b/autogen/versions.tf index 832ec1df39..fe8bc38c6d 100644 --- a/autogen/versions.tf +++ b/autogen/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + required_providers { + google-beta = "~> 2.12.0" + google = "~> 2.9.0" + } } diff --git a/examples/deploy_service/main.tf b/examples/deploy_service/main.tf index 10bce771ef..cf602ecea4 100644 --- a/examples/deploy_service/main.tf +++ b/examples/deploy_service/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "kubernetes" { diff --git a/examples/disable_client_cert/main.tf b/examples/disable_client_cert/main.tf index c64f09fd67..d9e7a2dd25 100644 --- a/examples/disable_client_cert/main.tf +++ b/examples/disable_client_cert/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/node_pool/main.tf b/examples/node_pool/main.tf index 2fb447fbb3..cf12067e21 100644 --- a/examples/node_pool/main.tf +++ b/examples/node_pool/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/shared_vpc/main.tf b/examples/shared_vpc/main.tf index a0221ca360..016a1d5d2d 100644 --- a/examples/shared_vpc/main.tf +++ b/examples/shared_vpc/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/simple_regional/main.tf b/examples/simple_regional/main.tf index bd42f43d1a..c5373140bf 100644 --- a/examples/simple_regional/main.tf +++ b/examples/simple_regional/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/simple_regional_beta/main.tf b/examples/simple_regional_beta/main.tf index 9eaf2b6117..c68dcc7ead 100644 --- a/examples/simple_regional_beta/main.tf +++ b/examples/simple_regional_beta/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" credentials = file(var.credentials_path) region = var.region } provider "google-beta" { - version = "~> 2.12.0" credentials = file(var.credentials_path) region = var.region } diff --git a/examples/simple_regional_private/main.tf b/examples/simple_regional_private/main.tf index b79c21c770..2b6e678c0d 100644 --- a/examples/simple_regional_private/main.tf +++ b/examples/simple_regional_private/main.tf @@ -19,8 +19,7 @@ locals { } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } data "google_compute_subnetwork" "subnetwork" { diff --git a/examples/simple_regional_private_beta/main.tf b/examples/simple_regional_private_beta/main.tf index 0ca1873d86..2074074d46 100644 --- a/examples/simple_regional_private_beta/main.tf +++ b/examples/simple_regional_private_beta/main.tf @@ -19,7 +19,6 @@ locals { } provider "google-beta" { - version = "~> 2.12.0" credentials = file(var.credentials_path) region = var.region } diff --git a/examples/simple_zonal/main.tf b/examples/simple_zonal/main.tf index 7e04d7e4fe..4e92019941 100644 --- a/examples/simple_zonal/main.tf +++ b/examples/simple_zonal/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/simple_zonal_private/main.tf b/examples/simple_zonal_private/main.tf index 2192787516..6d786f7c0f 100644 --- a/examples/simple_zonal_private/main.tf +++ b/examples/simple_zonal_private/main.tf @@ -19,8 +19,7 @@ locals { } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } data "google_compute_subnetwork" "subnetwork" { diff --git a/examples/stub_domains/main.tf b/examples/stub_domains/main.tf index 4227aac952..f1175f4ce8 100644 --- a/examples/stub_domains/main.tf +++ b/examples/stub_domains/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/stub_domains_private/main.tf b/examples/stub_domains_private/main.tf index 046f9838c0..38763e33c0 100644 --- a/examples/stub_domains_private/main.tf +++ b/examples/stub_domains_private/main.tf @@ -15,8 +15,7 @@ */ provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "random" { diff --git a/examples/stub_domains_upstream_nameservers/main.tf b/examples/stub_domains_upstream_nameservers/main.tf index 42f3967d5a..443dce3375 100644 --- a/examples/stub_domains_upstream_nameservers/main.tf +++ b/examples/stub_domains_upstream_nameservers/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/upstream_nameservers/main.tf b/examples/upstream_nameservers/main.tf index 8a997e8c7a..99a7a16f0f 100644 --- a/examples/upstream_nameservers/main.tf +++ b/examples/upstream_nameservers/main.tf @@ -19,13 +19,11 @@ locals { } provider "google" { - version = "~> 2.12.0" - region = var.region + region = var.region } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } module "gke" { diff --git a/examples/workload_metadata_config/main.tf b/examples/workload_metadata_config/main.tf index 11cae808d4..333e549821 100644 --- a/examples/workload_metadata_config/main.tf +++ b/examples/workload_metadata_config/main.tf @@ -19,8 +19,7 @@ locals { } provider "google-beta" { - version = "~> 2.12.0" - region = var.region + region = var.region } data "google_compute_subnetwork" "subnetwork" { diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 3119cc473d..d3c1f77d13 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -61,12 +61,13 @@ resource "google_container_cluster" "primary" { enabled = pod_security_policy_config.value.enabled } } + dynamic "resource_usage_export_config" { for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : [] content { enable_network_egress_metering = true bigquery_destination { - dataset_id = resource_usage_export_dataset_id.value + dataset_id = resource_usage_export_config.value } } } diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 4c0f64ca1e..16da0d4ee9 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -87,10 +87,10 @@ locals { cluster_output_kubernetes_dashboard_enabled = google_container_cluster.primary.addons_config.0.kubernetes_dashboard.0.disabled # BETA features - cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true" - cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false" + cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config.0.disabled + cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config.0.enabled cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility - cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false" + cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled # /BETA features diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 535f1630b3..a847669d64 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -358,6 +358,7 @@ variable "pod_security_policy_config" { } variable "resource_usage_export_dataset_id" { + type = string description = "The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic." default = "" } diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf index 832ec1df39..fe8bc38c6d 100644 --- a/modules/beta-private-cluster/versions.tf +++ b/modules/beta-private-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + required_providers { + google-beta = "~> 2.12.0" + google = "~> 2.9.0" + } } diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index fc0cdbcdfe..7dc71152e3 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -61,12 +61,13 @@ resource "google_container_cluster" "primary" { enabled = pod_security_policy_config.value.enabled } } + dynamic "resource_usage_export_config" { for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : [] content { enable_network_egress_metering = true bigquery_destination { - dataset_id = resource_usage_export_dataset_id.value + dataset_id = resource_usage_export_config.value } } } diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index f6f808c1d1..f99d4d9056 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -87,10 +87,10 @@ locals { cluster_output_kubernetes_dashboard_enabled = google_container_cluster.primary.addons_config.0.kubernetes_dashboard.0.disabled # BETA features - cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true" - cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false" + cluster_output_istio_enabled = google_container_cluster.primary.addons_config.0.istio_config.0.disabled + cluster_output_pod_security_policy_enabled = google_container_cluster.primary.pod_security_policy_config.0.enabled cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility - cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false" + cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled # /BETA features diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index ae9b8c1187..1219054323 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -334,6 +334,7 @@ variable "pod_security_policy_config" { } variable "resource_usage_export_dataset_id" { + type = string description = "The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic." default = "" } diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf index 832ec1df39..fe8bc38c6d 100644 --- a/modules/beta-public-cluster/versions.tf +++ b/modules/beta-public-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + required_providers { + google-beta = "~> 2.12.0" + google = "~> 2.9.0" + } } diff --git a/modules/private-cluster/versions.tf b/modules/private-cluster/versions.tf index 832ec1df39..fe8bc38c6d 100644 --- a/modules/private-cluster/versions.tf +++ b/modules/private-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + required_providers { + google-beta = "~> 2.12.0" + google = "~> 2.9.0" + } } diff --git a/versions.tf b/versions.tf index 832ec1df39..fe8bc38c6d 100644 --- a/versions.tf +++ b/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + required_providers { + google-beta = "~> 2.12.0" + google = "~> 2.9.0" + } }