Skip to content

Commit

Permalink
Merge branch 'master' into issues/93/cluster_autoscaling
Browse files Browse the repository at this point in the history
  • Loading branch information
Aaron Lane authored Nov 26, 2019
2 parents 04fcb50 + 7def757 commit 1c5f826
Show file tree
Hide file tree
Showing 113 changed files with 2,728 additions and 416 deletions.
7 changes: 7 additions & 0 deletions .kitchen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,13 @@ suites:
systems:
- name: shared_vpc
backend: local
- name: "safer_cluster"
driver:
root_module_directory: test/fixtures/safer_cluster
verifier:
systems:
- name: safer_cluster
backend: local
- name: "simple_regional"
driver:
root_module_directory: test/fixtures/simple_regional
Expand Down
43 changes: 39 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,30 @@ Extending the adopted spec, each change should have a link to its corresponding
* Support for setting node_locations on node pools. [#303]
* Fix for specifying `node_count` on node pools when autoscaling is disabled. [#311]
* Added submodule for installing Anthos Config Management. [#268]
* Support for `local_ssd_count` in node pool configuration. [#244]
* Support for `local_ssd_count` in node pool configuration. [#339]
* Wait for cluster to be ready before returning endpoint. [#340]
* `safer-cluster` submodule. [#315]
* `simple_regional_with_networking` example. [#195]
* `release_channel` variable for beta submodules. [#271]
* The `node_locations` attribute to the `node_pools` object for beta submodules. [#290]
* `private_zonal_with_nteworking` example. [#308]
* `regional_private_node_pool_oauth_scopes` example. [#321]

### Changed

* The `node_pool_labels`, `node_pool_tags`, and `node_pool_taints` variables have defaults and can be overridden within the
`node_pools` object. [#3]
* `upstream_nameservers` variable is typed as a list of strings. [#350]

### Removed

* **Breaking**: Removed support for enabling the Kubernetes dashboard, as this is deprecated on GKE. [#337]
* **Beaking**: Removed support for versions of the Google provider and the Google Beta provider older than 2.18. [#261]

### Fixed

* `identity_namespace` output depends on the `google_container_cluster.primary` resource. [#301]
* Idempotency of the beta submodules. [#326]

## [v5.1.1] - 2019-10-25

Expand Down Expand Up @@ -213,7 +235,8 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o

* Initial release of module.

[Unreleased]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.1.1...HEAD
[Unreleased]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.2.0...HEAD
[v5.2.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.1.1...v5.2.0
[v5.1.1]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.1.0...v5.1.1
[v5.1.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.0.0...v5.1.0
[v5.0.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v4.1.0...v5.0.0
Expand All @@ -230,16 +253,27 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
[v0.3.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.2.0...v0.3.0
[v0.2.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.1.0...v0.2.0

[#350]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/350
[#340]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/340
[#268]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/268
[#339]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/339
[#337]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/337
[#326]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/326
[#321]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/321
[#315]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/315
[#311]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/311
[#308]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/308
[#303]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/303
[#301]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/301
[#300]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/300
[#290]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/290
[#286]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/286
[#285]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/285
[#284]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/284
[#282]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/282
[#273]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/273
[#271]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/271
[#268]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/268
[#261]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/261
[#258]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/258
[#256]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/256
[#248]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/248
Expand All @@ -248,7 +282,6 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
[#238]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/238
[#241]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/241
[#250]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/250
[#244]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/244
[#236]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/236
[#217]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/217
[#234]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/234
Expand All @@ -260,6 +293,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
[#203]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/203
[#198]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/198
[#197]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/197
[#195]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/195
[#193]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/193
[#188]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/188
[#187]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/187
Expand Down Expand Up @@ -307,6 +341,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
[#15]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/15
[#10]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/10
[#9]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/9
[#3]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/3

[upgrading-to-v2.0]: docs/upgrading_to_v2.0.md
[upgrading-to-v3.0]: docs/upgrading_to_v3.0.md
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
# Make will use bash instead of sh
SHELL := /usr/bin/env bash

DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.4.6
DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0
DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
REGISTRY_URL := gcr.io/cloud-foundation-cicd

Expand Down
5 changes: 1 addition & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ module "gke" {
ip_range_services = "us-central1-01-gke-01-services"
http_load_balancing = false
horizontal_pod_autoscaling = true
kubernetes_dashboard = true
network_policy = true
node_pools = [
Expand Down Expand Up @@ -147,7 +146,6 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
| ip\_range\_pods | The _name_ of the secondary subnet ip range to use for pods | string | n/a | yes |
| ip\_range\_services | The _name_ of the secondary subnet range to use for services | string | n/a | yes |
| issue\_client\_certificate | Issues a client certificate to authenticate to the cluster endpoint. To maximize the security of your cluster, leave this option disabled. Client certificates don't automatically rotate and aren't easily revocable. WARNING: changing this after cluster creation is destructive! | bool | `"false"` | no |
| kubernetes\_dashboard | Enable kubernetes dashboard addon | bool | `"false"` | no |
| kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | string | `"latest"` | no |
| logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | string | `"logging.googleapis.com"` | no |
| maintenance\_start\_time | Time window specified for daily maintenance operations in RFC3339 format | string | `"05:00"` | no |
Expand All @@ -174,7 +172,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
| skip\_provisioners | Flag to skip all local-exec provisioners. It breaks `stub_domains` and `upstream_nameservers` variables functionality. | bool | `"false"` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | map(list(string)) | `<map>` | no |
| subnetwork | The subnetwork to host the cluster in (required) | string | n/a | yes |
| upstream\_nameservers | If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf | list | `<list>` | no |
| upstream\_nameservers | If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf | list(string) | `<list>` | no |
| zones | The zones to host the cluster in (optional if regional cluster / required if zonal) | list(string) | `<list>` | no |

## Outputs
Expand All @@ -185,7 +183,6 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
| endpoint | Cluster endpoint |
| horizontal\_pod\_autoscaling\_enabled | Whether horizontal pod autoscaling enabled |
| http\_load\_balancing\_enabled | Whether http load balancing enabled |
| kubernetes\_dashboard\_enabled | Whether kubernetes dashboard enabled |
| location | Cluster location (region if regional cluster, zone if zonal cluster) |
| logging\_service | Logging service used |
| master\_authorized\_networks\_config | Networks from which access to master is permitted |
Expand Down
1 change: 0 additions & 1 deletion autogen/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,6 @@ module "gke" {
ip_range_services = "us-central1-01-gke-01-services"
http_load_balancing = false
horizontal_pod_autoscaling = true
kubernetes_dashboard = true
network_policy = true
{% if private_cluster %}
enable_private_endpoint = true
Expand Down
65 changes: 32 additions & 33 deletions autogen/cluster.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -131,10 +131,6 @@ resource "google_container_cluster" "primary" {
disabled = ! var.horizontal_pod_autoscaling
}

kubernetes_dashboard {
disabled = ! var.kubernetes_dashboard
}

network_policy_config {
disabled = ! var.network_policy
}
Expand Down Expand Up @@ -264,10 +260,10 @@ resource "random_id" "name" {
labels = join(",",
sort(
concat(
keys(var.node_pools_labels["all"]),
values(var.node_pools_labels["all"]),
keys(var.node_pools_labels[var.node_pools[count.index]["name"]]),
values(var.node_pools_labels[var.node_pools[count.index]["name"]])
keys(local.node_pools_labels["all"]),
values(local.node_pools_labels["all"]),
keys(local.node_pools_labels[var.node_pools[count.index]["name"]]),
values(local.node_pools_labels[var.node_pools[count.index]["name"]])
)
)
)
Expand All @@ -276,10 +272,10 @@ resource "random_id" "name" {
metadata = join(",",
sort(
concat(
keys(var.node_pools_metadata["all"]),
values(var.node_pools_metadata["all"]),
keys(var.node_pools_metadata[var.node_pools[count.index]["name"]]),
values(var.node_pools_metadata[var.node_pools[count.index]["name"]])
keys(local.node_pools_metadata["all"]),
values(local.node_pools_metadata["all"]),
keys(local.node_pools_metadata[var.node_pools[count.index]["name"]]),
values(local.node_pools_metadata[var.node_pools[count.index]["name"]])
)
)
)
Expand All @@ -288,8 +284,8 @@ resource "random_id" "name" {
oauth_scopes = join(",",
sort(
concat(
var.node_pools_oauth_scopes["all"],
var.node_pools_oauth_scopes[var.node_pools[count.index]["name"]]
local.node_pools_oauth_scopes["all"],
local.node_pools_oauth_scopes[var.node_pools[count.index]["name"]]
)
)
)
Expand All @@ -298,8 +294,8 @@ resource "random_id" "name" {
tags = join(",",
sort(
concat(
var.node_pools_tags["all"],
var.node_pools_tags[var.node_pools[count.index]["name"]]
local.node_pools_tags["all"],
local.node_pools_tags[var.node_pools[count.index]["name"]]
)
)
)
Expand All @@ -326,7 +322,9 @@ resource "google_container_node_pool" "pools" {
// use node_locations if provided, defaults to cluster level node_locations if not specified
node_locations = lookup(var.node_pools[count.index], "node_locations", "") != "" ? split(",", var.node_pools[count.index]["node_locations"]) : null
{% endif %}
cluster = google_container_cluster.primary.name

cluster = google_container_cluster.primary.name

version = lookup(var.node_pools[count.index], "auto_upgrade", false) ? "" : lookup(
var.node_pools[count.index],
"version",
Expand Down Expand Up @@ -362,25 +360,25 @@ resource "google_container_node_pool" "pools" {
image_type = lookup(var.node_pools[count.index], "image_type", "COS")
machine_type = lookup(var.node_pools[count.index], "machine_type", "n1-standard-2")
labels = merge(
lookup(lookup(var.node_pools_labels, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(var.node_pools_labels, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
var.node_pools_labels["all"],
var.node_pools_labels[var.node_pools[count.index]["name"]],
lookup(lookup(local.node_pools_labels, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(local.node_pools_labels, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
local.node_pools_labels["all"],
local.node_pools_labels[var.node_pools[count.index]["name"]],
)
metadata = merge(
lookup(lookup(var.node_pools_metadata, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(var.node_pools_metadata, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
var.node_pools_metadata["all"],
var.node_pools_metadata[var.node_pools[count.index]["name"]],
lookup(lookup(local.node_pools_metadata, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(local.node_pools_metadata, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
local.node_pools_metadata["all"],
local.node_pools_metadata[var.node_pools[count.index]["name"]],
{
"disable-legacy-endpoints" = var.disable_legacy_metadata_endpoints
},
)
{% if beta_cluster %}
dynamic "taint" {
for_each = concat(
var.node_pools_taints["all"],
var.node_pools_taints[var.node_pools[count.index]["name"]],
local.node_pools_taints["all"],
local.node_pools_taints[var.node_pools[count.index]["name"]],
)
content {
effect = taint.value.effect
Expand All @@ -390,10 +388,10 @@ resource "google_container_node_pool" "pools" {
}
{% endif %}
tags = concat(
lookup(var.node_pools_tags, "default_values", [true, true])[0] ? ["gke-${var.name}"] : [],
lookup(var.node_pools_tags, "default_values", [true, true])[1] ? ["gke-${var.name}-${var.node_pools[count.index]["name"]}"] : [],
var.node_pools_tags["all"],
var.node_pools_tags[var.node_pools[count.index]["name"]],
lookup(local.node_pools_tags, "default_values", [true, true])[0] ? ["gke-${var.name}"] : [],
lookup(local.node_pools_tags, "default_values", [true, true])[1] ? ["gke-${var.name}-${var.node_pools[count.index]["name"]}"] : [],
local.node_pools_tags["all"],
local.node_pools_tags[var.node_pools[count.index]["name"]],
)

local_ssd_count = lookup(var.node_pools[count.index], "local_ssd_count", 0)
Expand All @@ -408,8 +406,8 @@ resource "google_container_node_pool" "pools" {
preemptible = lookup(var.node_pools[count.index], "preemptible", false)

oauth_scopes = concat(
var.node_pools_oauth_scopes["all"],
var.node_pools_oauth_scopes[var.node_pools[count.index]["name"]],
local.node_pools_oauth_scopes["all"],
local.node_pools_oauth_scopes[var.node_pools[count.index]["name"]],
)

guest_accelerator = [
Expand Down Expand Up @@ -443,6 +441,7 @@ resource "google_container_node_pool" "pools" {

lifecycle {
ignore_changes = [initial_node_count]

{% if update_variant %}
create_before_destroy = true
{% endif %}
Expand Down
5 changes: 2 additions & 3 deletions autogen/main.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,6 @@ locals {
cluster_output_network_policy_enabled = google_container_cluster.primary.addons_config.0.network_policy_config.0.disabled
cluster_output_http_load_balancing_enabled = google_container_cluster.primary.addons_config.0.http_load_balancing.0.disabled
cluster_output_horizontal_pod_autoscaling_enabled = google_container_cluster.primary.addons_config.0.horizontal_pod_autoscaling.0.disabled
cluster_output_kubernetes_dashboard_enabled = google_container_cluster.primary.addons_config.0.kubernetes_dashboard.0.disabled

{% if beta_cluster %}
# BETA features
Expand Down Expand Up @@ -150,15 +149,15 @@ locals {
cluster_network_policy_enabled = ! local.cluster_output_network_policy_enabled
cluster_http_load_balancing_enabled = ! local.cluster_output_http_load_balancing_enabled
cluster_horizontal_pod_autoscaling_enabled = ! local.cluster_output_horizontal_pod_autoscaling_enabled
cluster_kubernetes_dashboard_enabled = ! local.cluster_output_kubernetes_dashboard_enabled
{% if beta_cluster %}
# BETA features
cluster_istio_enabled = ! local.cluster_output_istio_disabled
cluster_cloudrun_enabled = var.cloudrun
cluster_pod_security_policy_enabled = local.cluster_output_pod_security_policy_enabled
cluster_intranode_visibility_enabled = local.cluster_output_intranode_visbility_enabled
cluster_vertical_pod_autoscaling_enabled = local.cluster_output_vertical_pod_autoscaling_enabled
cluster_workload_identity_config = var.identity_namespace == "" ? [] : [{

cluster_workload_identity_config = var.identity_namespace == "" ? [] : [{
identity_namespace = var.identity_namespace
}]
# /BETA features
Expand Down
5 changes: 0 additions & 5 deletions autogen/outputs.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -104,11 +104,6 @@ output "horizontal_pod_autoscaling_enabled" {
value = local.cluster_horizontal_pod_autoscaling_enabled
}

output "kubernetes_dashboard_enabled" {
description = "Whether kubernetes dashboard enabled"
value = local.cluster_kubernetes_dashboard_enabled
}

output "node_pools_names" {
description = "List of node pools names"
value = local.cluster_node_pools_names
Expand Down
Loading

0 comments on commit 1c5f826

Please sign in to comment.