diff --git a/README.md b/README.md
index f5c28f6e8a..e8ebc58119 100644
--- a/README.md
+++ b/README.md
@@ -215,6 +215,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl
index 899e27d7ef..747d2ab574 100644
--- a/autogen/main/cluster.tf.tmpl
+++ b/autogen/main/cluster.tf.tmpl
@@ -1038,7 +1038,8 @@ resource "google_container_node_pool" "windows_pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : {cgroup = local.node_pools_cgroup_mode[each.value["name"]]}
)) != 0 ? [1] : []
content {
@@ -1046,6 +1047,7 @@ resource "google_container_node_pool" "windows_pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
{% endif %}
diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl
index 25f8599b74..56c493825d 100644
--- a/autogen/main/variables.tf.tmpl
+++ b/autogen/main/variables.tf.tmpl
@@ -226,6 +226,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
{% endif %}
variable "enable_cost_allocation" {
diff --git a/autogen/main/variables_defaults.tf.tmpl b/autogen/main/variables_defaults.tf.tmpl
index 60e7e9051d..8d771e2dc5 100644
--- a/autogen/main/variables_defaults.tf.tmpl
+++ b/autogen/main/variables_defaults.tf.tmpl
@@ -128,5 +128,14 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
{% endif %}
diff --git a/cluster.tf b/cluster.tf
index 47882590b9..69536aaba6 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -733,7 +733,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -741,6 +742,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md
index 8434c562ba..376c5d84cc 100644
--- a/modules/beta-private-cluster-update-variant/README.md
+++ b/modules/beta-private-cluster-update-variant/README.md
@@ -263,6 +263,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf
index 8b79fa7781..b81df91645 100644
--- a/modules/beta-private-cluster-update-variant/cluster.tf
+++ b/modules/beta-private-cluster-update-variant/cluster.tf
@@ -911,7 +911,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -919,6 +920,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf
index daee991273..99e5b11e34 100644
--- a/modules/beta-private-cluster-update-variant/variables.tf
+++ b/modules/beta-private-cluster-update-variant/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/beta-private-cluster-update-variant/variables_defaults.tf b/modules/beta-private-cluster-update-variant/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/beta-private-cluster-update-variant/variables_defaults.tf
+++ b/modules/beta-private-cluster-update-variant/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md
index 5135f38fef..68565f113e 100644
--- a/modules/beta-private-cluster/README.md
+++ b/modules/beta-private-cluster/README.md
@@ -241,6 +241,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf
index 10087107e8..57a8ec20fa 100644
--- a/modules/beta-private-cluster/cluster.tf
+++ b/modules/beta-private-cluster/cluster.tf
@@ -831,7 +831,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -839,6 +840,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf
index daee991273..99e5b11e34 100644
--- a/modules/beta-private-cluster/variables.tf
+++ b/modules/beta-private-cluster/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/beta-private-cluster/variables_defaults.tf b/modules/beta-private-cluster/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/beta-private-cluster/variables_defaults.tf
+++ b/modules/beta-private-cluster/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md
index 7e8205deaa..a4d5f6a0d7 100644
--- a/modules/beta-public-cluster-update-variant/README.md
+++ b/modules/beta-public-cluster-update-variant/README.md
@@ -252,6 +252,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf
index 6f4f8336c1..a7331ab071 100644
--- a/modules/beta-public-cluster-update-variant/cluster.tf
+++ b/modules/beta-public-cluster-update-variant/cluster.tf
@@ -890,7 +890,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -898,6 +899,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf
index 75ae0a9c24..0a953d0429 100644
--- a/modules/beta-public-cluster-update-variant/variables.tf
+++ b/modules/beta-public-cluster-update-variant/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/beta-public-cluster-update-variant/variables_defaults.tf b/modules/beta-public-cluster-update-variant/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/beta-public-cluster-update-variant/variables_defaults.tf
+++ b/modules/beta-public-cluster-update-variant/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md
index 021926d454..15e9e37b27 100644
--- a/modules/beta-public-cluster/README.md
+++ b/modules/beta-public-cluster/README.md
@@ -230,6 +230,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf
index 1884061b71..adb74c3968 100644
--- a/modules/beta-public-cluster/cluster.tf
+++ b/modules/beta-public-cluster/cluster.tf
@@ -810,7 +810,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -818,6 +819,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf
index 75ae0a9c24..0a953d0429 100644
--- a/modules/beta-public-cluster/variables.tf
+++ b/modules/beta-public-cluster/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/beta-public-cluster/variables_defaults.tf b/modules/beta-public-cluster/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/beta-public-cluster/variables_defaults.tf
+++ b/modules/beta-public-cluster/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md
index af556a6c95..002bc3b69c 100644
--- a/modules/private-cluster-update-variant/README.md
+++ b/modules/private-cluster-update-variant/README.md
@@ -248,6 +248,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf
index 3eb0608fbf..77d4572f87 100644
--- a/modules/private-cluster-update-variant/cluster.tf
+++ b/modules/private-cluster-update-variant/cluster.tf
@@ -834,7 +834,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -842,6 +843,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf
index 877572d818..0805b10e78 100644
--- a/modules/private-cluster-update-variant/variables.tf
+++ b/modules/private-cluster-update-variant/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/private-cluster-update-variant/variables_defaults.tf b/modules/private-cluster-update-variant/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/private-cluster-update-variant/variables_defaults.tf
+++ b/modules/private-cluster-update-variant/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md
index 345ddc9185..717cedb06e 100644
--- a/modules/private-cluster/README.md
+++ b/modules/private-cluster/README.md
@@ -226,6 +226,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| node\_metadata | Specifies how node metadata is exposed to the workload running on the node | `string` | `"GKE_METADATA"` | no |
| node\_pools | List of maps containing node pools | `list(map(any))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf
index 1fc49a4cda..7886ea9aec 100644
--- a/modules/private-cluster/cluster.tf
+++ b/modules/private-cluster/cluster.tf
@@ -754,7 +754,8 @@ resource "google_container_node_pool" "pools" {
dynamic "linux_node_config" {
for_each = length(merge(
local.node_pools_linux_node_configs_sysctls["all"],
- local.node_pools_linux_node_configs_sysctls[each.value["name"]]
+ local.node_pools_linux_node_configs_sysctls[each.value["name"]],
+ local.node_pools_cgroup_mode[each.value["name"]] == "" ? {} : { cgroup = local.node_pools_cgroup_mode[each.value["name"]] }
)) != 0 ? [1] : []
content {
@@ -762,6 +763,7 @@ resource "google_container_node_pool" "pools" {
local.node_pools_linux_node_configs_sysctls["all"],
local.node_pools_linux_node_configs_sysctls[each.value["name"]]
)
+ cgroup_mode = local.node_pools_cgroup_mode[each.value["name"]] == "" ? null : local.node_pools_cgroup_mode[each.value["name"]]
}
}
diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf
index 877572d818..0805b10e78 100644
--- a/modules/private-cluster/variables.tf
+++ b/modules/private-cluster/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/modules/private-cluster/variables_defaults.tf b/modules/private-cluster/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/modules/private-cluster/variables_defaults.tf
+++ b/modules/private-cluster/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}
diff --git a/variables.tf b/variables.tf
index eeda637180..fac473f833 100644
--- a/variables.tf
+++ b/variables.tf
@@ -223,6 +223,16 @@ variable "node_pools_linux_node_configs_sysctls" {
default-node-pool = {}
}
}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ # Default is being set in variables_defaults.tf
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
variable "enable_cost_allocation" {
type = bool
diff --git a/variables_defaults.tf b/variables_defaults.tf
index 435730c988..c33f3828e7 100644
--- a/variables_defaults.tf
+++ b/variables_defaults.tf
@@ -127,4 +127,13 @@ locals {
),
var.node_pools_linux_node_configs_sysctls
)
+ node_pools_cgroup_mode = merge(
+ { all = "" },
+ { default-node-pool = "" },
+ zipmap(
+ [for node_pool in var.node_pools : node_pool["name"]],
+ [for node_pool in var.node_pools : ""]
+ ),
+ var.node_pools_cgroup_mode
+ )
}