From 5bc8f58f5e6a7897bb16a81619902126e563555f Mon Sep 17 00:00:00 2001 From: Andrew Peabody Date: Mon, 19 Aug 2024 23:53:58 +0000 Subject: [PATCH] feat(autopilot): configure gcfs --- autogen/main/cluster.tf.tmpl | 24 ++++++++++--------- autogen/main/variables.tf.tmpl | 6 ++--- .../beta-autopilot-private-cluster/cluster.tf | 3 +++ .../beta-autopilot-public-cluster/cluster.tf | 3 +++ .../README.md | 2 +- .../variables.tf | 2 +- modules/beta-private-cluster/README.md | 2 +- modules/beta-private-cluster/variables.tf | 2 +- .../README.md | 2 +- .../variables.tf | 2 +- modules/beta-public-cluster/README.md | 2 +- modules/beta-public-cluster/variables.tf | 2 +- .../TestAutopilotPrivateFirewalls.json | 3 --- .../testdata/TestSimpleAutopilotPrivate.json | 3 +++ .../simple_autopiliot_public_test.go | 1 + .../testdata/TestSimpleAutopilotPublic.json | 3 +++ 16 files changed, 37 insertions(+), 25 deletions(-) diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 6fe68c5d26..7d0cafc076 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -364,9 +364,9 @@ resource "google_container_cluster" "primary" { dynamic "ray_operator_config" { for_each = local.ray_operator_config - + content { - + enabled = ray_operator_config.value.enabled ray_cluster_logging_config { @@ -480,6 +480,11 @@ resource "google_container_cluster" "primary" { ignore_changes = [node_pool, initial_node_count, resource_labels["asmv"]] } {% endif %} + {% if autopilot_cluster == true %} + lifecycle { + ignore_changes = [node_pool_defaults[0].node_config_defaults[0].gcfs_config[0].enabled] + } + {% endif %} {% if autopilot_cluster != true %} dynamic "dns_config" { @@ -660,21 +665,18 @@ resource "google_container_cluster" "primary" { } } } - {% if beta_cluster and autopilot_cluster != true %} + {% if beta_cluster %} node_pool_defaults { node_config_defaults { + {% if autopilot_cluster %} + logging_variant = var.logging_variant + {% endif %} + {% if autopilot_cluster != true %} gcfs_config { enabled = var.enable_gcfs } - } - } - {% endif %} - {% if beta_cluster and autopilot_cluster %} - - node_pool_defaults { - node_config_defaults { - logging_variant = var.logging_variant + {% endif %} } } {% endif %} diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index da6fb485b3..01a3142ce6 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -818,13 +818,13 @@ variable "ray_operator_config" { type = object({ enabled = bool logging_enabled = optional(bool, false) - monitoring_enabled = optional(bool, false) + monitoring_enabled = optional(bool, false) }) description = "The Ray Operator Addon configuration for this cluster." default = { enabled = false logging_enabled = false - monitoring_enabled = false + monitoring_enabled = false } } @@ -944,7 +944,7 @@ variable "sandbox_enabled" { variable "enable_gcfs" { type = bool - description = "Enable image streaming on cluster level." + description = "(Beta) Enable image streaming on cluster level." default = false } {% endif %} diff --git a/modules/beta-autopilot-private-cluster/cluster.tf b/modules/beta-autopilot-private-cluster/cluster.tf index 20604496ec..06e7074659 100644 --- a/modules/beta-autopilot-private-cluster/cluster.tf +++ b/modules/beta-autopilot-private-cluster/cluster.tf @@ -261,6 +261,9 @@ resource "google_container_cluster" "primary" { } } + lifecycle { + ignore_changes = [node_pool_defaults[0].node_config_defaults[0].gcfs_config[0].enabled] + } timeouts { create = lookup(var.timeouts, "create", "45m") diff --git a/modules/beta-autopilot-public-cluster/cluster.tf b/modules/beta-autopilot-public-cluster/cluster.tf index 7af63a96d9..d68eae0db8 100644 --- a/modules/beta-autopilot-public-cluster/cluster.tf +++ b/modules/beta-autopilot-public-cluster/cluster.tf @@ -261,6 +261,9 @@ resource "google_container_cluster" "primary" { } } + lifecycle { + ignore_changes = [node_pool_defaults[0].node_config_defaults[0].gcfs_config[0].enabled] + } timeouts { create = lookup(var.timeouts, "create", "45m") diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 640a04de16..291c5ac550 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -203,7 +203,7 @@ Then perform the following commands on the root folder: | enable\_cost\_allocation | Enables Cost Allocation Feature and the cluster name and namespace of your GKE workloads appear in the labels field of the billing export to BigQuery | `bool` | `false` | no | | enable\_default\_node\_pools\_metadata | Whether to enable the default node pools metadata key-value pairs such as `cluster_name` and `node_pool` | `bool` | `true` | no | | enable\_fqdn\_network\_policy | Enable FQDN Network Policies on the cluster | `bool` | `null` | no | -| enable\_gcfs | Enable image streaming on cluster level. | `bool` | `false` | no | +| enable\_gcfs | (Beta) Enable image streaming on cluster level. | `bool` | `false` | no | | enable\_identity\_service | Enable the Identity Service component, which allows customers to use external identity providers with the K8S API. | `bool` | `false` | no | | enable\_intranode\_visibility | Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network | `bool` | `false` | no | | enable\_kubernetes\_alpha | Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index c721313d9a..fa7670edfa 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -902,7 +902,7 @@ variable "sandbox_enabled" { variable "enable_gcfs" { type = bool - description = "Enable image streaming on cluster level." + description = "(Beta) Enable image streaming on cluster level." default = false } diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 6c3bb8a4d5..5db9fc0ddb 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -181,7 +181,7 @@ Then perform the following commands on the root folder: | enable\_cost\_allocation | Enables Cost Allocation Feature and the cluster name and namespace of your GKE workloads appear in the labels field of the billing export to BigQuery | `bool` | `false` | no | | enable\_default\_node\_pools\_metadata | Whether to enable the default node pools metadata key-value pairs such as `cluster_name` and `node_pool` | `bool` | `true` | no | | enable\_fqdn\_network\_policy | Enable FQDN Network Policies on the cluster | `bool` | `null` | no | -| enable\_gcfs | Enable image streaming on cluster level. | `bool` | `false` | no | +| enable\_gcfs | (Beta) Enable image streaming on cluster level. | `bool` | `false` | no | | enable\_identity\_service | Enable the Identity Service component, which allows customers to use external identity providers with the K8S API. | `bool` | `false` | no | | enable\_intranode\_visibility | Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network | `bool` | `false` | no | | enable\_kubernetes\_alpha | Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index c721313d9a..fa7670edfa 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -902,7 +902,7 @@ variable "sandbox_enabled" { variable "enable_gcfs" { type = bool - description = "Enable image streaming on cluster level." + description = "(Beta) Enable image streaming on cluster level." default = false } diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 1b30408a6a..a5417cdabc 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -196,7 +196,7 @@ Then perform the following commands on the root folder: | enable\_cost\_allocation | Enables Cost Allocation Feature and the cluster name and namespace of your GKE workloads appear in the labels field of the billing export to BigQuery | `bool` | `false` | no | | enable\_default\_node\_pools\_metadata | Whether to enable the default node pools metadata key-value pairs such as `cluster_name` and `node_pool` | `bool` | `true` | no | | enable\_fqdn\_network\_policy | Enable FQDN Network Policies on the cluster | `bool` | `null` | no | -| enable\_gcfs | Enable image streaming on cluster level. | `bool` | `false` | no | +| enable\_gcfs | (Beta) Enable image streaming on cluster level. | `bool` | `false` | no | | enable\_identity\_service | Enable the Identity Service component, which allows customers to use external identity providers with the K8S API. | `bool` | `false` | no | | enable\_intranode\_visibility | Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network | `bool` | `false` | no | | enable\_kubernetes\_alpha | Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 86afb87da3..6f335b00fb 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -866,7 +866,7 @@ variable "sandbox_enabled" { variable "enable_gcfs" { type = bool - description = "Enable image streaming on cluster level." + description = "(Beta) Enable image streaming on cluster level." default = false } diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index d72c116ac4..00654e1b3e 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -174,7 +174,7 @@ Then perform the following commands on the root folder: | enable\_cost\_allocation | Enables Cost Allocation Feature and the cluster name and namespace of your GKE workloads appear in the labels field of the billing export to BigQuery | `bool` | `false` | no | | enable\_default\_node\_pools\_metadata | Whether to enable the default node pools metadata key-value pairs such as `cluster_name` and `node_pool` | `bool` | `true` | no | | enable\_fqdn\_network\_policy | Enable FQDN Network Policies on the cluster | `bool` | `null` | no | -| enable\_gcfs | Enable image streaming on cluster level. | `bool` | `false` | no | +| enable\_gcfs | (Beta) Enable image streaming on cluster level. | `bool` | `false` | no | | enable\_identity\_service | Enable the Identity Service component, which allows customers to use external identity providers with the K8S API. | `bool` | `false` | no | | enable\_intranode\_visibility | Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network | `bool` | `false` | no | | enable\_kubernetes\_alpha | Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 86afb87da3..6f335b00fb 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -866,7 +866,7 @@ variable "sandbox_enabled" { variable "enable_gcfs" { type = bool - description = "Enable image streaming on cluster level." + description = "(Beta) Enable image streaming on cluster level." default = false } diff --git a/test/integration/autopilot_private_firewalls/testdata/TestAutopilotPrivateFirewalls.json b/test/integration/autopilot_private_firewalls/testdata/TestAutopilotPrivateFirewalls.json index f0ebc6d6b2..a2a760f798 100644 --- a/test/integration/autopilot_private_firewalls/testdata/TestAutopilotPrivateFirewalls.json +++ b/test/integration/autopilot_private_firewalls/testdata/TestAutopilotPrivateFirewalls.json @@ -204,9 +204,6 @@ }, "nodePoolDefaults": { "nodeConfigDefaults": { - "gcfsConfig": { - "enabled": true - }, "loggingConfig": { "variantConfig": { "variant": "DEFAULT" diff --git a/test/integration/simple_autopilot_private/testdata/TestSimpleAutopilotPrivate.json b/test/integration/simple_autopilot_private/testdata/TestSimpleAutopilotPrivate.json index 62103f7ee9..706570efd4 100644 --- a/test/integration/simple_autopilot_private/testdata/TestSimpleAutopilotPrivate.json +++ b/test/integration/simple_autopilot_private/testdata/TestSimpleAutopilotPrivate.json @@ -185,6 +185,9 @@ "variantConfig": { "variant": "DEFAULT" } + }, + "gcfsConfig": { + "enabled": true } } }, diff --git a/test/integration/simple_autopilot_public/simple_autopiliot_public_test.go b/test/integration/simple_autopilot_public/simple_autopiliot_public_test.go index dad92ca5f4..1e0221e0c2 100644 --- a/test/integration/simple_autopilot_public/simple_autopiliot_public_test.go +++ b/test/integration/simple_autopilot_public/simple_autopiliot_public_test.go @@ -56,6 +56,7 @@ func TestSimpleAutopilotPublic(t *testing.T) { "addonsConfig.rayOperatorConfig.enabled", "addonsConfig.rayOperatorConfig.rayClusterLoggingConfig.enabled", "addonsConfig.rayOperatorConfig.rayClusterMonitoringConfig.enabled", + "nodePoolDefaults.nodeConfigDefaults.gcfsConfig.enabled", } for _, pth := range validateJSONPaths { g.JSONEq(assert, op, pth) diff --git a/test/integration/simple_autopilot_public/testdata/TestSimpleAutopilotPublic.json b/test/integration/simple_autopilot_public/testdata/TestSimpleAutopilotPublic.json index 76d70b63eb..e0a2794438 100644 --- a/test/integration/simple_autopilot_public/testdata/TestSimpleAutopilotPublic.json +++ b/test/integration/simple_autopilot_public/testdata/TestSimpleAutopilotPublic.json @@ -188,6 +188,9 @@ "variantConfig": { "variant": "DEFAULT" } + }, + "gcfsConfig": { + "enabled": true } } },