Skip to content

Commit

Permalink
feat(TPG>=5.25.0)!: Add support for StatefulHA Addon (#1948)
Browse files Browse the repository at this point in the history
  • Loading branch information
pwschuurman authored May 16, 2024
1 parent 748e1ed commit acbb453
Show file tree
Hide file tree
Showing 40 changed files with 145 additions and 14 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions autogen/main/cluster.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -309,6 +309,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions autogen/main/main.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []
{% endif %}
{% if beta_cluster and autopilot_cluster != true %}
cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? {
Expand Down
6 changes: 6 additions & 0 deletions autogen/main/variables.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -725,6 +725,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

{% endif %}
variable "timeouts" {
type = map(string)
Expand Down
4 changes: 2 additions & 2 deletions autogen/main/versions.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
8 changes: 8 additions & 0 deletions cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions examples/simple_regional/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,5 @@ module "gke" {
gcs_fuse_csi_driver = true
fleet_project = var.project_id
deletion_protection = false
stateful_ha = true
}
1 change: 1 addition & 0 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []

cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{
security_group = var.authenticator_security_group
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-autopilot-private-cluster/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-autopilot-public-cluster/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
1 change: 1 addition & 0 deletions modules/beta-private-cluster-update-variant/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -278,6 +278,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions modules/beta-private-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions modules/beta-private-cluster-update-variant/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []
cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? {
load_balancer_type = var.cloudrun_load_balancer_type
} : {}
Expand Down
6 changes: 6 additions & 0 deletions modules/beta-private-cluster-update-variant/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -696,6 +696,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

variable "timeouts" {
type = map(string)
description = "Timeout for cluster operations."
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-private-cluster-update-variant/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
1 change: 1 addition & 0 deletions modules/beta-private-cluster/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions modules/beta-private-cluster/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions modules/beta-private-cluster/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []
cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? {
load_balancer_type = var.cloudrun_load_balancer_type
} : {}
Expand Down
6 changes: 6 additions & 0 deletions modules/beta-private-cluster/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -696,6 +696,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

variable "timeouts" {
type = map(string)
description = "Timeout for cluster operations."
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-private-cluster/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
1 change: 1 addition & 0 deletions modules/beta-public-cluster-update-variant/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions modules/beta-public-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions modules/beta-public-cluster-update-variant/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []
cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? {
load_balancer_type = var.cloudrun_load_balancer_type
} : {}
Expand Down
6 changes: 6 additions & 0 deletions modules/beta-public-cluster-update-variant/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -666,6 +666,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

variable "timeouts" {
type = map(string)
description = "Timeout for cluster operations."
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-public-cluster-update-variant/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
1 change: 1 addition & 0 deletions modules/beta-public-cluster/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions modules/beta-public-cluster/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions modules/beta-public-cluster/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []
cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? {
load_balancer_type = var.cloudrun_load_balancer_type
} : {}
Expand Down
6 changes: 6 additions & 0 deletions modules/beta-public-cluster/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -666,6 +666,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

variable "timeouts" {
type = map(string)
description = "Timeout for cluster operations."
Expand Down
4 changes: 2 additions & 2 deletions modules/beta-public-cluster/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 5.9.0, < 6"
version = ">= 5.25.0, < 6"
}
kubernetes = {
source = "hashicorp/kubernetes"
Expand Down
1 change: 1 addition & 0 deletions modules/private-cluster-update-variant/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
8 changes: 8 additions & 0 deletions modules/private-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,14 @@ resource "google_container_cluster" "primary" {
}
}

dynamic "stateful_ha_config" {
for_each = local.stateful_ha_config

content {
enabled = stateful_ha_config.value.enabled
}
}

config_connector_config {
enabled = var.config_connector
}
Expand Down
1 change: 1 addition & 0 deletions modules/private-cluster-update-variant/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ locals {
logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus
gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }]
gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : []
stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : []

cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{
security_group = var.authenticator_security_group
Expand Down
6 changes: 6 additions & 0 deletions modules/private-cluster-update-variant/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -672,6 +672,12 @@ variable "gcs_fuse_csi_driver" {
default = false
}

variable "stateful_ha" {
type = bool
description = "Whether the Stateful HA Addon is enabled for this cluster."
default = false
}

variable "timeouts" {
type = map(string)
description = "Timeout for cluster operations."
Expand Down
1 change: 1 addition & 0 deletions modules/private-cluster/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,7 @@ Then perform the following commands on the root folder:
| shadow\_firewall\_rules\_log\_config | The log\_config for shadow firewall rules. You can set this variable to `null` to disable logging. | <pre>object({<br> metadata = string<br> })</pre> | <pre>{<br> "metadata": "INCLUDE_ALL_METADATA"<br>}</pre> | no |
| shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
| stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
| stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
| subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
| timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
Expand Down
Loading

0 comments on commit acbb453

Please sign in to comment.