Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add cgroup & sysctls
Browse files Browse the repository at this point in the history
j committed Dec 16, 2024

Unverified

This user has not yet uploaded their public signing key.
1 parent fa5202b commit c719dd4
Showing 8 changed files with 70 additions and 3 deletions.
4 changes: 3 additions & 1 deletion autogen/safer-cluster/main.tf.tmpl
Original file line number Diff line number Diff line change
@@ -97,7 +97,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags

node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
node_pools_cgroup_mode = var.node_pools_cgroup_mode

cluster_autoscaling = var.cluster_autoscaling

19 changes: 19 additions & 0 deletions autogen/safer-cluster/variables.tf.tmpl
Original file line number Diff line number Diff line change
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}

variable "node_pools_linux_node_configs_sysctls" {
type = map(map(string))
description = "Map of maps containing linux node config sysctls by node-pool name"

default = {
all = {}
default-node-pool = {}
}
}
variable "node_pools_cgroup_mode" {
type = map(string)
description = "Map of strings containing cgroup node config by node-pool name"

default = {
all = ""
default-node-pool = ""
}
}

variable "cluster_autoscaling" {
type = object({
enabled = bool
2 changes: 2 additions & 0 deletions modules/safer-cluster-update-variant/README.md
Original file line number Diff line number Diff line change
@@ -257,7 +257,9 @@ For simplicity, we suggest using `roles/container.admin` and
| network | The VPC network to host the cluster in | `string` | n/a | yes |
| network\_project\_id | The project ID of the shared VPC's host (for shared vpc support) | `string` | `""` | no |
| node\_pools | List of maps containing node pools | `list(map(string))` | <pre>[<br> {<br> "name": "default-node-pool"<br> }<br>]</pre> | no |
| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | <pre>{<br> "all": "",<br> "default-node-pool": ""<br>}</pre> | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | `map(list(string))` | <pre>{<br> "all": [<br> "https://www.googleapis.com/auth/cloud-platform"<br> ],<br> "default-node-pool": []<br>}</pre> | no |
| node\_pools\_resource\_labels | Map of maps containing resource labels by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
4 changes: 3 additions & 1 deletion modules/safer-cluster-update-variant/main.tf
Original file line number Diff line number Diff line change
@@ -93,7 +93,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags

node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
node_pools_cgroup_mode = var.node_pools_cgroup_mode

cluster_autoscaling = var.cluster_autoscaling

19 changes: 19 additions & 0 deletions modules/safer-cluster-update-variant/variables.tf
Original file line number Diff line number Diff line change
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}

variable "node_pools_linux_node_configs_sysctls" {
type = map(map(string))
description = "Map of maps containing linux node config sysctls by node-pool name"

default = {
all = {}
default-node-pool = {}
}
}
variable "node_pools_cgroup_mode" {
type = map(string)
description = "Map of strings containing cgroup node config by node-pool name"

default = {
all = ""
default-node-pool = ""
}
}

variable "cluster_autoscaling" {
type = object({
enabled = bool
2 changes: 2 additions & 0 deletions modules/safer-cluster/README.md
Original file line number Diff line number Diff line change
@@ -257,7 +257,9 @@ For simplicity, we suggest using `roles/container.admin` and
| network | The VPC network to host the cluster in | `string` | n/a | yes |
| network\_project\_id | The project ID of the shared VPC's host (for shared vpc support) | `string` | `""` | no |
| node\_pools | List of maps containing node pools | `list(map(string))` | <pre>[<br> {<br> "name": "default-node-pool"<br> }<br>]</pre> | no |
| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | <pre>{<br> "all": "",<br> "default-node-pool": ""<br>}</pre> | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
| node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | `map(list(string))` | <pre>{<br> "all": [<br> "https://www.googleapis.com/auth/cloud-platform"<br> ],<br> "default-node-pool": []<br>}</pre> | no |
| node\_pools\_resource\_labels | Map of maps containing resource labels by node-pool name | `map(map(string))` | <pre>{<br> "all": {},<br> "default-node-pool": {}<br>}</pre> | no |
4 changes: 3 additions & 1 deletion modules/safer-cluster/main.tf
Original file line number Diff line number Diff line change
@@ -93,7 +93,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags

node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_oauth_scopes = var.node_pools_oauth_scopes
node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
node_pools_cgroup_mode = var.node_pools_cgroup_mode

cluster_autoscaling = var.cluster_autoscaling

19 changes: 19 additions & 0 deletions modules/safer-cluster/variables.tf
Original file line number Diff line number Diff line change
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}

variable "node_pools_linux_node_configs_sysctls" {
type = map(map(string))
description = "Map of maps containing linux node config sysctls by node-pool name"

default = {
all = {}
default-node-pool = {}
}
}
variable "node_pools_cgroup_mode" {
type = map(string)
description = "Map of strings containing cgroup node config by node-pool name"

default = {
all = ""
default-node-pool = ""
}
}

variable "cluster_autoscaling" {
type = object({
enabled = bool

0 comments on commit c719dd4

Please sign in to comment.