2022-02-04 08:26:43 -08:00
/ * *
2023-10-05 08:31:07 -07:00
* Copyright 2023 Google LLC
2022-02-04 08:26:43 -08:00
*
* Licensed under the Apache License , Version 2 . 0 ( the " License " ) ;
* you may not use this file except in compliance with the License .
* You may obtain a copy of the License at
*
* http : //www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing , software
* distributed under the License is distributed on an " AS IS " BASIS ,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND , either express or implied .
* See the License for the specific language governing permissions and
* limitations under the License .
* /
2022-07-29 06:09:57 -07:00
variable " billing_account_id " {
2023-09-14 15:25:57 -07:00
description = " Billing account ID. "
2022-07-29 06:09:57 -07:00
type = string
2022-02-04 08:26:43 -08:00
}
variable " clusters " {
2022-10-12 03:59:36 -07:00
description = " Clusters configuration. Refer to the gke-cluster module for type details. "
2022-02-04 08:26:43 -08:00
type = map ( object ( {
2022-10-12 03:59:36 -07:00
cluster_autoscaling = optional ( any )
description = optional ( string )
enable_addons = optional ( any , {
horizontal_pod_autoscaling = true , http_load_balancing = true
} )
enable_features = optional ( any , {
workload_identity = true
2022-02-04 08:26:43 -08:00
} )
2022-10-12 03:59:36 -07:00
issue_client_certificate = optional ( bool , false )
labels = optional ( map ( string ) )
location = string
2023-08-31 04:49:15 -07:00
logging_config = optional ( object ( {
enable_system_logs = optional ( bool , true )
enable_workloads_logs = optional ( bool , true )
enable_api_server_logs = optional ( bool , false )
enable_scheduler_logs = optional ( bool , false )
enable_controller_manager_logs = optional ( bool , false )
} ) , { } )
2022-10-12 03:59:36 -07:00
maintenance_config = optional ( any , {
daily_window_start_time = " 03:00 "
recurring_window = null
maintenance_exclusion = [ ]
2022-02-04 08:26:43 -08:00
} )
2022-10-25 14:18:50 -07:00
max_pods_per_node = optional ( number , 110 )
min_master_version = optional ( string )
monitoring_config = optional ( object ( {
2023-09-14 15:25:57 -07:00
enable_system_metrics = optional ( bool , true )
2023-09-15 04:18:45 -07:00
# (Optional) control plane metrics
2023-09-14 15:25:57 -07:00
enable_api_server_metrics = optional ( bool , false )
enable_controller_manager_metrics = optional ( bool , false )
enable_scheduler_metrics = optional ( bool , false )
2023-09-15 04:18:45 -07:00
# (Optional) kube state metrics
enable_daemonset_metrics = optional ( bool , false )
enable_deployment_metrics = optional ( bool , false )
enable_hpa_metrics = optional ( bool , false )
enable_pod_metrics = optional ( bool , false )
enable_statefulset_metrics = optional ( bool , false )
enable_storage_metrics = optional ( bool , false )
2023-09-14 15:25:57 -07:00
# Google Cloud Managed Service for Prometheus
enable_managed_prometheus = optional ( bool , true )
} ) , { } )
2022-10-12 03:59:36 -07:00
node_locations = optional ( list ( string ) )
private_cluster_config = optional ( any )
release_channel = optional ( string )
vpc_config = object ( {
subnetwork = string
network = optional ( string )
secondary_range_blocks = optional ( object ( {
pods = string
services = string
} ) )
secondary_range_names = optional ( object ( {
pods = string
services = string
} ) , { pods = " pods " , services = " services " } )
master_authorized_ranges = optional ( map ( string ) )
master_ipv4_cidr_block = optional ( string )
2022-02-04 08:26:43 -08:00
} )
} ) )
2022-10-12 03:59:36 -07:00
default = { }
nullable = false
2022-02-04 08:26:43 -08:00
}
2023-10-05 08:31:07 -07:00
variable " deletion_protection " {
description = " Prevent Terraform from destroying data storage resources (storage buckets, GKE clusters, CloudSQL instances) in this blueprint. When this field is set in Terraform state, a terraform destroy or terraform apply that would delete data storage resources will fail. "
type = bool
default = false
nullable = false
}
2022-07-29 02:31:34 -07:00
variable " fleet_configmanagement_clusters " {
description = " Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. "
type = map ( list ( string ) )
default = { }
nullable = false
}
variable " fleet_configmanagement_templates " {
description = " Sets of config management configurations that can be applied to member clusters, in config name => {options} format. "
type = map ( object ( {
binauthz = bool
config_sync = object ( {
git = object ( {
gcp_service_account_email = string
https_proxy = string
policy_dir = string
secret_type = string
sync_branch = string
sync_repo = string
sync_rev = string
sync_wait_secs = number
} )
prevent_drift = string
source_format = string
} )
hierarchy_controller = object ( {
enable_hierarchical_resource_quota = bool
enable_pod_tree_labels = bool
} )
policy_controller = object ( {
audit_interval_seconds = number
exemptable_namespaces = list ( string )
log_denies_enabled = bool
referential_rules_enabled = bool
template_library_installed = bool
} )
version = string
} ) )
default = { }
nullable = false
}
variable " fleet_features " {
2023-05-13 20:51:46 -07:00
description = " Enable and configure fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. "
2022-07-29 02:31:34 -07:00
type = object ( {
appdevexperience = bool
configmanagement = bool
identityservice = bool
multiclusteringress = string
multiclusterservicediscovery = bool
servicemesh = bool
} )
default = null
}
variable " fleet_workload_identity " {
description = " Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. "
type = bool
2022-09-06 06:24:25 -07:00
default = false
2022-07-29 02:31:34 -07:00
nullable = false
}
2022-07-29 06:09:57 -07:00
variable " folder_id " {
description = " Folder used for the GKE project in folders/nnnnnnnnnnn format. "
type = string
2022-02-04 08:26:43 -08:00
}
2022-07-29 02:31:34 -07:00
variable " group_iam " {
description = " Project-level IAM bindings for groups. Use group emails as keys, list of roles as values. "
type = map ( list ( string ) )
default = { }
nullable = false
}
2022-07-30 07:05:39 -07:00
variable " iam " {
description = " Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. "
type = map ( list ( string ) )
default = { }
nullable = false
}
2022-02-04 08:26:43 -08:00
variable " labels " {
description = " Project-level labels. "
type = map ( string )
default = { }
}
variable " nodepools " {
2022-10-12 03:59:36 -07:00
description = " Nodepools configuration. Refer to the gke-nodepool module for type details. "
2022-02-04 08:26:43 -08:00
type = map ( map ( object ( {
2022-10-12 03:59:36 -07:00
gke_version = optional ( string )
labels = optional ( map ( string ) , { } )
max_pods_per_node = optional ( number )
name = optional ( string )
node_config = optional ( any , { disk_type = " pd-balanced " } )
node_count = optional ( map ( number ) , { initial = 1 } )
node_locations = optional ( list ( string ) )
nodepool_config = optional ( any )
pod_range = optional ( any )
reservation_affinity = optional ( any )
service_account = optional ( any )
sole_tenant_nodegroup = optional ( string )
tags = optional ( list ( string ) )
2023-10-03 05:15:36 -07:00
taints = optional ( map ( object ( {
2023-05-05 10:42:00 -07:00
value = string
effect = string
} ) ) )
2022-02-04 08:26:43 -08:00
} ) ) )
2022-10-12 03:59:36 -07:00
default = { }
nullable = false
2022-08-30 11:39:47 -07:00
}
2022-02-04 08:26:43 -08:00
variable " prefix " {
2022-11-23 02:09:00 -08:00
description = " Prefix used for resource names. "
2022-02-04 08:26:43 -08:00
type = string
2022-11-23 02:09:00 -08:00
validation {
condition = var . prefix ! = " "
error_message = " Prefix cannot be empty. "
}
2022-02-04 08:26:43 -08:00
}
2022-08-25 05:24:39 -07:00
variable " project_id " {
description = " ID of the project that will contain all the clusters. "
type = string
}
2022-07-30 06:59:45 -07:00
variable " project_services " {
description = " Additional project services to enable. "
type = list ( string )
default = [ ]
nullable = false
}
2022-07-29 06:09:57 -07:00
variable " vpc_config " {
description = " Shared VPC project and VPC details. "
2022-02-16 02:55:49 -08:00
type = object ( {
2022-07-29 06:09:57 -07:00
host_project_id = string
vpc_self_link = string
2022-02-16 02:55:49 -08:00
} )
2022-02-09 09:10:35 -08:00
}