|
|
@ -1,10 +1,23 @@
|
|
|
|
# GKE cluster Autopilot module
|
|
|
|
# GKE Autopilot cluster module
|
|
|
|
|
|
|
|
|
|
|
|
This module allows simplified creation and management of GKE Autopilot clusters. Some sensible defaults are set initially, in order to allow less verbose usage for most use cases.
|
|
|
|
This module offers a way to create and manage Google Kubernetes Engine (GKE) [Autopilot clusters](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview). With its sensible default settings based on best practices and authors' experience as Google Cloud practitioners, the module accommodates for many common use cases out-of-the-box, without having to rely on verbose configuration.
|
|
|
|
|
|
|
|
|
|
|
|
## Example
|
|
|
|
<!-- BEGIN TOC -->
|
|
|
|
|
|
|
|
- [Examples](#examples)
|
|
|
|
|
|
|
|
- [GKE Autopilot cluster](#gke-autopilot-cluster)
|
|
|
|
|
|
|
|
- [Cloud DNS](#cloud-dns)
|
|
|
|
|
|
|
|
- [Logging configuration](#logging-configuration)
|
|
|
|
|
|
|
|
- [Monitoring configuration](#monitoring-configuration)
|
|
|
|
|
|
|
|
- [Backup for GKE](#backup-for-gke)
|
|
|
|
|
|
|
|
- [Variables](#variables)
|
|
|
|
|
|
|
|
- [Outputs](#outputs)
|
|
|
|
|
|
|
|
<!-- END TOC -->
|
|
|
|
|
|
|
|
|
|
|
|
### GKE Cluster
|
|
|
|
## Examples
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### GKE Autopilot cluster
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This example shows how to [create a GKE cluster in Autopilot mode](https://cloud.google.com/kubernetes-engine/docs/how-to/creating-an-autopilot-cluster).
|
|
|
|
|
|
|
|
|
|
|
|
```hcl
|
|
|
|
```hcl
|
|
|
|
module "cluster-1" {
|
|
|
|
module "cluster-1" {
|
|
|
@ -37,7 +50,10 @@ module "cluster-1" {
|
|
|
|
|
|
|
|
|
|
|
|
### Cloud DNS
|
|
|
|
### Cloud DNS
|
|
|
|
|
|
|
|
|
|
|
|
This example shows how to [use Cloud DNS as a Kubernetes DNS provider](https://cloud.google.com/kubernetes-engine/docs/how-to/cloud-dns) for GKE Standard clusters.
|
|
|
|
This example shows how to [use Cloud DNS as a Kubernetes DNS provider](https://cloud.google.com/kubernetes-engine/docs/how-to/cloud-dns).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
> **Warning**
|
|
|
|
|
|
|
|
> [Cloud DNS is the only DNS provider for Autopilot clusters](https://cloud.google.com/kubernetes-engine/docs/concepts/service-discovery#cloud_dns) running version `1.25.9-gke.400` and later, and version `1.26.4-gke.500` and later. It is [pre-configured](https://cloud.google.com/kubernetes-engine/docs/resources/autopilot-standard-feature-comparison#feature-comparison) for those clusters. The following example *only* applies to Autopilot clusters running *earlier* versions.
|
|
|
|
|
|
|
|
|
|
|
|
```hcl
|
|
|
|
```hcl
|
|
|
|
module "cluster-1" {
|
|
|
|
module "cluster-1" {
|
|
|
@ -118,7 +134,17 @@ module "cluster-1" {
|
|
|
|
|
|
|
|
|
|
|
|
### Backup for GKE
|
|
|
|
### Backup for GKE
|
|
|
|
|
|
|
|
|
|
|
|
This example shows how to [enable the Backup for GKE agent and configure a Backup Plan](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/concepts/backup-for-gke) for GKE Standard clusters.
|
|
|
|
[Backup for GKE](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/concepts/backup-for-gke) is a service for backing up and restoring workloads in GKE clusters. It has two components:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* A [Google Cloud API](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/reference/rest) that serves as the control plane for the service.
|
|
|
|
|
|
|
|
* A GKE add-on (the [Backup for GKE agent](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/concepts/backup-for-gke#agent_overview)) that must be enabled in each cluster for which you wish to perform backup and restore operations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
> **Note**
|
|
|
|
|
|
|
|
> Although Backup for GKE can be enabled as an add-on when configuring your GKE clusters, it is a separate service from GKE.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Backup for GKE is supported in GKE Autopilot clusters with [some restrictions](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/concepts/about-autopilot).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This example shows how to [enable Backup for GKE on a new Autopilot cluster](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/how-to/install#enable_on_a_new_cluster_optional) and [plan a set of backups](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/how-to/backup-plan).
|
|
|
|
|
|
|
|
|
|
|
|
```hcl
|
|
|
|
```hcl
|
|
|
|
module "cluster-1" {
|
|
|
|
module "cluster-1" {
|
|
|
@ -151,7 +177,7 @@ module "cluster-1" {
|
|
|
|
| [location](variables.tf#L110) | Autopilot cluster are always regional. | <code>string</code> | ✓ | |
|
|
|
|
| [location](variables.tf#L110) | Autopilot cluster are always regional. | <code>string</code> | ✓ | |
|
|
|
|
| [name](variables.tf#L170) | Cluster name. | <code>string</code> | ✓ | |
|
|
|
|
| [name](variables.tf#L170) | Cluster name. | <code>string</code> | ✓ | |
|
|
|
|
| [project_id](variables.tf#L196) | Cluster project id. | <code>string</code> | ✓ | |
|
|
|
|
| [project_id](variables.tf#L196) | Cluster project id. | <code>string</code> | ✓ | |
|
|
|
|
| [vpc_config](variables.tf#L224) | VPC-level configuration. | <code title="object({ network = string subnetwork = string master_ipv4_cidr_block = optional(string) secondary_range_blocks = optional(object({ pods = string services = string })) secondary_range_names = optional(object({ pods = string services = string }), { pods = "pods", services = "services" }) master_authorized_ranges = optional(map(string)) stack_type = optional(string) })">object({…})</code> | ✓ | |
|
|
|
|
| [vpc_config](variables.tf#L225) | VPC-level configuration. | <code title="object({ network = string subnetwork = string master_ipv4_cidr_block = optional(string) secondary_range_blocks = optional(object({ pods = string services = string })) secondary_range_names = optional(object({ pods = string services = string }), { pods = "pods", services = "services" }) master_authorized_ranges = optional(map(string)) stack_type = optional(string) })">object({…})</code> | ✓ | |
|
|
|
|
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | <code title="object({ enable_backup_agent = optional(bool, false) backup_plans = optional(map(object({ encryption_key = optional(string) include_secrets = optional(bool, true) include_volume_data = optional(bool, true) namespaces = optional(list(string)) region = string schedule = string retention_policy_days = optional(string) retention_policy_lock = optional(bool, false) retention_policy_delete_lock_days = optional(string) })), {}) })">object({…})</code> | | <code>{}</code> |
|
|
|
|
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | <code title="object({ enable_backup_agent = optional(bool, false) backup_plans = optional(map(object({ encryption_key = optional(string) include_secrets = optional(bool, true) include_volume_data = optional(bool, true) namespaces = optional(list(string)) region = string schedule = string retention_policy_days = optional(string) retention_policy_lock = optional(bool, false) retention_policy_delete_lock_days = optional(string) })), {}) })">object({…})</code> | | <code>{}</code> |
|
|
|
|
| [description](variables.tf#L37) | Cluster description. | <code>string</code> | | <code>null</code> |
|
|
|
|
| [description](variables.tf#L37) | Cluster description. | <code>string</code> | | <code>null</code> |
|
|
|
|
| [enable_addons](variables.tf#L43) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun = optional(bool, false) config_connector = optional(bool, false) dns_cache = optional(bool, false) horizontal_pod_autoscaling = optional(bool, false) http_load_balancing = optional(bool, false) istio = optional(object({ enable_tls = bool })) kalm = optional(bool, false) network_policy = optional(bool, false) })">object({…})</code> | | <code title="{ horizontal_pod_autoscaling = true http_load_balancing = true }">{…}</code> |
|
|
|
|
| [enable_addons](variables.tf#L43) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun = optional(bool, false) config_connector = optional(bool, false) dns_cache = optional(bool, false) horizontal_pod_autoscaling = optional(bool, false) http_load_balancing = optional(bool, false) istio = optional(object({ enable_tls = bool })) kalm = optional(bool, false) network_policy = optional(bool, false) })">object({…})</code> | | <code title="{ horizontal_pod_autoscaling = true http_load_balancing = true }">{…}</code> |
|
|
|
@ -166,7 +192,7 @@ module "cluster-1" {
|
|
|
|
| [private_cluster_config](variables.tf#L182) | Private cluster configuration. | <code title="object({ enable_private_endpoint = optional(bool) master_global_access = optional(bool) peering_config = optional(object({ export_routes = optional(bool) import_routes = optional(bool) project_id = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
|
|
|
| [private_cluster_config](variables.tf#L182) | Private cluster configuration. | <code title="object({ enable_private_endpoint = optional(bool) master_global_access = optional(bool) peering_config = optional(object({ export_routes = optional(bool) import_routes = optional(bool) project_id = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
|
|
|
| [release_channel](variables.tf#L201) | Release channel for GKE upgrades. Clusters created in the Autopilot mode must use a release channel. Choose between \"RAPID\", \"REGULAR\", and \"STABLE\". | <code>string</code> | | <code>"REGULAR"</code> |
|
|
|
|
| [release_channel](variables.tf#L201) | Release channel for GKE upgrades. Clusters created in the Autopilot mode must use a release channel. Choose between \"RAPID\", \"REGULAR\", and \"STABLE\". | <code>string</code> | | <code>"REGULAR"</code> |
|
|
|
|
| [service_account](variables.tf#L212) | The Google Cloud Platform Service Account to be used by the node VMs created by GKE Autopilot. | <code>string</code> | | <code>null</code> |
|
|
|
|
| [service_account](variables.tf#L212) | The Google Cloud Platform Service Account to be used by the node VMs created by GKE Autopilot. | <code>string</code> | | <code>null</code> |
|
|
|
|
| [tags](variables.tf#L218) | Network tags applied to nodes. | <code>list(string)</code> | | <code>null</code> |
|
|
|
|
| [tags](variables.tf#L218) | Network tags applied to nodes. | <code>list(string)</code> | | <code>[]</code> |
|
|
|
|
|
|
|
|
|
|
|
|
## Outputs
|
|
|
|
## Outputs
|
|
|
|
|
|
|
|
|
|
|
|