Merge branch 'master' into unmanaged-instances-healthcheck
This commit is contained in:
commit
9082b48e31
|
@ -68,44 +68,44 @@ module "cluster-1" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [location](variables.tf#L161) | Cluster zone or region. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L228) | Cluster name. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L233) | Name or self link of the VPC used for the cluster. Use the self link for Shared VPC. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L277) | Cluster project id. | <code>string</code> | ✓ | |
|
||||
| [secondary_range_pods](variables.tf#L300) | Subnet secondary range name used for pods. | <code>string</code> | ✓ | |
|
||||
| [secondary_range_services](variables.tf#L305) | Subnet secondary range name used for services. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L310) | VPC subnetwork name or self link. | <code>string</code> | ✓ | |
|
||||
| [addons](variables.tf#L17) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun_config = bool dns_cache_config = bool horizontal_pod_autoscaling = bool http_load_balancing = bool istio_config = object({ enabled = bool tls = bool }) network_policy_config = bool gce_persistent_disk_csi_driver_config = bool config_connector_config = bool kalm_config = bool })">object({…})</code> | | <code title="{ cloudrun_config = false dns_cache_config = false horizontal_pod_autoscaling = true http_load_balancing = true istio_config = { enabled = false tls = false } network_policy_config = false gce_persistent_disk_csi_driver_config = false config_connector_config = false kalm_config = false }">{…}</code> |
|
||||
| [authenticator_security_group](variables.tf#L49) | RBAC security group for Google Groups for GKE, format is gke-security-groups@yourdomain.com. | <code>string</code> | | <code>null</code> |
|
||||
| [cluster_autoscaling](variables.tf#L55) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object({ enabled = bool cpu_min = number cpu_max = number memory_min = number memory_max = number })">object({…})</code> | | <code title="{ enabled = false cpu_min = 0 cpu_max = 0 memory_min = 0 memory_max = 0 }">{…}</code> |
|
||||
| [database_encryption](variables.tf#L73) | Enable and configure GKE application-layer secrets encryption. | <code title="object({ enabled = bool state = string key_name = string })">object({…})</code> | | <code title="{ enabled = false state = "DECRYPTED" key_name = null }">{…}</code> |
|
||||
| [default_max_pods_per_node](variables.tf#L87) | Maximum number of pods per node in this cluster. | <code>number</code> | | <code>110</code> |
|
||||
| [description](variables.tf#L93) | Cluster description. | <code>string</code> | | <code>null</code> |
|
||||
| [dns_config](variables.tf#L99) | Configuration for Using Cloud DNS for GKE. | <code title="object({ cluster_dns = string cluster_dns_scope = string cluster_dns_domain = string })">object({…})</code> | | <code title="{ cluster_dns = "PROVIDER_UNSPECIFIED" cluster_dns_scope = "DNS_SCOPE_UNSPECIFIED" cluster_dns_domain = "" }">{…}</code> |
|
||||
| [enable_autopilot](variables.tf#L113) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node). | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_binary_authorization](variables.tf#L119) | Enable Google Binary Authorization. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_dataplane_v2](variables.tf#L125) | Enable Dataplane V2 on the cluster, will disable network_policy addons config. | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_intranode_visibility](variables.tf#L131) | Enable intra-node visibility to make same node pod to pod traffic visible. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_l4_ilb_subsetting](variables.tf#L137) | Enable L4ILB Subsetting. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_shielded_nodes](variables.tf#L143) | Enable Shielded Nodes features on all nodes in this cluster. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_tpu](variables.tf#L149) | Enable Cloud TPU resources in this cluster. | <code>bool</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L155) | Cluster resource labels. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [logging_config](variables.tf#L166) | Logging configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [logging_service](variables.tf#L172) | Logging service (disable with an empty string). | <code>string</code> | | <code>"logging.googleapis.com/kubernetes"</code> |
|
||||
| [maintenance_config](variables.tf#L178) | Maintenance window configuration. | <code title="object({ daily_maintenance_window = object({ start_time = string }) recurring_window = object({ start_time = string end_time = string recurrence = string }) maintenance_exclusion = list(object({ exclusion_name = string start_time = string end_time = string })) })">object({…})</code> | | <code title="{ daily_maintenance_window = { start_time = "03:00" } recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
||||
| [master_authorized_ranges](variables.tf#L204) | External Ip address ranges that can access the Kubernetes cluster master through HTTPS. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [min_master_version](variables.tf#L210) | Minimum version of the master, defaults to the version of the most recent official release. | <code>string</code> | | <code>null</code> |
|
||||
| [monitoring_config](variables.tf#L216) | Monitoring configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [monitoring_service](variables.tf#L222) | Monitoring service (disable with an empty string). | <code>string</code> | | <code>"monitoring.googleapis.com/kubernetes"</code> |
|
||||
| [node_locations](variables.tf#L238) | Zones in which the cluster's nodes are located. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [notification_config](variables.tf#L244) | GKE Cluster upgrade notifications via PubSub. | <code>bool</code> | | <code>false</code> |
|
||||
| [peering_config](variables.tf#L250) | Configure peering with the master VPC for private clusters. | <code title="object({ export_routes = bool import_routes = bool project_id = string })">object({…})</code> | | <code>null</code> |
|
||||
| [pod_security_policy](variables.tf#L260) | Enable the PodSecurityPolicy feature. | <code>bool</code> | | <code>null</code> |
|
||||
| [private_cluster_config](variables.tf#L266) | Enable and configure private cluster, private nodes must be true if used. | <code title="object({ enable_private_nodes = bool enable_private_endpoint = bool master_ipv4_cidr_block = string master_global_access = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [release_channel](variables.tf#L282) | Release channel for GKE upgrades. | <code>string</code> | | <code>null</code> |
|
||||
| [resource_usage_export_config](variables.tf#L288) | Configure the ResourceUsageExportConfig feature. | <code title="object({ enabled = bool dataset = string })">object({…})</code> | | <code title="{ enabled = null dataset = null }">{…}</code> |
|
||||
| [vertical_pod_autoscaling](variables.tf#L315) | Enable the Vertical Pod Autoscaling feature. | <code>bool</code> | | <code>null</code> |
|
||||
| [workload_identity](variables.tf#L321) | Enable the Workload Identity feature. | <code>bool</code> | | <code>true</code> |
|
||||
| [location](variables.tf#L163) | Cluster zone or region. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L230) | Cluster name. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L235) | Name or self link of the VPC used for the cluster. Use the self link for Shared VPC. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L279) | Cluster project id. | <code>string</code> | ✓ | |
|
||||
| [secondary_range_pods](variables.tf#L302) | Subnet secondary range name used for pods. | <code>string</code> | ✓ | |
|
||||
| [secondary_range_services](variables.tf#L307) | Subnet secondary range name used for services. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L312) | VPC subnetwork name or self link. | <code>string</code> | ✓ | |
|
||||
| [addons](variables.tf#L17) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun_config = bool dns_cache_config = bool horizontal_pod_autoscaling = bool http_load_balancing = bool istio_config = object({ enabled = bool tls = bool }) network_policy_config = bool gce_persistent_disk_csi_driver_config = bool gcp_filestore_csi_driver_config = bool config_connector_config = bool kalm_config = bool })">object({…})</code> | | <code title="{ cloudrun_config = false dns_cache_config = false horizontal_pod_autoscaling = true http_load_balancing = true istio_config = { enabled = false tls = false } network_policy_config = false gce_persistent_disk_csi_driver_config = false gcp_filestore_csi_driver_config = false config_connector_config = false kalm_config = false }">{…}</code> |
|
||||
| [authenticator_security_group](variables.tf#L51) | RBAC security group for Google Groups for GKE, format is gke-security-groups@yourdomain.com. | <code>string</code> | | <code>null</code> |
|
||||
| [cluster_autoscaling](variables.tf#L57) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object({ enabled = bool cpu_min = number cpu_max = number memory_min = number memory_max = number })">object({…})</code> | | <code title="{ enabled = false cpu_min = 0 cpu_max = 0 memory_min = 0 memory_max = 0 }">{…}</code> |
|
||||
| [database_encryption](variables.tf#L75) | Enable and configure GKE application-layer secrets encryption. | <code title="object({ enabled = bool state = string key_name = string })">object({…})</code> | | <code title="{ enabled = false state = "DECRYPTED" key_name = null }">{…}</code> |
|
||||
| [default_max_pods_per_node](variables.tf#L89) | Maximum number of pods per node in this cluster. | <code>number</code> | | <code>110</code> |
|
||||
| [description](variables.tf#L95) | Cluster description. | <code>string</code> | | <code>null</code> |
|
||||
| [dns_config](variables.tf#L101) | Configuration for Using Cloud DNS for GKE. | <code title="object({ cluster_dns = string cluster_dns_scope = string cluster_dns_domain = string })">object({…})</code> | | <code title="{ cluster_dns = "PROVIDER_UNSPECIFIED" cluster_dns_scope = "DNS_SCOPE_UNSPECIFIED" cluster_dns_domain = "" }">{…}</code> |
|
||||
| [enable_autopilot](variables.tf#L115) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node). | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_binary_authorization](variables.tf#L121) | Enable Google Binary Authorization. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_dataplane_v2](variables.tf#L127) | Enable Dataplane V2 on the cluster, will disable network_policy addons config. | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_intranode_visibility](variables.tf#L133) | Enable intra-node visibility to make same node pod to pod traffic visible. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_l4_ilb_subsetting](variables.tf#L139) | Enable L4ILB Subsetting. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_shielded_nodes](variables.tf#L145) | Enable Shielded Nodes features on all nodes in this cluster. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_tpu](variables.tf#L151) | Enable Cloud TPU resources in this cluster. | <code>bool</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L157) | Cluster resource labels. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [logging_config](variables.tf#L168) | Logging configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [logging_service](variables.tf#L174) | Logging service (disable with an empty string). | <code>string</code> | | <code>"logging.googleapis.com/kubernetes"</code> |
|
||||
| [maintenance_config](variables.tf#L180) | Maintenance window configuration. | <code title="object({ daily_maintenance_window = object({ start_time = string }) recurring_window = object({ start_time = string end_time = string recurrence = string }) maintenance_exclusion = list(object({ exclusion_name = string start_time = string end_time = string })) })">object({…})</code> | | <code title="{ daily_maintenance_window = { start_time = "03:00" } recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
||||
| [master_authorized_ranges](variables.tf#L206) | External Ip address ranges that can access the Kubernetes cluster master through HTTPS. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [min_master_version](variables.tf#L212) | Minimum version of the master, defaults to the version of the most recent official release. | <code>string</code> | | <code>null</code> |
|
||||
| [monitoring_config](variables.tf#L218) | Monitoring configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [monitoring_service](variables.tf#L224) | Monitoring service (disable with an empty string). | <code>string</code> | | <code>"monitoring.googleapis.com/kubernetes"</code> |
|
||||
| [node_locations](variables.tf#L240) | Zones in which the cluster's nodes are located. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [notification_config](variables.tf#L246) | GKE Cluster upgrade notifications via PubSub. | <code>bool</code> | | <code>false</code> |
|
||||
| [peering_config](variables.tf#L252) | Configure peering with the master VPC for private clusters. | <code title="object({ export_routes = bool import_routes = bool project_id = string })">object({…})</code> | | <code>null</code> |
|
||||
| [pod_security_policy](variables.tf#L262) | Enable the PodSecurityPolicy feature. | <code>bool</code> | | <code>null</code> |
|
||||
| [private_cluster_config](variables.tf#L268) | Enable and configure private cluster, private nodes must be true if used. | <code title="object({ enable_private_nodes = bool enable_private_endpoint = bool master_ipv4_cidr_block = string master_global_access = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [release_channel](variables.tf#L284) | Release channel for GKE upgrades. | <code>string</code> | | <code>null</code> |
|
||||
| [resource_usage_export_config](variables.tf#L290) | Configure the ResourceUsageExportConfig feature. | <code title="object({ enabled = bool dataset = string })">object({…})</code> | | <code title="{ enabled = null dataset = null }">{…}</code> |
|
||||
| [vertical_pod_autoscaling](variables.tf#L317) | Enable the Vertical Pod Autoscaling feature. | <code>bool</code> | | <code>null</code> |
|
||||
| [workload_identity](variables.tf#L323) | Enable the Workload Identity feature. | <code>bool</code> | | <code>true</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
@ -121,4 +121,4 @@ module "cluster-1" {
|
|||
| [notifications](outputs.tf#L55) | GKE PubSub notifications topic. | |
|
||||
| [self_link](outputs.tf#L60) | Cluster self link. | ✓ |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
<!-- END TFDOC -->
|
|
@ -87,6 +87,9 @@ resource "google_container_cluster" "cluster" {
|
|||
gce_persistent_disk_csi_driver_config {
|
||||
enabled = var.addons.gce_persistent_disk_csi_driver_config
|
||||
}
|
||||
gcp_filestore_csi_driver_config {
|
||||
enabled = var.addons.gcp_filestore_csi_driver_config
|
||||
}
|
||||
kalm_config {
|
||||
enabled = var.addons.kalm_config
|
||||
}
|
||||
|
|
|
@ -27,6 +27,7 @@ variable "addons" {
|
|||
})
|
||||
network_policy_config = bool
|
||||
gce_persistent_disk_csi_driver_config = bool
|
||||
gcp_filestore_csi_driver_config = bool
|
||||
config_connector_config = bool
|
||||
kalm_config = bool
|
||||
})
|
||||
|
@ -41,6 +42,7 @@ variable "addons" {
|
|||
}
|
||||
network_policy_config = false
|
||||
gce_persistent_disk_csi_driver_config = false
|
||||
gcp_filestore_csi_driver_config = false
|
||||
config_connector_config = false
|
||||
kalm_config = false
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue