From a62fda5b66d4f5068df3636432e3503de71eb40c Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 6 Sep 2022 15:24:25 +0200 Subject: [PATCH] Update gke docs --- .../multitenant-fleet/README.md | 37 ++++++++++++++++++- .../multitenant-fleet/gke-clusters.tf | 2 +- .../multitenant-fleet/variables.tf | 2 +- 3 files changed, 37 insertions(+), 4 deletions(-) diff --git a/examples/gke-serverless/multitenant-fleet/README.md b/examples/gke-serverless/multitenant-fleet/README.md index 895ce3c2..e13b724b 100644 --- a/examples/gke-serverless/multitenant-fleet/README.md +++ b/examples/gke-serverless/multitenant-fleet/README.md @@ -1,8 +1,8 @@ # GKE Multitenant Example -This example presents an opinionated architecture to handle multiple homogeneous GKE clusters. The general idea behind this example is to deploy a single project hosting multiple clusters leveraging several useful GKE features. This pattern is useful, for example, in cases where multiple clusters host/support the same workloads, such as in the case of a multi-regional deployment. +This example presents an opinionated architecture to handle multiple homogeneous GKE clusters. The general idea behind this example is to deploy a single project hosting multiple clusters leveraging several useful GKE features. -In addition to supporting multiple clusters, the architecture presented here assumes that multiple tenants (e.g. teams, applications) will share the cluster. As such, several options are provided to isolate tenants from each other. +The pattern used in this design is useful, for example, in cases where multiple clusters host/support the same workloads, such as in the case of a multi-regional deployment. Furthermore, combined with Anthos Config Sync and proper RBAC, this architecture can be used to host multiple tenants (e.g. teams, applications) sharing the clusters. This example is used as part of the [FAST GKE stage](../../../fast/stages/03-gke-multitenant/) but it can also be used independently if desired. @@ -41,6 +41,39 @@ The overall architecture is based on the following design decisions: ## Basic usage +The following example shows how to deploy a single cluster and a single node pool + +```hcl +clusters = { + "mycluster" = { + cluster_autoscaling = null + description = "mycluster" + dns_domain = null + location = "europe-west1" + labels = {} + net = { + master_range = "172.17.16.0/28" + pods = "pods" + services = "services" + subnet = "//www.googleapis.com/compute/v1/projects//regions/europe-west1/subnetworks/" + } + overrides = null + } +} +nodepools = { + "mycluster" = { + "mynodepool" = { + initial_node_count = 1 + node_count = 1 + node_type = "n2-standard-4" + overrides = null + spot = false + } + } +} + +``` + ## Fleet configuration ## Multi-tenant usage diff --git a/examples/gke-serverless/multitenant-fleet/gke-clusters.tf b/examples/gke-serverless/multitenant-fleet/gke-clusters.tf index 8e04d780..18188b2e 100644 --- a/examples/gke-serverless/multitenant-fleet/gke-clusters.tf +++ b/examples/gke-serverless/multitenant-fleet/gke-clusters.tf @@ -97,7 +97,7 @@ module "gke-cluster" { state = "ENCRYPTED" key_name = each.value.overrides.database_encryption_key } - ) + default_max_pods_per_node = each.value.overrides.max_pods_per_node master_authorized_ranges = each.value.overrides.master_authorized_ranges pod_security_policy = each.value.overrides.pod_security_policy diff --git a/examples/gke-serverless/multitenant-fleet/variables.tf b/examples/gke-serverless/multitenant-fleet/variables.tf index 37138c37..48602af2 100644 --- a/examples/gke-serverless/multitenant-fleet/variables.tf +++ b/examples/gke-serverless/multitenant-fleet/variables.tf @@ -156,7 +156,7 @@ variable "fleet_features" { variable "fleet_workload_identity" { description = "Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true." type = bool - default = true + default = false nullable = false }