add support for default nodepool sa in GKE cluster module
This commit is contained in:
Ludo
parent
dcf10d60a1
commit
d78616b6c3
|
|
@ -309,7 +309,7 @@ module "cluster-1" {
|
|||
| [location](variables.tf#L138) | Cluster zone or region. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L249) | Cluster name. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L275) | Cluster project id. | <code>string</code> | ✓ | |
|
||||
| [vpc_config](variables.tf#L292) | VPC-level configuration. | <code title="object({ network = string subnetwork = string master_ipv4_cidr_block = optional(string) secondary_range_blocks = optional(object({ pods = string services = string })) secondary_range_names = optional(object({ pods = optional(string, "pods") services = optional(string, "services") })) master_authorized_ranges = optional(map(string)) stack_type = optional(string) })">object({…})</code> | ✓ | |
|
||||
| [vpc_config](variables.tf#L298) | VPC-level configuration. | <code title="object({ network = string subnetwork = string master_ipv4_cidr_block = optional(string) secondary_range_blocks = optional(object({ pods = string services = string })) secondary_range_names = optional(object({ pods = optional(string, "pods") services = optional(string, "services") })) master_authorized_ranges = optional(map(string)) stack_type = optional(string) })">object({…})</code> | ✓ | |
|
||||
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | <code title="object({ enable_backup_agent = optional(bool, false) backup_plans = optional(map(object({ encryption_key = optional(string) include_secrets = optional(bool, true) include_volume_data = optional(bool, true) namespaces = optional(list(string)) region = string schedule = string retention_policy_days = optional(string) retention_policy_lock = optional(bool, false) retention_policy_delete_lock_days = optional(string) })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [cluster_autoscaling](variables.tf#L37) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object({ auto_provisioning_defaults = optional(object({ boot_disk_kms_key = optional(string) image_type = optional(string) oauth_scopes = optional(list(string)) service_account = optional(string) })) cpu_limits = optional(object({ min = number max = number })) mem_limits = optional(object({ min = number max = number })) })">object({…})</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L58) | Cluster description. | <code>string</code> | | <code>null</code> |
|
||||
|
|
@ -325,7 +325,8 @@ module "cluster-1" {
|
|||
| [node_locations](variables.tf#L254) | Zones in which the cluster's nodes are located. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [private_cluster_config](variables.tf#L261) | Private cluster configuration. | <code title="object({ enable_private_endpoint = optional(bool) master_global_access = optional(bool) peering_config = optional(object({ export_routes = optional(bool) import_routes = optional(bool) project_id = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
||||
| [release_channel](variables.tf#L280) | Release channel for GKE upgrades. | <code>string</code> | | <code>null</code> |
|
||||
| [tags](variables.tf#L286) | Network tags applied to nodes. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [service_account](variables.tf#L286) | Service account used for the default node pool, only useful if the default GCE service account has been disabled. | <code>string</code> | | <code>null</code> |
|
||||
| [tags](variables.tf#L292) | Network tags applied to nodes. | <code>list(string)</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ resource "google_container_cluster" "cluster" {
|
|||
# the default node pool is deleted here, use the gke-nodepool module instead.
|
||||
# the default node pool configuration is based on a shielded_nodes variable.
|
||||
node_config {
|
||||
service_account = var.service_account
|
||||
dynamic "shielded_instance_config" {
|
||||
for_each = var.enable_features.shielded_nodes ? [""] : []
|
||||
content {
|
||||
|
|
@ -203,7 +204,7 @@ resource "google_container_cluster" "cluster" {
|
|||
]))
|
||||
}
|
||||
}
|
||||
# Don't send any GKE cluster logs to Cloud Logging. Input variable validation
|
||||
# Don't send any GKE cluster logs to Cloud Logging. Input variable validation
|
||||
# makes sure every other log source is false when enable_system_logs is false.
|
||||
dynamic "logging_config" {
|
||||
for_each = var.logging_config.enable_system_logs == false ? [""] : []
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@ variable "logging_config" {
|
|||
})
|
||||
default = {}
|
||||
nullable = false
|
||||
# System logs are the minimum required component for enabling log collection.
|
||||
# System logs are the minimum required component for enabling log collection.
|
||||
# So either everything is off (false), or enable_system_logs must be true.
|
||||
validation {
|
||||
condition = (
|
||||
|
|
@ -283,6 +283,12 @@ variable "release_channel" {
|
|||
default = null
|
||||
}
|
||||
|
||||
variable "service_account" {
|
||||
description = "Service account used for the default node pool, only useful if the default GCE service account has been disabled."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
description = "Network tags applied to nodes."
|
||||
type = list(string)
|
||||
|
|
|
|||
Loading…
Reference in New Issue