Merge branch 'master' into tmp_revert_to_1.3.1
This commit is contained in:
commit
f080794167
|
@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
### BLUEPRINTS
|
### BLUEPRINTS
|
||||||
|
|
||||||
|
- [[#856](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/856)] Add network firewall metrics to network dashboard ([maunope](https://github.com/maunope)) <!-- 2022-10-10 08:46:22+00:00 -->
|
||||||
- [[#868](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/868)] **incompatible change:** Refactor GKE module for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-10 07:38:21+00:00 -->
|
- [[#868](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/868)] **incompatible change:** Refactor GKE module for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-10 07:38:21+00:00 -->
|
||||||
- [[#818](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/818)] Example wordpress ([skalolazka](https://github.com/skalolazka)) <!-- 2022-10-07 14:24:38+00:00 -->
|
- [[#818](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/818)] Example wordpress ([skalolazka](https://github.com/skalolazka)) <!-- 2022-10-07 14:24:38+00:00 -->
|
||||||
- [[#861](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/861)] Leverage new shared VPC project config defaults across the repo ([juliocc](https://github.com/juliocc)) <!-- 2022-10-07 07:50:43+00:00 -->
|
- [[#861](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/861)] Leverage new shared VPC project config defaults across the repo ([juliocc](https://github.com/juliocc)) <!-- 2022-10-07 07:50:43+00:00 -->
|
||||||
|
@ -24,7 +25,7 @@ All notable changes to this project will be documented in this file.
|
||||||
### DOCUMENTATION
|
### DOCUMENTATION
|
||||||
|
|
||||||
- [[#863](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/863)] Fabric vs CFT doc ([ludoo](https://github.com/ludoo)) <!-- 2022-10-07 12:47:51+00:00 -->
|
- [[#863](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/863)] Fabric vs CFT doc ([ludoo](https://github.com/ludoo)) <!-- 2022-10-07 12:47:51+00:00 -->
|
||||||
- [[#806](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/806)] Companion Guide ([ajlopezn](https://github.com/ajlopezn)) <!-- 2022-09-12 07:11:03+00:00 -->
|
- [[#806](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/806)] FAST Companion Guide ([ajlopezn](https://github.com/ajlopezn)) <!-- 2022-09-12 07:11:03+00:00 -->
|
||||||
|
|
||||||
### FAST
|
### FAST
|
||||||
|
|
||||||
|
@ -41,6 +42,7 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
### MODULES
|
### MODULES
|
||||||
|
|
||||||
|
- [[#869](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/869)] Fix optionals for resource_usage_export field in `gke-cluster` ([juliocc](https://github.com/juliocc)) <!-- 2022-10-10 09:04:44+00:00 -->
|
||||||
- [[#868](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/868)] **incompatible change:** Refactor GKE module for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-10 07:38:21+00:00 -->
|
- [[#868](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/868)] **incompatible change:** Refactor GKE module for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-10 07:38:21+00:00 -->
|
||||||
- [[#866](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/866)] Update ipprefix_by_netmask.sh in nva module ([sruffilli](https://github.com/sruffilli)) <!-- 2022-10-09 15:26:54+00:00 -->
|
- [[#866](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/866)] Update ipprefix_by_netmask.sh in nva module ([sruffilli](https://github.com/sruffilli)) <!-- 2022-10-09 15:26:54+00:00 -->
|
||||||
- [[#860](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/860)] **incompatible change:** Refactor compute-vm for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-07 08:53:53+00:00 -->
|
- [[#860](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/860)] **incompatible change:** Refactor compute-vm for Terraform 1.3 ([ludoo](https://github.com/ludoo)) <!-- 2022-10-07 08:53:53+00:00 -->
|
||||||
|
|
|
@ -9,7 +9,7 @@ Here is an example of dashboard you can get with this solution:
|
||||||
|
|
||||||
Here you see utilization (usage compared to the limit) for a specific metric (number of instances per VPC) for multiple VPCs and projects.
|
Here you see utilization (usage compared to the limit) for a specific metric (number of instances per VPC) for multiple VPCs and projects.
|
||||||
|
|
||||||
3 metrics are created: Usage, limit and utilization. You can follow each of these and create alerting policies if a threshold is reached.
|
Three metric descriptors are created for each monitored resource: usage, limit and utilization. You can follow each of these and create alerting policies if a threshold is reached.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
|
@ -45,6 +45,7 @@ The Cloud Function currently tracks usage, limit and utilization of:
|
||||||
- Dynamic routes per VPC
|
- Dynamic routes per VPC
|
||||||
- Dynamic routes per VPC peering group
|
- Dynamic routes per VPC peering group
|
||||||
- IP utilization per subnet (% of IP addresses used in a subnet)
|
- IP utilization per subnet (% of IP addresses used in a subnet)
|
||||||
|
- VPC firewall rules per project (VPC drill down is available for usage)
|
||||||
|
|
||||||
It writes this values to custom metrics in Cloud Monitoring and creates a dashboard to visualize the current utilization of these metrics in Cloud Monitoring.
|
It writes this values to custom metrics in Cloud Monitoring and creates a dashboard to visualize the current utilization of these metrics in Cloud Monitoring.
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ import time
|
||||||
from google.cloud import monitoring_v3, asset_v1
|
from google.cloud import monitoring_v3, asset_v1
|
||||||
from google.protobuf import field_mask_pb2
|
from google.protobuf import field_mask_pb2
|
||||||
from googleapiclient import discovery
|
from googleapiclient import discovery
|
||||||
from metrics import ilb_fwrules, instances, networks, metrics, limits, peerings, routes, subnets
|
from metrics import ilb_fwrules, instances, networks, metrics, limits, peerings, routes, subnets, vpc_firewalls
|
||||||
|
|
||||||
|
|
||||||
def get_monitored_projects_list(config):
|
def get_monitored_projects_list(config):
|
||||||
|
@ -33,7 +33,7 @@ def get_monitored_projects_list(config):
|
||||||
monitored_projects (List of strings): Full list of projects to be monitored
|
monitored_projects (List of strings): Full list of projects to be monitored
|
||||||
'''
|
'''
|
||||||
monitored_projects = config["monitored_projects"]
|
monitored_projects = config["monitored_projects"]
|
||||||
monitored_folders = os.environ.get("MONITORED_FOLDERS_LIST").split(",")
|
monitored_folders = [] #os.environ.get("MONITORED_FOLDERS_LIST").split(",")
|
||||||
|
|
||||||
# Handling empty monitored folders list
|
# Handling empty monitored folders list
|
||||||
if monitored_folders == ['']:
|
if monitored_folders == ['']:
|
||||||
|
@ -94,7 +94,7 @@ config = {
|
||||||
# list of projects from which function will get quotas information
|
# list of projects from which function will get quotas information
|
||||||
"monitored_projects":
|
"monitored_projects":
|
||||||
os.environ.get("MONITORED_PROJECTS_LIST").split(","),
|
os.environ.get("MONITORED_PROJECTS_LIST").split(","),
|
||||||
"monitoring_project_link":
|
"monitoring_project":
|
||||||
os.environ.get('MONITORING_PROJECT_ID'),
|
os.environ.get('MONITORING_PROJECT_ID'),
|
||||||
"monitoring_project_link":
|
"monitoring_project_link":
|
||||||
f"projects/{os.environ.get('MONITORING_PROJECT_ID')}",
|
f"projects/{os.environ.get('MONITORING_PROJECT_ID')}",
|
||||||
|
@ -143,6 +143,9 @@ def main(event, context):
|
||||||
|
|
||||||
metrics_dict, limits_dict = metrics.create_metrics(
|
metrics_dict, limits_dict = metrics.create_metrics(
|
||||||
config["monitoring_project_link"])
|
config["monitoring_project_link"])
|
||||||
|
project_quotas_dict = limits.get_quota_project_limit(config)
|
||||||
|
|
||||||
|
firewalls_dict = vpc_firewalls.get_firewalls_dict(config)
|
||||||
|
|
||||||
# IP utilization subnet level metrics
|
# IP utilization subnet level metrics
|
||||||
subnets.get_subnets(config, metrics_dict)
|
subnets.get_subnets(config, metrics_dict)
|
||||||
|
@ -153,6 +156,10 @@ def main(event, context):
|
||||||
l7_forwarding_rules_dict = ilb_fwrules.get_forwarding_rules_dict(config, "L7")
|
l7_forwarding_rules_dict = ilb_fwrules.get_forwarding_rules_dict(config, "L7")
|
||||||
subnet_range_dict = networks.get_subnet_ranges_dict(config)
|
subnet_range_dict = networks.get_subnet_ranges_dict(config)
|
||||||
|
|
||||||
|
# Per Project metrics
|
||||||
|
vpc_firewalls.get_firewalls_data(config, metrics_dict, project_quotas_dict,
|
||||||
|
firewalls_dict)
|
||||||
|
|
||||||
# Per Network metrics
|
# Per Network metrics
|
||||||
instances.get_gce_instances_data(config, metrics_dict, gce_instance_dict,
|
instances.get_gce_instances_data(config, metrics_dict, gce_instance_dict,
|
||||||
limits_dict['number_of_instances_limit'])
|
limits_dict['number_of_instances_limit'])
|
||||||
|
|
|
@ -160,3 +160,15 @@ metrics_per_peering_group:
|
||||||
utilization:
|
utilization:
|
||||||
name: dynamic_routes_per_peering_group_utilization
|
name: dynamic_routes_per_peering_group_utilization
|
||||||
description: Number of Dynamic routes per peering group - utilization.
|
description: Number of Dynamic routes per peering group - utilization.
|
||||||
|
metrics_per_project:
|
||||||
|
firewalls:
|
||||||
|
usage:
|
||||||
|
name: firewalls_per_project_vpc_usage
|
||||||
|
description: Number of VPC firewall rules in a project - usage.
|
||||||
|
limit:
|
||||||
|
# Firewalls limit is per project and we get the limit for the GCP quota API in vpc_firewalls.py
|
||||||
|
name: firewalls_per_project_limit
|
||||||
|
description: Number of VPC firewall rules in a project - limit.
|
||||||
|
utilization:
|
||||||
|
name: firewalls_per_project_utilization
|
||||||
|
description: Number of VPC firewall rules in a project - utilization.
|
||||||
|
|
|
@ -19,6 +19,60 @@ from google.cloud import monitoring_v3
|
||||||
from . import metrics
|
from . import metrics
|
||||||
|
|
||||||
|
|
||||||
|
def get_quotas_dict(quotas_list):
|
||||||
|
'''
|
||||||
|
Creates a dictionary of quotas from a list, with lower case quota name as keys
|
||||||
|
Parameters:
|
||||||
|
quotas_array (array): array of quotas
|
||||||
|
Returns:
|
||||||
|
quotas_dict (dict): dictionary of quotas
|
||||||
|
'''
|
||||||
|
quota_keys = [q['metric'] for q in quotas_list]
|
||||||
|
quotas_dict = dict()
|
||||||
|
i = 0
|
||||||
|
for key in quota_keys:
|
||||||
|
if ("metric" in quotas_list[i]):
|
||||||
|
del (quotas_list[i]["metric"])
|
||||||
|
quotas_dict[key.lower()] = quotas_list[i]
|
||||||
|
i += 1
|
||||||
|
return quotas_dict
|
||||||
|
|
||||||
|
|
||||||
|
def get_quota_project_limit(config, regions=["global"]):
|
||||||
|
'''
|
||||||
|
Retrieves limit for a specific project quota
|
||||||
|
Parameters:
|
||||||
|
project_link (string): Project link.
|
||||||
|
Returns:
|
||||||
|
quotas (dict): quotas for all selected regions, default 'global'
|
||||||
|
'''
|
||||||
|
try:
|
||||||
|
request = {}
|
||||||
|
quotas = dict()
|
||||||
|
for project in config["monitored_projects"]:
|
||||||
|
quotas[project] = dict()
|
||||||
|
if regions != ["global"]:
|
||||||
|
for region in regions:
|
||||||
|
request = config["clients"]["discovery_client"].compute.regions().get(
|
||||||
|
region=region, project=project)
|
||||||
|
response = request.execute()
|
||||||
|
quotas[project][region] = get_quotas_dict(response['quotas'])
|
||||||
|
else:
|
||||||
|
region = "global"
|
||||||
|
request = config["clients"]["discovery_client"].projects().get(
|
||||||
|
project=project, fields="quotas")
|
||||||
|
response = request.execute()
|
||||||
|
quotas[project][region] = get_quotas_dict(response['quotas'])
|
||||||
|
|
||||||
|
return quotas
|
||||||
|
except exceptions.PermissionDenied as err:
|
||||||
|
print(
|
||||||
|
f"Warning: error reading quotas for {project}. " +
|
||||||
|
f"This can happen if you don't have permissions on the project, for example if the project is in another organization or a Google managed project"
|
||||||
|
)
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
def get_ppg(network_link, limit_dict):
|
def get_ppg(network_link, limit_dict):
|
||||||
'''
|
'''
|
||||||
Checks if this network has a specific limit for a metric, if so, returns that limit, if not, returns the default limit.
|
Checks if this network has a specific limit for a metric, if so, returns that limit, if not, returns the default limit.
|
||||||
|
|
|
@ -36,7 +36,7 @@ def create_metrics(monitoring_project):
|
||||||
existing_metrics.append(desc.type)
|
existing_metrics.append(desc.type)
|
||||||
limits_dict = {}
|
limits_dict = {}
|
||||||
|
|
||||||
with open("metrics.yaml", 'r') as stream:
|
with open("./metrics.yaml", 'r') as stream:
|
||||||
try:
|
try:
|
||||||
metrics_dict = yaml.safe_load(stream)
|
metrics_dict = yaml.safe_load(stream)
|
||||||
|
|
||||||
|
@ -52,6 +52,7 @@ def create_metrics(monitoring_project):
|
||||||
# Subnet level metrics have a different limit: the subnet IP range size
|
# Subnet level metrics have a different limit: the subnet IP range size
|
||||||
if sub_metric_key == "limit" and metric_name != "ip_usage_per_subnet":
|
if sub_metric_key == "limit" and metric_name != "ip_usage_per_subnet":
|
||||||
limits_dict_for_metric = {}
|
limits_dict_for_metric = {}
|
||||||
|
if "values" in sub_metric:
|
||||||
for network_link, limit_value in sub_metric["values"].items():
|
for network_link, limit_value in sub_metric["values"].items():
|
||||||
limits_dict_for_metric[network_link] = limit_value
|
limits_dict_for_metric[network_link] = limit_value
|
||||||
limits_dict[sub_metric["name"]] = limits_dict_for_metric
|
limits_dict[sub_metric["name"]] = limits_dict_for_metric
|
||||||
|
@ -84,7 +85,7 @@ def create_metric(metric_name, description, monitoring_project):
|
||||||
|
|
||||||
|
|
||||||
def write_data_to_metric(config, monitored_project_id, value, metric_name,
|
def write_data_to_metric(config, monitored_project_id, value, metric_name,
|
||||||
network_name, subnet_id=None):
|
network_name=None, subnet_id=None):
|
||||||
'''
|
'''
|
||||||
Writes data to Cloud Monitoring custom metrics.
|
Writes data to Cloud Monitoring custom metrics.
|
||||||
Parameters:
|
Parameters:
|
||||||
|
@ -103,9 +104,10 @@ def write_data_to_metric(config, monitored_project_id, value, metric_name,
|
||||||
series = monitoring_v3.TimeSeries()
|
series = monitoring_v3.TimeSeries()
|
||||||
series.metric.type = f"custom.googleapis.com/{metric_name}"
|
series.metric.type = f"custom.googleapis.com/{metric_name}"
|
||||||
series.resource.type = "global"
|
series.resource.type = "global"
|
||||||
series.metric.labels["network_name"] = network_name
|
|
||||||
series.metric.labels["project"] = monitored_project_id
|
series.metric.labels["project"] = monitored_project_id
|
||||||
if subnet_id:
|
if network_name != None:
|
||||||
|
series.metric.labels["network_name"] = network_name
|
||||||
|
if subnet_id != None:
|
||||||
series.metric.labels["subnet_id"] = subnet_id
|
series.metric.labels["subnet_id"] = subnet_id
|
||||||
|
|
||||||
now = time.time()
|
now = time.time()
|
||||||
|
|
|
@ -0,0 +1,111 @@
|
||||||
|
#
|
||||||
|
# Copyright 2022 Google LLC
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
#
|
||||||
|
|
||||||
|
import re
|
||||||
|
from collections import defaultdict
|
||||||
|
from pydoc import doc
|
||||||
|
from collections import defaultdict
|
||||||
|
from google.protobuf import field_mask_pb2
|
||||||
|
from . import metrics, networks, limits, peerings, routers
|
||||||
|
|
||||||
|
|
||||||
|
def get_firewalls_dict(config: dict):
|
||||||
|
'''
|
||||||
|
Calls the Asset Inventory API to get all VPC Firewall Rules under the GCP organization.
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
config (dict): The dict containing config like clients and limits
|
||||||
|
Returns:
|
||||||
|
firewalls_dict (dictionary of dictionary: int): Keys are projects, subkeys are networks, values count #of VPC Firewall Rules
|
||||||
|
'''
|
||||||
|
|
||||||
|
firewalls_dict = defaultdict(int)
|
||||||
|
read_mask = field_mask_pb2.FieldMask()
|
||||||
|
read_mask.FromJsonString('name,versionedResources')
|
||||||
|
|
||||||
|
response = config["clients"]["asset_client"].search_all_resources(
|
||||||
|
request={
|
||||||
|
"scope": f"organizations/{config['organization']}",
|
||||||
|
"asset_types": ["compute.googleapis.com/Firewall"],
|
||||||
|
"read_mask": read_mask,
|
||||||
|
})
|
||||||
|
for resource in response:
|
||||||
|
project_id = re.search("(compute.googleapis.com/projects/)([\w\-\d]+)",
|
||||||
|
resource.name).group(2)
|
||||||
|
network_name = ""
|
||||||
|
for versioned in resource.versioned_resources:
|
||||||
|
for field_name, field_value in versioned.resource.items():
|
||||||
|
if field_name == "network":
|
||||||
|
network_name = re.search("[a-z0-9\-]*$", field_value).group(0)
|
||||||
|
firewalls_dict[project_id] = defaultdict(
|
||||||
|
int
|
||||||
|
) if not project_id in firewalls_dict else firewalls_dict[project_id]
|
||||||
|
firewalls_dict[project_id][
|
||||||
|
network_name] = 1 if not network_name in firewalls_dict[
|
||||||
|
project_id] else firewalls_dict[project_id][network_name] + 1
|
||||||
|
break
|
||||||
|
break
|
||||||
|
return firewalls_dict
|
||||||
|
|
||||||
|
|
||||||
|
def get_firewalls_data(config, metrics_dict, project_quotas_dict,
|
||||||
|
firewalls_dict):
|
||||||
|
'''
|
||||||
|
Gets the data for VPC Firewall Rules per VPC Network and writes it to the metric defined in vpc_firewalls_metric.
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
config (dict): The dict containing config like clients and limits
|
||||||
|
metrics_dict (dictionary of dictionary of string: string): metrics names and descriptions.
|
||||||
|
limit_dict (dictionary of string:int): Dictionary with the network link as key and the limit as value.
|
||||||
|
firewalls_dict (dictionary of dictionary): Keys are projects, subkeys are networks, values count #of VPC Firewall Rules
|
||||||
|
Returns:
|
||||||
|
None
|
||||||
|
'''
|
||||||
|
for project in config["monitored_projects"]:
|
||||||
|
|
||||||
|
current_quota_limit = project_quotas_dict[project]['global']["firewalls"]
|
||||||
|
if current_quota_limit is None:
|
||||||
|
print(
|
||||||
|
f"Could not write VPC firewal rules to metric for projects/{project} due to missing quotas"
|
||||||
|
)
|
||||||
|
continue
|
||||||
|
|
||||||
|
network_dict = networks.get_networks(config, project)
|
||||||
|
|
||||||
|
project_usage = 0
|
||||||
|
for net in network_dict:
|
||||||
|
usage = 0
|
||||||
|
if project in firewalls_dict and net['network_name'] in firewalls_dict[
|
||||||
|
project]:
|
||||||
|
usage = firewalls_dict[project][net['network_name']]
|
||||||
|
project_usage += usage
|
||||||
|
metrics.write_data_to_metric(
|
||||||
|
config, project, usage,
|
||||||
|
metrics_dict["metrics_per_project"][f"firewalls"]["usage"]["name"],
|
||||||
|
net['network_name'])
|
||||||
|
|
||||||
|
# firewall quotas are per project, not per single VPC
|
||||||
|
metrics.write_data_to_metric(
|
||||||
|
config, project, current_quota_limit['limit'],
|
||||||
|
metrics_dict["metrics_per_project"][f"firewalls"]["limit"]["name"])
|
||||||
|
metrics.write_data_to_metric(
|
||||||
|
config, project, project_usage / current_quota_limit['limit']
|
||||||
|
if current_quota_limit['limit'] != 0 else 0,
|
||||||
|
metrics_dict["metrics_per_project"][f"firewalls"]["utilization"]
|
||||||
|
["name"])
|
||||||
|
|
||||||
|
print(
|
||||||
|
f"Wrote number of VPC Firewall Rules to metric for projects/{project}")
|
|
@ -1,4 +1,5 @@
|
||||||
{
|
{
|
||||||
|
"category": "CUSTOM",
|
||||||
"displayName": "quotas_utilization",
|
"displayName": "quotas_utilization",
|
||||||
"mosaicLayout": {
|
"mosaicLayout": {
|
||||||
"columns": 12,
|
"columns": 12,
|
||||||
|
@ -17,6 +18,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -38,7 +40,9 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
|
"yPos": 0
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"height": 4,
|
"height": 4,
|
||||||
|
@ -54,6 +58,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -76,6 +81,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
"yPos": 12
|
"yPos": 12
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -92,6 +98,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -114,6 +121,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
"yPos": 8
|
"yPos": 8
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -130,6 +138,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -169,6 +178,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -191,6 +201,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
"yPos": 4
|
"yPos": 4
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -207,6 +218,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -229,6 +241,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
"yPos": 16
|
"yPos": 16
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -245,6 +258,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -267,7 +281,8 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
"xPos": 6
|
"xPos": 6,
|
||||||
|
"yPos": 0
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"height": 4,
|
"height": 4,
|
||||||
|
@ -283,6 +298,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -322,6 +338,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "3600s",
|
"alignmentPeriod": "3600s",
|
||||||
|
@ -357,6 +374,7 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "60s",
|
"alignmentPeriod": "60s",
|
||||||
|
@ -375,6 +393,97 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
|
"xPos": 6,
|
||||||
|
"yPos": 16
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"height": 4,
|
||||||
|
"widget": {
|
||||||
|
"title": "firewalls_per_project_vpc_usage",
|
||||||
|
"xyChart": {
|
||||||
|
"chartOptions": {
|
||||||
|
"mode": "COLOR"
|
||||||
|
},
|
||||||
|
"dataSets": [
|
||||||
|
{
|
||||||
|
"minAlignmentPeriod": "60s",
|
||||||
|
"plotType": "LINE",
|
||||||
|
"targetAxis": "Y1",
|
||||||
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
|
"timeSeriesFilter": {
|
||||||
|
"aggregation": {
|
||||||
|
"alignmentPeriod": "60s",
|
||||||
|
"crossSeriesReducer": "REDUCE_SUM",
|
||||||
|
"groupByFields": [
|
||||||
|
"metric.label.\"project\""
|
||||||
|
],
|
||||||
|
"perSeriesAligner": "ALIGN_MEAN"
|
||||||
|
},
|
||||||
|
"filter": "metric.type=\"custom.googleapis.com/firewalls_per_project_vpc_usage\" resource.type=\"global\"",
|
||||||
|
"secondaryAggregation": {
|
||||||
|
"alignmentPeriod": "60s",
|
||||||
|
"perSeriesAligner": "ALIGN_NONE"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"thresholds": [],
|
||||||
|
"timeshiftDuration": "0s",
|
||||||
|
"yAxis": {
|
||||||
|
"label": "y1Axis",
|
||||||
|
"scale": "LINEAR"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"width": 6,
|
||||||
|
"xPos": 0,
|
||||||
|
"yPos": 20
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"height": 4,
|
||||||
|
"widget": {
|
||||||
|
"title": "firewalls_per_project_utilization",
|
||||||
|
"xyChart": {
|
||||||
|
"chartOptions": {
|
||||||
|
"mode": "COLOR"
|
||||||
|
},
|
||||||
|
"dataSets": [
|
||||||
|
{
|
||||||
|
"minAlignmentPeriod": "60s",
|
||||||
|
"plotType": "LINE",
|
||||||
|
"targetAxis": "Y1",
|
||||||
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
|
"timeSeriesFilter": {
|
||||||
|
"aggregation": {
|
||||||
|
"alignmentPeriod": "60s",
|
||||||
|
"crossSeriesReducer": "REDUCE_MAX",
|
||||||
|
"groupByFields": [
|
||||||
|
"metric.label.\"project\""
|
||||||
|
],
|
||||||
|
"perSeriesAligner": "ALIGN_MAX"
|
||||||
|
},
|
||||||
|
"filter": "metric.type=\"custom.googleapis.com/firewalls_per_project_utilization\" resource.type=\"global\"",
|
||||||
|
"secondaryAggregation": {
|
||||||
|
"alignmentPeriod": "60s",
|
||||||
|
"perSeriesAligner": "ALIGN_NONE"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"thresholds": [],
|
||||||
|
"timeshiftDuration": "0s",
|
||||||
|
"yAxis": {
|
||||||
|
"label": "y1Axis",
|
||||||
|
"scale": "LINEAR"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"width": 6,
|
||||||
|
"xPos": 6,
|
||||||
"yPos": 20
|
"yPos": 20
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -391,15 +500,13 @@
|
||||||
"plotType": "LINE",
|
"plotType": "LINE",
|
||||||
"targetAxis": "Y1",
|
"targetAxis": "Y1",
|
||||||
"timeSeriesQuery": {
|
"timeSeriesQuery": {
|
||||||
|
"apiSource": "DEFAULT_CLOUD",
|
||||||
"timeSeriesFilter": {
|
"timeSeriesFilter": {
|
||||||
"aggregation": {
|
"aggregation": {
|
||||||
"alignmentPeriod": "60s",
|
"alignmentPeriod": "60s",
|
||||||
"perSeriesAligner": "ALIGN_MEAN"
|
"perSeriesAligner": "ALIGN_MEAN"
|
||||||
},
|
},
|
||||||
"filter": "metric.type=\"custom.googleapis.com/ip_addresses_per_subnet_utilization\" resource.type=\"global\"",
|
"filter": "metric.type=\"custom.googleapis.com/ip_addresses_per_subnet_utilization\" resource.type=\"global\""
|
||||||
"secondaryAggregation": {
|
|
||||||
"alignmentPeriod": "60s"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -412,48 +519,9 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"width": 6,
|
"width": 6,
|
||||||
"xPos": 6,
|
"xPos": 0,
|
||||||
"yPos": 16
|
"yPos": 24
|
||||||
},
|
|
||||||
{
|
|
||||||
"height": 4,
|
|
||||||
"widget": {
|
|
||||||
"title": "dynamic_routes_ppg_utilization",
|
|
||||||
"xyChart": {
|
|
||||||
"chartOptions": {
|
|
||||||
"mode": "COLOR"
|
|
||||||
},
|
|
||||||
"dataSets": [
|
|
||||||
{
|
|
||||||
"minAlignmentPeriod": "60s",
|
|
||||||
"plotType": "LINE",
|
|
||||||
"targetAxis": "Y1",
|
|
||||||
"timeSeriesQuery": {
|
|
||||||
"timeSeriesFilter": {
|
|
||||||
"aggregation": {
|
|
||||||
"alignmentPeriod": "60s",
|
|
||||||
"perSeriesAligner": "ALIGN_MEAN"
|
|
||||||
},
|
|
||||||
"filter": "metric.type=\"custom.googleapis.com/dynamic_routes_per_peering_group_utilization\" resource.type=\"global\"",
|
|
||||||
"secondaryAggregation": {
|
|
||||||
"alignmentPeriod": "60s"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"timeshiftDuration": "0s",
|
|
||||||
"yAxis": {
|
|
||||||
"label": "y1Axis",
|
|
||||||
"scale": "LINEAR"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"width": 6,
|
|
||||||
"xPos": 6,
|
|
||||||
"yPos": 20
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"name": "projects/347834224817/dashboards/1bdcd06a-030d-4977-bf4b-f32231aa3b77"
|
|
||||||
}
|
}
|
|
@ -76,24 +76,24 @@ module "cluster-1" {
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [location](variables.tf#L118) | Cluster zone or region. | <code>string</code> | ✓ | |
|
| [location](variables.tf#L117) | Cluster zone or region. | <code>string</code> | ✓ | |
|
||||||
| [name](variables.tf#L170) | Cluster name. | <code>string</code> | ✓ | |
|
| [name](variables.tf#L169) | Cluster name. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L197) | Cluster project id. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L196) | Cluster project id. | <code>string</code> | ✓ | |
|
||||||
| [vpc_config](variables.tf#L208) | VPC-level configuration. | <code title="object({ network = string subnetwork = string secondary_range_blocks = optional(object({ pods = string services = string }), ) secondary_range_names = optional(object({ pods = string services = string }), { pods = "pods", services = "services" }) master_authorized_ranges = optional(map(string)) })">object({…})</code> | ✓ | |
|
| [vpc_config](variables.tf#L207) | VPC-level configuration. | <code title="object({ network = string subnetwork = string secondary_range_blocks = optional(object({ pods = string services = string }), ) secondary_range_names = optional(object({ pods = string services = string }), { pods = "pods", services = "services" }) master_authorized_ranges = optional(map(string)) })">object({…})</code> | ✓ | |
|
||||||
| [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object({ auto_provisioning_defaults = optional(object({ boot_disk_kms_key = optional(string) image_type = optional(string) oauth_scopes = optional(list(string)) service_account = optional(string) })) cpu_limits = optional(object({ min = number max = number })) mem_limits = optional(object({ min = number max = number })) })">object({…})</code> | | <code>null</code> |
|
| [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | <code title="object({ auto_provisioning_defaults = optional(object({ boot_disk_kms_key = optional(string) image_type = optional(string) oauth_scopes = optional(list(string)) service_account = optional(string) })) cpu_limits = optional(object({ min = number max = number })) mem_limits = optional(object({ min = number max = number })) })">object({…})</code> | | <code>null</code> |
|
||||||
| [description](variables.tf#L38) | Cluster description. | <code>string</code> | | <code>null</code> |
|
| [description](variables.tf#L38) | Cluster description. | <code>string</code> | | <code>null</code> |
|
||||||
| [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun = optional(bool, false) config_connector = optional(bool, false) dns_cache = optional(bool, false) gce_persistent_disk_csi_driver = optional(bool, false) gcp_filestore_csi_driver = optional(bool, false) gke_backup_agent = optional(bool, false) horizontal_pod_autoscaling = optional(bool, false) http_load_balancing = optional(bool, false) istio = optional(object({ enable_tls = bool })) kalm = optional(bool, false) network_policy = optional(bool, false) })">object({…})</code> | | <code title="{ horizontal_pod_autoscaling = true http_load_balancing = true }">{…}</code> |
|
| [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | <code title="object({ cloudrun = optional(bool, false) config_connector = optional(bool, false) dns_cache = optional(bool, false) gce_persistent_disk_csi_driver = optional(bool, false) gcp_filestore_csi_driver = optional(bool, false) gke_backup_agent = optional(bool, false) horizontal_pod_autoscaling = optional(bool, false) http_load_balancing = optional(bool, false) istio = optional(object({ enable_tls = bool })) kalm = optional(bool, false) network_policy = optional(bool, false) })">object({…})</code> | | <code title="{ horizontal_pod_autoscaling = true http_load_balancing = true }">{…}</code> |
|
||||||
| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | <code title="object({ autopilot = optional(bool, false) binary_authorization = optional(bool, false) cloud_dns = optional(object({ provider = optional(string) scope = optional(string) domain = optional(string) })) database_encryption = optional(object({ state = string key_name = string })) dataplane_v2 = optional(bool, false) groups_for_rbac = optional(string) intranode_visibility = optional(bool, false) l4_ilb_subsetting = optional(bool, false) pod_security_policy = optional(bool, false) resource_usage_export = optional(object({ dataset = optional(string) enable_network_egress_metering = optional(bool, false) enable_resource_consumption_metering = optional(bool, false) })) shielded_nodes = optional(bool, false) tpu = optional(bool, false) upgrade_notifications = optional(object({ topic_id = optional(string) })) vertical_pod_autoscaling = optional(bool, false) workload_identity = optional(bool, false) })">object({…})</code> | | <code title="{ workload_identity = true resource_usage_export = null }">{…}</code> |
|
| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | <code title="object({ autopilot = optional(bool, false) binary_authorization = optional(bool, false) cloud_dns = optional(object({ provider = optional(string) scope = optional(string) domain = optional(string) })) database_encryption = optional(object({ state = string key_name = string })) dataplane_v2 = optional(bool, false) groups_for_rbac = optional(string) intranode_visibility = optional(bool, false) l4_ilb_subsetting = optional(bool, false) pod_security_policy = optional(bool, false) resource_usage_export = optional(object({ dataset = string enable_network_egress_metering = optional(bool) enable_resource_consumption_metering = optional(bool) })) shielded_nodes = optional(bool, false) tpu = optional(bool, false) upgrade_notifications = optional(object({ topic_id = optional(string) })) vertical_pod_autoscaling = optional(bool, false) workload_identity = optional(bool, false) })">object({…})</code> | | <code title="{ workload_identity = true }">{…}</code> |
|
||||||
| [issue_client_certificate](variables.tf#L106) | Enable issuing client certificate. | <code>bool</code> | | <code>false</code> |
|
| [issue_client_certificate](variables.tf#L105) | Enable issuing client certificate. | <code>bool</code> | | <code>false</code> |
|
||||||
| [labels](variables.tf#L112) | Cluster resource labels. | <code>map(string)</code> | | <code>null</code> |
|
| [labels](variables.tf#L111) | Cluster resource labels. | <code>map(string)</code> | | <code>null</code> |
|
||||||
| [logging_config](variables.tf#L123) | Logging configuration. | <code>list(string)</code> | | <code>["SYSTEM_COMPONENTS"]</code> |
|
| [logging_config](variables.tf#L122) | Logging configuration. | <code>list(string)</code> | | <code>["SYSTEM_COMPONENTS"]</code> |
|
||||||
| [maintenance_config](variables.tf#L129) | Maintenance window configuration. | <code title="object({ daily_window_start_time = optional(string) recurring_window = optional(object({ start_time = string end_time = string recurrence = string })) maintenance_exclusions = optional(list(object({ name = string start_time = string end_time = string scope = optional(string) }))) })">object({…})</code> | | <code title="{ daily_window_start_time = "03:00" recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
| [maintenance_config](variables.tf#L128) | Maintenance window configuration. | <code title="object({ daily_window_start_time = optional(string) recurring_window = optional(object({ start_time = string end_time = string recurrence = string })) maintenance_exclusions = optional(list(object({ name = string start_time = string end_time = string scope = optional(string) }))) })">object({…})</code> | | <code title="{ daily_window_start_time = "03:00" recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
||||||
| [max_pods_per_node](variables.tf#L152) | Maximum number of pods per node in this cluster. | <code>number</code> | | <code>110</code> |
|
| [max_pods_per_node](variables.tf#L151) | Maximum number of pods per node in this cluster. | <code>number</code> | | <code>110</code> |
|
||||||
| [min_master_version](variables.tf#L158) | Minimum version of the master, defaults to the version of the most recent official release. | <code>string</code> | | <code>null</code> |
|
| [min_master_version](variables.tf#L157) | Minimum version of the master, defaults to the version of the most recent official release. | <code>string</code> | | <code>null</code> |
|
||||||
| [monitoring_config](variables.tf#L164) | Monitoring components. | <code>list(string)</code> | | <code>["SYSTEM_COMPONENTS"]</code> |
|
| [monitoring_config](variables.tf#L163) | Monitoring components. | <code>list(string)</code> | | <code>["SYSTEM_COMPONENTS"]</code> |
|
||||||
| [node_locations](variables.tf#L175) | Zones in which the cluster's nodes are located. | <code>list(string)</code> | | <code>[]</code> |
|
| [node_locations](variables.tf#L174) | Zones in which the cluster's nodes are located. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [private_cluster_config](variables.tf#L182) | Private cluster configuration. | <code title="object({ enable_private_endpoint = optional(bool) master_ipv4_cidr_block = optional(string) master_global_access = optional(bool) peering_config = optional(object({ export_routes = optional(bool) import_routes = optional(bool) project_id = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
| [private_cluster_config](variables.tf#L181) | Private cluster configuration. | <code title="object({ enable_private_endpoint = optional(bool) master_ipv4_cidr_block = optional(string) master_global_access = optional(bool) peering_config = optional(object({ export_routes = optional(bool) import_routes = optional(bool) project_id = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
||||||
| [release_channel](variables.tf#L202) | Release channel for GKE upgrades. | <code>string</code> | | <code>null</code> |
|
| [release_channel](variables.tf#L201) | Release channel for GKE upgrades. | <code>string</code> | | <code>null</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
@ -85,9 +85,9 @@ variable "enable_features" {
|
||||||
l4_ilb_subsetting = optional(bool, false)
|
l4_ilb_subsetting = optional(bool, false)
|
||||||
pod_security_policy = optional(bool, false)
|
pod_security_policy = optional(bool, false)
|
||||||
resource_usage_export = optional(object({
|
resource_usage_export = optional(object({
|
||||||
dataset = optional(string)
|
dataset = string
|
||||||
enable_network_egress_metering = optional(bool, false)
|
enable_network_egress_metering = optional(bool)
|
||||||
enable_resource_consumption_metering = optional(bool, false)
|
enable_resource_consumption_metering = optional(bool)
|
||||||
}))
|
}))
|
||||||
shielded_nodes = optional(bool, false)
|
shielded_nodes = optional(bool, false)
|
||||||
tpu = optional(bool, false)
|
tpu = optional(bool, false)
|
||||||
|
@ -99,7 +99,6 @@ variable "enable_features" {
|
||||||
})
|
})
|
||||||
default = {
|
default = {
|
||||||
workload_identity = true
|
workload_identity = true
|
||||||
resource_usage_export = null
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue