zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[#221] Add master_global_access_config to gke module (#222)

This commit is contained in:
Luca Prete 2021-04-07 09:50:40 +02:00 committed by GitHub
parent aebb9dc1fe
commit fbbe88eb23
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/gke-cluster/README.md
View File

@ -22,6 +22,7 @@ module "cluster-1" {
enable_private_nodes = true
enable_private_endpoint = true
master_ipv4_cidr_block = "192.168.0.0/28"
master_global_access = false
}
labels = {
environment = "dev"
@ -61,7 +62,7 @@ module "cluster-1" {
| *node_locations* | Zones in which the cluster's nodes are located. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *peering_config* | Configure peering with the master VPC for private clusters. | <code title="object&#40;&#123;&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;project_id &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *pod_security_policy* | Enable the PodSecurityPolicy feature. | <code title="">bool</code> | | <code title="">null</code> |
| *private_cluster_config* | Enable and configure private cluster, private nodes must be true if used. | <code title="object&#40;&#123;&#10;enable_private_nodes &#61; bool&#10;enable_private_endpoint &#61; bool&#10;master_ipv4_cidr_block &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *private_cluster_config* | Enable and configure private cluster, private nodes must be true if used. | <code title="object&#40;&#123;&#10;enable_private_nodes &#61; bool&#10;enable_private_endpoint &#61; bool&#10;master_ipv4_cidr_block &#61; string&#10;master_global_access &#61; bool&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *release_channel* | Release channel for GKE upgrades. | <code title="">string</code> | | <code title="">null</code> |
| *resource_usage_export_config* | Configure the ResourceUsageExportConfig feature. | <code title="object&#40;&#123;&#10;enabled &#61; bool&#10;dataset &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;enabled &#61; null&#10;dataset &#61; null&#10;&#125;">...</code> |
| *vertical_pod_autoscaling* | Enable the Vertical Pod Autoscaling feature. | <code title="">bool</code> | | <code title="">null</code> |

3
modules/gke-cluster/main.tf
View File

@ -131,6 +131,9 @@ resource "google_container_cluster" "cluster" {
enable_private_nodes = config.value.enable_private_nodes
enable_private_endpoint = config.value.enable_private_endpoint
master_ipv4_cidr_block = config.value.master_ipv4_cidr_block
master_global_access_config {
enabled = config.value.master_global_access
}
}
}

1
modules/gke-cluster/variables.tf
View File

@ -195,6 +195,7 @@ variable "private_cluster_config" {
enable_private_nodes = bool
enable_private_endpoint = bool
master_ipv4_cidr_block = string
master_global_access = bool
})
default = null
}

1
networking/hub-and-spoke-peering/main.tf
View File

@ -266,6 +266,7 @@ module "cluster-1" {
enable_private_nodes = true
enable_private_endpoint = true
master_ipv4_cidr_block = var.private_service_ranges.spoke-2-cluster-1
master_global_access = true
}
peering_config = {
export_routes = true

1
networking/shared-vpc-gke/main.tf
View File

@ -214,6 +214,7 @@ module "cluster-1" {
enable_private_nodes = true
enable_private_endpoint = true
master_ipv4_cidr_block = var.private_service_ranges.cluster-1
master_global_access = true
}
}