3d4cc7164a
|
||
|---|---|---|
| .. | ||
| README.md | ||
| main.tf | ||
| outputs.tf | ||
| variables.tf | ||
| versions.tf | ||
README.md
GKE cluster Autopilot module
This module allows simplified creation and management of GKE Autopilot clusters. Some sensible defaults are set initially, in order to allow less verbose usage for most use cases.
Example
GKE Cluster
module "cluster-1" {
source = "./fabric/modules/gke-cluster-autopilot"
project_id = "myproject"
name = "cluster-1"
location = "europe-west1"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = false
}
labels = {
environment = "dev"
}
}
# tftest modules=1 resources=1 inventory=basic.yaml
Cloud DNS
This example shows how to use Cloud DNS as a Kubernetes DNS provider for GKE Standard clusters.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-autopilot"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = { pods = "pods", services = "services" }
}
enable_features = {
dns = {
provider = "CLOUD_DNS"
scope = "CLUSTER_SCOPE"
domain = "gke.local"
}
}
}
# tftest modules=1 resources=1 inventory=dns.yaml
Logging configuration
This example shows how to collect logs for the Kubernetes control plane components. The logs for these components are not collected by default.
Note System and workload logs collection is pre-configured for Autopilot clusters and cannot be disabled.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-autopilot"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
}
logging_config = {
enable_api_server_logs = true
enable_scheduler_logs = true
enable_controller_manager_logs = true
}
}
# tftest modules=1 resources=1 inventory=logging-config.yaml
Monitoring configuration
This example shows how to configure collection of Kubernetes control plane metrics. The metrics for these components are not collected by default.
Note System metrics collection is pre-configured for Autopilot clusters and cannot be disabled.
Warning GKE workload metrics is deprecated and removed in GKE 1.24 and later. Workload metrics is replaced by Google Cloud Managed Service for Prometheus, which is Google's recommended way to monitor Kubernetes applications by using Cloud Monitoring.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-autopilot"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
}
monitoring_config = {
enable_api_server_metrics = true
enable_controller_manager_metrics = true
enable_scheduler_metrics = true
}
}
# tftest modules=1 resources=1 inventory=monitoring-config-control-plane.yaml
Backup for GKE
This example shows how to enable the Backup for GKE agent and configure a Backup Plan for GKE Standard clusters.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-autopilot"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = { pods = "pods", services = "services" }
}
backup_configs = {
enable_backup_agent = true
backup_plans = {
"backup-1" = {
region = "europe-west-2"
schedule = "0 9 * * 1"
}
}
}
}
# tftest modules=1 resources=2 inventory=backup.yaml
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| location | Autopilot cluster are always regional. | string |
✓ | |
| name | Cluster name. | string |
✓ | |
| project_id | Cluster project id. | string |
✓ | |
| vpc_config | VPC-level configuration. | object({…}) |
✓ | |
| backup_configs | Configuration for Backup for GKE. | object({…}) |
{} |
|
| description | Cluster description. | string |
null |
|
| enable_addons | Addons enabled in the cluster (true means enabled). | object({…}) |
{…} |
|
| enable_features | Enable cluster-level features. Certain features allow configuration. | object({…}) |
{} |
|
| issue_client_certificate | Enable issuing client certificate. | bool |
false |
|
| labels | Cluster resource labels. | map(string) |
null |
|
| logging_config | Logging configuration. | object({…}) |
{} |
|
| maintenance_config | Maintenance window configuration. | object({…}) |
{…} |
|
| min_master_version | Minimum version of the master, defaults to the version of the most recent official release. | string |
null |
|
| monitoring_config | Monitoring configuration. System metrics collection cannot be disabled for Autopilot clusters. Control plane metrics are optional. Google Cloud Managed Service for Prometheus is enabled by default. | object({…}) |
{} |
|
| node_locations | Zones in which the cluster's nodes are located. | list(string) |
[] |
|
| private_cluster_config | Private cluster configuration. | object({…}) |
null |
|
| release_channel | Release channel for GKE upgrades. Clusters created in the Autopilot mode must use a release channel. Choose between "RAPID", "REGULAR", and "STABLE". | string |
"REGULAR" |
|
| service_account | The Google Cloud Platform Service Account to be used by the node VMs created by GKE Autopilot. | string |
null |
|
| tags | Network tags applied to nodes. | list(string) |
null |
Outputs
| name | description | sensitive |
|---|---|---|
| ca_certificate | Public certificate of the cluster (base64-encoded). | ✓ |
| cluster | Cluster resource. | ✓ |
| endpoint | Cluster endpoint. | |
| id | Fully qualified cluster id. | |
| location | Cluster location. | |
| master_version | Master version. | |
| name | Cluster name. | |
| notifications | GKE Pub/Sub notifications topic. | |
| self_link | Cluster self link. | ✓ |
| workload_identity_pool | Workload identity pool. |