zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/fast/stages/03-gke-multitenant/dev
History
Daniel Marzini b85b5e265a added spot vm 2022-08-02 21:41:47 +02:00
..
README.md added spot vm 2022-08-02 21:41:47 +02:00
main.tf add project-level iam variable 2022-07-30 16:05:39 +02:00
outputs.tf fixes 2022-07-29 23:45:15 +02:00
variables.tf added spot vm 2022-08-02 21:41:47 +02:00

README.md

GKE Multitenant

TODO: add description and diagram

GKE multitenant

Design overview and choices

TODO

Cluster and nodepool configuration

TODO

Fleet management

TODO

How to run this stage

TODO

Providers configuration

TODO

Variable configuration

TODO

Files

name description modules resources
main.tf GKE multitenant for development environment. _module
outputs.tf Output variables. google_storage_bucket_object · local_file
variables.tf Module variables.

Variables

name description type required default producer
automation Automation resources created by the bootstrap stage. object({…}) 00-bootstrap
billing_account Billing account id and organization id ('nnnnnnnn' or null). object({…}) 00-bootstrap
clusters map(object({…}))
folder_ids Folders to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. object({…}) 01-resman
host_project_ids Host project for the shared VPC. object({…}) 02-networking
nodepools map(map(object({…})))
prefix Prefix used for resources that need unique names. string
vpc_self_links Self link for the shared VPC. object({…}) 02-networking
authenticator_security_group Optional group used for Groups for GKE. string null
cluster_defaults Default values for optional cluster configurations. object({…}) {…}
dns_domain Domain name used for clusters, prefixed by each cluster name. Leave null to disable Cloud DNS for GKE. string null
fleet_configmanagement_clusters Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. map(list(string)) {}
fleet_configmanagement_templates Sets of config management configurations that can be applied to member clusters, in config name => {options} format. map(object({…})) {}
fleet_features Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. object({…}) null
fleet_workload_identity Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. bool true
group_iam Project-level authoritative IAM bindings for groups in {GROUP_EMAIL => [ROLES]} format. Use group emails as keys, list of roles as values. map(list(string)) {}
iam Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. map(list(string)) {}
labels Project-level labels. map(string) {}
nodepool_defaults object({…}) {…}
outputs_location Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. string null
project_services Additional project services to enable. list(string) []

Outputs

name description sensitive consumers
cluster_ids Cluster ids.
clusters Cluster resources.
project_id GKE project id.