3d4cc7164a | ||
---|---|---|
.. | ||
README.md | ||
main.tf | ||
outputs.tf | ||
variables.tf | ||
versions.tf |
README.md
GKE cluster Standard module
This module allows simplified creation and management of GKE Standard clusters and should be used together with the GKE nodepool module, as the default nodepool is turned off here and cannot be re-enabled. Some sensible defaults are set initially, in order to allow less verbose usage for most use cases.
Example
GKE Cluster
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = "myproject"
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
max_pods_per_node = 32
private_cluster_config = {
enable_private_endpoint = true
master_global_access = false
}
labels = {
environment = "dev"
}
}
# tftest modules=1 resources=1 inventory=basic.yaml
GKE Cluster with Dataplane V2 enabled
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = "myproject"
name = "cluster-dataplane-v2"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = false
}
enable_features = {
dataplane_v2 = true
workload_identity = true
}
labels = {
environment = "dev"
}
}
# tftest modules=1 resources=1 inventory=dataplane-v2.yaml
Managing GKE logs
This example shows you how to control which logs are sent from your GKE cluster to Cloud Logging.
When you create a new GKE cluster, Cloud Operations for GKE integration with Cloud Logging is enabled by default and System logs are collected. You can enable collection of several other types of logs. The following example enables collection of all optional logs.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = "myproject"
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
}
logging_config = {
enable_workloads_logs = true
enable_api_server_logs = true
enable_scheduler_logs = true
enable_controller_manager_logs = true
}
}
# tftest modules=1 resources=1 inventory=logging-config-enable-all.yaml
Disable GKE logs collection
This example shows how to fully disable logs collection on a GKE Standard cluster. This is not recommended.
Warning If you've disabled Cloud Logging or Cloud Monitoring, GKE customer support is offered on a best-effort basis and might require additional effort from your engineering team.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = "myproject"
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
}
logging_config = {
enable_system_logs = false
}
}
# tftest modules=1 resources=1 inventory=logging-config-disable-all.yaml
Cloud DNS
This example shows how to use Cloud DNS as a Kubernetes DNS provider for GKE Standard clusters.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = { pods = "pods", services = "services" }
}
enable_features = {
dns = {
provider = "CLOUD_DNS"
scope = "CLUSTER_SCOPE"
domain = "gke.local"
}
}
}
# tftest modules=1 resources=1 inventory=dns.yaml
Backup for GKE
This example shows how to enable the Backup for GKE agent and configure a Backup Plan for GKE Standard clusters.
module "cluster-1" {
source = "./fabric/modules/gke-cluster-standard"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = { pods = "pods", services = "services" }
}
backup_configs = {
enable_backup_agent = true
backup_plans = {
"backup-1" = {
region = "europe-west-2"
schedule = "0 9 * * 1"
}
}
}
}
# tftest modules=1 resources=2 inventory=backup.yaml
Variables
name | description | type | required | default |
---|---|---|---|---|
location | Cluster zone or region. | string |
✓ | |
name | Cluster name. | string |
✓ | |
project_id | Cluster project id. | string |
✓ | |
vpc_config | VPC-level configuration. | object({…}) |
✓ | |
backup_configs | Configuration for Backup for GKE. | object({…}) |
{} |
|
cluster_autoscaling | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) |
null |
|
description | Cluster description. | string |
null |
|
enable_addons | Addons enabled in the cluster (true means enabled). | object({…}) |
{…} |
|
enable_features | Enable cluster-level features. Certain features allow configuration. | object({…}) |
{…} |
|
issue_client_certificate | Enable issuing client certificate. | bool |
false |
|
labels | Cluster resource labels. | map(string) |
null |
|
logging_config | Logging configuration. | object({…}) |
{} |
|
maintenance_config | Maintenance window configuration. | object({…}) |
{…} |
|
max_pods_per_node | Maximum number of pods per node in this cluster. | number |
110 |
|
min_master_version | Minimum version of the master, defaults to the version of the most recent official release. | string |
null |
|
monitoring_config | Monitoring components. | object({…}) |
{…} |
|
node_locations | Zones in which the cluster's nodes are located. | list(string) |
[] |
|
private_cluster_config | Private cluster configuration. | object({…}) |
null |
|
release_channel | Release channel for GKE upgrades. | string |
null |
|
tags | Network tags applied to nodes. | list(string) |
null |
Outputs
name | description | sensitive |
---|---|---|
ca_certificate | Public certificate of the cluster (base64-encoded). | ✓ |
cluster | Cluster resource. | ✓ |
endpoint | Cluster endpoint. | |
id | FUlly qualified cluster id. | |
location | Cluster location. | |
master_version | Master version. | |
name | Cluster name. | |
notifications | GKE PubSub notifications topic. | |
self_link | Cluster self link. | ✓ |
workload_identity_pool | Workload identity pool. |