From 2cf0641c2ba313582450b36c3b50a9d78d0346c9 Mon Sep 17 00:00:00 2001 From: Peter C Date: Thu, 13 Jan 2022 12:25:10 -0600 Subject: [PATCH] feat: Allow datapath_provider in GA main module (#1084) * Allow datapath_provider in GA main module * Update examples and tests to 3.55.0 * Update remaining version bump --- README.md | 1 + autogen/main/cluster.tf.tmpl | 3 +-- autogen/main/variables.tf.tmpl | 3 +-- autogen/main/versions.tf.tmpl | 2 +- cluster.tf | 2 ++ examples/deploy_service/main.tf | 2 +- examples/disable_client_cert/main.tf | 2 +- examples/node_pool_update_variant/main.tf | 2 +- .../regional_private_node_pool_oauth_scopes/provider.tf | 2 +- examples/safer_cluster/main.tf | 2 +- examples/shared_vpc/main.tf | 2 +- examples/simple_regional/main.tf | 2 +- examples/simple_regional_private/main.tf | 2 +- examples/simple_regional_private_beta/main.tf | 2 +- examples/simple_regional_with_kubeconfig/main.tf | 2 +- examples/simple_regional_with_networking/main.tf | 2 +- examples/simple_zonal_private/main.tf | 2 +- examples/simple_zonal_with_acm/main.tf | 2 +- examples/simple_zonal_with_hub/main.tf | 2 +- examples/stub_domains/main.tf | 2 +- examples/stub_domains_private/main.tf | 2 +- examples/stub_domains_upstream_nameservers/main.tf | 2 +- examples/upstream_nameservers/main.tf | 2 +- examples/workload_identity/main.tf | 2 +- modules/beta-private-cluster-update-variant/cluster.tf | 1 + modules/beta-private-cluster-update-variant/variables.tf | 1 + modules/beta-private-cluster/cluster.tf | 1 + modules/beta-private-cluster/variables.tf | 1 + modules/beta-public-cluster-update-variant/cluster.tf | 1 + modules/beta-public-cluster-update-variant/variables.tf | 1 + modules/beta-public-cluster/cluster.tf | 1 + modules/beta-public-cluster/variables.tf | 1 + modules/private-cluster-update-variant/README.md | 1 + modules/private-cluster-update-variant/cluster.tf | 2 ++ modules/private-cluster-update-variant/variables.tf | 6 ++++++ modules/private-cluster-update-variant/versions.tf | 2 +- modules/private-cluster/README.md | 1 + modules/private-cluster/cluster.tf | 2 ++ modules/private-cluster/variables.tf | 6 ++++++ modules/private-cluster/versions.tf | 2 +- test/fixtures/deploy_service/network.tf | 2 +- test/fixtures/disable_client_cert/network.tf | 2 +- test/fixtures/shared_vpc/network.tf | 2 +- test/fixtures/simple_regional/network.tf | 2 +- test/fixtures/simple_regional_with_kubeconfig/network.tf | 2 +- test/fixtures/simple_zonal/network.tf | 2 +- test/fixtures/stub_domains/network.tf | 2 +- test/fixtures/stub_domains_upstream_nameservers/network.tf | 2 +- test/fixtures/upstream_nameservers/network.tf | 2 +- variables.tf | 6 ++++++ versions.tf | 2 +- 51 files changed, 69 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index c07f086440..de52651f5b 100644 --- a/README.md +++ b/README.md @@ -136,6 +136,7 @@ Then perform the following commands on the root folder: | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | +| datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | description | The description of the cluster | `string` | `""` | no | | disable\_legacy\_metadata\_endpoints | Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated. | `bool` | `true` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index b15947ff6f..eeee6d5196 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -217,9 +217,8 @@ resource "google_container_cluster" "primary" { } {% endif %} } - {% if beta_cluster %} + datapath_provider = var.datapath_provider - {% endif %} {% if beta_cluster %} networking_mode = "VPC_NATIVE" diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index be7baa10ef..ea8e1fe01b 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -107,13 +107,12 @@ variable "network_policy_provider" { description = "The network policy provider." default = "CALICO" } -{% if beta_cluster %} + variable "datapath_provider" { type = string description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." default = "DATAPATH_PROVIDER_UNSPECIFIED" } -{% endif %} variable "maintenance_start_time" { type = string diff --git a/autogen/main/versions.tf.tmpl b/autogen/main/versions.tf.tmpl index c37dfc3f05..10338cf9a0 100644 --- a/autogen/main/versions.tf.tmpl +++ b/autogen/main/versions.tf.tmpl @@ -38,7 +38,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.39.0, <4.0.0" + version = ">= 3.55.0, <4.0.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/cluster.tf b/cluster.tf index 4385913d10..82ef9af9da 100644 --- a/cluster.tf +++ b/cluster.tf @@ -120,6 +120,8 @@ resource "google_container_cluster" "primary" { } } + datapath_provider = var.datapath_provider + ip_allocation_policy { cluster_secondary_range_name = var.ip_range_pods services_secondary_range_name = var.ip_range_services diff --git a/examples/deploy_service/main.tf b/examples/deploy_service/main.tf index c0b901d22b..75908d8689 100644 --- a/examples/deploy_service/main.tf +++ b/examples/deploy_service/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/disable_client_cert/main.tf b/examples/disable_client_cert/main.tf index 11bcb511f2..37479596dc 100644 --- a/examples/disable_client_cert/main.tf +++ b/examples/disable_client_cert/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/node_pool_update_variant/main.tf b/examples/node_pool_update_variant/main.tf index 9c4ab23398..8f4900bfa8 100644 --- a/examples/node_pool_update_variant/main.tf +++ b/examples/node_pool_update_variant/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/regional_private_node_pool_oauth_scopes/provider.tf b/examples/regional_private_node_pool_oauth_scopes/provider.tf index 55442e8e6d..28e2d75ab1 100644 --- a/examples/regional_private_node_pool_oauth_scopes/provider.tf +++ b/examples/regional_private_node_pool_oauth_scopes/provider.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" } provider "google-beta" { diff --git a/examples/safer_cluster/main.tf b/examples/safer_cluster/main.tf index c085ca0c99..84b94d79e6 100644 --- a/examples/safer_cluster/main.tf +++ b/examples/safer_cluster/main.tf @@ -31,7 +31,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" } provider "google-beta" { diff --git a/examples/shared_vpc/main.tf b/examples/shared_vpc/main.tf index bead5c938a..4e1c2a1b56 100644 --- a/examples/shared_vpc/main.tf +++ b/examples/shared_vpc/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_regional/main.tf b/examples/simple_regional/main.tf index e6d6f6ace2..0ddfa5581a 100644 --- a/examples/simple_regional/main.tf +++ b/examples/simple_regional/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_regional_private/main.tf b/examples/simple_regional_private/main.tf index 3d88962f61..d0d0385428 100644 --- a/examples/simple_regional_private/main.tf +++ b/examples/simple_regional_private/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_regional_private_beta/main.tf b/examples/simple_regional_private_beta/main.tf index bf56664762..0c7d6885f6 100644 --- a/examples/simple_regional_private_beta/main.tf +++ b/examples/simple_regional_private_beta/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_regional_with_kubeconfig/main.tf b/examples/simple_regional_with_kubeconfig/main.tf index 433cac4d83..645d4b666b 100644 --- a/examples/simple_regional_with_kubeconfig/main.tf +++ b/examples/simple_regional_with_kubeconfig/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_regional_with_networking/main.tf b/examples/simple_regional_with_networking/main.tf index a414e44f15..f1f9b48b43 100644 --- a/examples/simple_regional_with_networking/main.tf +++ b/examples/simple_regional_with_networking/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.45.0" + version = "~> 3.55.0" } data "google_client_config" "default" {} diff --git a/examples/simple_zonal_private/main.tf b/examples/simple_zonal_private/main.tf index be7a4ac20f..d98718c9a6 100644 --- a/examples/simple_zonal_private/main.tf +++ b/examples/simple_zonal_private/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_zonal_with_acm/main.tf b/examples/simple_zonal_with_acm/main.tf index 09c0d320f2..70a1f3f12e 100644 --- a/examples/simple_zonal_with_acm/main.tf +++ b/examples/simple_zonal_with_acm/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/simple_zonal_with_hub/main.tf b/examples/simple_zonal_with_hub/main.tf index f140398427..f19b592f77 100644 --- a/examples/simple_zonal_with_hub/main.tf +++ b/examples/simple_zonal_with_hub/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/stub_domains/main.tf b/examples/stub_domains/main.tf index f2829008fa..150514976e 100644 --- a/examples/stub_domains/main.tf +++ b/examples/stub_domains/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/stub_domains_private/main.tf b/examples/stub_domains_private/main.tf index 1c240d2f4d..e2d077b849 100644 --- a/examples/stub_domains_private/main.tf +++ b/examples/stub_domains_private/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/stub_domains_upstream_nameservers/main.tf b/examples/stub_domains_upstream_nameservers/main.tf index 91b12d6145..f64f02f499 100644 --- a/examples/stub_domains_upstream_nameservers/main.tf +++ b/examples/stub_domains_upstream_nameservers/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/upstream_nameservers/main.tf b/examples/upstream_nameservers/main.tf index 59e42fd4f5..1ab9edc1d3 100644 --- a/examples/upstream_nameservers/main.tf +++ b/examples/upstream_nameservers/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/examples/workload_identity/main.tf b/examples/workload_identity/main.tf index f1b453dfdf..2b6fe82e20 100644 --- a/examples/workload_identity/main.tf +++ b/examples/workload_identity/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" region = var.region } diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index b66778722f..fe7f85e878 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -196,6 +196,7 @@ resource "google_container_cluster" "primary" { enabled = var.config_connector } } + datapath_provider = var.datapath_provider networking_mode = "VPC_NATIVE" diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 0560f7b2b6..f25adcccf7 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -107,6 +107,7 @@ variable "network_policy_provider" { description = "The network policy provider." default = "CALICO" } + variable "datapath_provider" { type = string description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 96a66fcc49..d873637b9a 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -196,6 +196,7 @@ resource "google_container_cluster" "primary" { enabled = var.config_connector } } + datapath_provider = var.datapath_provider networking_mode = "VPC_NATIVE" diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 0560f7b2b6..f25adcccf7 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -107,6 +107,7 @@ variable "network_policy_provider" { description = "The network policy provider." default = "CALICO" } + variable "datapath_provider" { type = string description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 6800ab7016..fe57be51c9 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -196,6 +196,7 @@ resource "google_container_cluster" "primary" { enabled = var.config_connector } } + datapath_provider = var.datapath_provider networking_mode = "VPC_NATIVE" diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 818da50b8c..104d1dae7f 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -107,6 +107,7 @@ variable "network_policy_provider" { description = "The network policy provider." default = "CALICO" } + variable "datapath_provider" { type = string description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 574b89e028..34b39e5548 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -196,6 +196,7 @@ resource "google_container_cluster" "primary" { enabled = var.config_connector } } + datapath_provider = var.datapath_provider networking_mode = "VPC_NATIVE" diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 818da50b8c..104d1dae7f 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -107,6 +107,7 @@ variable "network_policy_provider" { description = "The network policy provider." default = "CALICO" } + variable "datapath_provider" { type = string description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 580e89fb96..5176ac1241 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -164,6 +164,7 @@ Then perform the following commands on the root folder: | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | +| datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deploy\_using\_private\_endpoint | (Beta) A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 2de7575db5..6ad68cd30c 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -120,6 +120,8 @@ resource "google_container_cluster" "primary" { } } + datapath_provider = var.datapath_provider + ip_allocation_policy { cluster_secondary_range_name = var.ip_range_pods services_secondary_range_name = var.ip_range_services diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 90f6717bf1..a1c8253d71 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -108,6 +108,12 @@ variable "network_policy_provider" { default = "CALICO" } +variable "datapath_provider" { + type = string + description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." + default = "DATAPATH_PROVIDER_UNSPECIFIED" +} + variable "maintenance_start_time" { type = string description = "Time window specified for daily or recurring maintenance operations in RFC3339 format" diff --git a/modules/private-cluster-update-variant/versions.tf b/modules/private-cluster-update-variant/versions.tf index 465fa30c06..98d3b74f99 100644 --- a/modules/private-cluster-update-variant/versions.tf +++ b/modules/private-cluster-update-variant/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.39.0, <4.0.0" + version = ">= 3.55.0, <4.0.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 63ce736b46..1ec12aba6d 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -142,6 +142,7 @@ Then perform the following commands on the root folder: | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | +| datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deploy\_using\_private\_endpoint | (Beta) A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index bf6596abb5..278420d150 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -120,6 +120,8 @@ resource "google_container_cluster" "primary" { } } + datapath_provider = var.datapath_provider + ip_allocation_policy { cluster_secondary_range_name = var.ip_range_pods services_secondary_range_name = var.ip_range_services diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 90f6717bf1..a1c8253d71 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -108,6 +108,12 @@ variable "network_policy_provider" { default = "CALICO" } +variable "datapath_provider" { + type = string + description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." + default = "DATAPATH_PROVIDER_UNSPECIFIED" +} + variable "maintenance_start_time" { type = string description = "Time window specified for daily or recurring maintenance operations in RFC3339 format" diff --git a/modules/private-cluster/versions.tf b/modules/private-cluster/versions.tf index 666ceba9f0..484c1eac5f 100644 --- a/modules/private-cluster/versions.tf +++ b/modules/private-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.39.0, <4.0.0" + version = ">= 3.55.0, <4.0.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/test/fixtures/deploy_service/network.tf b/test/fixtures/deploy_service/network.tf index 0de80bd3b9..a0fd4082cc 100644 --- a/test/fixtures/deploy_service/network.tf +++ b/test/fixtures/deploy_service/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[0] } diff --git a/test/fixtures/disable_client_cert/network.tf b/test/fixtures/disable_client_cert/network.tf index 0de80bd3b9..a0fd4082cc 100644 --- a/test/fixtures/disable_client_cert/network.tf +++ b/test/fixtures/disable_client_cert/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[0] } diff --git a/test/fixtures/shared_vpc/network.tf b/test/fixtures/shared_vpc/network.tf index 0de80bd3b9..a0fd4082cc 100644 --- a/test/fixtures/shared_vpc/network.tf +++ b/test/fixtures/shared_vpc/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[0] } diff --git a/test/fixtures/simple_regional/network.tf b/test/fixtures/simple_regional/network.tf index 0de80bd3b9..a0fd4082cc 100644 --- a/test/fixtures/simple_regional/network.tf +++ b/test/fixtures/simple_regional/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[0] } diff --git a/test/fixtures/simple_regional_with_kubeconfig/network.tf b/test/fixtures/simple_regional_with_kubeconfig/network.tf index e434edc0ea..4c64f5a90c 100644 --- a/test/fixtures/simple_regional_with_kubeconfig/network.tf +++ b/test/fixtures/simple_regional_with_kubeconfig/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[0] } diff --git a/test/fixtures/simple_zonal/network.tf b/test/fixtures/simple_zonal/network.tf index 4fc294e76d..9f9824bd7c 100644 --- a/test/fixtures/simple_zonal/network.tf +++ b/test/fixtures/simple_zonal/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[1] } diff --git a/test/fixtures/stub_domains/network.tf b/test/fixtures/stub_domains/network.tf index f36e983b59..a6fff524fe 100644 --- a/test/fixtures/stub_domains/network.tf +++ b/test/fixtures/stub_domains/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[1] } diff --git a/test/fixtures/stub_domains_upstream_nameservers/network.tf b/test/fixtures/stub_domains_upstream_nameservers/network.tf index ee3ee45183..b94679b3a7 100644 --- a/test/fixtures/stub_domains_upstream_nameservers/network.tf +++ b/test/fixtures/stub_domains_upstream_nameservers/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[1] } diff --git a/test/fixtures/upstream_nameservers/network.tf b/test/fixtures/upstream_nameservers/network.tf index ee3ee45183..b94679b3a7 100644 --- a/test/fixtures/upstream_nameservers/network.tf +++ b/test/fixtures/upstream_nameservers/network.tf @@ -21,7 +21,7 @@ resource "random_string" "suffix" { } provider "google" { - version = "~> 3.42.0" + version = "~> 3.55.0" project = var.project_ids[1] } diff --git a/variables.tf b/variables.tf index ebd17986fb..66dd772f5b 100644 --- a/variables.tf +++ b/variables.tf @@ -108,6 +108,12 @@ variable "network_policy_provider" { default = "CALICO" } +variable "datapath_provider" { + type = string + description = "The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature." + default = "DATAPATH_PROVIDER_UNSPECIFIED" +} + variable "maintenance_start_time" { type = string description = "Time window specified for daily or recurring maintenance operations in RFC3339 format" diff --git a/versions.tf b/versions.tf index dc7c8aec64..b3d1820b43 100644 --- a/versions.tf +++ b/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.39.0, <4.0.0" + version = ">= 3.55.0, <4.0.0" } kubernetes = { source = "hashicorp/kubernetes"