From 0304a2074bf9d9d8e4b23b52448837c216e3d03b Mon Sep 17 00:00:00 2001 From: Bharath KKB Date: Wed, 19 Oct 2022 10:34:57 -0500 Subject: [PATCH] fix: use dynamic block for accelerators, updates for CI (#1428) --- autogen/main/cluster.tf.tmpl | 13 +++----- build/int.cloudbuild.yaml | 31 ++++++++++--------- cluster.tf | 22 +++++-------- examples/node_pool/data/shutdown-script.sh | 18 ----------- examples/node_pool/main.tf | 4 +-- examples/safer_cluster/main.tf | 3 -- examples/simple_regional_beta/README.md | 2 -- examples/simple_regional_beta/main.tf | 2 -- examples/simple_regional_beta/variables.tf | 10 ------ examples/simple_regional_private_beta/main.tf | 2 -- .../simple_regional_private_beta/variables.tf | 10 ------ .../cluster.tf | 22 +++++-------- modules/beta-private-cluster/cluster.tf | 22 +++++-------- .../cluster.tf | 22 +++++-------- modules/beta-public-cluster/cluster.tf | 22 +++++-------- .../private-cluster-update-variant/cluster.tf | 22 +++++-------- modules/private-cluster/cluster.tf | 22 +++++-------- test/fixtures/beta_cluster/main.tf | 5 --- test/fixtures/sandbox_enabled/example.tf | 2 -- .../beta_cluster/controls/gcloud.rb | 4 --- test/integration/node_pool/controls/gcloud.rb | 2 +- .../safer_cluster/controls/gcloud.rb | 3 -- 22 files changed, 80 insertions(+), 185 deletions(-) delete mode 100644 examples/node_pool/data/shutdown-script.sh diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index c7003e2b1..18f16eab5 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -722,17 +722,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) - gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] + gpu_partition_size = lookup(each.value, "gpu_partition_size", null) } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml index e47379503..5e59e323a 100644 --- a/build/int.cloudbuild.yaml +++ b/build/int.cloudbuild.yaml @@ -131,21 +131,22 @@ steps: - verify simple-regional-with-networking-local name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy simple-regional-with-networking-local'] -- id: converge simple-zonal-local - waitFor: - - create all - name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' - args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge simple-zonal-local'] -- id: verify simple-zonal-local - waitFor: - - converge simple-zonal-local - name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' - args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify simple-zonal-local'] -- id: destroy simple-zonal-local - waitFor: - - verify simple-zonal-local - name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' - args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy simple-zonal-local'] +# TODO(bharathkkb): https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/1431 +# - id: converge simple-zonal-local +# waitFor: +# - create all +# name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' +# args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge simple-zonal-local'] +# - id: verify simple-zonal-local +# waitFor: +# - converge simple-zonal-local +# name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' +# args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify simple-zonal-local'] +# - id: destroy simple-zonal-local +# waitFor: +# - verify simple-zonal-local +# name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' +# args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy simple-zonal-local'] - id: converge simple-zonal-private-local waitFor: - create all diff --git a/cluster.tf b/cluster.tf index 0d67bf5bf..1cf2ed453 100644 --- a/cluster.tf +++ b/cluster.tf @@ -407,17 +407,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -560,17 +557,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/examples/node_pool/data/shutdown-script.sh b/examples/node_pool/data/shutdown-script.sh deleted file mode 100644 index 7c653fb25..000000000 --- a/examples/node_pool/data/shutdown-script.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env bash -set -e - -# Copyright 2018 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kubectl --kubeconfig=/var/lib/kubelet/kubeconfig drain --force=true --ignore-daemonsets=true --delete-local-data "$HOSTNAME" diff --git a/examples/node_pool/main.tf b/examples/node_pool/main.tf index c6159e18e..18f4a8ce1 100644 --- a/examples/node_pool/main.tf +++ b/examples/node_pool/main.tf @@ -37,7 +37,7 @@ module "gke" { ip_range_pods = var.ip_range_pods ip_range_services = var.ip_range_services create_service_account = false - remove_default_node_pool = true + remove_default_node_pool = false disable_legacy_metadata_endpoints = false cluster_autoscaling = var.cluster_autoscaling @@ -81,7 +81,7 @@ module "gke" { node_pools_metadata = { pool-01 = { - shutdown-script = file("${path.module}/data/shutdown-script.sh") + shutdown-script = "kubectl --kubeconfig=/var/lib/kubelet/kubeconfig drain --force=true --ignore-daemonsets=true --delete-local-data \"$HOSTNAME\"" } } diff --git a/examples/safer_cluster/main.tf b/examples/safer_cluster/main.tf index a2c8ef829..4913bd199 100644 --- a/examples/safer_cluster/main.tf +++ b/examples/safer_cluster/main.tf @@ -73,9 +73,6 @@ module "gke" { }, ] - istio = true - cloudrun = true - notification_config_topic = google_pubsub_topic.updates.id } diff --git a/examples/simple_regional_beta/README.md b/examples/simple_regional_beta/README.md index 5d301c9ad..5294ce6fe 100644 --- a/examples/simple_regional_beta/README.md +++ b/examples/simple_regional_beta/README.md @@ -7,7 +7,6 @@ This example illustrates how to create a simple cluster with beta features. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| cloudrun | Boolean to enable / disable CloudRun | `bool` | `true` | no | | cluster\_name\_suffix | A suffix to append to the default cluster name | `string` | `""` | no | | compute\_engine\_service\_account | Service account to associate to the nodes in the cluster | `any` | n/a | yes | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | @@ -18,7 +17,6 @@ This example illustrates how to create a simple cluster with beta features. | gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `false` | no | | ip\_range\_pods | The secondary ip range to use for pods | `any` | n/a | yes | | ip\_range\_services | The secondary ip range to use for services | `any` | n/a | yes | -| istio | Boolean to enable / disable Istio | `bool` | `true` | no | | network | The VPC network to host the cluster in | `any` | n/a | yes | | node\_pools | List of maps containing node pools | `list(map(string))` | 
[
  {
    "name": "default-node-pool"
  }
]
| no | | project\_id | The project ID to host the cluster in | `any` | n/a | yes | diff --git a/examples/simple_regional_beta/main.tf b/examples/simple_regional_beta/main.tf index 3a52405e1..6131cff65 100644 --- a/examples/simple_regional_beta/main.tf +++ b/examples/simple_regional_beta/main.tf @@ -39,8 +39,6 @@ module "gke" { ip_range_services = var.ip_range_services create_service_account = var.compute_engine_service_account == "create" service_account = var.compute_engine_service_account - istio = var.istio - cloudrun = var.cloudrun dns_cache = var.dns_cache gce_pd_csi_driver = var.gce_pd_csi_driver sandbox_enabled = var.sandbox_enabled diff --git a/examples/simple_regional_beta/variables.tf b/examples/simple_regional_beta/variables.tf index c6dd8ec69..fdbe18eef 100644 --- a/examples/simple_regional_beta/variables.tf +++ b/examples/simple_regional_beta/variables.tf @@ -47,16 +47,6 @@ variable "compute_engine_service_account" { description = "Service account to associate to the nodes in the cluster" } -variable "istio" { - description = "Boolean to enable / disable Istio" - default = true -} - -variable "cloudrun" { - description = "Boolean to enable / disable CloudRun" - default = true -} - variable "dns_cache" { type = bool description = "(Beta) The status of the NodeLocal DNSCache addon." diff --git a/examples/simple_regional_private_beta/main.tf b/examples/simple_regional_private_beta/main.tf index 50c9374a4..c34645d67 100644 --- a/examples/simple_regional_private_beta/main.tf +++ b/examples/simple_regional_private_beta/main.tf @@ -56,8 +56,6 @@ module "gke" { enable_confidential_nodes = true - istio = var.istio - cloudrun = var.cloudrun dns_cache = var.dns_cache gce_pd_csi_driver = var.gce_pd_csi_driver } diff --git a/examples/simple_regional_private_beta/variables.tf b/examples/simple_regional_private_beta/variables.tf index c0b651b69..285bf5361 100644 --- a/examples/simple_regional_private_beta/variables.tf +++ b/examples/simple_regional_private_beta/variables.tf @@ -47,16 +47,6 @@ variable "compute_engine_service_account" { description = "Service account to associate to the nodes in the cluster" } -variable "istio" { - description = "Boolean to enable / disable Istio" - default = true -} - -variable "cloudrun" { - description = "Boolean to enable / disable CloudRun" - default = true -} - variable "dns_cache" { description = "Boolean to enable / disable NodeLocal DNSCache " default = false diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 6e0383677..c70604352 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -638,17 +638,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -846,17 +843,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 2c12b3660..5edc1e8d5 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -547,17 +547,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -754,17 +751,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 908e346eb..e22487af4 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -619,17 +619,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -827,17 +824,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index e87bc9603..2ee282851 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -528,17 +528,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -735,17 +732,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 870c3bd6c..f734b46ef 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -511,17 +511,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -665,17 +662,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index 281ab3d02..24aacef56 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -420,17 +420,14 @@ resource "google_container_node_pool" "pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config @@ -573,17 +570,14 @@ resource "google_container_node_pool" "windows_pools" { local.node_pools_oauth_scopes[each.value["name"]], ) - guest_accelerator = [ - for guest_accelerator in lookup(each.value, "accelerator_count", 0) > 0 ? [{ + dynamic "guest_accelerator" { + for_each = lookup(each.value, "accelerator_count", 0) > 0 ? [1] : [] + content { type = lookup(each.value, "accelerator_type", "") count = lookup(each.value, "accelerator_count", 0) gpu_partition_size = lookup(each.value, "gpu_partition_size", null) - }] : [] : { - type = guest_accelerator["type"] - count = guest_accelerator["count"] - gpu_partition_size = guest_accelerator["gpu_partition_size"] } - ] + } dynamic "workload_metadata_config" { for_each = local.cluster_node_metadata_config diff --git a/test/fixtures/beta_cluster/main.tf b/test/fixtures/beta_cluster/main.tf index fe6cd6192..f1ab83328 100644 --- a/test/fixtures/beta_cluster/main.tf +++ b/test/fixtures/beta_cluster/main.tf @@ -56,16 +56,11 @@ module "this" { }, ] - // Beta features - istio = true - database_encryption = [{ state = "ENCRYPTED" key_name = google_kms_crypto_key.db.id }] - cloudrun = true - dns_cache = true gce_pd_csi_driver = true diff --git a/test/fixtures/sandbox_enabled/example.tf b/test/fixtures/sandbox_enabled/example.tf index ddd947688..397db7d8a 100644 --- a/test/fixtures/sandbox_enabled/example.tf +++ b/test/fixtures/sandbox_enabled/example.tf @@ -25,8 +25,6 @@ module "example" { ip_range_pods = google_compute_subnetwork.main.secondary_ip_range[0].range_name ip_range_services = google_compute_subnetwork.main.secondary_ip_range[1].range_name compute_engine_service_account = var.compute_engine_service_accounts[0] - istio = false - cloudrun = false sandbox_enabled = true remove_default_node_pool = true diff --git a/test/integration/beta_cluster/controls/gcloud.rb b/test/integration/beta_cluster/controls/gcloud.rb index df8997e0c..f94c1e71e 100644 --- a/test/integration/beta_cluster/controls/gcloud.rb +++ b/test/integration/beta_cluster/controls/gcloud.rb @@ -60,10 +60,6 @@ "networkPolicyConfig" => { "disabled" => true, }, - "istioConfig" => {"auth"=>"AUTH_MUTUAL_TLS"}, - "cloudRunConfig" => including( - "loadBalancerType" => "LOAD_BALANCER_TYPE_EXTERNAL", - ), "dnsCacheConfig" => { "enabled" => true, }, diff --git a/test/integration/node_pool/controls/gcloud.rb b/test/integration/node_pool/controls/gcloud.rb index d7f630ebd..ea4e33493 100644 --- a/test/integration/node_pool/controls/gcloud.rb +++ b/test/integration/node_pool/controls/gcloud.rb @@ -147,7 +147,7 @@ "name" => "pool-01", "config" => including( "metadata" => including( - "shutdown-script" => File.open("examples/node_pool/data/shutdown-script.sh").read, + "shutdown-script" => "kubectl --kubeconfig=/var/lib/kubelet/kubeconfig drain --force=true --ignore-daemonsets=true --delete-local-data \"$HOSTNAME\"", "disable-legacy-endpoints" => "false", ), ), diff --git a/test/integration/safer_cluster/controls/gcloud.rb b/test/integration/safer_cluster/controls/gcloud.rb index 1525ab669..18c7df89a 100644 --- a/test/integration/safer_cluster/controls/gcloud.rb +++ b/test/integration/safer_cluster/controls/gcloud.rb @@ -55,9 +55,6 @@ it "has the expected addon settings" do expect(data['addonsConfig']).to include( - "cloudRunConfig" => including( - "loadBalancerType" => "LOAD_BALANCER_TYPE_EXTERNAL", - ), "horizontalPodAutoscaling" => {}, "httpLoadBalancing" => {}, "kubernetesDashboard" => including(