From 2cc64c8d1e2384ec72f92589c76f5efe378b479d Mon Sep 17 00:00:00 2001 From: kravvcu Date: Mon, 10 Feb 2020 22:57:46 +0100 Subject: [PATCH] feat: Add master_ipv4_cidr_block output for private clusters (#427) --- autogen/main/outputs.tf.tmpl | 7 +++++++ autogen/safer-cluster/outputs.tf.tmpl | 5 +++++ autogen/safer-cluster/variables.tf.tmpl | 2 +- modules/beta-private-cluster-update-variant/README.md | 1 + modules/beta-private-cluster-update-variant/outputs.tf | 5 +++++ modules/beta-private-cluster/README.md | 1 + modules/beta-private-cluster/outputs.tf | 5 +++++ modules/beta-public-cluster/outputs.tf | 1 - modules/private-cluster-update-variant/README.md | 1 + modules/private-cluster-update-variant/outputs.tf | 5 +++++ modules/private-cluster/README.md | 1 + modules/private-cluster/outputs.tf | 5 +++++ modules/safer-cluster-update-variant/README.md | 3 ++- modules/safer-cluster-update-variant/outputs.tf | 5 +++++ modules/safer-cluster-update-variant/variables.tf | 2 +- modules/safer-cluster/README.md | 3 ++- modules/safer-cluster/outputs.tf | 5 +++++ modules/safer-cluster/variables.tf | 2 +- outputs.tf | 1 - 19 files changed, 53 insertions(+), 7 deletions(-) diff --git a/autogen/main/outputs.tf.tmpl b/autogen/main/outputs.tf.tmpl index 9f53a1f5f..2cfcd178c 100644 --- a/autogen/main/outputs.tf.tmpl +++ b/autogen/main/outputs.tf.tmpl @@ -118,7 +118,14 @@ output "service_account" { description = "The service account to default running nodes as if not overridden in `node_pools`." value = local.service_account } +{% if private_cluster %} +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} + +{% endif %} {% if beta_cluster %} output "istio_enabled" { diff --git a/autogen/safer-cluster/outputs.tf.tmpl b/autogen/safer-cluster/outputs.tf.tmpl index 9c18ec292..aac311fde 100644 --- a/autogen/safer-cluster/outputs.tf.tmpl +++ b/autogen/safer-cluster/outputs.tf.tmpl @@ -116,3 +116,8 @@ output "service_account" { description = "The service account to default running nodes as if not overridden in `node_pools`." value = module.gke.service_account } + +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl index ce3ca0bdf..04ffd68b2 100644 --- a/autogen/safer-cluster/variables.tf.tmpl +++ b/autogen/safer-cluster/variables.tf.tmpl @@ -228,7 +228,7 @@ variable "cluster_resource_labels" { variable "master_ipv4_cidr_block" { type = string - description = "(Beta) The IP range in CIDR notation to use for the hosted master network" + description = "The IP range in CIDR notation to use for the hosted master network" default = "10.0.0.0/28" } diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index dfbb0bbb7..3e55252c6 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -239,6 +239,7 @@ Then perform the following commands on the root folder: | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/beta-private-cluster-update-variant/outputs.tf b/modules/beta-private-cluster-update-variant/outputs.tf index 29b077a84..cf3e38781 100644 --- a/modules/beta-private-cluster-update-variant/outputs.tf +++ b/modules/beta-private-cluster-update-variant/outputs.tf @@ -119,6 +119,11 @@ output "service_account" { value = local.service_account } +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} + output "istio_enabled" { description = "Whether Istio is enabled" diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 7beccecd4..8e7afdbd9 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -217,6 +217,7 @@ Then perform the following commands on the root folder: | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/beta-private-cluster/outputs.tf b/modules/beta-private-cluster/outputs.tf index 29b077a84..cf3e38781 100644 --- a/modules/beta-private-cluster/outputs.tf +++ b/modules/beta-private-cluster/outputs.tf @@ -119,6 +119,11 @@ output "service_account" { value = local.service_account } +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} + output "istio_enabled" { description = "Whether Istio is enabled" diff --git a/modules/beta-public-cluster/outputs.tf b/modules/beta-public-cluster/outputs.tf index 29b077a84..2fccac6bc 100644 --- a/modules/beta-public-cluster/outputs.tf +++ b/modules/beta-public-cluster/outputs.tf @@ -119,7 +119,6 @@ output "service_account" { value = local.service_account } - output "istio_enabled" { description = "Whether Istio is enabled" value = local.cluster_istio_enabled diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 586f9dd8c..e9643423d 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -213,6 +213,7 @@ Then perform the following commands on the root folder: | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/private-cluster-update-variant/outputs.tf b/modules/private-cluster-update-variant/outputs.tf index f5e7b4133..042f4d4f6 100644 --- a/modules/private-cluster-update-variant/outputs.tf +++ b/modules/private-cluster-update-variant/outputs.tf @@ -119,3 +119,8 @@ output "service_account" { value = local.service_account } +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} + diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 2276a46d4..6068ca27a 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -191,6 +191,7 @@ Then perform the following commands on the root folder: | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/private-cluster/outputs.tf b/modules/private-cluster/outputs.tf index f5e7b4133..042f4d4f6 100644 --- a/modules/private-cluster/outputs.tf +++ b/modules/private-cluster/outputs.tf @@ -119,3 +119,8 @@ output "service_account" { value = local.service_account } +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} + diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md index 147e11d4f..c8d81eb7e 100644 --- a/modules/safer-cluster-update-variant/README.md +++ b/modules/safer-cluster-update-variant/README.md @@ -222,7 +222,7 @@ For simplicity, we suggest using `roles/container.admin` and | logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | string | `"logging.googleapis.com/kubernetes"` | no | | maintenance\_start\_time | Time window specified for daily maintenance operations in RFC3339 format | string | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | object | `` | no | -| master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | string | `"10.0.0.0/28"` | no | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network | string | `"10.0.0.0/28"` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | string | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster | string | n/a | yes | | network | The VPC network to host the cluster in | string | n/a | yes | @@ -259,6 +259,7 @@ For simplicity, we suggest using `roles/container.admin` and | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/safer-cluster-update-variant/outputs.tf b/modules/safer-cluster-update-variant/outputs.tf index bfb15773c..d937e156b 100644 --- a/modules/safer-cluster-update-variant/outputs.tf +++ b/modules/safer-cluster-update-variant/outputs.tf @@ -116,3 +116,8 @@ output "service_account" { description = "The service account to default running nodes as if not overridden in `node_pools`." value = module.gke.service_account } + +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf index 37dd4537b..43b60e22a 100644 --- a/modules/safer-cluster-update-variant/variables.tf +++ b/modules/safer-cluster-update-variant/variables.tf @@ -228,7 +228,7 @@ variable "cluster_resource_labels" { variable "master_ipv4_cidr_block" { type = string - description = "(Beta) The IP range in CIDR notation to use for the hosted master network" + description = "The IP range in CIDR notation to use for the hosted master network" default = "10.0.0.0/28" } diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md index 147e11d4f..c8d81eb7e 100644 --- a/modules/safer-cluster/README.md +++ b/modules/safer-cluster/README.md @@ -222,7 +222,7 @@ For simplicity, we suggest using `roles/container.admin` and | logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | string | `"logging.googleapis.com/kubernetes"` | no | | maintenance\_start\_time | Time window specified for daily maintenance operations in RFC3339 format | string | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | object | `` | no | -| master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | string | `"10.0.0.0/28"` | no | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network | string | `"10.0.0.0/28"` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | string | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster | string | n/a | yes | | network | The VPC network to host the cluster in | string | n/a | yes | @@ -259,6 +259,7 @@ For simplicity, we suggest using `roles/container.admin` and | location | Cluster location (region if regional cluster, zone if zonal cluster) | | logging\_service | Logging service used | | master\_authorized\_networks\_config | Networks from which access to master is permitted | +| master\_ipv4\_cidr\_block | The IP range in CIDR notation used for the hosted master network | | master\_version | Current master kubernetes version | | min\_master\_version | Minimum master kubernetes version | | monitoring\_service | Monitoring service used | diff --git a/modules/safer-cluster/outputs.tf b/modules/safer-cluster/outputs.tf index bfb15773c..d937e156b 100644 --- a/modules/safer-cluster/outputs.tf +++ b/modules/safer-cluster/outputs.tf @@ -116,3 +116,8 @@ output "service_account" { description = "The service account to default running nodes as if not overridden in `node_pools`." value = module.gke.service_account } + +output "master_ipv4_cidr_block" { + description = "The IP range in CIDR notation used for the hosted master network" + value = var.master_ipv4_cidr_block +} diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf index 37dd4537b..43b60e22a 100644 --- a/modules/safer-cluster/variables.tf +++ b/modules/safer-cluster/variables.tf @@ -228,7 +228,7 @@ variable "cluster_resource_labels" { variable "master_ipv4_cidr_block" { type = string - description = "(Beta) The IP range in CIDR notation to use for the hosted master network" + description = "The IP range in CIDR notation to use for the hosted master network" default = "10.0.0.0/28" } diff --git a/outputs.tf b/outputs.tf index f5e7b4133..4ba8c1d30 100644 --- a/outputs.tf +++ b/outputs.tf @@ -118,4 +118,3 @@ output "service_account" { description = "The service account to default running nodes as if not overridden in `node_pools`." value = local.service_account } -