From 2f5a2769fada01333b178d0bc9ec1e8192535043 Mon Sep 17 00:00:00 2001 From: Bharath KKB Date: Fri, 25 Aug 2023 15:48:04 -0500 Subject: [PATCH] feat!: support gcs fuse addon (#1722) --- README.md | 1 + autogen/main/cluster.tf.tmpl | 8 ++ autogen/main/main.tf.tmpl | 7 +- autogen/main/variables.tf.tmpl | 6 ++ autogen/main/versions.tf.tmpl | 4 +- cluster.tf | 8 ++ examples/simple_regional/main.tf | 1 + main.tf | 7 +- .../versions.tf | 4 +- .../beta-autopilot-public-cluster/versions.tf | 4 +- .../README.md | 1 + .../cluster.tf | 8 ++ .../main.tf | 7 +- .../variables.tf | 6 ++ .../versions.tf | 4 +- modules/beta-private-cluster/README.md | 1 + modules/beta-private-cluster/cluster.tf | 8 ++ modules/beta-private-cluster/main.tf | 7 +- modules/beta-private-cluster/variables.tf | 6 ++ modules/beta-private-cluster/versions.tf | 4 +- .../README.md | 1 + .../cluster.tf | 8 ++ .../main.tf | 7 +- .../variables.tf | 6 ++ .../versions.tf | 4 +- modules/beta-public-cluster/README.md | 1 + modules/beta-public-cluster/cluster.tf | 8 ++ modules/beta-public-cluster/main.tf | 7 +- modules/beta-public-cluster/variables.tf | 6 ++ modules/beta-public-cluster/versions.tf | 4 +- .../private-cluster-update-variant/README.md | 1 + .../private-cluster-update-variant/cluster.tf | 8 ++ .../private-cluster-update-variant/main.tf | 7 +- .../variables.tf | 6 ++ modules/private-cluster/README.md | 1 + modules/private-cluster/cluster.tf | 8 ++ modules/private-cluster/main.tf | 7 +- modules/private-cluster/variables.tf | 6 ++ .../testdata/TestSimpleRegional.json | 94 +++++++++++-------- variables.tf | 6 ++ 40 files changed, 223 insertions(+), 75 deletions(-) diff --git a/README.md b/README.md index 51275aeff..79513bd60 100644 --- a/README.md +++ b/README.md @@ -163,6 +163,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 3f3f20abb..ea7c68fdf 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -287,6 +287,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 34c71121d..80679d4f7 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -103,9 +103,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] {% endif %} {% if beta_cluster and autopilot_cluster != true %} cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index f720df4b3..a2effe8e0 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -676,6 +676,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + {% endif %} variable "timeouts" { type = map(string) diff --git a/autogen/main/versions.tf.tmpl b/autogen/main/versions.tf.tmpl index 092c18c7f..494d40d45 100644 --- a/autogen/main/versions.tf.tmpl +++ b/autogen/main/versions.tf.tmpl @@ -24,11 +24,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/cluster.tf b/cluster.tf index c14f1f4d2..a7d07d0a7 100644 --- a/cluster.tf +++ b/cluster.tf @@ -202,6 +202,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/examples/simple_regional/main.tf b/examples/simple_regional/main.tf index 3b1f43fdd..33a1fdaf7 100644 --- a/examples/simple_regional/main.tf +++ b/examples/simple_regional/main.tf @@ -40,4 +40,5 @@ module "gke" { service_account = var.compute_engine_service_account enable_cost_allocation = true enable_binary_authorization = var.enable_binary_authorization + gcs_fuse_csi_driver = true } diff --git a/main.tf b/main.tf index 48423740e..e307ff82a 100644 --- a/main.tf +++ b/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-autopilot-private-cluster/versions.tf b/modules/beta-autopilot-private-cluster/versions.tf index cba97d154..7125c7b74 100644 --- a/modules/beta-autopilot-private-cluster/versions.tf +++ b/modules/beta-autopilot-private-cluster/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-autopilot-public-cluster/versions.tf b/modules/beta-autopilot-public-cluster/versions.tf index a830f165c..cb0a26bc6 100644 --- a/modules/beta-autopilot-public-cluster/versions.tf +++ b/modules/beta-autopilot-public-cluster/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index f674977c3..6b3283c00 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -207,6 +207,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index ec6c79a43..8e5613585 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -234,6 +234,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 04b388e8a..6f0139cfb 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 5e1607978..5daeb3daa 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -640,6 +640,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/beta-private-cluster-update-variant/versions.tf b/modules/beta-private-cluster-update-variant/versions.tf index 34b56ac68..090b35301 100644 --- a/modules/beta-private-cluster-update-variant/versions.tf +++ b/modules/beta-private-cluster-update-variant/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index b1897ba5d..da568a971 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -185,6 +185,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 8472c4a57..2a61b84bc 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -234,6 +234,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 04b388e8a..6f0139cfb 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 5e1607978..5daeb3daa 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -640,6 +640,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf index 0e41e4f16..736e1f16b 100644 --- a/modules/beta-private-cluster/versions.tf +++ b/modules/beta-private-cluster/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index c49044213..6ac0ba92f 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -198,6 +198,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 3068099d2..86742e65c 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -234,6 +234,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index e403ad7dc..febe76581 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 9e1a8448b..2b900e4f9 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -610,6 +610,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/beta-public-cluster-update-variant/versions.tf b/modules/beta-public-cluster-update-variant/versions.tf index 0dcfcda12..214a5841b 100644 --- a/modules/beta-public-cluster-update-variant/versions.tf +++ b/modules/beta-public-cluster-update-variant/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 8d38b524a..f325ea56a 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -176,6 +176,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 27a714fdc..69f984259 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -234,6 +234,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index e403ad7dc..febe76581 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 9e1a8448b..2b900e4f9 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -610,6 +610,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf index 3075b4c3c..39299bb4d 100644 --- a/modules/beta-public-cluster/versions.tf +++ b/modules/beta-public-cluster/versions.tf @@ -21,11 +21,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.51.0, < 5.0, !=4.65.0, !=4.65.1" + version = ">= 4.76.0, < 5.0, !=4.65.0, !=4.65.1" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index ee133e5ee..596cc827b 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -194,6 +194,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index f57916fba..8f75d404a 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -202,6 +202,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index af7062a2a..6d4b06f7d 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 227d53f7d..ca215e309 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -611,6 +611,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index c4923f0ff..c4b7c59ba 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -172,6 +172,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no | | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index cc33e59b2..a621347dc 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -202,6 +202,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gcs_fuse_csi_driver_config" { + for_each = local.gcs_fuse_csi_driver_config + + content { + enabled = gcs_fuse_csi_driver_config.value.enabled + } + } + config_connector_config { enabled = var.config_connector } diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index af7062a2a..6d4b06f7d 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -88,9 +88,10 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] + gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 227d53f7d..ca215e309 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -611,6 +611,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/test/integration/simple_regional/testdata/TestSimpleRegional.json b/test/integration/simple_regional/testdata/TestSimpleRegional.json index f39aca4e1..31d14b418 100644 --- a/test/integration/simple_regional/testdata/TestSimpleRegional.json +++ b/test/integration/simple_regional/testdata/TestSimpleRegional.json @@ -6,6 +6,9 @@ "enabled": true }, "gcpFilestoreCsiDriverConfig": {}, + "gcsFuseCsiDriverConfig": { + "enabled": true + }, "gkeBackupAgentConfig": {}, "horizontalPodAutoscaling": {}, "httpLoadBalancing": {}, @@ -27,35 +30,37 @@ "costManagementConfig": { "enabled": true }, - "createTime": "2023-01-12T04:59:06+00:00", - "currentMasterVersion": "1.25.4-gke.2100", + "createTime": "2023-08-25T16:39:57+00:00", + "currentMasterVersion": "1.27.3-gke.100", "currentNodeCount": 3, - "currentNodeVersion": "1.25.4-gke.2100", + "currentNodeVersion": "1.27.3-gke.100", "databaseEncryption": { "state": "DECRYPTED" }, "defaultMaxPodsConstraint": { "maxPodsPerNode": "110" }, - "endpoint": "35.226.100.112", - "etag": "ae242170-5148-4c6f-a649-592e540337d4", - "id": "c916e72d2f4c47b88a07514cba092a5414edcdcbafc648ad9921d0513c7a7c84", - "initialClusterVersion": "1.25.4-gke.2100", + "endpoint": "35.238.117.51", + "etag": "a214a2ff-16ea-4e65-8c01-43e7a6cece82", + "id": "8e4011253bcb4fbc943f88ae797f124f0f001ed95cc94b229231d68b8a44e20b", + "initialClusterVersion": "1.27.3-gke.100", "instanceGroupUrls": [ - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional-clus-default-pool-9c052bb2-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional-clus-default-pool-daba78bc-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional-clus-default-pool-16a6ddb1-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional--default-node-poo-5496474f-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional--default-node-poo-acd77da1-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional--default-node-poo-eabd6db0-grp" + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional-clus-default-pool-209983a6-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional-clus-default-pool-6094c28c-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional-clus-default-pool-a9225012-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional--default-node-poo-8fb4fd0f-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional--default-node-poo-24ffed9f-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional--default-node-poo-1d2dc357-grp" ], "ipAllocationPolicy": { "clusterIpv4Cidr": "192.168.0.0/18", "clusterIpv4CidrBlock": "192.168.0.0/18", - "clusterSecondaryRangeName": "cft-gke-test-pods-he07", + "clusterSecondaryRangeName": "cft-gke-test-pods-44kc", + "defaultPodIpv4RangeUtilization": 0.0469, + "podCidrOverprovisionConfig": {}, "servicesIpv4Cidr": "192.168.64.0/18", "servicesIpv4CidrBlock": "192.168.64.0/18", - "servicesSecondaryRangeName": "cft-gke-test-services-he07", + "servicesSecondaryRangeName": "cft-gke-test-services-44kc", "stackType": "IPV4", "useIpAliases": true }, @@ -86,26 +91,32 @@ } }, "masterAuth": { - "clusterCaCertificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMVENDQXBXZ0F3SUJBZ0lSQU9hSWNZb2ptSXR0R2N3VlJac1NRZ2d3RFFZSktvWklodmNOQVFFTEJRQXcKTHpFdE1Dc0dBMVVFQXhNa00yVXhaR0l6T1RBdE1XSTVOaTAwTkRKbExUZ3haVEl0TUdFeFkySmtaR1ExT1RCagpNQ0FYRFRJek1ERXhNakF6TlRrd05sb1lEekl3TlRNd01UQTBNRFExT1RBMldqQXZNUzB3S3dZRFZRUURFeVF6ClpURmtZak01TUMweFlqazJMVFEwTW1VdE9ERmxNaTB3WVRGalltUmtaRFU1TUdNd2dnR2lNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCandBd2dnR0tBb0lCZ1FEWW1rd3RyNHNTL2tpdEVITERaQkdEakdEU1JTQmQ3L0dCMndhUQpxVkd2ckNPSXBURjdhZmYyYW9yL2t2WStHRnhCV1BtL0JBZlo2RUtocG5iaDlpelZhc2xxRURyc1Y0YW9VMW1mClAxbHl5Ty84cGR5ZHJuY2tGeVJmMERsNWR4RFEvY0hlRFJqdjUrNXl0d3g3V0pVU21ERXNyVytRQXNCQllGSEwKNDlCUkVIT3c2cEF2VERJcTRlcVFyaWdKRWVtMlp0SzRsYWZqNXRSZG5TU2dUT1lQa25VUVgwZkcxS0xCcVJ2bQpuR0RqRWQxbGpQdlNZRStDTUZnNHpGdmVoVC80R1ZIdUxYdmtiMnZYVkFzckpPOWl0eFJRNURSb0tmS05DS1cxCnYxYWpKQ1pJOUVKKy9Mc3JvbGZoMTB1Zm5iN2tkN2djOHoxQU5TQnBBYzZ5WEJQeEJiK0g5VDhGZHo5enp2WEoKYURBdnh1dTZTYkJVaVVTTFJINUVIdjIwTVhIUWU5VVI0RXVkSmNTVHhheTRwMm5CZzFGcDJrNEY3bkVYWkZWdwpTSUpRcDhkUXpFc281eS81ZDI2dG1OL1dqNG5oRGJDRUdzM0dIVmY0SU9RSEpkNW9NNVBsWEtYZUhZcW5QWlJMCm5NS25Cem9neDdzbUd5ZUFqeW1VMWdhQldsa0NBd0VBQWFOQ01FQXdEZ1lEVlIwUEFRSC9CQVFEQWdJRU1BOEcKQTFVZEV3RUIvd1FGTUFNQkFmOHdIUVlEVlIwT0JCWUVGUEgxYzVsUCtkR1lQK0FPTEFjUlhTbHpBQ2k2TUEwRwpDU3FHU0liM0RRRUJDd1VBQTRJQmdRQ2JYVTRKTENRdDllYlVqbEVCZE1QOTFyQmxsQktjSExSU0VPdWVrNTQ1ClhIeWs2RUdidGtDTWd2cEV6Z1lRS2taZ05ZbHlwbU9RdFdqTkJpWHpHb0tiUlFZNjNhR0RBZzlQbE85S3VDa2wKajZHR1hkM09GMFluRUZhYVVNcHNyYzdhS3NYSVpKYnoyT000bjUyaVJEYnZtOHN1aytNcmFxdDhYWnBFRGZhNwpndGlIRVNrbi94WHFhenRrdzc4enFydFdjRjNzTjljQXV5MEs5QzA4TGxnMCs4TzIyVEl4WmJEOE45czAvRjgzCm9KejVnUEZ1Nlc5eENibS93MGJWK0dDMFBGMkZhaTB6dDg0bXZISFNiNlhRS0RxaTllZGcwdFNWMGVLMG8ySi8KK0VuMmx2MXhjM3NFQnMvM3NJZHJVU3ppdEkwRk52aE00aS8xZzRmV2YrUEVqeGRsOENtNjF4MlpzV2hBZExwaQpvK0dhdDE0T0hqMXFrWUlHWG8yQnZLWWQvcXE5VUFZTXF6amdIcTNxanhpMWVtTjBTa1ZsN2xkeXFoU3JhS2IzCkZPc2lNU3poODB6WFFpRzM2SXp5K0hGdjV4TWNyQWpuM2RpZmtHejVmQzNuUXd4QnZkdEF0YU9pTHFjTU1QY1QKaEI3T0I0cExpcGZNa0JvQVY1YlZ5cUE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + "clusterCaCertificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMRENDQXBTZ0F3SUJBZ0lRQ0J5aEs4ZEtSMTNBeGIrTkxTM1FSREFOQmdrcWhraUc5dzBCQVFzRkFEQXYKTVMwd0t3WURWUVFERXlReE56VTNaR1l4WkMwMFpUY3dMVFF5TVdZdE9XWmpPUzB4TVRZelpXRXdNbUpsWmpRdwpJQmNOTWpNd09ESTFNVFV6T1RVM1doZ1BNakExTXpBNE1UY3hOak01TlRkYU1DOHhMVEFyQmdOVkJBTVRKREUzCk5UZGtaakZrTFRSbE56QXROREl4WmkwNVptTTVMVEV4TmpObFlUQXlZbVZtTkRDQ0FhSXdEUVlKS29aSWh2Y04KQVFFQkJRQURnZ0dQQURDQ0FZb0NnZ0dCQUtDYW1KRWwvT04rUUxIWGh0dVVaVVQ5VHFYMnNoeTZtL2lvQ3d0dgp1TG9LVTYzQzRvS0N1ajQzbXRYMVFTaUFRLzloNHVqV0xucW9PUzdpd2FrWnZHMHpBdjJrZmNuVUtXQnM5MTJRCm40K05pcU1EVWRyd1Fab0NwMTl2MDhGOFBSTTZCWFVIRUNnQUtvanhSeVpyTzkrZDVESndXNFRHUzhJWVNleTUKR2xnUkFyQk5LMXBzb09ZMHhaZGpxTUxDNnpkTEMyT01PaVhOcXVMUGNkUFk0aHFGSDZ0cXFOY09kTllNaWVBUwpwNGM3YS83WFA1cnF0M1NiSlhYbkZmVFFmL1dablJiUWh1SDRxRmpUUUVrdEdieW9rT0tEQ09QS0lGNEVwc1czCmR5M2ZVNkhDaWR2V2JCSHEvV21JVWpRWmxlSE5UWkZack5HVC9tcmF2R0RsWjZFaHkvY2psam5DZi90NXduK1AKb1BOZUVjaWxkZDhmNWpqQTc4TW1ValNiV3Z0c01xY2VKTEQ3eUx4RUhGNEZnOXJ1c2wyZU9SZDBQSFkzYmFOZAp4SUlVcVF0M3JORmc4Q0NoSnA0N2w1T3YzTHQzWTI5SjVTRHo2dkM4c3psUkl3NE1TNVQ0OGQ0T200T0VrcVRuCkFmWGw2TjFETzVGRjJKOHZCeHA4Q2Q3NEd3SURBUUFCbzBJd1FEQU9CZ05WSFE4QkFmOEVCQU1DQWdRd0R3WUQKVlIwVEFRSC9CQVV3QXdFQi96QWRCZ05WSFE0RUZnUVVaa1FWVXdBcmZLZEpBSWZzUFBSdmFraktabll3RFFZSgpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFIenEvaWxoekNMeEJuYkp2c2lsdkthTXRpbXRxSjNqTFh5NkdvYW56U3F0ClY1STZFZ01Jd3Zubml4ZVhOb0lrQnhJbDlGcUVmV1g0eHFGLytQb1JoU1dMZHkyZUk1d1I4WkJzaU9lcDA0ZTgKdW80Nk1tdU93alZkM2pOZExOdW1ZRlRqVzR3TStKUytPNUQ0SUo3YXpPVVF1K2gvd2ViQ1pXSjkxbUcxcUtnRQo4WVM3d3pKYlJiU0lQL2tMdWN6aGM4V2dnL1Z2czBldklaNFY2SHRFeFo1UmFjZ3lMcGhvKzNBQlFjakwvVDFWCjRLQ08zUFAyMmo5ZkRLUXNYdEppMHNmV3lMSmwybERwb1ZHMGJGZ2l1MFJxY05XM2dDTTNZYWs3dVRpelozOWYKU3I1NHU0SzBMQVdXbnRqc0NBR0RkajNFYmw0eFVGWWo5SG1zVURKNm5ncFdmejBHeHJQL29rUm5WV05MZjRJMwpuRlYzb0o4S0ZQRjVhUmQwYXNKZnc2a3VpZTNwZytYanlVRlp5ek51a1ZqcUFXdWFVV1lPUjg5Mnd3T0tnNFUrCnJQTUU3RzhqRFBjNWt0MVZ4dktQY0NOckkxdjgralBTSktDYnhCWFU2bXdRSFRnUGVzVWJuUDkrd1FobWpkdHkKME1JOFlpOWltdWtmTy9JMHpSRkJDdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" }, "masterAuthorizedNetworksConfig": { "gcpPublicCidrsAccessEnabled": true }, "monitoringConfig": { + "advancedDatapathObservabilityConfig": { + "relayMode": "DISABLED" + }, "componentConfig": { "enableComponents": [ "SYSTEM_COMPONENTS" ] + }, + "managedPrometheusConfig": { + "enabled": true } }, "monitoringService": "monitoring.googleapis.com/kubernetes", "name": "CLUSTER_NAME", - "network": "cft-gke-test-he07", + "network": "cft-gke-test-44kc", "networkConfig": { "defaultSnatStatus": {}, - "network": "projects/PROJECT_ID/global/networks/cft-gke-test-he07", + "network": "projects/PROJECT_ID/global/networks/cft-gke-test-44kc", "serviceExternalIpsConfig": {}, - "subnetwork": "projects/PROJECT_ID/regions/us-central1/subnetworks/cft-gke-test-he07" + "subnetwork": "projects/PROJECT_ID/regions/us-central1/subnetworks/cft-gke-test-44kc" }, "nodeConfig": { "diskSizeGb": 100, @@ -124,7 +135,7 @@ "https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/cloud-platform" ], - "serviceAccount": "SERVICE_ACCOUNT", + "serviceAccount": "gke-sa-int-test-p1-e155@PROJECT_ID.iam.gserviceaccount.com", "shieldedInstanceConfig": { "enableIntegrityMonitoring": true }, @@ -166,7 +177,7 @@ "https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/cloud-platform" ], - "serviceAccount": "SERVICE_ACCOUNT", + "serviceAccount": "gke-sa-int-test-p1-e155@PROJECT_ID.iam.gserviceaccount.com", "shieldedInstanceConfig": { "enableIntegrityMonitoring": true }, @@ -179,11 +190,11 @@ "mode": "GKE_METADATA" } }, - "etag": "1f6c7e1b-edb7-4bab-b19b-fc7156d1f83e", + "etag": "3bb00743-9dbf-4e92-9512-1e64fb8f1b8a", "instanceGroupUrls": [ - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional-clus-default-pool-9c052bb2-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional-clus-default-pool-daba78bc-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional-clus-default-pool-16a6ddb1-grp" + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional-clus-default-pool-209983a6-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional-clus-default-pool-6094c28c-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional-clus-default-pool-a9225012-grp" ], "locations": [ "us-central1-a", @@ -201,7 +212,8 @@ "networkConfig": { "enablePrivateNodes": false, "podIpv4CidrBlock": "192.168.0.0/18", - "podRange": "cft-gke-test-pods-he07" + "podIpv4RangeUtilization": 0.0469, + "podRange": "cft-gke-test-pods-44kc" }, "podIpv4CidrSize": 24, "selfLink": "https://container.googleapis.com/v1/projects/PROJECT_ID/locations/us-central1/clusters/CLUSTER_NAME/nodePools/default-pool", @@ -210,7 +222,7 @@ "maxSurge": 1, "strategy": "SURGE" }, - "version": "1.25.4-gke.2100" + "version": "1.27.3-gke.100" }, { "autoscaling": { @@ -241,7 +253,7 @@ "oauthScopes": [ "https://www.googleapis.com/auth/cloud-platform" ], - "serviceAccount": "SERVICE_ACCOUNT", + "serviceAccount": "gke-sa-int-test-p1-e155@PROJECT_ID.iam.gserviceaccount.com", "shieldedInstanceConfig": { "enableIntegrityMonitoring": true }, @@ -254,12 +266,12 @@ "mode": "GKE_METADATA" } }, - "etag": "ce97aa50-d1d2-44a7-a150-fd00360a3275", + "etag": "c1cb03bd-8b4e-4a06-9c4e-213b87aa86a3", "initialNodeCount": 1, "instanceGroupUrls": [ - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional--default-node-poo-5496474f-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional--default-node-poo-acd77da1-grp", - "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional--default-node-poo-eabd6db0-grp" + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-a/instanceGroupManagers/gke-simple-regional--default-node-poo-8fb4fd0f-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-c/instanceGroupManagers/gke-simple-regional--default-node-poo-24ffed9f-grp", + "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/us-central1-f/instanceGroupManagers/gke-simple-regional--default-node-poo-1d2dc357-grp" ], "locations": [ "us-central1-a", @@ -277,7 +289,8 @@ "networkConfig": { "enablePrivateNodes": false, "podIpv4CidrBlock": "192.168.0.0/18", - "podRange": "cft-gke-test-pods-he07" + "podIpv4RangeUtilization": 0.0469, + "podRange": "cft-gke-test-pods-44kc" }, "podIpv4CidrSize": 24, "selfLink": "https://container.googleapis.com/v1/projects/PROJECT_ID/locations/us-central1/clusters/CLUSTER_NAME/nodePools/default-node-pool", @@ -286,7 +299,7 @@ "maxSurge": 1, "strategy": "SURGE" }, - "version": "1.25.4-gke.2100" + "version": "1.27.3-gke.100" } ], "notificationConfig": { @@ -294,7 +307,14 @@ }, "privateClusterConfig": { "privateEndpoint": "10.0.0.2", - "publicEndpoint": "35.226.100.112" + "publicEndpoint": "35.238.117.51" + }, + "releaseChannel": { + "channel": "REGULAR" + }, + "securityPostureConfig": { + "mode": "BASIC", + "vulnerabilityMode": "VULNERABILITY_MODE_UNSPECIFIED" }, "selfLink": "https://container.googleapis.com/v1/projects/PROJECT_ID/locations/us-central1/clusters/CLUSTER_NAME", "servicesIpv4Cidr": "192.168.64.0/18", @@ -302,10 +322,10 @@ "enabled": true }, "status": "RUNNING", - "subnetwork": "cft-gke-test-he07", + "subnetwork": "cft-gke-test-44kc", "verticalPodAutoscaling": {}, "workloadIdentityConfig": { "workloadPool": "PROJECT_ID.svc.id.goog" }, "zone": "us-central1" -} +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index b25846e0a..f1be61ecb 100644 --- a/variables.tf +++ b/variables.tf @@ -581,6 +581,12 @@ variable "gke_backup_agent_config" { default = false } +variable "gcs_fuse_csi_driver" { + type = bool + description = "Whether GCE FUSE CSI driver is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations."