Skip to content

Commit

Permalink
feat: cloud dns support for safer clusters (#1384)
Browse files Browse the repository at this point in the history
  • Loading branch information
@feliperfmarques
feliperfmarques committed Sep 6, 2022
1 parent b9287de commit 4e817be
Show file tree
Hide file tree
Showing 8 changed files with 78 additions and 0 deletions.
6 changes: 6 additions & 0 deletions autogen/safer-cluster/main.tf.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,12 @@ module "gke" {

dns_cache = var.dns_cache

cluster_dns_provider = var.cluster_dns_provider

cluster_dns_scope = var.cluster_dns_scope

cluster_dns_domain = var.cluster_dns_domain

config_connector = var.config_connector

default_max_pods_per_node = var.default_max_pods_per_node
Expand Down
18 changes: 18 additions & 0 deletions autogen/safer-cluster/variables.tf.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,24 @@ variable "dns_cache" {
default = false
}

variable "cluster_dns_provider" {
type = string
description = "Which in-cluster DNS provider should be used. PROVIDER_UNSPECIFIED (default) or PLATFORM_DEFAULT or CLOUD_DNS."
default = "PROVIDER_UNSPECIFIED"
}

variable "cluster_dns_scope" {
type = string
description = "The scope of access to cluster DNS records. DNS_SCOPE_UNSPECIFIED (default) or CLUSTER_SCOPE or VPC_SCOPE. "
default = "DNS_SCOPE_UNSPECIFIED"
}

variable "cluster_dns_domain" {
type = string
description = "The suffix used for all cluster service records."
default = ""
}

variable "default_max_pods_per_node" {
description = "The maximum number of pods to schedule per node"
default = 110
Expand Down
3 changes: 3 additions & 0 deletions modules/safer-cluster-update-variant/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,9 @@ For simplicity, we suggest using `roles/container.admin` and
| add\_cluster\_firewall\_rules | Create additional firewall rules | `bool` | `false` | no |
| authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no |
| cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no |
| cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no |
| cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no |
| cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no |
| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no |
| compute\_engine\_service\_account | Use the given service account for nodes rather than creating a new dedicated service account. | `string` | `""` | no |
| config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no |
Expand Down
6 changes: 6 additions & 0 deletions modules/safer-cluster-update-variant/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,12 @@ module "gke" {

dns_cache = var.dns_cache

cluster_dns_provider = var.cluster_dns_provider

cluster_dns_scope = var.cluster_dns_scope

cluster_dns_domain = var.cluster_dns_domain

config_connector = var.config_connector

default_max_pods_per_node = var.default_max_pods_per_node
Expand Down
18 changes: 18 additions & 0 deletions modules/safer-cluster-update-variant/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,24 @@ variable "dns_cache" {
default = false
}

variable "cluster_dns_provider" {
type = string
description = "Which in-cluster DNS provider should be used. PROVIDER_UNSPECIFIED (default) or PLATFORM_DEFAULT or CLOUD_DNS."
default = "PROVIDER_UNSPECIFIED"
}

variable "cluster_dns_scope" {
type = string
description = "The scope of access to cluster DNS records. DNS_SCOPE_UNSPECIFIED (default) or CLUSTER_SCOPE or VPC_SCOPE. "
default = "DNS_SCOPE_UNSPECIFIED"
}

variable "cluster_dns_domain" {
type = string
description = "The suffix used for all cluster service records."
default = ""
}

variable "default_max_pods_per_node" {
description = "The maximum number of pods to schedule per node"
default = 110
Expand Down
3 changes: 3 additions & 0 deletions modules/safer-cluster/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,9 @@ For simplicity, we suggest using `roles/container.admin` and
| add\_cluster\_firewall\_rules | Create additional firewall rules | `bool` | `false` | no |
| authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no |
| cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no |
| cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no |
| cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no |
| cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no |
| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no |
| compute\_engine\_service\_account | Use the given service account for nodes rather than creating a new dedicated service account. | `string` | `""` | no |
| config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no |
Expand Down
6 changes: 6 additions & 0 deletions modules/safer-cluster/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,12 @@ module "gke" {

dns_cache = var.dns_cache

cluster_dns_provider = var.cluster_dns_provider

cluster_dns_scope = var.cluster_dns_scope

cluster_dns_domain = var.cluster_dns_domain

config_connector = var.config_connector

default_max_pods_per_node = var.default_max_pods_per_node
Expand Down
18 changes: 18 additions & 0 deletions modules/safer-cluster/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,24 @@ variable "dns_cache" {
default = false
}

variable "cluster_dns_provider" {
type = string
description = "Which in-cluster DNS provider should be used. PROVIDER_UNSPECIFIED (default) or PLATFORM_DEFAULT or CLOUD_DNS."
default = "PROVIDER_UNSPECIFIED"
}

variable "cluster_dns_scope" {
type = string
description = "The scope of access to cluster DNS records. DNS_SCOPE_UNSPECIFIED (default) or CLUSTER_SCOPE or VPC_SCOPE. "
default = "DNS_SCOPE_UNSPECIFIED"
}

variable "cluster_dns_domain" {
type = string
description = "The suffix used for all cluster service records."
default = ""
}

variable "default_max_pods_per_node" {
description = "The maximum number of pods to schedule per node"
default = 110
Expand Down

0 comments on commit 4e817be

Please sign in to comment.