Added support for resource usage export config

* Based on PR #230 * Add support for beta feature resource_usage_export_config (Fixes #232) * Fixed `google-beta` provider version
terraform-google-modules · Aug 21, 2019 · c578738 · c578738
1 parent 8a6c0e8
commit c578738
Show file tree

Hide file tree

Showing 32 changed files with 90 additions and 70 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ Extending the adopted spec, each change should have a link to its corresponding
 ## [Unreleased]
 ### Added
 
+* Added support for resource usage export config [#238]
 * Support for Intranode Visbiility (IV) and Veritical Pod Autoscaling (VPA) beta features [#216]
 * **Breaking**: Support for Workload Identity beta feature [#234]
 
@@ -168,6 +169,7 @@ Extending the adopted spec, each change should have a link to its corresponding
 [v0.3.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.2.0...v0.3.0
 [v0.2.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.1.0...v0.2.0
 
+[#238]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/238
 [#216]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/216
 [#214]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/214
 [#210]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/210

diff --git a/autogen/cluster.tf b/autogen/cluster.tf
@@ -67,11 +67,11 @@ resource "google_container_cluster" "primary" {
     }
   }
   dynamic "resource_usage_export_config" {
-    for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : []
+    for_each = var.resource_usage_export_dataset_id != "" || var.resource_usage_export_network_egress_metering ? [var.resource_usage_export_network_egress_metering] : []
     content {
-      enable_network_egress_metering = true
+      enable_network_egress_metering = resource_usage_export_network_egress_metering.value
       bigquery_destination {
-        dataset_id = resource_usage_export_dataset_id.value
+        dataset_id = var.resource_usage_export_dataset_id
       }
     }
   }

diff --git a/autogen/main.tf b/autogen/main.tf
@@ -98,10 +98,10 @@ locals {
 
 {% if beta_cluster %}
   # BETA features
-  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true"
-  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false"
+  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config.0.disabled
+  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config.0.enabled
   cluster_output_intranode_visbility_enabled      = google_container_cluster.primary.enable_intranode_visibility
-  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false"
+  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled
 
   # /BETA features
   {% endif %}

diff --git a/autogen/variables.tf b/autogen/variables.tf
@@ -361,10 +361,17 @@ variable "pod_security_policy_config" {
 }
 
 variable "resource_usage_export_dataset_id" {
-  description = "The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic."
+  type        = string
+  description = "The dataset id of network egress metering for this cluster."
   default     = ""
 }
 
+variable "resource_usage_export_network_egress_metering" {
+  type        = bool
+  description = "Enable/disable network egress metering for this cluster."
+  default     = false
+}
+
 variable "node_metadata" {
   description = "Specifies how node metadata is exposed to the workload running on the node"
   default     = "UNSPECIFIED"

diff --git a/autogen/versions.tf b/autogen/versions.tf
@@ -16,4 +16,8 @@
 
 terraform {
   required_version = ">= 0.12"
+  required_providers {
+    google-beta = "~> 2.12.0"
+    google      = "~> 2.9.0"
+  }
 }
diff --git a/examples/deploy_service/main.tf b/examples/deploy_service/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "kubernetes" {

diff --git a/examples/disable_client_cert/main.tf b/examples/disable_client_cert/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/node_pool/main.tf b/examples/node_pool/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/shared_vpc/main.tf b/examples/shared_vpc/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/simple_regional/main.tf b/examples/simple_regional/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/simple_regional_beta/main.tf b/examples/simple_regional_beta/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version     = "~> 2.9.0"
   credentials = file(var.credentials_path)
   region      = var.region
 }
 
 provider "google-beta" {
-  version     = "~> 2.9.0"
   credentials = file(var.credentials_path)
   region      = var.region
 }

diff --git a/examples/simple_regional_private/main.tf b/examples/simple_regional_private/main.tf
@@ -19,8 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 data "google_compute_subnetwork" "subnetwork" {

diff --git a/examples/simple_regional_private_beta/main.tf b/examples/simple_regional_private_beta/main.tf
@@ -19,7 +19,6 @@ locals {
 }
 
 provider "google-beta" {
-  version     = "~> 2.9.0"
   credentials = file(var.credentials_path)
   region      = var.region
 }

diff --git a/examples/simple_zonal/main.tf b/examples/simple_zonal/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/simple_zonal_private/main.tf b/examples/simple_zonal_private/main.tf
@@ -19,8 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 data "google_compute_subnetwork" "subnetwork" {

diff --git a/examples/stub_domains/main.tf b/examples/stub_domains/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/stub_domains_private/main.tf b/examples/stub_domains_private/main.tf
@@ -15,8 +15,7 @@
  */
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "random" {

diff --git a/examples/stub_domains_upstream_nameservers/main.tf b/examples/stub_domains_upstream_nameservers/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/upstream_nameservers/main.tf b/examples/upstream_nameservers/main.tf
@@ -19,13 +19,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 module "gke" {

diff --git a/examples/workload_metadata_config/main.tf b/examples/workload_metadata_config/main.tf
@@ -19,8 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 2.9.0"
-  region  = var.region
+  region = var.region
 }
 
 data "google_compute_subnetwork" "subnetwork" {

diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md
@@ -189,7 +189,8 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
 | region | The region to host the cluster in (required) | string | n/a | yes |
 | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | bool | `"true"` | no |
 | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | bool | `"false"` | no |
-| resource\_usage\_export\_dataset\_id | The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic. | string | `""` | no |
+| resource\_usage\_export\_dataset\_id | The dataset id of network egress metering for this cluster. | string | `""` | no |
+| resource\_usage\_export\_network\_egress\_metering | Enable/disable network egress metering for this cluster. | bool | `"false"` | no |
 | service\_account | The service account to run nodes as if not overridden in `node_pools`. The create_service_account variable default value (true) will cause a cluster-specific service account to be created. | string | `""` | no |
 | stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | map(list(string)) | `<map>` | no |
 | subnetwork | The subnetwork to host the cluster in (required) | string | n/a | yes |

diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf
@@ -62,11 +62,11 @@ resource "google_container_cluster" "primary" {
     }
   }
   dynamic "resource_usage_export_config" {
-    for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : []
+    for_each = var.resource_usage_export_dataset_id != "" || var.resource_usage_export_network_egress_metering ? [var.resource_usage_export_network_egress_metering] : []
     content {
-      enable_network_egress_metering = true
+      enable_network_egress_metering = resource_usage_export_network_egress_metering.value
       bigquery_destination {
-        dataset_id = resource_usage_export_dataset_id.value
+        dataset_id = var.resource_usage_export_dataset_id
       }
     }
   }

diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf
@@ -87,10 +87,10 @@ locals {
   cluster_output_kubernetes_dashboard_enabled       = google_container_cluster.primary.addons_config.0.kubernetes_dashboard.0.disabled
 
   # BETA features
-  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true"
-  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false"
+  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config.0.disabled
+  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config.0.enabled
   cluster_output_intranode_visbility_enabled      = google_container_cluster.primary.enable_intranode_visibility
-  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false"
+  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled
 
   # /BETA features
 

diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf
@@ -358,10 +358,17 @@ variable "pod_security_policy_config" {
 }
 
 variable "resource_usage_export_dataset_id" {
-  description = "The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic."
+  type        = string
+  description = "The dataset id of network egress metering for this cluster."
   default     = ""
 }
 
+variable "resource_usage_export_network_egress_metering" {
+  type        = bool
+  description = "Enable/disable network egress metering for this cluster."
+  default     = false
+}
+
 variable "node_metadata" {
   description = "Specifies how node metadata is exposed to the workload running on the node"
   default     = "UNSPECIFIED"

diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf
@@ -16,4 +16,8 @@
 
 terraform {
   required_version = ">= 0.12"
+  required_providers {
+    google-beta = "~> 2.12.0"
+    google      = "~> 2.9.0"
+  }
 }
diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md
@@ -180,7 +180,8 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
 | region | The region to host the cluster in (required) | string | n/a | yes |
 | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | bool | `"true"` | no |
 | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | bool | `"false"` | no |
-| resource\_usage\_export\_dataset\_id | The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic. | string | `""` | no |
+| resource\_usage\_export\_dataset\_id | The dataset id of network egress metering for this cluster. | string | `""` | no |
+| resource\_usage\_export\_network\_egress\_metering | Enable/disable network egress metering for this cluster. | bool | `"false"` | no |
 | service\_account | The service account to run nodes as if not overridden in `node_pools`. The create_service_account variable default value (true) will cause a cluster-specific service account to be created. | string | `""` | no |
 | stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | map(list(string)) | `<map>` | no |
 | subnetwork | The subnetwork to host the cluster in (required) | string | n/a | yes |

diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf
@@ -62,11 +62,11 @@ resource "google_container_cluster" "primary" {
     }
   }
   dynamic "resource_usage_export_config" {
-    for_each = var.resource_usage_export_dataset_id != "" ? [var.resource_usage_export_dataset_id] : []
+    for_each = var.resource_usage_export_dataset_id != "" || var.resource_usage_export_network_egress_metering ? [var.resource_usage_export_network_egress_metering] : []
     content {
-      enable_network_egress_metering = true
+      enable_network_egress_metering = resource_usage_export_network_egress_metering.value
       bigquery_destination {
-        dataset_id = resource_usage_export_dataset_id.value
+        dataset_id = var.resource_usage_export_dataset_id
       }
     }
   }

diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf
@@ -87,10 +87,10 @@ locals {
   cluster_output_kubernetes_dashboard_enabled       = google_container_cluster.primary.addons_config.0.kubernetes_dashboard.0.disabled
 
   # BETA features
-  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config != null ? google_container_cluster.primary.addons_config.0.istio_config.0.disabled : "true"
-  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config != null ? google_container_cluster.primary.pod_security_policy_config.0.enabled : "false"
+  cluster_output_istio_enabled                    = google_container_cluster.primary.addons_config.0.istio_config.0.disabled
+  cluster_output_pod_security_policy_enabled      = google_container_cluster.primary.pod_security_policy_config.0.enabled
   cluster_output_intranode_visbility_enabled      = google_container_cluster.primary.enable_intranode_visibility
-  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null ? google_container_cluster.primary.vertical_pod_autoscaling.0.enabled : "false"
+  cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling.0.enabled
 
   # /BETA features