Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: GKE autopilot support #1148

Merged
merged 34 commits into from
Mar 2, 2022
Merged

feat: GKE autopilot support #1148

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
b32deab
adding auto-pilot support
cmcga1125 Mar 16, 2021
7d8bdb4
fixes
jmymy Feb 10, 2022
901806b
add kitchen tests
jmymy Feb 10, 2022
44125b5
Update main.tf
jmymy Feb 15, 2022
930ad85
fix: add back in
jmymy Feb 15, 2022
6e58e6b
Update examples/simple_autopilot_private/README.md
jmymy Feb 18, 2022
4ea8909
Update examples/simple_autopilot_private/README.md
jmymy Feb 18, 2022
6c4f77f
Update modules/beta-autopilot-public-cluster/versions.tf
jmymy Feb 18, 2022
114d2ff
Update examples/simple_autopilot_private/main.tf
jmymy Feb 18, 2022
07af3cb
update dates and remove Vars
jmymy Feb 23, 2022
d05d5f6
fixes
jmymy Feb 23, 2022
34f0515
i hate symlinks
jmymy Feb 23, 2022
3476c4b
add vars and outputs
jmymy Feb 23, 2022
448462a
docs generation
jmymy Feb 23, 2022
e1507be
add random string to subnet names
jmymy Feb 23, 2022
c6506b1
Update main.tf
jmymy Feb 24, 2022
0f37dba
adding auto-pilot support
cmcga1125 Mar 16, 2021
0075168
fixes
jmymy Feb 10, 2022
b421b38
add kitchen tests
jmymy Feb 10, 2022
649179f
Update main.tf
jmymy Feb 15, 2022
0817ddd
fix: add back in
jmymy Feb 15, 2022
3807734
Update examples/simple_autopilot_private/README.md
jmymy Feb 18, 2022
e2037c8
Update examples/simple_autopilot_private/README.md
jmymy Feb 18, 2022
d2a5c3d
Update modules/beta-autopilot-public-cluster/versions.tf
jmymy Feb 18, 2022
b3e0b90
Update examples/simple_autopilot_private/main.tf
jmymy Feb 18, 2022
fa22aa0
update dates and remove Vars
jmymy Feb 23, 2022
9996353
fixes
jmymy Feb 23, 2022
eff76c9
i hate symlinks
jmymy Feb 23, 2022
8788392
add vars and outputs
jmymy Feb 23, 2022
bf99627
docs generation
jmymy Feb 23, 2022
da0d157
add random string to subnet names
jmymy Feb 23, 2022
9bb210f
Update main.tf
jmymy Feb 24, 2022
42dbb58
Merge branch 'auto-pilot' of https://github.com/jmymy/terraform-googl…
jmymy Feb 24, 2022
3be5990
remove random name
jmymy Mar 1, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
14 changes: 14 additions & 0 deletions .kitchen.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,3 +244,17 @@ suites:
controls:
- gcloud
- kubectl
- name: "simple_autopilot_private"
driver:
root_module_directory: test/fixtures/simple_autopilot_private
verifier:
systems:
- name: simple_autopilot_private
backend: local
- name: "simple_autopilot_public"
driver:
root_module_directory: test/fixtures/simple_autopilot_public
verifier:
systems:
- name: simple_autopilot_public
backend: local
4 changes: 1 addition & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ module "gke" {
ip_range_pods = "us-central1-01-gke-01-pods"
ip_range_services = "us-central1-01-gke-01-services"
http_load_balancing = false
horizontal_pod_autoscaling = true
network_policy = false
horizontal_pod_autoscaling = true

node_pools = [
{
Expand Down Expand Up @@ -253,8 +253,6 @@ The node_pools variable takes the following parameters:
| tags | The list of instance tags applied to all nodes | | Required |
| value | The value for the taint | | Required |
| version | The Kubernetes version for the nodes in this pool. Should only be set if auto_upgrade is false | " " | Optional |


## Requirements

Before this module can be used on a project, you must ensure that the following pre-requisites are fulfilled:
Expand Down
21 changes: 14 additions & 7 deletions autogen/main/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,20 +72,26 @@ module "gke" {
subnetwork = "us-central1-01"
ip_range_pods = "us-central1-01-gke-01-pods"
ip_range_services = "us-central1-01-gke-01-services"
{% if autopilot_cluster != true %}
http_load_balancing = false
horizontal_pod_autoscaling = true
network_policy = false
{% endif %}
horizontal_pod_autoscaling = true
{% if private_cluster %}
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
{% endif %}
{% if beta_cluster %}
istio = true
cloudrun = true
dns_cache = false
{% if beta_cluster and autopilot_cluster != true %}
istio = true
cloudrun = true
dns_cache = false
{% endif %}
{% if autopilot_cluster %}
enable_autopilot = true
{% endif %}

{% if autopilot_cluster != true %}
node_pools = [
{
name = "default-node-pool"
Expand Down Expand Up @@ -152,6 +158,7 @@ module "gke" {
"default-node-pool",
]
}
{% endif %}
}
```

Expand All @@ -166,6 +173,7 @@ Then perform the following commands on the root folder:
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

{% if autopilot_cluster != true %}
## node_pools variable
The node_pools variable takes the following parameters:

Expand Down Expand Up @@ -220,8 +228,7 @@ The node_pools variable takes the following parameters:
| tags | The list of instance tags applied to all nodes | | Required |
| value | The value for the taint | | Required |
| version | The Kubernetes version for the nodes in this pool. Should only be set if auto_upgrade is false | " " | Optional |


{% endif %}
## Requirements

Before this module can be used on a project, you must ensure that the following pre-requisites are fulfilled:
Expand Down
59 changes: 36 additions & 23 deletions autogen/main/cluster.tf.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2018 Google LLC
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -35,7 +35,7 @@ resource "google_container_cluster" "primary" {
node_locations = local.node_locations
cluster_ipv4_cidr = var.cluster_ipv4_cidr
network = "projects/${local.network_project_id}/global/networks/${var.network}"

{% if autopilot_cluster != true %}
dynamic "network_policy" {
for_each = local.cluster_network_policy

Expand All @@ -44,6 +44,7 @@ resource "google_container_cluster" "primary" {
provider = network_policy.value.provider
}
}
{% endif %}

dynamic "release_channel" {
for_each = local.release_channel
Expand All @@ -64,13 +65,13 @@ resource "google_container_cluster" "primary" {
subnetwork = "projects/${local.network_project_id}/regions/${local.region}/subnetworks/${var.subnetwork}"

{% if beta_cluster %}
default_snat_status{
default_snat_status {
disabled = var.disable_default_snat
}
{% endif %}
min_master_version = var.release_channel != null ? null : local.master_version

{% if beta_cluster %}
{% if beta_cluster and autopilot_cluster != true %}
dynamic "cluster_telemetry" {
for_each = local.cluster_telemetry_type_is_set ? [1] : []
content {
Expand Down Expand Up @@ -98,7 +99,7 @@ resource "google_container_cluster" "primary" {
logging_service = var.logging_service
monitoring_service = var.monitoring_service
{% endif %}

{% if autopilot_cluster != true %}
cluster_autoscaling {
enabled = var.cluster_autoscaling.enabled
dynamic "auto_provisioning_defaults" {
Expand All @@ -107,14 +108,14 @@ resource "google_container_cluster" "primary" {
content {
service_account = local.service_account
oauth_scopes = local.node_pools_oauth_scopes["all"]
{% if beta_cluster %}
{% if beta_cluster %}
min_cpu_platform = lookup(var.node_pools[0], "min_cpu_platform", "")
{% endif %}
{% endif %}
}
}
{% if beta_cluster %}
{% if beta_cluster %}
autoscaling_profile = var.cluster_autoscaling.autoscaling_profile != null ? var.cluster_autoscaling.autoscaling_profile : "BALANCED"
{% endif %}
{% endif %}
dynamic "resource_limits" {
for_each = local.autoscaling_resource_limits
content {
Expand All @@ -124,16 +125,15 @@ resource "google_container_cluster" "primary" {
}
}
}

{% endif %}
vertical_pod_autoscaling {
enabled = var.enable_vertical_pod_autoscaling
}

{% if autopilot_cluster != true %}
default_max_pods_per_node = var.default_max_pods_per_node

enable_shielded_nodes = var.enable_shielded_nodes
enable_binary_authorization = var.enable_binary_authorization
{% if beta_cluster %}
{% if beta_cluster %}
enable_intranode_visibility = var.enable_intranode_visibility
enable_kubernetes_alpha = var.enable_kubernetes_alpha
enable_tpu = var.enable_tpu
Expand All @@ -153,6 +153,10 @@ resource "google_container_cluster" "primary" {
}

enable_l4_ilb_subsetting = var.enable_l4_ilb_subsetting
{% endif %}
{% endif %}
{% if autopilot_cluster %}
enable_autopilot = true
{% endif %}
dynamic "master_authorized_networks_config" {
for_each = local.master_authorized_networks_config
Expand Down Expand Up @@ -181,14 +185,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}

{% if autopilot_cluster != true %}
network_policy_config {
disabled = !var.network_policy
}
{% if beta_cluster %}
{% endif %}
{% if beta_cluster and autopilot_cluster != true %}

istio_config {
disabled = ! var.istio
disabled = !var.istio
auth = var.istio_auth
}

Expand Down Expand Up @@ -258,24 +263,25 @@ resource "google_container_cluster" "primary" {
end_time = maintenance_exclusion.value.end_time
}
}

{% else %}
daily_maintenance_window {
start_time = var.maintenance_start_time
}
{% endif %}
}

{% if autopilot_cluster != true %}
lifecycle {
ignore_changes = [node_pool, initial_node_count, resource_labels["asmv"], resource_labels["mesh_id"]]
}
{% endif %}

timeouts {
create = "45m"
update = "45m"
delete = "45m"
}

{% if autopilot_cluster != true %}
node_pool {
name = "default-pool"
initial_node_count = var.initial_node_count
Expand Down Expand Up @@ -321,6 +327,7 @@ resource "google_container_cluster" "primary" {
}
}
}
{% endif %}

dynamic "resource_usage_export_config" {
for_each = var.resource_usage_export_dataset_id != "" ? [{
Expand Down Expand Up @@ -362,6 +369,7 @@ resource "google_container_cluster" "primary" {
}
{% endif %}

{% if autopilot_cluster != true %}
remove_default_node_pool = var.remove_default_node_pool

dynamic "database_encryption" {
Expand All @@ -380,27 +388,30 @@ resource "google_container_cluster" "primary" {
workload_pool = workload_identity_config.value.workload_pool
}
}
{% endif %}

{% if autopilot_cluster != true %}
dynamic "authenticator_groups_config" {
for_each = local.cluster_authenticator_security_group
content {
security_group = authenticator_groups_config.value.security_group
}
}

{% if beta_cluster %}
{% endif %}
{% if beta_cluster %}
notification_config {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
topic = var.notification_config_topic
}
}
{% endif %}
{% endif %}
}

{% if autopilot_cluster != true %}
/******************************************
Create Container Cluster node pools
*****************************************/
{% endif %}
{% if update_variant %}
locals {
force_node_pool_recreation_resources = [
Expand Down Expand Up @@ -491,6 +502,7 @@ resource "random_id" "name" {
}

{% endif %}
{% if autopilot_cluster != true %}
resource "google_container_node_pool" "pools" {
{% if beta_cluster %}
provider = google-beta
Expand Down Expand Up @@ -698,3 +710,4 @@ resource "google_container_node_pool" "pools" {
delete = "45m"
}
}
{% endif %}
10 changes: 9 additions & 1 deletion autogen/main/dns.tf.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2018 Google LLC
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -35,7 +35,9 @@ module "gcloud_delete_default_kube_dns_configmap" {

module_depends_on = concat(
[google_container_cluster.primary.master_version],
{% if autopilot_cluster != true %}
[for pool in google_container_node_pool.pools : pool.name]
{% endif %}
)
}

Expand Down Expand Up @@ -63,7 +65,9 @@ EOF
depends_on = [
module.gcloud_delete_default_kube_dns_configmap.wait,
google_container_cluster.primary,
{% if autopilot_cluster != true %}
google_container_node_pool.pools,
{% endif %}
]
}

Expand All @@ -89,7 +93,9 @@ EOF
depends_on = [
module.gcloud_delete_default_kube_dns_configmap.wait,
google_container_cluster.primary,
{% if autopilot_cluster != true %}
google_container_node_pool.pools,
{% endif %}
]
}

Expand Down Expand Up @@ -118,6 +124,8 @@ EOF
depends_on = [
module.gcloud_delete_default_kube_dns_configmap.wait,
google_container_cluster.primary,
{% if autopilot_cluster != true %}
google_container_node_pool.pools,
{% endif %}
]
}
2 changes: 1 addition & 1 deletion autogen/main/firewall.tf.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2018 Google LLC
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down