diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 2b1466d37d..7892e9b0f7 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -89,10 +89,18 @@ resource "google_container_cluster" "primary" { } monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service dynamic "monitoring_config" { - for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] + for_each = length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus ? [1] : [] content { - enable_components = var.monitoring_enabled_components + enable_components = length(var.monitoring_enabled_components) > 0 ? var.monitoring_enabled_components : null + + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus ? [1] : [] + + content { + enabled = var.monitoring_enable_managed_prometheus + } + } } } {% else %} diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 8ef03372ab..3420587e94 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -108,7 +108,7 @@ locals { ] : [] cluster_cloudrun_enabled = var.cloudrun cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus {% endif %} cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index 86ade1f554..2625ffb8e0 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -603,6 +603,12 @@ variable "monitoring_enabled_components" { default = [] } +variable "monitoring_enable_managed_prometheus" { + type = bool + description = "(Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." + default = false +} + variable "istio" { description = "(Beta) Enable Istio addon" default = false diff --git a/autogen/main/versions.tf.tmpl b/autogen/main/versions.tf.tmpl index 1def57df35..47767df66b 100644 --- a/autogen/main/versions.tf.tmpl +++ b/autogen/main/versions.tf.tmpl @@ -24,7 +24,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-autopilot-private-cluster/versions.tf b/modules/beta-autopilot-private-cluster/versions.tf index 12861fbaee..0d2907fd38 100644 --- a/modules/beta-autopilot-private-cluster/versions.tf +++ b/modules/beta-autopilot-private-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-autopilot-public-cluster/versions.tf b/modules/beta-autopilot-public-cluster/versions.tf index e54cbab61c..184ec0d71b 100644 --- a/modules/beta-autopilot-public-cluster/versions.tf +++ b/modules/beta-autopilot-public-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 35e1455447..b75726f7a7 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -221,6 +221,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | (Beta) Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_enable\_managed\_prometheus | (Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster (required) | `string` | n/a | yes | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 3a1093e9bf..65d0f2530f 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -78,10 +78,18 @@ resource "google_container_cluster" "primary" { } monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service dynamic "monitoring_config" { - for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] + for_each = length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus ? [1] : [] content { - enable_components = var.monitoring_enabled_components + enable_components = length(var.monitoring_enabled_components) > 0 ? var.monitoring_enabled_components : null + + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus ? [1] : [] + + content { + enabled = var.monitoring_enable_managed_prometheus + } + } } } cluster_autoscaling { diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index d9cac20024..bb6cf30de5 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -93,7 +93,7 @@ locals { ] : [] cluster_cloudrun_enabled = var.cloudrun cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 2692486361..5b23173cbd 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -572,6 +572,12 @@ variable "monitoring_enabled_components" { default = [] } +variable "monitoring_enable_managed_prometheus" { + type = bool + description = "(Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." + default = false +} + variable "istio" { description = "(Beta) Enable Istio addon" default = false diff --git a/modules/beta-private-cluster-update-variant/versions.tf b/modules/beta-private-cluster-update-variant/versions.tf index dc182da368..5789c556e5 100644 --- a/modules/beta-private-cluster-update-variant/versions.tf +++ b/modules/beta-private-cluster-update-variant/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index ce001d7683..a55d71e273 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -199,6 +199,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | (Beta) Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_enable\_managed\_prometheus | (Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster (required) | `string` | n/a | yes | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 8a137d99de..b3e1c8db5c 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -78,10 +78,18 @@ resource "google_container_cluster" "primary" { } monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service dynamic "monitoring_config" { - for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] + for_each = length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus ? [1] : [] content { - enable_components = var.monitoring_enabled_components + enable_components = length(var.monitoring_enabled_components) > 0 ? var.monitoring_enabled_components : null + + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus ? [1] : [] + + content { + enabled = var.monitoring_enable_managed_prometheus + } + } } } cluster_autoscaling { diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index d9cac20024..bb6cf30de5 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -93,7 +93,7 @@ locals { ] : [] cluster_cloudrun_enabled = var.cloudrun cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 2692486361..5b23173cbd 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -572,6 +572,12 @@ variable "monitoring_enabled_components" { default = [] } +variable "monitoring_enable_managed_prometheus" { + type = bool + description = "(Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." + default = false +} + variable "istio" { description = "(Beta) Enable Istio addon" default = false diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf index 998c2d6dcf..1af41a53b8 100644 --- a/modules/beta-private-cluster/versions.tf +++ b/modules/beta-private-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 1a7f5003ed..2810e838a3 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -210,6 +210,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_enable\_managed\_prometheus | (Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster (required) | `string` | n/a | yes | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 1725a15ce0..0f7d3b7cd6 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -78,10 +78,18 @@ resource "google_container_cluster" "primary" { } monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service dynamic "monitoring_config" { - for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] + for_each = length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus ? [1] : [] content { - enable_components = var.monitoring_enabled_components + enable_components = length(var.monitoring_enabled_components) > 0 ? var.monitoring_enabled_components : null + + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus ? [1] : [] + + content { + enabled = var.monitoring_enable_managed_prometheus + } + } } } cluster_autoscaling { diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index 7a20ec04b0..99512f81ae 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -93,7 +93,7 @@ locals { ] : [] cluster_cloudrun_enabled = var.cloudrun cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 8800312331..12eaf34b4c 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -541,6 +541,12 @@ variable "monitoring_enabled_components" { default = [] } +variable "monitoring_enable_managed_prometheus" { + type = bool + description = "(Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." + default = false +} + variable "istio" { description = "(Beta) Enable Istio addon" default = false diff --git a/modules/beta-public-cluster-update-variant/versions.tf b/modules/beta-public-cluster-update-variant/versions.tf index 45f72d12f6..99cb7be095 100644 --- a/modules/beta-public-cluster-update-variant/versions.tf +++ b/modules/beta-public-cluster-update-variant/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 5a198e6745..6e7ad6c702 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -188,6 +188,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_enable\_managed\_prometheus | (Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | | name | The name of the cluster (required) | `string` | n/a | yes | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index f20ac3a0a4..32d22347de 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -78,10 +78,18 @@ resource "google_container_cluster" "primary" { } monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service dynamic "monitoring_config" { - for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] + for_each = length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus ? [1] : [] content { - enable_components = var.monitoring_enabled_components + enable_components = length(var.monitoring_enabled_components) > 0 ? var.monitoring_enabled_components : null + + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus ? [1] : [] + + content { + enabled = var.monitoring_enable_managed_prometheus + } + } } } cluster_autoscaling { diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index 7a20ec04b0..99512f81ae 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -93,7 +93,7 @@ locals { ] : [] cluster_cloudrun_enabled = var.cloudrun cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 8800312331..12eaf34b4c 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -541,6 +541,12 @@ variable "monitoring_enabled_components" { default = [] } +variable "monitoring_enable_managed_prometheus" { + type = bool + description = "(Beta) Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." + default = false +} + variable "istio" { description = "(Beta) Enable Istio addon" default = false diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf index 6f84949694..bad95ee619 100644 --- a/modules/beta-public-cluster/versions.tf +++ b/modules/beta-public-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.10.0, < 5.0" + version = ">= 4.25.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes"