From b78354c30b0beb482863b7668b8601fe58fdebae Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 1 Dec 2020 20:08:05 +0000 Subject: [PATCH 01/14] initial support for using kubecontext for hub registration --- .../simple_zonal_with_hub_kubectl/README.md | 57 +++++++++++++++++ examples/simple_zonal_with_hub_kubectl/hub.tf | 23 +++++++ .../simple_zonal_with_hub_kubectl/main.tf | 41 ++++++++++++ .../simple_zonal_with_hub_kubectl/outputs.tf | 34 ++++++++++ .../test_outputs.tf | 63 +++++++++++++++++++ .../variables.tf | 53 ++++++++++++++++ modules/hub/main.tf | 20 ++++-- modules/hub/scripts/gke_hub_registration.sh | 7 +++ modules/hub/scripts/k8s_hub_registration.sh | 44 +++++++++++++ modules/hub/scripts/k8s_hub_unregister.sh | 29 +++++++++ modules/hub/variables.tf | 11 ++++ 11 files changed, 378 insertions(+), 4 deletions(-) create mode 100644 examples/simple_zonal_with_hub_kubectl/README.md create mode 100644 examples/simple_zonal_with_hub_kubectl/hub.tf create mode 100644 examples/simple_zonal_with_hub_kubectl/main.tf create mode 100644 examples/simple_zonal_with_hub_kubectl/outputs.tf create mode 100755 examples/simple_zonal_with_hub_kubectl/test_outputs.tf create mode 100644 examples/simple_zonal_with_hub_kubectl/variables.tf create mode 100755 modules/hub/scripts/k8s_hub_registration.sh create mode 100755 modules/hub/scripts/k8s_hub_unregister.sh diff --git a/examples/simple_zonal_with_hub_kubectl/README.md b/examples/simple_zonal_with_hub_kubectl/README.md new file mode 100644 index 0000000000..541b5d1169 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/README.md @@ -0,0 +1,57 @@ +# Simple Zonal Cluster + +This example illustrates how to register any Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) + +This example creates a [kind]() cluster and the [Hub registration module](../../modules/hub). + + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| cluster\_name\_suffix | A suffix to append to the default cluster name | `string` | `""` | no | +| ip\_range\_pods | The secondary ip range to use for pods | `string` | `""` | no | +| ip\_range\_services | The secondary ip range to use for services | `string` | `""` | no | +| network | The VPC network to host the cluster in | `string` | `"default"` | no | +| project\_id | The project ID to host the cluster in | `any` | n/a | yes | +| region | The region to host the cluster in | `any` | n/a | yes | +| subnetwork | The subnetwork to host the cluster in | `string` | `"default"` | no | +| zones | The zone to host the cluster in (required if is a zonal cluster) | `list(string)` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| ca\_certificate | n/a | +| client\_token | n/a | +| cluster\_name | Cluster name | +| ip\_range\_pods | The secondary IP range used for pods | +| ip\_range\_services | The secondary IP range used for services | +| kubernetes\_endpoint | n/a | +| location | n/a | +| master\_kubernetes\_version | The master Kubernetes version | +| network | n/a | +| project\_id | n/a | +| region | n/a | +| service\_account | The default service account used for running nodes. | +| subnetwork | n/a | +| zones | List of zones in which the cluster resides | + + + +To provision this example, run the following from within this directory: +- `terraform init` to get the plugins +- `terraform plan` to see the infrastructure plan +- `terraform apply` to apply the infrastructure build +- `terraform destroy` to destroy the built infrastructure + +Example: + +``` +terraform init + +terraform apply \ + -var project_id=${PROJECT} \ + -var region="us-central1" \ + -var zones='["us-central1-c"]' +``` diff --git a/examples/simple_zonal_with_hub_kubectl/hub.tf b/examples/simple_zonal_with_hub_kubectl/hub.tf new file mode 100644 index 0000000000..a0ce6cf505 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/hub.tf @@ -0,0 +1,23 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "hub" { + source = "../../modules/hub" + project_id = var.project_id + location = module.gke.location + cluster_name = module.gke.name + cluster_endpoint = module.gke.endpoint +} diff --git a/examples/simple_zonal_with_hub_kubectl/main.tf b/examples/simple_zonal_with_hub_kubectl/main.tf new file mode 100644 index 0000000000..9da21f9f1e --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/main.tf @@ -0,0 +1,41 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +locals { + cluster_type = "simple-zonal" +} + +provider "google" { + version = "~> 3.42.0" + region = var.region +} + +module "gke" { + source = "../../" + project_id = var.project_id + name = "${local.cluster_type}-cluster${var.cluster_name_suffix}" + regional = false + region = var.region + zones = var.zones + network = var.network + subnetwork = var.subnetwork + ip_range_pods = var.ip_range_pods + ip_range_services = var.ip_range_services + service_account = "create" +} + +data "google_client_config" "default" { +} diff --git a/examples/simple_zonal_with_hub_kubectl/outputs.tf b/examples/simple_zonal_with_hub_kubectl/outputs.tf new file mode 100644 index 0000000000..0d770aa809 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/outputs.tf @@ -0,0 +1,34 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "kubernetes_endpoint" { + sensitive = true + value = module.gke.endpoint +} + +output "client_token" { + sensitive = true + value = base64encode(data.google_client_config.default.access_token) +} + +output "ca_certificate" { + value = module.gke.ca_certificate +} + +output "service_account" { + description = "The default service account used for running nodes." + value = module.gke.service_account +} diff --git a/examples/simple_zonal_with_hub_kubectl/test_outputs.tf b/examples/simple_zonal_with_hub_kubectl/test_outputs.tf new file mode 100755 index 0000000000..e64c40e477 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/test_outputs.tf @@ -0,0 +1,63 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +// These outputs are used to test the module with kitchen-terraform +// They do not need to be included in real-world uses of this module + +output "project_id" { + value = var.project_id +} + +output "region" { + value = module.gke.region +} + +output "cluster_name" { + description = "Cluster name" + value = module.gke.name +} + +output "network" { + value = var.network +} + +output "subnetwork" { + value = var.subnetwork +} + +output "location" { + value = module.gke.location +} + +output "ip_range_pods" { + description = "The secondary IP range used for pods" + value = var.ip_range_pods +} + +output "ip_range_services" { + description = "The secondary IP range used for services" + value = var.ip_range_services +} + +output "zones" { + description = "List of zones in which the cluster resides" + value = module.gke.zones +} + +output "master_kubernetes_version" { + description = "The master Kubernetes version" + value = module.gke.master_version +} diff --git a/examples/simple_zonal_with_hub_kubectl/variables.tf b/examples/simple_zonal_with_hub_kubectl/variables.tf new file mode 100644 index 0000000000..1416853db2 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubectl/variables.tf @@ -0,0 +1,53 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + description = "The project ID to host the cluster in" +} + +variable "cluster_name_suffix" { + description = "A suffix to append to the default cluster name" + default = "" +} + +variable "region" { + description = "The region to host the cluster in" +} + +variable "zones" { + type = list(string) + description = "The zone to host the cluster in (required if is a zonal cluster)" +} + +variable "network" { + description = "The VPC network to host the cluster in" + default = "default" +} + +variable "subnetwork" { + description = "The subnetwork to host the cluster in" + default = "default" +} + +variable "ip_range_pods" { + description = "The secondary ip range to use for pods" + default = "" +} + +variable "ip_range_services" { + description = "The secondary ip range to use for services" + default = "" +} diff --git a/modules/hub/main.tf b/modules/hub/main.tf index 1c92d2a83b..a8fe01d454 100644 --- a/modules/hub/main.tf +++ b/modules/hub/main.tf @@ -16,6 +16,18 @@ locals { gke_hub_sa_key = var.use_existing_sa ? var.sa_private_key : google_service_account_key.gke_hub_key[0].private_key + + create_cmd_kubeconfig_entrypoint = "${path.module}/scripts/k8s_hub_registration.sh" + create_cmd_kubeconfig_body = "${var.gke_hub_membership_name} ${local.gke_hub_sa_key} ${var.project_id} ${var.labels}" + destroy_kubeconfig_entrypoint = "${path.module}/scripts/k8s_hub_unregister.sh" + destroy_kubeconfig_body = "${var.gke_hub_membership_name} ${var.project_id}" + + create_cmd_gke_entrypoint = "${path.module}/scripts/gke_hub_registration.sh" + create_cmd_gke_body = "${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${local.gke_hub_sa_key} ${var.project_id} ${var.labels}" + destroy_gke_entrypoint = "gcloud" + destroy_gke_body = "container hub memberships unregister ${var.gke_hub_membership_name} --gke-cluster=${var.location}/${var.cluster_name} --project ${var.project_id}" + + } data "google_client_config" "default" { @@ -50,8 +62,8 @@ module "gke_hub_registration" { use_tf_google_credentials_env_var = var.use_tf_google_credentials_env_var module_depends_on = concat([var.cluster_endpoint], var.module_depends_on) - create_cmd_entrypoint = "${path.module}/scripts/gke_hub_registration.sh" - create_cmd_body = "${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${local.gke_hub_sa_key} ${var.project_id}" - destroy_cmd_entrypoint = "gcloud" - destroy_cmd_body = "container hub memberships unregister ${var.gke_hub_membership_name} --gke-cluster=${var.location}/${var.cluster_name} --project ${var.project_id}" + create_cmd_entrypoint = var.use_kubeconfig ? local.create_cmd_kubeconfig_entrypoint : local.create_cmd_gke_entrypoint + create_cmd_body = var.use_kubeconfig ? local.create_cmd_kubeconfig_body : local.create_cmd_gke_body + destroy_cmd_entrypoint = var.use_kubeconfig ? local.destroy_kubeconfig_entrypoint : local.destroy_gke_entrypoint + destroy_cmd_body = var.use_kubeconfig ? local.destroy_kubeconfig_body : local.destroy_gke_body } diff --git a/modules/hub/scripts/gke_hub_registration.sh b/modules/hub/scripts/gke_hub_registration.sh index 4a04683fd0..f5f0dfdaa0 100755 --- a/modules/hub/scripts/gke_hub_registration.sh +++ b/modules/hub/scripts/gke_hub_registration.sh @@ -25,6 +25,7 @@ CLUSTER_LOCATION=$2 CLUSTER_NAME=$3 SERVICE_ACCOUNT_KEY=$4 PROJECT_ID=$5 +LABELS=$6 #write temp key, cleanup at exit tmp_file=$(mktemp) @@ -34,3 +35,9 @@ base64 --help | grep "\--decode" && B64_ARG="--decode" || B64_ARG="-d" echo "${SERVICE_ACCOUNT_KEY}" | base64 ${B64_ARG} > "$tmp_file" gcloud container hub memberships register "${MEMBERSHIP_NAME}" --gke-cluster="${CLUSTER_LOCATION}"/"${CLUSTER_NAME}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet +# Add labels to the registered cluster +if [ -z ${LABELS+x} ]; then + echo "No labels to apply." +else + gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" +fi \ No newline at end of file diff --git a/modules/hub/scripts/k8s_hub_registration.sh b/modules/hub/scripts/k8s_hub_registration.sh new file mode 100755 index 0000000000..fc596bc3f9 --- /dev/null +++ b/modules/hub/scripts/k8s_hub_registration.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# Copyright 2018 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +if [ "$#" -lt 2 ]; then + >&2 echo "Not all expected arguments set." + exit 1 +fi + +MEMBERSHIP_NAME=$1 +SERVICE_ACCOUNT_KEY=$2 +PROJECT_ID=$3 +LABELS=$4 + +#write temp key, cleanup at exit +tmp_file=$(mktemp) +# shellcheck disable=SC2064 +trap "rm -rf $tmp_file" EXIT +base64 --help | grep "\--decode" && B64_ARG="--decode" || B64_ARG="-d" +echo "${SERVICE_ACCOUNT_KEY}" | base64 ${B64_ARG} > "$tmp_file" + +#Get the kubeconfig +CONTEXT=$(kubectl config current-context) + +gcloud container hub memberships register "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet +# Add labels to the registered cluster +if [ -z ${LABELS+x} ]; then + echo "No labels to apply." +else + gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" +fi diff --git a/modules/hub/scripts/k8s_hub_unregister.sh b/modules/hub/scripts/k8s_hub_unregister.sh new file mode 100755 index 0000000000..b67e5fcbb2 --- /dev/null +++ b/modules/hub/scripts/k8s_hub_unregister.sh @@ -0,0 +1,29 @@ +#!/bin/bash +# Copyright 2018 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +if [ "$#" -lt 1 ]; then + >&2 echo "Not all expected arguments set." + exit 1 +fi + +MEMBERSHIP_NAME=$1 +PROJECT_ID=$2 + +#Get Current context +CONTEXT=$(kubectl config current-context) + +gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --project="${PROJECT_ID}" --quiet \ No newline at end of file diff --git a/modules/hub/variables.tf b/modules/hub/variables.tf index 0175570118..4a63e8ce9d 100644 --- a/modules/hub/variables.tf +++ b/modules/hub/variables.tf @@ -81,3 +81,14 @@ variable "module_depends_on" { type = list default = [] } + +variable "use_kubeconfig" { + description = "Use existing kubeconfig to register membership. Set this to true for non GKE clusters. Assumes kubectl context is set to cluster to register." + default = false +} + +variable "labels" { + description = "Comma separated labels in the format name=value to apply to cluster in the GCP Console." + type = string + default = "" +} \ No newline at end of file From f2d9518f7b6382247d9f5440f06da51362f5b347 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:14:58 +0000 Subject: [PATCH 02/14] Tested with GKE using kubectl --- examples/simple_zonal_with_hub_kubectl/README.md | 4 ++-- examples/simple_zonal_with_hub_kubectl/hub.tf | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/simple_zonal_with_hub_kubectl/README.md b/examples/simple_zonal_with_hub_kubectl/README.md index 541b5d1169..ad85ec2a93 100644 --- a/examples/simple_zonal_with_hub_kubectl/README.md +++ b/examples/simple_zonal_with_hub_kubectl/README.md @@ -1,8 +1,8 @@ -# Simple Zonal Cluster +# Simple Kubernetes Cluster This example illustrates how to register any Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) -This example creates a [kind]() cluster and the [Hub registration module](../../modules/hub). +It incorporates the standard cluster GKE module, uses kubecontext to register the cluster using the [Hub registration module](../../modules/hub). ## Inputs diff --git a/examples/simple_zonal_with_hub_kubectl/hub.tf b/examples/simple_zonal_with_hub_kubectl/hub.tf index a0ce6cf505..2ca66a8637 100644 --- a/examples/simple_zonal_with_hub_kubectl/hub.tf +++ b/examples/simple_zonal_with_hub_kubectl/hub.tf @@ -20,4 +20,6 @@ module "hub" { location = module.gke.location cluster_name = module.gke.name cluster_endpoint = module.gke.endpoint + use_kubeconfig = true + labels = "testlabel=usekubecontext" } From 4d6751fbe3877fa28f67ead37c721d43259ce574 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:18:04 +0000 Subject: [PATCH 03/14] Tested with GKE using kubectl --- modules/hub/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/hub/README.md b/modules/hub/README.md index b1f5ca5822..4334bfe76f 100644 --- a/modules/hub/README.md +++ b/modules/hub/README.md @@ -6,7 +6,7 @@ Specifically, this module automates the following steps for [registering a clust ## Usage -There is a [full example](../../examples/simple_zonal_with_asm) provided. Simple usage is as follows: +There is [GKE full example](../../examples/simple_zonal_with_asm) and a [Generic K8s example](../../examples/simple_zonal_with_hub_kubectl) provided. There is also an example to use Simple usage is as follows: ```tf module "hub" { @@ -39,11 +39,13 @@ To deploy this config: | gcloud\_sdk\_version | The gcloud sdk version to use. Minimum required version is 293.0.0 | `string` | `"296.0.1"` | no | | gke\_hub\_membership\_name | Memebership name that uniquely represents the cluster being registered on the Hub | `string` | `"gke-hub-membership"` | no | | gke\_hub\_sa\_name | Name for the GKE Hub SA stored as a secret `creds-gcp` in the `gke-connect` namespace. | `string` | `"gke-hub-sa"` | no | +| labels | Comma separated labels in the format name=value to apply to cluster in the GCP Console. | `string` | `""` | no | | location | The location (zone or region) this cluster has been created in. | `string` | n/a | yes | | module\_depends\_on | List of modules or resources this module depends on. | `list` | `[]` | no | | project\_id | The project in which the resource belongs. | `string` | n/a | yes | | sa\_private\_key | Private key for service account base64 encoded. Required only if `use_existing_sa` is set to `true`. | `string` | `null` | no | | use\_existing\_sa | Uses an existing service account to register membership. Requires sa\_private\_key | `bool` | `false` | no | +| use\_kubeconfig | Use existing kubeconfig to register membership. Set this to true for non GKE clusters. Assumes kubectl context is set to cluster to register. | `bool` | `false` | no | | use\_tf\_google\_credentials\_env\_var | Optional GOOGLE\_CREDENTIALS environment variable to be activated. | `bool` | `false` | no | ## Outputs From d8398d8c367cc0a61d11e02fe6834b80f3250c39 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:23:30 +0000 Subject: [PATCH 04/14] Fixed typo in README --- modules/hub/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/hub/README.md b/modules/hub/README.md index 4334bfe76f..e8b29b6874 100644 --- a/modules/hub/README.md +++ b/modules/hub/README.md @@ -6,7 +6,7 @@ Specifically, this module automates the following steps for [registering a clust ## Usage -There is [GKE full example](../../examples/simple_zonal_with_asm) and a [Generic K8s example](../../examples/simple_zonal_with_hub_kubectl) provided. There is also an example to use Simple usage is as follows: +There is [GKE full example](../../examples/simple_zonal_with_asm) and a [Generic K8s example](../../examples/simple_zonal_with_hub_kubectl) provided. Simple usage is as follows: ```tf module "hub" { From bdb2f11e431682fcfee3bb9da149feb87fd1e149 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:44:07 +0000 Subject: [PATCH 05/14] Fixed formatting errors --- modules/hub/scripts/gke_hub_registration.sh | 6 +++--- modules/hub/scripts/k8s_hub_registration.sh | 4 ++-- modules/hub/scripts/k8s_hub_unregister.sh | 2 +- modules/hub/variables.tf | 8 ++++---- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/modules/hub/scripts/gke_hub_registration.sh b/modules/hub/scripts/gke_hub_registration.sh index f5f0dfdaa0..7979ad2c8a 100755 --- a/modules/hub/scripts/gke_hub_registration.sh +++ b/modules/hub/scripts/gke_hub_registration.sh @@ -36,8 +36,8 @@ echo "${SERVICE_ACCOUNT_KEY}" | base64 ${B64_ARG} > "$tmp_file" gcloud container hub memberships register "${MEMBERSHIP_NAME}" --gke-cluster="${CLUSTER_LOCATION}"/"${CLUSTER_NAME}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet # Add labels to the registered cluster -if [ -z ${LABELS+x} ]; then +if [ -z ${LABELS+x} ]; then echo "No labels to apply." -else +else gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" -fi \ No newline at end of file +fi diff --git a/modules/hub/scripts/k8s_hub_registration.sh b/modules/hub/scripts/k8s_hub_registration.sh index fc596bc3f9..1fac5a7137 100755 --- a/modules/hub/scripts/k8s_hub_registration.sh +++ b/modules/hub/scripts/k8s_hub_registration.sh @@ -37,8 +37,8 @@ CONTEXT=$(kubectl config current-context) gcloud container hub memberships register "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet # Add labels to the registered cluster -if [ -z ${LABELS+x} ]; then +if [ -z ${LABELS+x} ]; then echo "No labels to apply." -else +else gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" fi diff --git a/modules/hub/scripts/k8s_hub_unregister.sh b/modules/hub/scripts/k8s_hub_unregister.sh index b67e5fcbb2..76ca1e1e7f 100755 --- a/modules/hub/scripts/k8s_hub_unregister.sh +++ b/modules/hub/scripts/k8s_hub_unregister.sh @@ -26,4 +26,4 @@ PROJECT_ID=$2 #Get Current context CONTEXT=$(kubectl config current-context) -gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --project="${PROJECT_ID}" --quiet \ No newline at end of file +gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --project="${PROJECT_ID}" --quiet diff --git a/modules/hub/variables.tf b/modules/hub/variables.tf index 4a63e8ce9d..1de6052c91 100644 --- a/modules/hub/variables.tf +++ b/modules/hub/variables.tf @@ -59,7 +59,7 @@ variable "gke_hub_sa_name" { } variable "gke_hub_membership_name" { - description = "Memebership name that uniquely represents the cluster being registered on the Hub" + description = "Membership name that uniquely represents the cluster being registered on the Hub" type = string default = "gke-hub-membership" } @@ -84,11 +84,11 @@ variable "module_depends_on" { variable "use_kubeconfig" { description = "Use existing kubeconfig to register membership. Set this to true for non GKE clusters. Assumes kubectl context is set to cluster to register." - default = false + default = false } variable "labels" { description = "Comma separated labels in the format name=value to apply to cluster in the GCP Console." - type = string - default = "" + type = string + default = "" } \ No newline at end of file From ddf795a26ca6b48a25f2cde7b558ce66f6637295 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:45:19 +0000 Subject: [PATCH 06/14] Fixed formatting errors --- modules/hub/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/hub/README.md b/modules/hub/README.md index e8b29b6874..d576ff7453 100644 --- a/modules/hub/README.md +++ b/modules/hub/README.md @@ -37,7 +37,7 @@ To deploy this config: | cluster\_name | The unique name to identify the cluster in ASM. | `string` | n/a | yes | | enable\_gke\_hub\_registration | Enables GKE Hub Registration when set to true | `bool` | `true` | no | | gcloud\_sdk\_version | The gcloud sdk version to use. Minimum required version is 293.0.0 | `string` | `"296.0.1"` | no | -| gke\_hub\_membership\_name | Memebership name that uniquely represents the cluster being registered on the Hub | `string` | `"gke-hub-membership"` | no | +| gke\_hub\_membership\_name | Membership name that uniquely represents the cluster being registered on the Hub | `string` | `"gke-hub-membership"` | no | | gke\_hub\_sa\_name | Name for the GKE Hub SA stored as a secret `creds-gcp` in the `gke-connect` namespace. | `string` | `"gke-hub-sa"` | no | | labels | Comma separated labels in the format name=value to apply to cluster in the GCP Console. | `string` | `""` | no | | location | The location (zone or region) this cluster has been created in. | `string` | n/a | yes | From df517c8a42060b393745670516efbf35f200dd0d Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 15:49:07 +0000 Subject: [PATCH 07/14] Fixed formatting and renamed example to be more consistent --- .../simple_zonal_with_hub_kubectl/README.md | 57 ----------------- examples/simple_zonal_with_hub_kubectl/hub.tf | 25 -------- .../simple_zonal_with_hub_kubectl/main.tf | 41 ------------ .../simple_zonal_with_hub_kubectl/outputs.tf | 34 ---------- .../test_outputs.tf | 63 ------------------- .../variables.tf | 53 ---------------- 6 files changed, 273 deletions(-) delete mode 100644 examples/simple_zonal_with_hub_kubectl/README.md delete mode 100644 examples/simple_zonal_with_hub_kubectl/hub.tf delete mode 100644 examples/simple_zonal_with_hub_kubectl/main.tf delete mode 100644 examples/simple_zonal_with_hub_kubectl/outputs.tf delete mode 100755 examples/simple_zonal_with_hub_kubectl/test_outputs.tf delete mode 100644 examples/simple_zonal_with_hub_kubectl/variables.tf diff --git a/examples/simple_zonal_with_hub_kubectl/README.md b/examples/simple_zonal_with_hub_kubectl/README.md deleted file mode 100644 index ad85ec2a93..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/README.md +++ /dev/null @@ -1,57 +0,0 @@ -# Simple Kubernetes Cluster - -This example illustrates how to register any Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) - -It incorporates the standard cluster GKE module, uses kubecontext to register the cluster using the [Hub registration module](../../modules/hub). - - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| cluster\_name\_suffix | A suffix to append to the default cluster name | `string` | `""` | no | -| ip\_range\_pods | The secondary ip range to use for pods | `string` | `""` | no | -| ip\_range\_services | The secondary ip range to use for services | `string` | `""` | no | -| network | The VPC network to host the cluster in | `string` | `"default"` | no | -| project\_id | The project ID to host the cluster in | `any` | n/a | yes | -| region | The region to host the cluster in | `any` | n/a | yes | -| subnetwork | The subnetwork to host the cluster in | `string` | `"default"` | no | -| zones | The zone to host the cluster in (required if is a zonal cluster) | `list(string)` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| ca\_certificate | n/a | -| client\_token | n/a | -| cluster\_name | Cluster name | -| ip\_range\_pods | The secondary IP range used for pods | -| ip\_range\_services | The secondary IP range used for services | -| kubernetes\_endpoint | n/a | -| location | n/a | -| master\_kubernetes\_version | The master Kubernetes version | -| network | n/a | -| project\_id | n/a | -| region | n/a | -| service\_account | The default service account used for running nodes. | -| subnetwork | n/a | -| zones | List of zones in which the cluster resides | - - - -To provision this example, run the following from within this directory: -- `terraform init` to get the plugins -- `terraform plan` to see the infrastructure plan -- `terraform apply` to apply the infrastructure build -- `terraform destroy` to destroy the built infrastructure - -Example: - -``` -terraform init - -terraform apply \ - -var project_id=${PROJECT} \ - -var region="us-central1" \ - -var zones='["us-central1-c"]' -``` diff --git a/examples/simple_zonal_with_hub_kubectl/hub.tf b/examples/simple_zonal_with_hub_kubectl/hub.tf deleted file mode 100644 index 2ca66a8637..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/hub.tf +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "hub" { - source = "../../modules/hub" - project_id = var.project_id - location = module.gke.location - cluster_name = module.gke.name - cluster_endpoint = module.gke.endpoint - use_kubeconfig = true - labels = "testlabel=usekubecontext" -} diff --git a/examples/simple_zonal_with_hub_kubectl/main.tf b/examples/simple_zonal_with_hub_kubectl/main.tf deleted file mode 100644 index 9da21f9f1e..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/main.tf +++ /dev/null @@ -1,41 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -locals { - cluster_type = "simple-zonal" -} - -provider "google" { - version = "~> 3.42.0" - region = var.region -} - -module "gke" { - source = "../../" - project_id = var.project_id - name = "${local.cluster_type}-cluster${var.cluster_name_suffix}" - regional = false - region = var.region - zones = var.zones - network = var.network - subnetwork = var.subnetwork - ip_range_pods = var.ip_range_pods - ip_range_services = var.ip_range_services - service_account = "create" -} - -data "google_client_config" "default" { -} diff --git a/examples/simple_zonal_with_hub_kubectl/outputs.tf b/examples/simple_zonal_with_hub_kubectl/outputs.tf deleted file mode 100644 index 0d770aa809..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/outputs.tf +++ /dev/null @@ -1,34 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -output "kubernetes_endpoint" { - sensitive = true - value = module.gke.endpoint -} - -output "client_token" { - sensitive = true - value = base64encode(data.google_client_config.default.access_token) -} - -output "ca_certificate" { - value = module.gke.ca_certificate -} - -output "service_account" { - description = "The default service account used for running nodes." - value = module.gke.service_account -} diff --git a/examples/simple_zonal_with_hub_kubectl/test_outputs.tf b/examples/simple_zonal_with_hub_kubectl/test_outputs.tf deleted file mode 100755 index e64c40e477..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/test_outputs.tf +++ /dev/null @@ -1,63 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -// These outputs are used to test the module with kitchen-terraform -// They do not need to be included in real-world uses of this module - -output "project_id" { - value = var.project_id -} - -output "region" { - value = module.gke.region -} - -output "cluster_name" { - description = "Cluster name" - value = module.gke.name -} - -output "network" { - value = var.network -} - -output "subnetwork" { - value = var.subnetwork -} - -output "location" { - value = module.gke.location -} - -output "ip_range_pods" { - description = "The secondary IP range used for pods" - value = var.ip_range_pods -} - -output "ip_range_services" { - description = "The secondary IP range used for services" - value = var.ip_range_services -} - -output "zones" { - description = "List of zones in which the cluster resides" - value = module.gke.zones -} - -output "master_kubernetes_version" { - description = "The master Kubernetes version" - value = module.gke.master_version -} diff --git a/examples/simple_zonal_with_hub_kubectl/variables.tf b/examples/simple_zonal_with_hub_kubectl/variables.tf deleted file mode 100644 index 1416853db2..0000000000 --- a/examples/simple_zonal_with_hub_kubectl/variables.tf +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "project_id" { - description = "The project ID to host the cluster in" -} - -variable "cluster_name_suffix" { - description = "A suffix to append to the default cluster name" - default = "" -} - -variable "region" { - description = "The region to host the cluster in" -} - -variable "zones" { - type = list(string) - description = "The zone to host the cluster in (required if is a zonal cluster)" -} - -variable "network" { - description = "The VPC network to host the cluster in" - default = "default" -} - -variable "subnetwork" { - description = "The subnetwork to host the cluster in" - default = "default" -} - -variable "ip_range_pods" { - description = "The secondary ip range to use for pods" - default = "" -} - -variable "ip_range_services" { - description = "The secondary ip range to use for services" - default = "" -} From 3acb466c4ba4b87a15e603349b8e4e0014bce6d2 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 17:12:30 +0000 Subject: [PATCH 08/14] Fixed formatting and renamed example to be more consistent --- .../README.md | 57 +++++++++++++++++ .../simple_zonal_with_hub_kubeconfig/hub.tf | 25 ++++++++ .../simple_zonal_with_hub_kubeconfig/main.tf | 41 ++++++++++++ .../outputs.tf | 34 ++++++++++ .../test.tfvars | 3 + .../test_outputs.tf | 63 +++++++++++++++++++ .../variables.tf | 53 ++++++++++++++++ modules/hub/variables.tf | 2 +- 8 files changed, 277 insertions(+), 1 deletion(-) create mode 100644 examples/simple_zonal_with_hub_kubeconfig/README.md create mode 100644 examples/simple_zonal_with_hub_kubeconfig/hub.tf create mode 100644 examples/simple_zonal_with_hub_kubeconfig/main.tf create mode 100644 examples/simple_zonal_with_hub_kubeconfig/outputs.tf create mode 100644 examples/simple_zonal_with_hub_kubeconfig/test.tfvars create mode 100755 examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf create mode 100644 examples/simple_zonal_with_hub_kubeconfig/variables.tf diff --git a/examples/simple_zonal_with_hub_kubeconfig/README.md b/examples/simple_zonal_with_hub_kubeconfig/README.md new file mode 100644 index 0000000000..5fc62af5ff --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/README.md @@ -0,0 +1,57 @@ +# Simple Zonal Cluster Registered using kubeconfig + +This example illustrates how to register any Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) + +It incorporates the standard cluster GKE module, uses kubecontext to register the cluster using the [Hub registration module](../../modules/hub). + + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| cluster\_name\_suffix | A suffix to append to the default cluster name | `string` | `""` | no | +| ip\_range\_pods | The secondary ip range to use for pods | `string` | `""` | no | +| ip\_range\_services | The secondary ip range to use for services | `string` | `""` | no | +| network | The VPC network to host the cluster in | `string` | `"default"` | no | +| project\_id | The project ID to host the cluster in | `any` | n/a | yes | +| region | The region to host the cluster in | `any` | n/a | yes | +| subnetwork | The subnetwork to host the cluster in | `string` | `"default"` | no | +| zones | The zone to host the cluster in (required if is a zonal cluster) | `list(string)` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| ca\_certificate | n/a | +| client\_token | n/a | +| cluster\_name | Cluster name | +| ip\_range\_pods | The secondary IP range used for pods | +| ip\_range\_services | The secondary IP range used for services | +| kubernetes\_endpoint | n/a | +| location | n/a | +| master\_kubernetes\_version | The master Kubernetes version | +| network | n/a | +| project\_id | n/a | +| region | n/a | +| service\_account | The default service account used for running nodes. | +| subnetwork | n/a | +| zones | List of zones in which the cluster resides | + + + +To provision this example, run the following from within this directory: +- `terraform init` to get the plugins +- `terraform plan` to see the infrastructure plan +- `terraform apply` to apply the infrastructure build +- `terraform destroy` to destroy the built infrastructure + +Example: + +``` +terraform init + +terraform apply \ + -var project_id=${PROJECT} \ + -var region="us-central1" \ + -var zones='["us-central1-c"]' +``` diff --git a/examples/simple_zonal_with_hub_kubeconfig/hub.tf b/examples/simple_zonal_with_hub_kubeconfig/hub.tf new file mode 100644 index 0000000000..2ca66a8637 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/hub.tf @@ -0,0 +1,25 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "hub" { + source = "../../modules/hub" + project_id = var.project_id + location = module.gke.location + cluster_name = module.gke.name + cluster_endpoint = module.gke.endpoint + use_kubeconfig = true + labels = "testlabel=usekubecontext" +} diff --git a/examples/simple_zonal_with_hub_kubeconfig/main.tf b/examples/simple_zonal_with_hub_kubeconfig/main.tf new file mode 100644 index 0000000000..9da21f9f1e --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/main.tf @@ -0,0 +1,41 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +locals { + cluster_type = "simple-zonal" +} + +provider "google" { + version = "~> 3.42.0" + region = var.region +} + +module "gke" { + source = "../../" + project_id = var.project_id + name = "${local.cluster_type}-cluster${var.cluster_name_suffix}" + regional = false + region = var.region + zones = var.zones + network = var.network + subnetwork = var.subnetwork + ip_range_pods = var.ip_range_pods + ip_range_services = var.ip_range_services + service_account = "create" +} + +data "google_client_config" "default" { +} diff --git a/examples/simple_zonal_with_hub_kubeconfig/outputs.tf b/examples/simple_zonal_with_hub_kubeconfig/outputs.tf new file mode 100644 index 0000000000..0d770aa809 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/outputs.tf @@ -0,0 +1,34 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "kubernetes_endpoint" { + sensitive = true + value = module.gke.endpoint +} + +output "client_token" { + sensitive = true + value = base64encode(data.google_client_config.default.access_token) +} + +output "ca_certificate" { + value = module.gke.ca_certificate +} + +output "service_account" { + description = "The default service account used for running nodes." + value = module.gke.service_account +} diff --git a/examples/simple_zonal_with_hub_kubeconfig/test.tfvars b/examples/simple_zonal_with_hub_kubeconfig/test.tfvars new file mode 100644 index 0000000000..bdf218f094 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/test.tfvars @@ -0,0 +1,3 @@ +project_id = "east-mfg-ce" +region = "us-central1" +zones = ["us-central1-b"] diff --git a/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf b/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf new file mode 100755 index 0000000000..e64c40e477 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf @@ -0,0 +1,63 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +// These outputs are used to test the module with kitchen-terraform +// They do not need to be included in real-world uses of this module + +output "project_id" { + value = var.project_id +} + +output "region" { + value = module.gke.region +} + +output "cluster_name" { + description = "Cluster name" + value = module.gke.name +} + +output "network" { + value = var.network +} + +output "subnetwork" { + value = var.subnetwork +} + +output "location" { + value = module.gke.location +} + +output "ip_range_pods" { + description = "The secondary IP range used for pods" + value = var.ip_range_pods +} + +output "ip_range_services" { + description = "The secondary IP range used for services" + value = var.ip_range_services +} + +output "zones" { + description = "List of zones in which the cluster resides" + value = module.gke.zones +} + +output "master_kubernetes_version" { + description = "The master Kubernetes version" + value = module.gke.master_version +} diff --git a/examples/simple_zonal_with_hub_kubeconfig/variables.tf b/examples/simple_zonal_with_hub_kubeconfig/variables.tf new file mode 100644 index 0000000000..1416853db2 --- /dev/null +++ b/examples/simple_zonal_with_hub_kubeconfig/variables.tf @@ -0,0 +1,53 @@ +/** + * Copyright 2018 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + description = "The project ID to host the cluster in" +} + +variable "cluster_name_suffix" { + description = "A suffix to append to the default cluster name" + default = "" +} + +variable "region" { + description = "The region to host the cluster in" +} + +variable "zones" { + type = list(string) + description = "The zone to host the cluster in (required if is a zonal cluster)" +} + +variable "network" { + description = "The VPC network to host the cluster in" + default = "default" +} + +variable "subnetwork" { + description = "The subnetwork to host the cluster in" + default = "default" +} + +variable "ip_range_pods" { + description = "The secondary ip range to use for pods" + default = "" +} + +variable "ip_range_services" { + description = "The secondary ip range to use for services" + default = "" +} diff --git a/modules/hub/variables.tf b/modules/hub/variables.tf index 1de6052c91..379f50665e 100644 --- a/modules/hub/variables.tf +++ b/modules/hub/variables.tf @@ -91,4 +91,4 @@ variable "labels" { description = "Comma separated labels in the format name=value to apply to cluster in the GCP Console." type = string default = "" -} \ No newline at end of file +} From 20340b8fa721d0de714a908fb242ff202eb01823 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 17:13:55 +0000 Subject: [PATCH 09/14] remove test files --- examples/simple_zonal_with_hub_kubeconfig/test.tfvars | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 examples/simple_zonal_with_hub_kubeconfig/test.tfvars diff --git a/examples/simple_zonal_with_hub_kubeconfig/test.tfvars b/examples/simple_zonal_with_hub_kubeconfig/test.tfvars deleted file mode 100644 index bdf218f094..0000000000 --- a/examples/simple_zonal_with_hub_kubeconfig/test.tfvars +++ /dev/null @@ -1,3 +0,0 @@ -project_id = "east-mfg-ce" -region = "us-central1" -zones = ["us-central1-b"] From 2da6e585b8ed4bfae9285d82097db2d864398301 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 12 Jan 2021 17:26:22 +0000 Subject: [PATCH 10/14] fixed typo in README --- modules/hub/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/hub/README.md b/modules/hub/README.md index d576ff7453..99092db6d1 100644 --- a/modules/hub/README.md +++ b/modules/hub/README.md @@ -6,7 +6,7 @@ Specifically, this module automates the following steps for [registering a clust ## Usage -There is [GKE full example](../../examples/simple_zonal_with_asm) and a [Generic K8s example](../../examples/simple_zonal_with_hub_kubectl) provided. Simple usage is as follows: +There is [GKE full example](../../examples/simple_zonal_with_asm) and a [Generic K8s example](../../examples/simple_zonal_with_hub_kubeconfig) provided. Simple usage is as follows: ```tf module "hub" { From e1d5175b54d11f7ca42de917ec7fd011f48bcce2 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Wed, 13 Jan 2021 19:12:02 +0000 Subject: [PATCH 11/14] use a flag to switch gke vs kubeconfig instead of having two scripts --- modules/hub/main.tf | 22 ++++------ modules/hub/scripts/gke_hub_registration.sh | 29 ++++++++---- ...ub_unregister.sh => gke_hub_unregister.sh} | 22 +++++++--- modules/hub/scripts/k8s_hub_registration.sh | 44 ------------------- 4 files changed, 44 insertions(+), 73 deletions(-) rename modules/hub/scripts/{k8s_hub_unregister.sh => gke_hub_unregister.sh} (50%) delete mode 100755 modules/hub/scripts/k8s_hub_registration.sh diff --git a/modules/hub/main.tf b/modules/hub/main.tf index a8fe01d454..6e3c360cff 100644 --- a/modules/hub/main.tf +++ b/modules/hub/main.tf @@ -17,17 +17,11 @@ locals { gke_hub_sa_key = var.use_existing_sa ? var.sa_private_key : google_service_account_key.gke_hub_key[0].private_key - create_cmd_kubeconfig_entrypoint = "${path.module}/scripts/k8s_hub_registration.sh" - create_cmd_kubeconfig_body = "${var.gke_hub_membership_name} ${local.gke_hub_sa_key} ${var.project_id} ${var.labels}" - destroy_kubeconfig_entrypoint = "${path.module}/scripts/k8s_hub_unregister.sh" - destroy_kubeconfig_body = "${var.gke_hub_membership_name} ${var.project_id}" - + is_gke_flag = var.use_kubeconfig ? 0 : 1 create_cmd_gke_entrypoint = "${path.module}/scripts/gke_hub_registration.sh" - create_cmd_gke_body = "${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${local.gke_hub_sa_key} ${var.project_id} ${var.labels}" - destroy_gke_entrypoint = "gcloud" - destroy_gke_body = "container hub memberships unregister ${var.gke_hub_membership_name} --gke-cluster=${var.location}/${var.cluster_name} --project ${var.project_id}" - - + create_cmd_gke_body = "${local.is_gke_flag} ${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${local.gke_hub_sa_key} ${var.project_id} ${var.labels}" + destroy_gke_entrypoint = "${path.module}/scripts/gke_hub_unregister.sh" + destroy_gke_body = "${local.is_gke_flag} ${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${var.project_id}" } data "google_client_config" "default" { @@ -62,8 +56,8 @@ module "gke_hub_registration" { use_tf_google_credentials_env_var = var.use_tf_google_credentials_env_var module_depends_on = concat([var.cluster_endpoint], var.module_depends_on) - create_cmd_entrypoint = var.use_kubeconfig ? local.create_cmd_kubeconfig_entrypoint : local.create_cmd_gke_entrypoint - create_cmd_body = var.use_kubeconfig ? local.create_cmd_kubeconfig_body : local.create_cmd_gke_body - destroy_cmd_entrypoint = var.use_kubeconfig ? local.destroy_kubeconfig_entrypoint : local.destroy_gke_entrypoint - destroy_cmd_body = var.use_kubeconfig ? local.destroy_kubeconfig_body : local.destroy_gke_body + create_cmd_entrypoint = local.create_cmd_gke_entrypoint + create_cmd_body = local.create_cmd_gke_body + destroy_cmd_entrypoint = local.destroy_gke_entrypoint + destroy_cmd_body = local.destroy_gke_body } diff --git a/modules/hub/scripts/gke_hub_registration.sh b/modules/hub/scripts/gke_hub_registration.sh index bdc2f600d3..ff73eddd40 100755 --- a/modules/hub/scripts/gke_hub_registration.sh +++ b/modules/hub/scripts/gke_hub_registration.sh @@ -15,17 +15,18 @@ set -e -if [ "$#" -lt 4 ]; then +if [ "$#" -lt 5 ]; then >&2 echo "Not all expected arguments set." exit 1 fi -MEMBERSHIP_NAME=$1 -CLUSTER_LOCATION=$2 -CLUSTER_NAME=$3 -SERVICE_ACCOUNT_KEY=$4 -PROJECT_ID=$5 -LABELS=$6 +GKE_CLUSTER_FLAG=$1 +MEMBERSHIP_NAME=$2 +CLUSTER_LOCATION=$3 +CLUSTER_NAME=$4 +SERVICE_ACCOUNT_KEY=$5 +PROJECT_ID=$6 +LABELS=$7 #write temp key, cleanup at exit tmp_file=$(mktemp) @@ -34,10 +35,20 @@ trap "rm -rf $tmp_file" EXIT base64 --help | grep "\--decode" && B64_ARG="--decode" || B64_ARG="-d" echo "${SERVICE_ACCOUNT_KEY}" | base64 ${B64_ARG} > "$tmp_file" -gcloud container hub memberships register "${MEMBERSHIP_NAME}" --gke-cluster="${CLUSTER_LOCATION}"/"${CLUSTER_NAME}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet +if [[ ${GKE_CLUSTER_FLAG} == 1 ]]; then + echo "Registering GKE Cluster." + gcloud container hub memberships register "${MEMBERSHIP_NAME}" --gke-cluster="${CLUSTER_LOCATION}"/"${CLUSTER_NAME}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet +else + echo "Registering a non-GKE Cluster. Using current-context to register Hub membership." + #Get the kubeconfig + CONTEXT=$(kubectl config current-context) + gcloud container hub memberships register "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet +fi + + # Add labels to the registered cluster if [ -z ${LABELS+x} ]; then - echo "No labels to apply." + echo "No hub labels to apply." else gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" fi diff --git a/modules/hub/scripts/k8s_hub_unregister.sh b/modules/hub/scripts/gke_hub_unregister.sh similarity index 50% rename from modules/hub/scripts/k8s_hub_unregister.sh rename to modules/hub/scripts/gke_hub_unregister.sh index 76ca1e1e7f..f9dd2b9c5b 100755 --- a/modules/hub/scripts/k8s_hub_unregister.sh +++ b/modules/hub/scripts/gke_hub_unregister.sh @@ -15,15 +15,25 @@ set -e -if [ "$#" -lt 1 ]; then +if [ "$#" -lt 4 ]; then >&2 echo "Not all expected arguments set." exit 1 fi -MEMBERSHIP_NAME=$1 -PROJECT_ID=$2 +GKE_CLUSTER_FLAG=$1 +MEMBERSHIP_NAME=$2 +CLUSTER_LOCATION=$3 +CLUSTER_NAME=$4 +PROJECT_ID=$5 -#Get Current context -CONTEXT=$(kubectl config current-context) -gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --project="${PROJECT_ID}" --quiet + +if [[ ${GKE_CLUSTER_FLAG} == 1 ]]; then + echo "Un-Registering GKE Cluster." + gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --gke-cluster="${CLUSTER_LOCATION}"/"${CLUSTER_NAME}" --project "${PROJECT_ID}" +else + echo "Un-Registering a non-GKE Cluster. Using current-context to unregister Hub membership." + #Get Current context + CONTEXT=$(kubectl config current-context) + gcloud container hub memberships unregister "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --project="${PROJECT_ID}" +fi diff --git a/modules/hub/scripts/k8s_hub_registration.sh b/modules/hub/scripts/k8s_hub_registration.sh deleted file mode 100755 index 1fac5a7137..0000000000 --- a/modules/hub/scripts/k8s_hub_registration.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright 2018 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -e - -if [ "$#" -lt 2 ]; then - >&2 echo "Not all expected arguments set." - exit 1 -fi - -MEMBERSHIP_NAME=$1 -SERVICE_ACCOUNT_KEY=$2 -PROJECT_ID=$3 -LABELS=$4 - -#write temp key, cleanup at exit -tmp_file=$(mktemp) -# shellcheck disable=SC2064 -trap "rm -rf $tmp_file" EXIT -base64 --help | grep "\--decode" && B64_ARG="--decode" || B64_ARG="-d" -echo "${SERVICE_ACCOUNT_KEY}" | base64 ${B64_ARG} > "$tmp_file" - -#Get the kubeconfig -CONTEXT=$(kubectl config current-context) - -gcloud container hub memberships register "${MEMBERSHIP_NAME}" --context="${CONTEXT}" --service-account-key-file="${tmp_file}" --project="${PROJECT_ID}" --quiet -# Add labels to the registered cluster -if [ -z ${LABELS+x} ]; then - echo "No labels to apply." -else - gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" -fi From 807a5b01b83190f634b788c4e452d40cd042329a Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 19 Jan 2021 11:46:21 -0500 Subject: [PATCH 12/14] Update modules/hub/scripts/gke_hub_registration.sh specify PROJECT_ID to be more specific Co-authored-by: Bharath KKB --- modules/hub/scripts/gke_hub_registration.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/hub/scripts/gke_hub_registration.sh b/modules/hub/scripts/gke_hub_registration.sh index ff73eddd40..3c1b955d45 100755 --- a/modules/hub/scripts/gke_hub_registration.sh +++ b/modules/hub/scripts/gke_hub_registration.sh @@ -50,5 +50,5 @@ fi if [ -z ${LABELS+x} ]; then echo "No hub labels to apply." else - gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" + gcloud container hub memberships update "${MEMBERSHIP_NAME}" --update-labels "$LABELS" --project="${PROJECT_ID}" fi From 5d3698f30a2c12ddecc796b21a83b94ac5faa674 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Tue, 19 Jan 2021 11:49:41 -0500 Subject: [PATCH 13/14] Update modules/hub/scripts/gke_hub_unregister.sh fix number of arguments check Co-authored-by: Bharath KKB --- modules/hub/scripts/gke_hub_unregister.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/hub/scripts/gke_hub_unregister.sh b/modules/hub/scripts/gke_hub_unregister.sh index f9dd2b9c5b..3e8114b296 100755 --- a/modules/hub/scripts/gke_hub_unregister.sh +++ b/modules/hub/scripts/gke_hub_unregister.sh @@ -15,7 +15,7 @@ set -e -if [ "$#" -lt 4 ]; then +if [ "$#" -lt 5 ]; then >&2 echo "Not all expected arguments set." exit 1 fi From ee7e31a8c75641a8ee5af3bbf736b54191856ca3 Mon Sep 17 00:00:00 2001 From: Abhinav Rau Date: Wed, 20 Jan 2021 22:18:03 +0000 Subject: [PATCH 14/14] update simple_zonal_with_hub_kubeconfig to use kind cluster --- .../README.md | 32 ++-------- .../simple_zonal_with_hub_kubeconfig/hub.tf | 16 ++--- .../simple_zonal_with_hub_kubeconfig/main.tf | 48 +++++++------- .../outputs.tf | 18 +----- .../test_outputs.tf | 63 ------------------- .../variables.tf | 36 +---------- 6 files changed, 43 insertions(+), 170 deletions(-) delete mode 100755 examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf diff --git a/examples/simple_zonal_with_hub_kubeconfig/README.md b/examples/simple_zonal_with_hub_kubeconfig/README.md index 5fc62af5ff..c71d49d2bd 100644 --- a/examples/simple_zonal_with_hub_kubeconfig/README.md +++ b/examples/simple_zonal_with_hub_kubeconfig/README.md @@ -1,41 +1,21 @@ -# Simple Zonal Cluster Registered using kubeconfig +# Kind Cluster Registered using kubeconfig -This example illustrates how to register any Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) +This example illustrates how to register a non-GKE Kubernetes Cluster with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs) a.k.a Attached cluster. -It incorporates the standard cluster GKE module, uses kubecontext to register the cluster using the [Hub registration module](../../modules/hub). +It creates a [kind](https://kind.sigs.k8s.io/) cluster, sets current kubecontext to the cluster and registers the cluster using the [Hub registration module](../../modules/hub). ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| cluster\_name\_suffix | A suffix to append to the default cluster name | `string` | `""` | no | -| ip\_range\_pods | The secondary ip range to use for pods | `string` | `""` | no | -| ip\_range\_services | The secondary ip range to use for services | `string` | `""` | no | -| network | The VPC network to host the cluster in | `string` | `"default"` | no | -| project\_id | The project ID to host the cluster in | `any` | n/a | yes | -| region | The region to host the cluster in | `any` | n/a | yes | -| subnetwork | The subnetwork to host the cluster in | `string` | `"default"` | no | -| zones | The zone to host the cluster in (required if is a zonal cluster) | `list(string)` | n/a | yes | +| project\_id | The project ID (environ) to register the cluster in | `any` | n/a | yes | ## Outputs | Name | Description | |------|-------------| -| ca\_certificate | n/a | -| client\_token | n/a | -| cluster\_name | Cluster name | -| ip\_range\_pods | The secondary IP range used for pods | -| ip\_range\_services | The secondary IP range used for services | -| kubernetes\_endpoint | n/a | -| location | n/a | -| master\_kubernetes\_version | The master Kubernetes version | -| network | n/a | -| project\_id | n/a | -| region | n/a | -| service\_account | The default service account used for running nodes. | -| subnetwork | n/a | -| zones | List of zones in which the cluster resides | +| kubernetes\_endpoint | Kube API endpoint for the kind cluster | @@ -52,6 +32,4 @@ terraform init terraform apply \ -var project_id=${PROJECT} \ - -var region="us-central1" \ - -var zones='["us-central1-c"]' ``` diff --git a/examples/simple_zonal_with_hub_kubeconfig/hub.tf b/examples/simple_zonal_with_hub_kubeconfig/hub.tf index 2ca66a8637..035c25d4f0 100644 --- a/examples/simple_zonal_with_hub_kubeconfig/hub.tf +++ b/examples/simple_zonal_with_hub_kubeconfig/hub.tf @@ -15,11 +15,13 @@ */ module "hub" { - source = "../../modules/hub" - project_id = var.project_id - location = module.gke.location - cluster_name = module.gke.name - cluster_endpoint = module.gke.endpoint - use_kubeconfig = true - labels = "testlabel=usekubecontext" + source = "../../modules/hub" + project_id = var.project_id + location = "remote" + cluster_name = kind_cluster.test-cluster.name + cluster_endpoint = kind_cluster.test-cluster.endpoint + gke_hub_membership_name = kind_cluster.test-cluster.name + gke_hub_sa_name = "sa-for-kind-cluster-membership" + use_kubeconfig = true + labels = "testlabel=usekubecontext" } diff --git a/examples/simple_zonal_with_hub_kubeconfig/main.tf b/examples/simple_zonal_with_hub_kubeconfig/main.tf index 9da21f9f1e..22956825a5 100644 --- a/examples/simple_zonal_with_hub_kubeconfig/main.tf +++ b/examples/simple_zonal_with_hub_kubeconfig/main.tf @@ -14,28 +14,32 @@ * limitations under the License. */ -locals { - cluster_type = "simple-zonal" +terraform { + required_providers { + kind = { + source = "kyma-incubator/kind" + version = "0.0.6" + } + } } +provider "kind" {} -provider "google" { - version = "~> 3.42.0" - region = var.region -} - -module "gke" { - source = "../../" - project_id = var.project_id - name = "${local.cluster_type}-cluster${var.cluster_name_suffix}" - regional = false - region = var.region - zones = var.zones - network = var.network - subnetwork = var.subnetwork - ip_range_pods = var.ip_range_pods - ip_range_services = var.ip_range_services - service_account = "create" -} - -data "google_client_config" "default" { +# creating a cluster with kind of the name "test-cluster" with kubernetes version v1.18.4 and two nodes +resource "kind_cluster" "test-cluster" { + name = "test-cluster" + node_image = "kindest/node:v1.18.4" + wait_for_ready = true + kind_config { + kind = "Cluster" + api_version = "kind.x-k8s.io/v1alpha4" + node { + role = "control-plane" + } + node { + role = "worker" + } + } + provisioner "local-exec" { + command = "kubectl config set-context kind-test-cluster" + } } diff --git a/examples/simple_zonal_with_hub_kubeconfig/outputs.tf b/examples/simple_zonal_with_hub_kubeconfig/outputs.tf index 0d770aa809..ce22905b8c 100644 --- a/examples/simple_zonal_with_hub_kubeconfig/outputs.tf +++ b/examples/simple_zonal_with_hub_kubeconfig/outputs.tf @@ -15,20 +15,6 @@ */ output "kubernetes_endpoint" { - sensitive = true - value = module.gke.endpoint -} - -output "client_token" { - sensitive = true - value = base64encode(data.google_client_config.default.access_token) -} - -output "ca_certificate" { - value = module.gke.ca_certificate -} - -output "service_account" { - description = "The default service account used for running nodes." - value = module.gke.service_account + value = kind_cluster.test-cluster.endpoint + description = "Kube API endpoint for the kind cluster" } diff --git a/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf b/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf deleted file mode 100755 index e64c40e477..0000000000 --- a/examples/simple_zonal_with_hub_kubeconfig/test_outputs.tf +++ /dev/null @@ -1,63 +0,0 @@ -/** - * Copyright 2018 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -// These outputs are used to test the module with kitchen-terraform -// They do not need to be included in real-world uses of this module - -output "project_id" { - value = var.project_id -} - -output "region" { - value = module.gke.region -} - -output "cluster_name" { - description = "Cluster name" - value = module.gke.name -} - -output "network" { - value = var.network -} - -output "subnetwork" { - value = var.subnetwork -} - -output "location" { - value = module.gke.location -} - -output "ip_range_pods" { - description = "The secondary IP range used for pods" - value = var.ip_range_pods -} - -output "ip_range_services" { - description = "The secondary IP range used for services" - value = var.ip_range_services -} - -output "zones" { - description = "List of zones in which the cluster resides" - value = module.gke.zones -} - -output "master_kubernetes_version" { - description = "The master Kubernetes version" - value = module.gke.master_version -} diff --git a/examples/simple_zonal_with_hub_kubeconfig/variables.tf b/examples/simple_zonal_with_hub_kubeconfig/variables.tf index 1416853db2..5baadc3822 100644 --- a/examples/simple_zonal_with_hub_kubeconfig/variables.tf +++ b/examples/simple_zonal_with_hub_kubeconfig/variables.tf @@ -15,39 +15,5 @@ */ variable "project_id" { - description = "The project ID to host the cluster in" -} - -variable "cluster_name_suffix" { - description = "A suffix to append to the default cluster name" - default = "" -} - -variable "region" { - description = "The region to host the cluster in" -} - -variable "zones" { - type = list(string) - description = "The zone to host the cluster in (required if is a zonal cluster)" -} - -variable "network" { - description = "The VPC network to host the cluster in" - default = "default" -} - -variable "subnetwork" { - description = "The subnetwork to host the cluster in" - default = "default" -} - -variable "ip_range_pods" { - description = "The secondary ip range to use for pods" - default = "" -} - -variable "ip_range_services" { - description = "The secondary ip range to use for services" - default = "" + description = "The project ID (environ) to register the cluster in" }