Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new property to explicitly return GKE private_endpoint #841

Merged
merged 3 commits into from
Mar 9, 2021
Merged

Add new property to explicitly return GKE private_endpoint #841

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
071ec2c
Add new property to explicitly return GKE private_endpoint
fstr Mar 5, 2021
523dc44
Return private_endpoint if explicitly requested, otherwise return def…
fstr Mar 5, 2021
e9c6ce3
Merge branch 'master' into auth/add-private-ip-support
bharathkkb Mar 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
11 changes: 7 additions & 4 deletions modules/auth/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,18 @@ This module retrieves a token for the account configured with the `google`
provider as the Terraform runner using the provider's `credentials`,
`access_token`, or other means of authentication.

If you run a [private cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept), you can set the `use_private_endpoint` property to return the GKE private_endpoint IP address.

## Usage

```tf
module "gke_auth" {
source = "terraform-google-modules/kubernetes-engine/google//modules/auth"
source = "terraform-google-modules/kubernetes-engine/google//modules/auth"

project_id = "my-project-id"
cluster_name = "my-cluster-name"
location = module.gke.location
project_id = "my-project-id"
cluster_name = "my-cluster-name"
location = module.gke.location
use_private_endpoint = true
}
```

Expand Down
7 changes: 5 additions & 2 deletions modules/auth/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,11 @@

locals {
cluster_ca_certificate = data.google_container_cluster.gke_cluster.master_auth != null ? data.google_container_cluster.gke_cluster.master_auth[0].cluster_ca_certificate : ""
endpoint = data.google_container_cluster.gke_cluster.endpoint != null ? data.google_container_cluster.gke_cluster.endpoint : ""
host = data.google_container_cluster.gke_cluster.endpoint != null ? "https://${data.google_container_cluster.gke_cluster.endpoint}" : ""
private_endpoint = try(data.google_container_cluster.gke_cluster.private_cluster_config[0].private_endpoint, "")
public_endpoint = try(data.google_container_cluster.gke_cluster.private_cluster_config[0].public_endpoint, "")
default_endpoint = data.google_container_cluster.gke_cluster.endpoint != null ? data.google_container_cluster.gke_cluster.endpoint : ""
endpoint = var.use_private_endpoint == true ? local.private_endpoint : local.public_endpoint != "" ? local.public_endpoint : local.default_endpoint
morgante marked this conversation as resolved.
Show resolved Hide resolved
host = local.endpoint != "" ? "https://${local.endpoint}" : ""
context = data.google_container_cluster.gke_cluster.name != null ? data.google_container_cluster.gke_cluster.name : ""
}

Expand Down
6 changes: 6 additions & 0 deletions modules/auth/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,3 +28,9 @@ variable "cluster_name" {
description = "The name of the GKE cluster."
type = string
}

variable "use_private_endpoint" {
description = "Connect on the private GKE cluster endpoint"
type = bool
default = false
}