Support all asm_install option #890
Conversation
|
Thanks for the PR! 🚀 |
|
I just found that the asm_dir option is not used anywhere... I will fix it in this PR. |
| variable "enable_gcp_apis" { | ||
| description = "Whether the needed GCP APIs should be activated." | ||
| type = bool | ||
| default = false | ||
| } | ||
|
|
||
| variable "enable_gcp_iam_roles" { | ||
| description = "Whether the `resourcemanager.projectIamAdmin` IAM roles should be set." | ||
| type = bool | ||
| default = false | ||
| } | ||
|
|
There was a problem hiding this comment.
We have disabled these options as we recommend managing most of these via Terraform and not via the ASM installer script. Generally we should try to use native Terraform resources to manage these as much as possible.
There was a problem hiding this comment.
You're right but you should let the users choose. Perhaps they had not managed it (or don't want it) with Terraform.
Like enable_cluster_labels and enable_cluster_roles you've enabled it by default. The cluster roles should be managed with native terraform resources.
I hesitated for enable_cluster_labels because if you use it, it adds labels, yes, but for the next terraform apply, the gke module will try to delete those labels because it doesn't manage it itself. On the other hand, it requires to know and manage the labels earlier in the gke module.
When you follow the install_asm documentation, the default examples don't talk about those options and use the "default" installation (without any option).
Regards.
| @@ -54,11 +54,65 @@ variable "service_account_key_file" { | |||
| variable "asm_version" { | |||
| description = "ASM version to deploy. Available versions are documented in https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages" | |||
| type = string | |||
| default = "1.8" | |||
| default = "1.9" | |||
There was a problem hiding this comment.
note: breaking change, this will result in delete and recreate
There was a problem hiding this comment.
Maybe notice it in the release note ?
Should version change need to execute an upgrade instead ?
We can let "1.8" but we need to explain the risk and the workaround to upgrade or downgrade the version. I didnt try it.
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days |
Support all asm_install script's option.
Disable enable_cluster_labels and enable_cluster_roles which was enabled by default in the module.