Skip to content
/ terraform-google-gke Public

This Terraform module provisions a Google Kubernetes Engine (GKE) cluster with customizable configurations, including support for Autopilot mode, cluster autoscaling, network policies, and various add-ons. It also includes outputs for essential cluster information and deprecation warnings.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FFerrinho/terraform-google-gke

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
examples
examples
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cluster.tf
cluster.tf
 
 
node_pools.tf
node_pools.tf
 
 
outputs.tf
outputs.tf
 
 
providers.tf
providers.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

Requirements

Name Version
terraform ~> 1.10
google ~> 6

Providers

Name Version
google 6.13.0

Modules

No modules.

Resources

Name Type
google_container_cluster.main resource
google_container_node_pool.main resource
google_compute_zones.main data source
google_project.main data source

Inputs

Name Description Type Default Required
addons_config The addons configuration for the cluster. 
object({
    disable_horizontal_pod_autoscaling = bool
    disable_http_load_balancing        = bool
    disable_network_policy_config      = bool
    enable_gcp_filestore_csi_driver    = bool
    enable_gcs_fuse_csi_driver         = bool
    cloudrun_config = optional(object({
      disable_cloudrun_config = bool
      load_balancer_type      = string
    }))
  })
 
{
  "cloudrun_config": null,
  "disable_horizontal_pod_autoscaling": false,
  "disable_http_load_balancing": false,
  "disable_network_policy_config": false,
  "enable_gcp_filestore_csi_driver": false,
  "enable_gcs_fuse_csi_driver": false
}
 no
allow_net_admin If NET_ADMIN is enabled for the cluster. bool false no
authenticator_groups_config The authenticator groups configuration for the cluster. 
object({
    security_group = string
  })
 null no
cluster_autoscaling The cluster autoscaling configuration for the cluster. 
object({
    enable_cluster_autoscaling = bool
    resource_limits = optional(set(object({
      resource_type = string
      minimum       = number
      maximum       = number
    })))
    auto_auto_provisioning_defaults = optional(object({
      service_account = optional(string)
      disk_size_gb    = optional(number)
      disk_type       = optional(string)
      image_type      = optional(string)
      management = optional(object({
        auto_upgrade = bool
        auto_repair  = bool
      }))
      upgrade_settings = optional(object({
        strategy        = string
        max_surge       = number
        max_unavailable = number
      }))
    }))
  })
 
{
  "auto_auto_provisioning_defaults": {
    "management": null,
    "upgrade_settings": {
      "max_surge": 1,
      "max_unavailable": 0,
      "strategy": "SURGE"
    }
  },
  "enable_cluster_autoscaling": false,
  "resource_limits": null
}
 no
cluster_description The description of the cluster. string null no
cluster_location The location of the cluster. This can be a region or a zone. string null no
cluster_name The name of the cluster. string n/a yes
cluster_subnetwork The subnetwork for the cluster. string n/a yes
default_node_config Parameters for the default node pool. 
object({
    preemptible     = optional(bool)
    spot            = optional(bool)
    service_account = optional(string)
  })
 null no
dns_config The DNS configuration for the cluster. 
object({
    additive_vpc_scope_dns_domain = optional(string)
    cluster_dns                   = string
    cluster_dns_scope             = optional(string)
    cluster_dns_domain            = optional(string)
  })
 
{
  "additive_vpc_scope_dns_domain": null,
  "cluster_dns": "PLATFORM_DEFAULT",
  "cluster_dns_domain": null,
  "cluster_dns_scope": null
}
 no
enable_autopilot If autopilot is enabled for the cluster. bool false no
enable_cluster_deletion_protection If Terraform is allowed to delete the cluster. bool false no
gateway_api_channel Enables GKE Gateway API support. string "CHANNEL_STANDARD" no
initial_node_count The initial node count for the cluster. number 1 no
ip_allocation_policy The IP allocation policy configuration for the cluster. 
object({
    cluster_secondary_range_name  = string
    services_secondary_range_name = string
    cluster_ipv4_cidr_block       = string
    services_ipv4_cidr_block      = string
    stack_type                    = string
  })
 n/a yes
kubernetes_release_channel The Kubernetes release channel for the cluster. string "UNSPECIFIED" no
maintenance_policy The maintenance policy configuration for the cluster. 
object({
    daily_maintenance_window = optional(object({
      start_time = string
    }))
    recurring_window = optional(object({
      start_time = string
      end_time   = string
      recurrence = string
    }))
    maintenance_exclusion = optional(set(object({
      exclusion_name = string
      start_time     = string
      end_time       = string
      exclusion_options = optional(object({
        scope = string
      }))
    })))
  })
 null no
master_authorized_networks_config The master authorized networks configuration for the cluster. 
object({
    cidr_blocks = optional(set(object({
      cidr_block   = string
      display_name = string
    })))
    gcp_public_cidrs_access_enabled = bool
  })
 
{
  "cidr_blocks": null,
  "gcp_public_cidrs_access_enabled": false
}
 no
max_pods_per_node The maximum number of pods per node for the cluster. number null no
min_master_version The minimum master version for the cluster. string null no
network The network for the cluster. string n/a yes
network_policy The network policy configuration for the cluster. 
object({
    provider = string
    enabled  = bool
  })
 null no
networking_mode The networking mode for the cluster. string "VPC_NATIVE" no
node_config The node configuration for the cluster. 
object({
    disk_size_gb        = optional(number)
    disk_type           = optional(string)
    image_type          = optional(string)
    machine_type        = optional(string)
    preemptible_enabled = optional(bool) # Deprecated, if required, evaluate using spot instead.
    spot_enabled        = optional(bool)
    service_account     = optional(string)
    tags                = set(string)
    node_group          = optional(string)
    gcfs_config_enabled = bool
    gvnic_enabled       = bool
    taint = optional(set(object({
      key    = string
      value  = string
      effect = string
    })))
  })
 
{
  "disk_size_gb": null,
  "disk_type": null,
  "gcfs_config_enabled": false,
  "gvnic_enabled": true,
  "image_type": null,
  "machine_type": null,
  "node_group": null,
  "preemptible_enabled": null,
  "service_account": null,
  "spot_enabled": null,
  "tags": null,
  "taint": null
}
 no
node_count The number of nodes in the node pool. number null no
node_locations The location for the nodes. When defining this value, the cluster location is omitted. set(string) null no
node_pool A map to create node pools attached to the cluster. 
map(object({
    initial_node_count = number
    node_locations     = set(string)
    node_pool_name     = string
  }))
 null no
node_pool_auto_config The node pool auto configuration for the cluster with autopilot. 
object({
    node_kubelet_config = optional(object({
      insecure_kubelet_readonly_port_enabled = string
    }))
    resource_manager_tags = optional(map(string))
    network_tags          = optional(set(string))
  })
 {} no
node_pool_auto_repair_enabled If node pool auto repair is enabled for the cluster. bool true no
node_pool_auto_upgrade_enabled If node pool auto upgrade is enabled for the cluster. bool false no
node_pool_autoscaling The node pool autoscaling configuration for the cluster. 
object({
    min_node_count       = number
    max_node_count       = number
    total_min_node_count = number
    total_max_node_count = number
    location_policy      = string
  })
 
{
  "location_policy": "BALANCED",
  "max_node_count": 1,
  "min_node_count": 1,
  "total_max_node_count": 1,
  "total_min_node_count": 1
}
 no
node_pool_defaults The node pool defaults configuration for the cluster. 
object({
    insecure_kubelet_readonly_port_enabled = string
    gcfs_config_enabled                    = bool
  })
 
{
  "gcfs_config_enabled": false,
  "insecure_kubelet_readonly_port_enabled": "FALSE"
}
 no
node_pool_name_prefix The prefix of the node pool name. This will preffix the random unique name if node_pool_name is not provided. string null no
private_cluster_config The private cluster configuration for the cluster. 
object({
    enable_private_nodes         = bool
    enable_private_endpoint      = bool
    master_ipv4_cidr_block       = optional(string)
    private_endpoint_subnetwork  = optional(string)
    master_global_access_enabled = bool
  })
 
{
  "enable_private_endpoint": false,
  "enable_private_nodes": false,
  "master_global_access_enabled": false,
  "master_ipv4_cidr_block": null,
  "private_endpoint_subnetwork": null
}
 no
project_id The project ID where the resources will be provisioned. string n/a yes
remove_default_node_pool If the default node pool should be removed. bool true no
resource_labels The resource labels for the cluster. map(string) 
{
  "provisioned_by": "terraform"
}
 no
secret_manager_enabled If secret manager is enabled for the cluster. bool false no
service_external_ips_config The service external IPs configuration for the cluster. 
object({
    enabled = bool
  })
 
{
  "enabled": false
}
 no
upgrade_settings The upgrade settings for the cluster. 
object({
    max_surge       = number
    max_unavailable = number
  })
 
{
  "max_surge": 1,
  "max_unavailable": 0
}
 no
vertical_pod_autoscaling_enabled If vertical pod autoscaling is enabled for the cluster. bool false no
workload_identity_config The workload identity configuration for the cluster. 
object({
    workload_pool = string
  })
 null no

Outputs

Name Description
client_certificate The client certificate used to authenticate to the Kubernetes cluster
client_key The client key used to authenticate to the Kubernetes cluster
cluster_ca_certificate The CA certificate of the Kubernetes cluster
cluster_endpoint The endpoint of the Kubernetes cluster
cluster_ipv4_cidr The IP address range of the Kubernetes pods
cluster_name The name of the Kubernetes cluster
deprecation_warnings n/a
node_pools The list of node pools in the Kubernetes cluster
services_ipv4_cidr The IP address range of the Kubernetes services

About

This Terraform module provisions a Google Kubernetes Engine (GKE) cluster with customizable configurations, including support for Autopilot mode, cluster autoscaling, network policies, and various add-ons. It also includes outputs for essential cluster information and deprecation warnings.

Topics

google-cloud-platform terraform-module google-kubernetes-engine

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Languages