This module allows simplified creation and management of GKE clusters and should be used together with the GKE nodepool module, as the default nodepool is turned off here and cannot be re-enabled. Some sensible defaults are set initially, in order to allow less verbose usage for most use cases.
module "cluster-1" {
source = "./fabric/modules/gke-cluster"
project_id = "myproject"
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
max_pods_per_node = 32
private_cluster_config = {
enable_private_endpoint = true
master_global_access = false
}
labels = {
environment = "dev"
}
}
# tftest modules=1 resources=1 inventory=basic.yaml
module "cluster-1" {
source = "./fabric/modules/gke-cluster"
project_id = "myproject"
name = "cluster-dataplane-v2"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = false
}
enable_features = {
dataplane_v2 = true
workload_identity = true
}
labels = {
environment = "dev"
}
}
# tftest modules=1 resources=1 inventory=dataplane-v2.yaml
module "cluster-autopilot" {
source = "./fabric/modules/gke-cluster"
project_id = "myproject"
name = "cluster-autopilot"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = {
pods = "pods"
services = "services"
}
master_authorized_ranges = {
internal-vms = "10.0.0.0/8"
}
master_ipv4_cidr_block = "192.168.0.0/28"
}
enable_features = {
autopilot = true
}
}
# tftest modules=1 resources=1 inventory=autopilot.yaml
This example shows how to use Cloud DNS as a Kubernetes DNS provider for GKE Standard clusters.
module "cluster-1" {
source = "./fabric/modules/gke-cluster"
project_id = var.project_id
name = "cluster-1"
location = "europe-west1-b"
vpc_config = {
network = var.vpc.self_link
subnetwork = var.subnet.self_link
secondary_range_names = { pods = "pods", services = "services" }
}
enable_features = {
dns = {
provider = "CLOUD_DNS"
scope = "CLUSTER_SCOPE"
domain = "gke.local"
}
}
}
# tftest modules=1 resources=1 inventory=dns.yaml
name | description | type | required | default |
---|---|---|---|---|
location | Cluster zone or region. | string |
✓ | |
name | Cluster name. | string |
✓ | |
project_id | Cluster project id. | string |
✓ | |
vpc_config | VPC-level configuration. | object({…}) |
✓ | |
cluster_autoscaling | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) |
null |
|
description | Cluster description. | string |
null |
|
enable_addons | Addons enabled in the cluster (true means enabled). | object({…}) |
{…} |
|
enable_features | Enable cluster-level features. Certain features allow configuration. | object({…}) |
{…} |
|
issue_client_certificate | Enable issuing client certificate. | bool |
false |
|
labels | Cluster resource labels. | map(string) |
null |
|
logging_config | Logging configuration. | list(string) |
["SYSTEM_COMPONENTS"] |
|
maintenance_config | Maintenance window configuration. | object({…}) |
{…} |
|
max_pods_per_node | Maximum number of pods per node in this cluster. | number |
110 |
|
min_master_version | Minimum version of the master, defaults to the version of the most recent official release. | string |
null |
|
monitoring_config | Monitoring components. | object({…}) |
{…} |
|
node_locations | Zones in which the cluster's nodes are located. | list(string) |
[] |
|
private_cluster_config | Private cluster configuration. | object({…}) |
null |
|
release_channel | Release channel for GKE upgrades. | string |
null |
|
tags | Network tags applied to nodes. | list(string) |
null |
name | description | sensitive |
---|---|---|
ca_certificate | Public certificate of the cluster (base64-encoded). | ✓ |
cluster | Cluster resource. | ✓ |
endpoint | Cluster endpoint. | |
id | Cluster ID. | |
location | Cluster location. | |
master_version | Master version. | |
name | Cluster name. | |
notifications | GKE PubSub notifications topic. | |
self_link | Cluster self link. | ✓ |
workload_identity_pool | Workload identity pool. |