diff --git a/README.md b/README.md index 53ea9f7e0a..d4462fd12e 100644 --- a/README.md +++ b/README.md @@ -129,7 +129,7 @@ Then perform the following commands on the root folder: | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
object({|
enabled = bool
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index b8e7c3bd03..94c2216dc9 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -330,6 +330,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -401,6 +402,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -418,6 +420,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -581,6 +584,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 3bee05fa11..734b5e0f7d 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -164,7 +164,7 @@ Then perform the following commands on the root folder: | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
autoscaling_profile = string
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | cluster\_telemetry\_type | Available options include ENABLED, DISABLED, and SYSTEM\_ONLY | `string` | `null` | no | | config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 01c2f63e87..e7284839f1 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -320,6 +320,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -385,6 +386,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -402,6 +404,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -559,6 +562,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index db7f221de8..adb88fca48 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -142,7 +142,7 @@ Then perform the following commands on the root folder: | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"autoscaling_profile": "BALANCED",
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
autoscaling_profile = string
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | cluster\_telemetry\_type | Available options include ENABLED, DISABLED, and SYSTEM\_ONLY | `string` | `null` | no | | config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 01c2f63e87..e7284839f1 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -320,6 +320,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -385,6 +386,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -402,6 +404,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -559,6 +562,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 1c36a9eda9..28d39f54f2 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -158,7 +158,7 @@ Then perform the following commands on the root folder: | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"autoscaling_profile": "BALANCED",
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
autoscaling_profile = string
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | cluster\_telemetry\_type | Available options include ENABLED, DISABLED, and SYSTEM\_ONLY | `string` | `null` | no | | config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index cbee759610..94f737c3c1 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -320,6 +320,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -385,6 +386,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -402,6 +404,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -528,6 +531,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index f1f4508aa8..56b7db3377 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -136,7 +136,7 @@ Then perform the following commands on the root folder: | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"autoscaling_profile": "BALANCED",
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
autoscaling_profile = string
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | cluster\_telemetry\_type | Available options include ENABLED, DISABLED, and SYSTEM\_ONLY | `string` | `null` | no | | config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index cbee759610..94f737c3c1 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -320,6 +320,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -385,6 +386,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -402,6 +404,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -528,6 +531,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 47da50303a..f586505f5d 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -157,7 +157,7 @@ Then perform the following commands on the root folder: | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"autoscaling_profile": "BALANCED",
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index eb1f464b67..7f6cce8e2c 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -290,6 +290,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -337,6 +338,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -354,6 +356,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -428,6 +431,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index efce04e140..822e58139c 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -135,7 +135,7 @@ Then perform the following commands on the root folder: | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) |
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}
object({|
enabled = bool
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
})
{| no | -| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `any` | `null` | no | +| cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | `string` | `null` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | `bool` | `false` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index eb1f464b67..7f6cce8e2c 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -290,6 +290,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -337,6 +338,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -354,6 +356,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -428,6 +431,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false } diff --git a/variables.tf b/variables.tf index e0bd7dcb18..9fa190202a 100644 --- a/variables.tf +++ b/variables.tf @@ -290,6 +290,7 @@ variable "ip_masq_link_local" { } variable "configure_ip_masq" { + type = bool description = "Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server." default = false } @@ -337,6 +338,7 @@ variable "issue_client_certificate" { } variable "cluster_ipv4_cidr" { + type = string default = null description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } @@ -354,6 +356,7 @@ variable "skip_provisioners" { } variable "default_max_pods_per_node" { + type = number description = "The maximum number of pods to schedule per node" default = 110 } @@ -404,6 +407,7 @@ variable "enable_shielded_nodes" { } variable "enable_binary_authorization" { + type = bool description = "Enable BinAuthZ Admission controller" default = false }
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": 0,
"max_memory_gb": 0,
"min_cpu_cores": 0,
"min_memory_gb": 0
}