Skip to content

Commit

Permalink
Merge pull request #8 from nixys/release-v1.9.0
Browse files Browse the repository at this point in the history 
Release v1.9.0
  • Loading branch information
@AlexeyGacenko
AlexeyGacenko authored Jul 4, 2024
2 parents dc04bb9 + 55ef5ac commit 5a98a8c
Show file tree
Hide file tree
Showing 9 changed files with 352 additions and 0 deletions.
12 changes: 12 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Kubernetes-Engine

## Introduction

This is a set of terraform modules for the Google Cloud Platform provider for building a Kubernetes Engine and creating any different kubernetes's resources

## Modules

| Modules | Settings | Resources | Description |
| --- | --- | --- | --- |
| `kubernetes` |[kubernetes](kubernetes/README.md)| - google_container_cluster<br> - google_container_node_pool | kubernetes settings |

68 changes: 68 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
# Kubernetes

## Introduction

This is a set of terraform modules for the Google Cloud Platform provider for building a Kubernetes Engine and creating any different kubernetes's resources

## Features

- Supported clusters
- Supported node pools

## Settings

| Option | Type | Required | Default value |Description |
| --- | --- | --- | --- | --- |
| `clusters.location` | String | No | null | The location (region or zone) in which the cluster master will be created, as well as the default node location. If you specify a zone (such as us-central1-a), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such as us-west1), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well |
| `clusters.node_locations` | List | No | [] | The list of zones in which the cluster's nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If this is specified for a zonal cluster, omit the cluster's zone. |
| `clusters.deletion_protection` | Bool | No | null | Whether or not to allow Terraform to destroy the cluster. Unless this field is set to false in Terraform state, a terraform destroy or terraform apply that would delete the cluster will fail. |
| `clusters.enable_http_load_balancing` | Bool | Yes | - | The status of the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. It is enabled by default; set false to disable. |
| `clusters.enable_horizontal_pod_autoscaling` | Bool | Yes | - | The status of the Horizontal Pod Autoscaling addon, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. It is enabled by default; set false to disable. |
| `clusters.cluster_autoscaling_enabled` | Bool | No | null | Whether node auto-provisioning is enabled. Must be supplied for GKE Standard clusters, true is implied for autopilot clusters. Resource limits for cpu and memory must be defined to enable node auto-provisioning for GKE Standard. |
| `clusters.resource_limits` | List | No | [] | Global constraints for machine resources in the cluster. Configuring the cpu and memory types is required if node auto-provisioning is enabled. These limits will apply to node pool autoscaling in addition to node auto-provisioning. |
| `clusters.resource_limits.autoscaling_resource_type` | String | No | "cpu" | The type of the resource. For example, cpu and memory. See the guide to using Node Auto-Provisioning for a list of types. |
| `clusters.resource_limits.autoscaling_resource_min` | Int | No | null | Minimum amount of the resource in the cluster. |
| `clusters.resource_limits.autoscaling_resource_max` | Int | No | null | Maximum amount of the resource in the cluster. |
| `clusters.default_max_pods_per_node` | Int | No | null | The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled. |
| `clusters.initial_node_count` | Int | No | null | The number of nodes to create in this cluster's default node pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Must be set if node_pool is not set. If you're using google_container_node_pool objects with no default node pool, you'll need to set this to a value of at least 1, alongside setting remove_default_node_pool to true. |
| `clusters.services_range_name` | String | No | null | The name of the existing secondary range in the cluster's subnetwork to use for service ClusterIPs. Alternatively, services_ipv4_cidr_block can be used to automatically create a GKE-managed one. |
| `clusters.pods_range_name` | String | No | null | The name of the existing secondary range in the cluster's subnetwork to use for pod IP addresses. Alternatively, cluster_ipv4_cidr_block can be used to automatically create a GKE-managed one. |
| `clusters.master_authorized_networks_config` | List | No | [] | The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists). |
| `clusters.master_authorized_networks_config.cidr_block` | String | No | "" | External networks that can access the Kubernetes cluster master through HTTPS. |
| `clusters.master_authorized_networks_config.display_name` | String | No | "" | Whether Kubernetes master is accessible via Google Compute Engine Public IPs. |
| `clusters.min_master_version` | String | No | null | The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version--use the read-only master_version field to obtain that. If unset, the cluster's version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version). |
| `clusters.network` | String | No | null | The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network. |
| `clusters.enable_private_nodes` | Bool | No | null | Enables the private cluster feature, creating a private endpoint on the cluster. In a private cluster, nodes only have RFC 1918 private addresses and communicate with the master's private endpoint via private networking. |
| `clusters.enable_private_endpoint` | Bool | No | null | When true, the cluster's private endpoint is used as the cluster endpoint and access through the public endpoint is disabled. When false, either endpoint can be used. This field only applies to private clusters, when enable_private_nodes is true. |
| `clusters.master_ipv4_cidr_block` | String | No | null | The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning private IP addresses to the cluster master(s) and the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network, and it must be a /28 subnet. See Private Cluster Limitations for more details. This field only applies to private clusters, when enable_private_nodes is true. |
| `clusters.channel` | String | No | null | The selected release channel. |
| `clusters.remove_default_node_pool` | String | No | null | If true, deletes the default node pool upon cluster creation. If you're using google_container_node_pool resources with no default node pool, this should be set to true, alongside setting initial_node_count to at least 1. |
| `clusters.enable_vertical_pod_autoscaling` | Bool | No | null | Enables vertical pod autoscaling. |
| `clusters.subnetwork` | String | No | null | The name or self_link of the Google Compute Engine subnetwork in which the cluster's instances are launched. |
| `clusters.timeout_create` | String | No | null | Timeout create. |
| `clusters.timeout_update` | String | No | null | Timeout update. |
| `clusters.timeout_delete` | String | No | null | Timeout delete. |
| `node_pools.cluster` | String | Yes | - | The cluster to create the node pool for. Cluster must be present in location provided for clusters. |
| `node_pools.location` | String | No | null | The location (region or zone) of the cluster. |
| `node_pools.min_node_count` | Int | No | null | Minimum number of nodes per zone in the NodePool. Must be >=0 and <= max_node_count. Cannot be used with total limits. |
| `node_pools.max_node_count` | Int | No | null | Maximum number of nodes per zone in the NodePool. Must be >= min_node_count. Cannot be used with total limits. |
| `node_pools.initial_node_count_per_zone` | Int | No | null | The initial number of nodes for the pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Changing this will force recreation of the resource. WARNING: Resizing your node pool manually may change this value in your existing cluster, which will trigger destruction and recreation on the next Terraform run (to rectify the discrepancy). |
| `node_pools.auto_repair` | Bool | No | null | Whether the nodes will be automatically repaired. Enabled by default. |
| `node_pools.auto_upgrade` | Bool | No | null | Whether the nodes will be automatically upgraded. Enabled by default. |
| `node_pools.max_pods_per_node` | Int | No | null | The maximum number of pods per node which use this pod network. |
| `node_pools.node_locations` | List | No | [] | The list of zones in which the node pool's nodes should be located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If unspecified, the cluster-level node_locations will be used. |
| `node_pools.disk_size_gb` | Int | No | null | Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. |
| `node_pools.disk_type` | String | No | null | Type of the disk attached to each node (e.g. 'pd-standard', 'pd-balanced' or 'pd-ssd'). If unspecified, the default disk type is 'pd-standard' |
| `node_pools.image_type` | String | No | null | The image type to use for this node. Note that changing the image type will delete and recreate all nodes in the node pool. |
| `node_pools.oauth_scopes` | String | No | null | The set of Google API scopes to be made available on all of the node VMs under the "default" service account. Use the "https://www.googleapis.com/auth/cloud-platform" scope to grant access to all APIs. It is recommended that you set service_account to a non-default service account and grant IAM roles to that service account for only the resources that it needs. |
| `node_pools.labels` | Map | No | {} | The Kubernetes labels (key/value pairs) to be applied to each node. The kubernetes.io/ and k8s.io/ prefixes are reserved by Kubernetes Core components and cannot be specified. |
| `node_pools.taint` | List | No | [] | A list of Kubernetes taints to apply to nodes. This field will only report drift on taint keys that are already managed with Terraform, use effective_taints to view the list of GKE-managed taints on the node pool from all sources. Importing this resource will not record any taints as being Terraform-managed, and will cause drift with any configured taints. |
| `node_pools.taint.effect` | String | No | null | Effect for taint. Accepted values are NO_SCHEDULE, PREFER_NO_SCHEDULE, and NO_EXECUTE. |
| `node_pools.taint.key` | String | No | null | Key for taint. |
| `node_pools.taint.value` | String | No | null | Value for taint. |
| `node_pools.upgrade_max_surge` | Int | No | null | The number of additional nodes that can be added to the node pool during an upgrade. Increasing max_surge raises the number of nodes that can be upgraded simultaneously. Can be set to 0 or greater. |
| `node_pools.upgrade_max_unavailable` | Int | No | null | The number of nodes that can be simultaneously unavailable during an upgrade. Increasing max_unavailable raises the number of nodes that can be upgraded in parallel. Can be set to 0 or greater. |

## Example

Usage example located in this [directory](docs/example).
78 changes: 78 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/cluster.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
resource "google_container_cluster" "primary" {
for_each = var.clusters

name = each.key
location = try(each.value.location, null)
node_locations = try(each.value.node_locations, [])
deletion_protection = try(each.value.deletion_protection, null)

addons_config {
http_load_balancing {
disabled = ! each.value.enable_http_load_balancing
}

horizontal_pod_autoscaling {
disabled = ! each.value.enable_horizontal_pod_autoscaling
}
}

cluster_autoscaling {
enabled = try(each.value.cluster_autoscaling_enabled, null)

dynamic "resource_limits" {
for_each = try(each.value.resource_limits, [])
content {
resource_type = try(resource_limits.value.autoscaling_resource_type, "cpu")
minimum = try(resource_limits.value.autoscaling_resource_min, null)
maximum = try(resource_limits.value.autoscaling_resource_max, null)
}
}
}

default_max_pods_per_node = try(each.value.default_max_pods_per_node, null)
initial_node_count = try(each.value.initial_node_count, null)

ip_allocation_policy {
services_secondary_range_name = try(each.value.services_range_name, null) # SERVICE range
cluster_secondary_range_name = try(each.value.pods_range_name, null) # POD range
}

dynamic "master_authorized_networks_config" {
for_each = try (each.value.master_authorized_networks_config, [])
content {
cidr_blocks {
cidr_block = try(master_authorized_networks_config.value.cidr_block, "")
display_name = try(master_authorized_networks_config.value.display_name, "")
}
}
}

min_master_version = try(each.value.min_master_version, null)
network = try(each.value.network, null)

private_cluster_config {
enable_private_nodes = try(each.value.enable_private_nodes, null)
enable_private_endpoint = try(each.value.enable_private_endpoint, null)
master_ipv4_cidr_block = each.value.enable_private_nodes == true ? each.value.master_ipv4_cidr_block : null
}

release_channel {
channel = try(each.value.channel, null)
}

remove_default_node_pool = try(each.value.remove_default_node_pool, null)

vertical_pod_autoscaling {
enabled = try(each.value.enable_vertical_pod_autoscaling, null)
}

subnetwork = try(each.value.subnetwork, null)

timeouts {
create = try(each.value.timeout_create, null)
update = try(each.value.timeout_update, null)
delete = try(each.value.timeout_delete, null)
}

}

112 changes: 112 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/docs/example/example.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
provider "google" {
credentials = file("project-credentials.json")
project = YOUR_PROJECT_ID
region = YOUR_REGION
}
terraform {
backend "gcs" {
bucket = "name-your-bucket-1"
prefix = "terraform/gke/gke/state"
credentials = "project-credentials.json"
}
}

data "terraform_remote_state" "vpc" {
backend = "gcs"

config = {
bucket = "name-your-bucket-1"
prefix = "terraform/networks/networks/state"
credentials = "project-credentials.json"
}
}

module "gke" {
source = "github.com/nixys/nxs-marketplace-terraform/Google Cloud Platform/Kubernetes-Engine/kubernetes"

clusters = {
name-your-cluster-1 = {
deletion_protection = false

enable_http_load_balancing = true
enable_horizontal_pod_autoscaling = true

cluster_autoscaling_enabled = false
default_max_pods_per_node = 110
initial_node_count = 1
services_range_name = "k8s-services"
pods_range_name = "k8s-pods"

master_authorized_networks_config = [
{
cidr_block = data.terraform_remote_state.vpc.outputs.subnet_cidrs["name-your-subnetwork-1"]
display_name = "VPC"
}
]

min_master_version = "1.28.3-gke.1118000"
network = "name-your-network-1"
enable_private_nodes = true
enable_private_endpoint = true
master_ipv4_cidr_block = "172.22.1.0/28"
channel = "UNSPECIFIED"
remove_default_node_pool = true
enable_vertical_pod_autoscaling = true
subnetwork = "name-your-subnetwork-1"
timeout_create = "30m"
timeout_update = "30m"
timeout_delete = "30m"

}
}

node_pools = {
name-your-node-pool-1 = {
cluster = "name-your-cluster-1"
location = "us-west1"
initial_node_count_per_zone = 1
auto_repair = true
auto_upgrade = false
max_pods_per_node = 110
node_locations = ["us-west1-a", "us-west1-b", "us-west1-c"]

disk_size_gb = 50
disk_type = "pd-standard"
machine_type = "custom-4-8192"
oauth_scopes = ["https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring"]

upgrade_max_surge = 1
upgrade_max_unavailable = 0
}

name-your-node-pool-2 = {
cluster = "name-your-cluster-1"
location = "us-west1"
initial_node_count_per_zone = 1
auto_repair = true
auto_upgrade = false
max_pods_per_node = 110
node_locations = ["us-west1-a", "us-west1-b", "us-west1-c"]

disk_size_gb = 50
disk_type = "pd-standard"
machine_type = "custom-4-8192"
oauth_scopes = ["https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring"]

labels = {
kind = "name-your-node-pool-2"
}
taints = [
{
effect = "NO_SCHEDULE",
key = "kind",
value = "name-your-node-pool-2",
},
]

upgrade_max_surge = 1
upgrade_max_unavailable = 0
}
}

}
10 changes: 10 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/docs/example/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = ">= v1.0.0"

required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.17.0"
}
}
}
50 changes: 50 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/node-pool.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
resource "google_container_node_pool" "primary" {
for_each = var.node_pools

name = each.key
cluster = each.value.cluster
location = try(each.value.location, null)

autoscaling {
min_node_count = try(each.value.min_node_count, null)
max_node_count = try(each.value.max_node_count, null)
}

initial_node_count = try(each.value.initial_node_count_per_zone, null)

management {
auto_repair = try(each.value.auto_repair, null)
auto_upgrade = try(each.value.auto_upgrade, null)
}

max_pods_per_node = try(each.value.max_pods_per_node, null)
node_locations = try(each.value.node_locations, [])

node_config {
disk_size_gb = try(each.value.disk_size_gb, null)
disk_type = try(each.value.disk_type, null)
image_type = try(each.value.image_type, null)
machine_type = try(each.value.machine_type, null)
oauth_scopes = try(each.value.oauth_scopes, null)

labels = try(each.value.labels, {})

dynamic "taint" {
for_each = try(each.value.taint, [])
content {
effect = try(taint.value.effect, null)
key = try (taint.value.key, null)
value = try (taint.value.value, null)
}
}
}

upgrade_settings {
max_surge = try(each.value.upgrade_max_surge, null)
max_unavailable = try(each.value.upgrade_max_unavailable, null)
}

depends_on = [google_container_cluster.primary]

}

11 changes: 11 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
variable "clusters" {
description = "Create Cluster in GKE"
type = any
default = {}
}

variable "node_pools" {
description = "Create Node Pool in Cluster"
type = any
default = {}
}
10 changes: 10 additions & 0 deletions Google Cloud Platform/Kubernetes-Engine/kubernetes/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = ">= v1.0.0"

required_providers {
google = {
source = "hashicorp/google"
version = ">= 5.17.0"
}
}
}
Loading

0 comments on commit 5a98a8c

Please sign in to comment.