-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
242 lines (214 loc) · 8.81 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
################################################################################
# Existing Cluster Configuration
################################################################################
variable "use_existing_cluster" {
description = "Flag to enable the use of an existing GKE cluster or create a new one"
type = bool
default = false
}
variable "cluster_node_locations" {
description = "AZ for nodes - this should match the region"
type = list(string)
}
variable "max_pods_per_node" {
description = "Maximum number of pods per node in this cluster."
default = "32"
type = string
}
################################################################################
# Cluster Configuration
################################################################################
variable "cluster_name" {
description = "Name of the cluster. If use_existing_cluster is enabled cluster_name is used to fetch details of existing cluster"
type = string
}
variable "network_tags" {
description = "A list of network tags to add to all instances"
type = list(string)
default = []
}
variable "region" {
description = "region"
type = string
}
variable "project" {
description = "GCP Project"
type = string
}
variable "tags" {
description = "A map of tags to add to all resources. Tags are key-value pairs used for grouping and filtering"
type = map(string)
default = {}
}
################################################################################
# Node Pool Configurations
################################################################################
variable "cluster_generic_node_config" {
description = <<-EOT
Configuration for the generic node pool. This includes:
- disk_size_gb: Size of the disk attached to each node (default: "100")
- disk_type: Type of disk attached to each node (pd-standard, pd-balanced, pd-ssd) (default: "pd-balanced")
- machine_type: The name of a Google Compute Engine machine type (default: "e2-medium")
- enable_secure_boot: Secure Boot helps ensure that the system only runs authentic software (default: true)
- enable_integrity_monitoring: Enables monitoring and attestation of the boot integrity (default: true)
- auto_repair: Flag to enable auto repair for the nodes (default: true)
- auto_upgrade: Flag to enable auto upgrade for the nodes (default: true)
- node_count: The number of nodes per instance group (default: 1)
- workload_metadata_config_mode: How to expose metadata to workloads running on the node (default: "GKE_METADATA")
- service_account: The Google Cloud Platform Service Account (default: "default")
- preemptible: Flag to enable preemptible nodes (default: false)
- spot: Flag to enable spot instances (default: true)
EOT
type = object({
disk_size_gb = optional(string, "100")
disk_type = optional(string, "pd-balanced")
machine_type = optional(string, "e2-medium")
enable_secure_boot = optional(bool, true)
enable_integrity_monitoring = optional(bool, true)
auto_repair = optional(bool, true)
auto_upgrade = optional(bool, true)
node_count = optional(number, 1)
workload_metadata_config_mode = optional(string, "GKE_METADATA")
service_account = optional(string, "default")
preemptible = optional(bool, false)
spot = optional(bool, true)
})
default = {}
}
variable "cluster_nap_node_config" {
description = <<-EOT
Configuration for the NAP node pool. This includes:
- disk_size_gb: Size of the disk attached to each node (default: "300")
- disk_type: Type of disk attached to each node (pd-standard, pd-balanced, pd-ssd) (default: "pd-balanced")
- enable_secure_boot: Secure Boot helps ensure that the system only runs authentic software (default: true)
- enable_integrity_monitoring: Enables monitoring and attestation of the boot integrity (default: true)
- autoscaling_profile: Profile for autoscaling optimization (default: "OPTIMIZE_UTILIZATION")
- max_cpu: Maximum CPU cores allowed per node (default: 1024)
- max_memory: Maximum memory in MB allowed per node (default: 8172)
- auto_repair: Flag to enable auto repair for the nodes (default: true)
- auto_upgrade: Flag to enable auto upgrade for the nodes (default: true)
- max_surge: Maximum number of nodes that can be created beyond the current size during updates (default: 1)
- max_unavailable: Maximum number of nodes that can be unavailable during updates (default: 0)
EOT
type = object({
disk_size_gb = optional(string, "300")
disk_type = optional(string, "pd-balanced")
enable_secure_boot = optional(bool, true)
enable_integrity_monitoring = optional(bool, true)
autoscaling_profile = optional(string, "OPTIMIZE_UTILIZATION")
max_cpu = optional(number, 1024)
max_memory = optional(number, 8172)
auto_repair = optional(bool, true)
auto_upgrade = optional(bool, true)
max_surge = optional(number, 1)
max_unavailable = optional(number, 0)
})
default = {
}
}
variable "enable_container_image_streaming" {
description = "Enable/disable container image streaming"
type = bool
default = true
}
variable "oauth_scopes" {
description = "Oauth Scopes to attach to the cluste"
type = list(string)
default = [
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/devstorage.read_only",
"https://www.googleapis.com/auth/logging.write",
"https://www.googleapis.com/auth/monitoring",
"https://www.googleapis.com/auth/service.management.readonly",
"https://www.googleapis.com/auth/servicecontrol",
"https://www.googleapis.com/auth/trace.append"
]
}
variable "kubernetes_version" {
description = "Version of GKE"
default = "1.28"
type = string
}
variable "deletion_protection" {
description = "Deletion protection enabled/disabled"
default = false
type = bool
}
variable "control_plane_enabled" {
description = "Whether control plane is enabled or not"
default = false
type = bool
}
variable "control_plane_pool_config" {
description = "Control plane node pool config"
type = object({
disk_size_gb = optional(string, "100")
disk_type = optional(string, "pd-balanced")
machine_type = optional(string, "e2-medium")
autoscaling = optional(object({
min_node_count = optional(number, 1)
max_node_count = optional(number, 2)
location_policy = optional(string, "BALANCED")
}), {})
enable_secure_boot = optional(bool, true)
enable_integrity_monitoring = optional(bool, true)
auto_repair = optional(bool, true)
auto_upgrade = optional(bool, true)
workload_metadata_config_mode = optional(string, "GKE_METADATA")
service_account = optional(string, "default")
labels = optional(map(string), {
"class.truefoundry.com/component" = "control-plane"
})
taints = optional(object(
{
key = optional(string, "class.truefoundry.com/component")
value = optional(string, "control-plane")
effect = optional(string, "NO_SCHEDULE")
}
), {})
preemptible = optional(bool, false)
spot = optional(bool, true)
})
default = {
}
}
################################################################################
# Network Configuration
################################################################################
variable "shared_vpc" {
description = "Flag to enable shared VPC"
type = bool
default = false
}
variable "cluster_network_id" {
description = "Network ID for the cluster"
type = string
}
variable "cluster_subnet_id" {
description = "Subnetwork name for the cluster."
type = string
}
variable "cluster_networking_mode" {
description = "Networking mode for the cluster. Values can be VPC_NATIVE (recommended) or ROUTES. VPC_NATIVE is default after google-beta 5.0.0"
type = string
default = "VPC_NATIVE"
}
variable "cluster_master_ipv4_cidr_block" {
description = "Master nodes ipv4 cidr"
type = string
}
variable "cluster_secondary_range_name" {
default = ""
type = string
description = "VPC Secondary range name for pods"
}
variable "services_secondary_range_name" {
default = ""
type = string
description = "VPC Secondary range name for services"
}
variable "allowed_ip_ranges" {
description = "Allowed IP ranges to connect to master"
default = ["0.0.0.0/0"]
type = list(string)
}