diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md
index fa9fe8338..f554d23a1 100644
--- a/blueprints/gke/multitenant-fleet/README.md
+++ b/blueprints/gke/multitenant-fleet/README.md
@@ -252,7 +252,7 @@ module "gke" {
| [iam](variables.tf#L136) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
| [iam_by_principals](variables.tf#L143) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string)) | | {} |
| [labels](variables.tf#L150) | Project-level labels. | map(string) | | {} |
-| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} |
+| [nodepools](variables.tf#L156) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} |
| [project_services](variables.tf#L203) | Additional project services to enable. | list(string) | | [] |
## Outputs
diff --git a/blueprints/gke/multitenant-fleet/gke-nodepools.tf b/blueprints/gke/multitenant-fleet/gke-nodepools.tf
index 692b52ac7..46c9cae33 100644
--- a/blueprints/gke/multitenant-fleet/gke-nodepools.tf
+++ b/blueprints/gke/multitenant-fleet/gke-nodepools.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2022 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -36,7 +36,7 @@ module "gke-nodepool" {
cluster_name = module.gke-cluster[each.value.cluster].name
location = module.gke-cluster[each.value.cluster].location
gke_version = each.value.gke_version
- labels = each.value.labels
+ k8s_labels = each.value.k8s_labels
max_pods_per_node = each.value.max_pods_per_node
node_config = each.value.node_config
node_count = each.value.node_count
diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf
index d8cb9cfc4..96ed616c9 100644
--- a/blueprints/gke/multitenant-fleet/variables.tf
+++ b/blueprints/gke/multitenant-fleet/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -157,7 +157,7 @@ variable "nodepools" {
description = "Nodepools configuration. Refer to the gke-nodepool module for type details."
type = map(map(object({
gke_version = optional(string)
- labels = optional(map(string), {})
+ k8s_labels = optional(map(string), {})
max_pods_per_node = optional(number)
name = optional(string)
node_config = optional(any, {
diff --git a/fast/stages/3-gke-multitenant/dev/README.md b/fast/stages/3-gke-multitenant/dev/README.md
index 85fb98554..9603d91a2 100644
--- a/fast/stages/3-gke-multitenant/dev/README.md
+++ b/fast/stages/3-gke-multitenant/dev/README.md
@@ -229,7 +229,7 @@ Leave all these variables unset (or set to `null`) to disable fleet management.
| [iam](variables.tf#L149) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | |
| [iam_by_principals](variables.tf#L156) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | map(list(string)) | | {} | |
| [labels](variables.tf#L163) | Project-level labels. | map(string) | | {} | |
-| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | |
+| [nodepools](variables.tf#L169) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | |
| [outputs_location](variables.tf#L202) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | |
| [project_services](variables.tf#L208) | Additional project services to enable. | list(string) | | [] | |
diff --git a/fast/stages/3-gke-multitenant/dev/variables.tf b/fast/stages/3-gke-multitenant/dev/variables.tf
index 000238601..80feb23a7 100644
--- a/fast/stages/3-gke-multitenant/dev/variables.tf
+++ b/fast/stages/3-gke-multitenant/dev/variables.tf
@@ -170,7 +170,7 @@ variable "nodepools" {
description = "Nodepools configuration. Refer to the gke-nodepool module for type details."
type = map(map(object({
gke_version = optional(string)
- labels = optional(map(string), {})
+ k8s_labels = optional(map(string), {})
max_pods_per_node = optional(number)
name = optional(string)
node_config = optional(any, {
diff --git a/modules/gke-cluster-standard/README.md b/modules/gke-cluster-standard/README.md
index dd8ad0f44..84f8a9d1b 100644
--- a/modules/gke-cluster-standard/README.md
+++ b/modules/gke-cluster-standard/README.md
@@ -310,10 +310,10 @@ module "cluster-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [location](variables.tf#L235) | Cluster zone or region. | string | ✓ | |
-| [name](variables.tf#L370) | Cluster name. | string | ✓ | |
-| [project_id](variables.tf#L406) | Cluster project id. | string | ✓ | |
-| [vpc_config](variables.tf#L417) | VPC-level configuration. | object({…}) | ✓ | |
+| [location](variables.tf#L236) | Cluster zone or region. | string | ✓ | |
+| [name](variables.tf#L371) | Cluster name. | string | ✓ | |
+| [project_id](variables.tf#L410) | Cluster project id. | string | ✓ | |
+| [vpc_config](variables.tf#L421) | VPC-level configuration. | object({…}) | ✓ | |
| [backup_configs](variables.tf#L17) | Configuration for Backup for GKE. | object({…}) | | {} |
| [cluster_autoscaling](variables.tf#L39) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null |
| [default_nodepool](variables.tf#L118) | Enable default nodepool. | object({…}) | | {} |
@@ -322,16 +322,16 @@ module "cluster-1" {
| [enable_addons](variables.tf#L149) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} |
| [enable_features](variables.tf#L173) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} |
| [issue_client_certificate](variables.tf#L223) | Enable issuing client certificate. | bool | | false |
-| [labels](variables.tf#L229) | Cluster resource labels. | map(string) | | null |
-| [logging_config](variables.tf#L240) | Logging configuration. | object({…}) | | {} |
-| [maintenance_config](variables.tf#L261) | Maintenance window configuration. | object({…}) | | {…} |
-| [max_pods_per_node](variables.tf#L284) | Maximum number of pods per node in this cluster. | number | | 110 |
-| [min_master_version](variables.tf#L290) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null |
-| [monitoring_config](variables.tf#L296) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…}) | | {} |
-| [node_config](variables.tf#L375) | Node-level configuration. | object({…}) | | {} |
-| [node_locations](variables.tf#L385) | Zones in which the cluster's nodes are located. | list(string) | | [] |
-| [private_cluster_config](variables.tf#L392) | Private cluster configuration. | object({…}) | | null |
-| [release_channel](variables.tf#L411) | Release channel for GKE upgrades. | string | | null |
+| [labels](variables.tf#L229) | Cluster resource labels. | map(string) | | {} |
+| [logging_config](variables.tf#L241) | Logging configuration. | object({…}) | | {} |
+| [maintenance_config](variables.tf#L262) | Maintenance window configuration. | object({…}) | | {…} |
+| [max_pods_per_node](variables.tf#L285) | Maximum number of pods per node in this cluster. | number | | 110 |
+| [min_master_version](variables.tf#L291) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null |
+| [monitoring_config](variables.tf#L297) | Monitoring configuration. Google Cloud Managed Service for Prometheus is enabled by default. | object({…}) | | {} |
+| [node_config](variables.tf#L376) | Node-level configuration. | object({…}) | | {} |
+| [node_locations](variables.tf#L389) | Zones in which the cluster's nodes are located. | list(string) | | [] |
+| [private_cluster_config](variables.tf#L396) | Private cluster configuration. | object({…}) | | null |
+| [release_channel](variables.tf#L415) | Release channel for GKE upgrades. | string | | null |
## Outputs
diff --git a/modules/gke-cluster-standard/main.tf b/modules/gke-cluster-standard/main.tf
index bc743fc5c..ddc96b41f 100644
--- a/modules/gke-cluster-standard/main.tf
+++ b/modules/gke-cluster-standard/main.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -54,6 +54,8 @@ resource "google_container_cluster" "cluster" {
boot_disk_kms_key = var.node_config.boot_disk_kms_key
service_account = var.node_config.service_account
tags = var.node_config.tags
+ labels = var.node_config.k8s_labels
+ resource_labels = var.node_config.labels
dynamic "shielded_instance_config" {
for_each = var.enable_features.shielded_nodes ? [""] : []
content {
diff --git a/modules/gke-cluster-standard/variables.tf b/modules/gke-cluster-standard/variables.tf
index 2436b467c..4de227697 100644
--- a/modules/gke-cluster-standard/variables.tf
+++ b/modules/gke-cluster-standard/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -229,7 +229,8 @@ variable "issue_client_certificate" {
variable "labels" {
description = "Cluster resource labels."
type = map(string)
- default = null
+ default = {}
+ nullable = false
}
variable "location" {
@@ -376,10 +377,13 @@ variable "node_config" {
description = "Node-level configuration."
type = object({
boot_disk_kms_key = optional(string)
+ k8s_labels = optional(map(string))
+ labels = optional(map(string))
service_account = optional(string)
tags = optional(list(string))
})
- default = {}
+ default = {}
+ nullable = false
}
variable "node_locations" {
diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md
index e3a3f0a79..41338cfac 100644
--- a/modules/gke-nodepool/README.md
+++ b/modules/gke-nodepool/README.md
@@ -76,7 +76,7 @@ module "cluster-1-nodepool-1" {
cluster_name = "cluster-1"
location = "europe-west1-b"
name = "nodepool-1"
- labels = { environment = "dev" }
+ k8s_labels = { environment = "dev" }
service_account = {
create = true
email = "nodepool-1" # optional
@@ -112,7 +112,7 @@ module "cluster-1-nodepool-gpu-1" {
cluster_name = "cluster-1"
location = "europe-west4-a"
name = "nodepool-gpu-1"
- labels = { environment = "dev" }
+ k8s_labels = { environment = "dev" }
service_account = {
create = true
email = "nodepool-gpu-1" # optional
@@ -142,23 +142,24 @@ module "cluster-1-nodepool-gpu-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [cluster_name](variables.tf#L23) | Cluster name. | string | ✓ | |
-| [location](variables.tf#L41) | Cluster location. | string | ✓ | |
-| [project_id](variables.tf#L170) | Cluster project id. | string | ✓ | |
+| [location](variables.tf#L48) | Cluster location. | string | ✓ | |
+| [project_id](variables.tf#L177) | Cluster project id. | string | ✓ | |
| [cluster_id](variables.tf#L17) | Cluster id. Optional, but providing cluster_id is recommended to prevent cluster misconfiguration in some of the edge cases. | string | | null |
| [gke_version](variables.tf#L28) | Kubernetes nodes version. Ignored if auto_upgrade is set in management_config. | string | | null |
-| [labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string) | | {} |
-| [max_pods_per_node](variables.tf#L46) | Maximum number of pods per node. | number | | null |
-| [name](variables.tf#L52) | Optional nodepool name. | string | | null |
-| [node_config](variables.tf#L58) | Node-level configuration. | object({…}) | | {…} |
-| [node_count](variables.tf#L117) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…}) | | {…} |
-| [node_locations](variables.tf#L129) | Node locations. | list(string) | | null |
-| [nodepool_config](variables.tf#L135) | Nodepool-level configuration. | object({…}) | | null |
-| [pod_range](variables.tf#L157) | Pod secondary range configuration. | object({…}) | | null |
-| [reservation_affinity](variables.tf#L175) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null |
-| [service_account](variables.tf#L185) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} |
-| [sole_tenant_nodegroup](variables.tf#L196) | Sole tenant node group. | string | | null |
-| [tags](variables.tf#L202) | Network tags applied to nodes. | list(string) | | null |
-| [taints](variables.tf#L208) | Kubernetes taints applied to all nodes. | map(object({…})) | | {} |
+| [k8s_labels](variables.tf#L34) | Kubernetes labels applied to each node. | map(string) | | {} |
+| [labels](variables.tf#L41) | The resource labels to be applied each node (vm). | map(string) | | {} |
+| [max_pods_per_node](variables.tf#L53) | Maximum number of pods per node. | number | | null |
+| [name](variables.tf#L59) | Optional nodepool name. | string | | null |
+| [node_config](variables.tf#L65) | Node-level configuration. | object({…}) | | {…} |
+| [node_count](variables.tf#L124) | Number of nodes per instance group. Initial value can only be changed by recreation, current is ignored when autoscaling is used. | object({…}) | | {…} |
+| [node_locations](variables.tf#L136) | Node locations. | list(string) | | null |
+| [nodepool_config](variables.tf#L142) | Nodepool-level configuration. | object({…}) | | null |
+| [pod_range](variables.tf#L164) | Pod secondary range configuration. | object({…}) | | null |
+| [reservation_affinity](variables.tf#L182) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null |
+| [service_account](variables.tf#L192) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} |
+| [sole_tenant_nodegroup](variables.tf#L203) | Sole tenant node group. | string | | null |
+| [tags](variables.tf#L209) | Network tags applied to nodes. | list(string) | | null |
+| [taints](variables.tf#L215) | Kubernetes taints applied to all nodes. | map(object({…})) | | {} |
## Outputs
diff --git a/modules/gke-nodepool/main.tf b/modules/gke-nodepool/main.tf
index 7283cc8b6..659dfc4b7 100644
--- a/modules/gke-nodepool/main.tf
+++ b/modules/gke-nodepool/main.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -134,7 +134,8 @@ resource "google_container_node_pool" "nodepool" {
disk_size_gb = var.node_config.disk_size_gb
disk_type = var.node_config.disk_type
image_type = var.node_config.image_type
- labels = var.labels
+ labels = var.k8s_labels
+ resource_labels = var.labels
local_ssd_count = var.node_config.local_ssd_count
machine_type = var.node_config.machine_type
metadata = local.node_metadata
diff --git a/modules/gke-nodepool/variables.tf b/modules/gke-nodepool/variables.tf
index 10db6adb5..066390e43 100644
--- a/modules/gke-nodepool/variables.tf
+++ b/modules/gke-nodepool/variables.tf
@@ -1,5 +1,5 @@
/**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -31,13 +31,20 @@ variable "gke_version" {
default = null
}
-variable "labels" {
+variable "k8s_labels" {
description = "Kubernetes labels applied to each node."
type = map(string)
default = {}
nullable = false
}
+variable "labels" {
+ description = "The resource labels to be applied each node (vm)."
+ type = map(string)
+ default = {}
+ nullable = false
+}
+
variable "location" {
description = "Cluster location."
type = string