Adding node taints on gke nodepool (#165)

* Adding node taints on gke nodepool. Automatic transformation via local variables from list(string) to the map google provider expects. * Fixing readme with tfdoc.py
2020-11-10 13:41:19 +01:00
parent 14fe796885
commit 323e962fc8
3 changed files with 22 additions and 6 deletions
--- a/modules/gke-nodepool/README.md
+++ b/modules/gke-nodepool/README.md
@@ -66,6 +66,7 @@ module "cluster-1-nodepool-1" {
 | *node_service_account_scopes* | Scopes applied to service account. Default to: 'cloud-platform' when creating a service account; 'devstorage.read_only', 'logging.write', 'monitoring.write' otherwise. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
 | *node_shielded_instance_config* | Shielded instance options. | <code title="object&#40;&#123;&#10;enable_secure_boot          &#61; bool&#10;enable_integrity_monitoring &#61; bool&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
 | *node_tags* | Network tags applied to nodes. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">null</code> |
+| *node_taints* | Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
 | *upgrade_config* | Optional node upgrade configuration. | <code title="object&#40;&#123;&#10;max_surge       &#61; number&#10;max_unavailable &#61; number&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
 | *workload_metadata_config* | Metadata configuration to expose to workloads on the node pool. | <code title="">string</code> |  | <code title="">GKE_METADATA_SERVER</code> |

--- a/modules/gke-nodepool/main.tf
+++ b/modules/gke-nodepool/main.tf
@@ -37,6 +37,20 @@ locals {
      ]
    )
  )
+  node_taint_effect = {
+    "NoExecute"        = "NO_EXECUTE",
+    "NoSchedule"       = "NO_SCHEDULE"
+    "PreferNoSchedule" = "PREFER_NO_SCHEDULE"
+  }
+  temp_node_pools_taints = [
+    for taint in var.node_taints :
+    {
+      "key"    = element(split("=", taint), 0),
+      "value"  = element(split(":", element(split("=", taint), 1)), 0),
+      "effect" = lookup(local.node_taint_effect, element(split(":", taint), 1)),
+    }
+  ]
+  node_taints = local.temp_node_pools_taints
 }

 resource "google_service_account" "service_account" {
@@ -65,6 +79,7 @@ resource "google_container_node_pool" "nodepool" {
    disk_type        = var.node_disk_type
    image_type       = var.node_image_type
    labels           = var.node_labels
+    taint            = local.node_taints
    local_ssd_count  = var.node_local_ssd_count
    machine_type     = var.node_machine_type
    metadata         = var.node_metadata
--- a/modules/gke-nodepool/variables.tf
+++ b/modules/gke-nodepool/variables.tf
@@ -96,6 +96,12 @@ variable "node_labels" {
  default     = {}
 }

+variable "node_taints" {
+  description = "Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule"
+  type        = list(string)
+  default     = []
+}
+
 variable "node_local_ssd_count" {
  description = "Number of local SSDs attached to nodes."
  type        = number
@@ -167,12 +173,6 @@ variable "node_tags" {
  default     = null
 }

-# variable "node_taint" {
-#   description = "Kubernetes taints applied to nodes."
-#   type        = string
-#   default     = null
-# }
-
 variable "node_count" {
  description = "Number of nodes per instance group, can be updated after creation. Ignored when autoscaling is set."
  type        = number