kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#123: Proposal to extend gke-module (#124)

Browse Source 
* allows the use of shared VPC network

* adds configuration block for host project id and shared vpc

* changes based on issue discussion

* changes based on issue discussion
This commit is contained in:
Roberto Rojas
2020-08-16 14:32:36 -04:00
committed by GitHub
parent 8d9c42e65a
commit a3962dcaf7
3 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/gke-cluster/README.md
View File

@@ -58,7 +58,7 @@ module "cluster-1" {
| *min_master_version* | Minimum version of the master, defaults to the version of the most recent official release. | <code title="">string</code> | | <code title="">null</code> |
| *monitoring_service* | Monitoring service (disable with an empty string). | <code title="">string</code> | | <code title="">monitoring.googleapis.com/kubernetes</code> |
| *node_locations* | Zones in which the cluster's nodes are located. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *peering_config* | Configure peering with the master VPC for private clusters. | <code title="object&#40;&#123;&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *peering_config* | Configure peering with the master VPC for private clusters. | <code title="object&#40;&#123;&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;project_id &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *pod_security_policy* | Enable the PodSecurityPolicy feature. | <code title="">bool</code> | | <code title="">null</code> |
| *private_cluster_config* | Enable and configure private cluster, private nodes must be true if used. | <code title="object&#40;&#123;&#10;enable_private_nodes &#61; bool&#10;enable_private_endpoint &#61; bool&#10;master_ipv4_cidr_block &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *release_channel* | Release channel for GKE upgrades. | <code title="">string</code> | | <code title="">null</code> |

3
modules/gke-cluster/main.tf
View File

@@ -22,6 +22,7 @@ locals {
google_container_cluster.cluster.private_cluster_config.0.peering_name,
null
)
peering_project_id = try(var.peering_config.project_id, "") == "" ? var.project_id : (var.peering_config.project_id == "" ? var.project_id : var.peering_config.project_id)
}
resource "google_container_cluster" "cluster" {
@@ -218,7 +219,7 @@ resource "google_container_cluster" "cluster" {
resource "google_compute_network_peering_routes_config" "gke_master" {
count = local.is_private && var.peering_config != null ? 1 : 0
project = var.project_id
project = local.peering_project_id
peering = local.peering
network = element(reverse(split("/", var.network)), 0)
import_custom_routes = var.peering_config.import_routes

1
modules/gke-cluster/variables.tf
View File

@@ -178,6 +178,7 @@ variable "peering_config" {
type = object({
export_routes = bool
import_routes = bool
project_id = string
})
default = null
}