From 4d840c29fcd5e04df504997e78a347884ddce929 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rom=C3=A1n=20Mart=C3=ADn=20S=C3=A1nchez?= Date: Fri, 12 Sep 2025 07:04:41 +0200 Subject: [PATCH] feat: move enabling default compute class in cluster autoscaler for standard clusters For standard clusters, which have the cluster_autoscaling block, move the enabling of default compute class to that block. For autopilot clusters, keep the enabling of default compute class in the main variables.tf file. --- README.md | 3 +- autogen/main/cluster.tf.tmpl | 2 +- autogen/main/variables.tf.tmpl | 77 +++++++++--------- cluster.tf | 2 +- metadata.yaml | 47 ++++++----- .../beta-autopilot-private-cluster/README.md | 2 +- .../metadata.yaml | 2 +- .../variables.tf | 3 +- .../beta-autopilot-public-cluster/README.md | 2 +- .../metadata.yaml | 2 +- .../variables.tf | 3 +- .../README.md | 3 +- .../cluster.tf | 2 +- .../metadata.yaml | 47 ++++++----- .../variables.tf | 79 +++++++++---------- modules/beta-private-cluster/README.md | 3 +- modules/beta-private-cluster/cluster.tf | 2 +- modules/beta-private-cluster/metadata.yaml | 47 ++++++----- modules/beta-private-cluster/variables.tf | 79 +++++++++---------- .../README.md | 3 +- .../cluster.tf | 2 +- .../metadata.yaml | 47 ++++++----- .../variables.tf | 79 +++++++++---------- modules/beta-public-cluster/README.md | 3 +- modules/beta-public-cluster/cluster.tf | 2 +- modules/beta-public-cluster/metadata.yaml | 47 ++++++----- modules/beta-public-cluster/variables.tf | 79 +++++++++---------- modules/gke-autopilot-cluster/metadata.yaml | 2 +- modules/gke-node-pool/metadata.display.yaml | 2 +- .../private-cluster-update-variant/README.md | 3 +- .../private-cluster-update-variant/cluster.tf | 2 +- .../metadata.yaml | 47 ++++++----- .../variables.tf | 79 +++++++++---------- modules/private-cluster/README.md | 3 +- modules/private-cluster/cluster.tf | 2 +- modules/private-cluster/metadata.yaml | 47 ++++++----- modules/private-cluster/variables.tf | 79 +++++++++---------- variables.tf | 79 +++++++++---------- 38 files changed, 483 insertions(+), 531 deletions(-) diff --git a/README.md b/README.md index 7fc4457bed..374a80ef44 100644 --- a/README.md +++ b/README.md @@ -149,7 +149,7 @@ Then perform the following commands on the root folder: | anonymous\_authentication\_config\_mode | Allows users to restrict or enable anonymous access to the cluster. Valid values are `ENABLED` and `LIMITED`. | `string` | `null` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -160,7 +160,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index ea4ae487cd..d95fd94db6 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -156,7 +156,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index e0bb56bd16..b928d1d414 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -324,43 +324,45 @@ variable "enable_resource_consumption_export" { {% if autopilot_cluster != true %} variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool,false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -864,13 +866,14 @@ variable "enable_shielded_nodes" { } {% endif %} - +{% if autopilot_cluster == true %} variable "default_compute_class_enabled" { type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" + description = "Enable default compute class for Node Auto-Provisioning" default = null } +{% endif %} variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/cluster.tf b/cluster.tf index 47e9451f5d..568c2cb6b3 100644 --- a/cluster.tf +++ b/cluster.tf @@ -123,7 +123,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/metadata.yaml b/metadata.yaml index 68ea36f764..8f0a2aeaec 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -349,27 +349,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -377,6 +378,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -655,9 +657,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/beta-autopilot-private-cluster/README.md b/modules/beta-autopilot-private-cluster/README.md index 59250e83a2..f141fd79df 100644 --- a/modules/beta-autopilot-private-cluster/README.md +++ b/modules/beta-autopilot-private-cluster/README.md @@ -86,7 +86,7 @@ Then perform the following commands on the root folder: | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | +| default\_compute\_class\_enabled | Enable default compute class for Node Auto-Provisioning | `bool` | `null` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/modules/beta-autopilot-private-cluster/metadata.yaml b/modules/beta-autopilot-private-cluster/metadata.yaml index 72d3bd5d0d..799b56abf6 100644 --- a/modules/beta-autopilot-private-cluster/metadata.yaml +++ b/modules/beta-autopilot-private-cluster/metadata.yaml @@ -453,7 +453,7 @@ spec: - key_name: "" state: DECRYPTED - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning + description: Enable default compute class for Node Auto-Provisioning varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller diff --git a/modules/beta-autopilot-private-cluster/variables.tf b/modules/beta-autopilot-private-cluster/variables.tf index 8ce8cd68d4..94e4e3f06b 100644 --- a/modules/beta-autopilot-private-cluster/variables.tf +++ b/modules/beta-autopilot-private-cluster/variables.tf @@ -536,10 +536,9 @@ variable "database_encryption" { }] } - variable "default_compute_class_enabled" { type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" + description = "Enable default compute class for Node Auto-Provisioning" default = null } diff --git a/modules/beta-autopilot-public-cluster/README.md b/modules/beta-autopilot-public-cluster/README.md index b14e095451..6961d09a2a 100644 --- a/modules/beta-autopilot-public-cluster/README.md +++ b/modules/beta-autopilot-public-cluster/README.md @@ -80,7 +80,7 @@ Then perform the following commands on the root folder: | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no | | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | +| default\_compute\_class\_enabled | Enable default compute class for Node Auto-Provisioning | `bool` | `null` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | description | The description of the cluster | `string` | `""` | no | | disable\_default\_snat | Whether to disable the default SNAT to support the private use of public IP addresses | `bool` | `false` | no | diff --git a/modules/beta-autopilot-public-cluster/metadata.yaml b/modules/beta-autopilot-public-cluster/metadata.yaml index 113eb932b0..71c4948d01 100644 --- a/modules/beta-autopilot-public-cluster/metadata.yaml +++ b/modules/beta-autopilot-public-cluster/metadata.yaml @@ -431,7 +431,7 @@ spec: - key_name: "" state: DECRYPTED - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning + description: Enable default compute class for Node Auto-Provisioning varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller diff --git a/modules/beta-autopilot-public-cluster/variables.tf b/modules/beta-autopilot-public-cluster/variables.tf index 40f230127b..8749d1eb0d 100644 --- a/modules/beta-autopilot-public-cluster/variables.tf +++ b/modules/beta-autopilot-public-cluster/variables.tf @@ -500,10 +500,9 @@ variable "database_encryption" { }] } - variable "default_compute_class_enabled" { type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" + description = "Enable default compute class for Node Auto-Provisioning" default = null } diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 353a3cd865..5f614f1d9f 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -182,7 +182,7 @@ Then perform the following commands on the root folder: | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -194,7 +194,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 5df5f3e0e0..3013a11af4 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -129,7 +129,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/beta-private-cluster-update-variant/metadata.yaml b/modules/beta-private-cluster-update-variant/metadata.yaml index 53989aad87..ab0e426f96 100644 --- a/modules/beta-private-cluster-update-variant/metadata.yaml +++ b/modules/beta-private-cluster-update-variant/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -648,9 +650,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 2e1bc5b5ac..1e684a6c57 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -815,13 +817,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index f305f18ec8..9e16c40cb7 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -160,7 +160,7 @@ Then perform the following commands on the root folder: | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -172,7 +172,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index b5006e6365..9fbc8f5d6a 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -129,7 +129,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/beta-private-cluster/metadata.yaml b/modules/beta-private-cluster/metadata.yaml index 004a54c476..88cb393017 100644 --- a/modules/beta-private-cluster/metadata.yaml +++ b/modules/beta-private-cluster/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -648,9 +650,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 2e1bc5b5ac..1e684a6c57 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -815,13 +817,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index e671233cd7..7021dce704 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -176,7 +176,7 @@ Then perform the following commands on the root folder: | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -188,7 +188,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 0d3a3b285d..a0aae11b50 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -129,7 +129,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/beta-public-cluster-update-variant/metadata.yaml b/modules/beta-public-cluster-update-variant/metadata.yaml index 6f9137cbc1..f3b2c457d2 100644 --- a/modules/beta-public-cluster-update-variant/metadata.yaml +++ b/modules/beta-public-cluster-update-variant/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -626,9 +628,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 690529e16e..3396f3776b 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -779,13 +781,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 45d5fddb63..dd34ee96b7 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -154,7 +154,7 @@ Then perform the following commands on the root folder: | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | | cloudrun | (Beta) Enable CloudRun addon | `bool` | `false` | no | | cloudrun\_load\_balancer\_type | (Beta) Configure the Cloud Run load balancer type. External by default. Set to `LOAD_BALANCER_TYPE_INTERNAL` to configure as an internal load balancer. | `string` | `""` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -166,7 +166,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | description | The description of the cluster | `string` | `""` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 3e60118cc7..8e96f62207 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -129,7 +129,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/beta-public-cluster/metadata.yaml b/modules/beta-public-cluster/metadata.yaml index 9413bc0d98..3d5aa2be64 100644 --- a/modules/beta-public-cluster/metadata.yaml +++ b/modules/beta-public-cluster/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -626,9 +628,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 690529e16e..3396f3776b 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -779,13 +781,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/modules/gke-autopilot-cluster/metadata.yaml b/modules/gke-autopilot-cluster/metadata.yaml index a248d7957d..a3ba4df9e9 100644 --- a/modules/gke-autopilot-cluster/metadata.yaml +++ b/modules/gke-autopilot-cluster/metadata.yaml @@ -573,9 +573,9 @@ spec: roles: - level: Project roles: - - roles/compute.admin - roles/container.admin - roles/iam.serviceAccountUser + - roles/compute.admin services: - compute.googleapis.com - container.googleapis.com diff --git a/modules/gke-node-pool/metadata.display.yaml b/modules/gke-node-pool/metadata.display.yaml index 59c891c4e5..ea5c642218 100644 --- a/modules/gke-node-pool/metadata.display.yaml +++ b/modules/gke-node-pool/metadata.display.yaml @@ -62,9 +62,9 @@ spec: name: name: name title: Name - level: 1 regexValidation: ^[a-z]([a-z0-9-]{0,38}[a-z0-9])?$ validation: Node pool name must start with a lowercase letter followed by up to 39 lowercase letters, numbers, or hyphens and cannot end with a hyphen. + level: 1 name_prefix: name: name_prefix title: Name Prefix diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 2e164137d2..836c0595a8 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -177,7 +177,7 @@ Then perform the following commands on the root folder: | anonymous\_authentication\_config\_mode | Allows users to restrict or enable anonymous access to the cluster. Valid values are `ENABLED` and `LIMITED`. | `string` | `null` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -188,7 +188,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 47b5769c14..b3b0892e9a 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -123,7 +123,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/private-cluster-update-variant/metadata.yaml b/modules/private-cluster-update-variant/metadata.yaml index b17be146ac..eadfdd87ae 100644 --- a/modules/private-cluster-update-variant/metadata.yaml +++ b/modules/private-cluster-update-variant/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -637,9 +639,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 3497aed147..9d3673ef24 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -797,13 +799,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index c23ea693e5..da9d7c6348 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -155,7 +155,7 @@ Then perform the following commands on the root folder: | anonymous\_authentication\_config\_mode | Allows users to restrict or enable anonymous access to the cluster. Valid values are `ENABLED` and `LIMITED`. | `string` | `null` | no | | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no | | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no | -| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                     = bool
    autoscaling_profile         = string
    min_cpu_cores               = optional(number)
    max_cpu_cores               = optional(number)
    min_memory_gb               = optional(number)
    max_memory_gb               = optional(number)
    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                 = bool
    auto_upgrade                = bool
    disk_size                   = optional(number)
    disk_type                   = optional(string)
    image_type                  = optional(string)
    strategy                    = optional(string)
    max_surge                   = optional(number)
    max_unavailable             = optional(number)
    node_pool_soak_duration     = optional(string)
    batch_soak_duration         = optional(string)
    batch_percentage            = optional(number)
    batch_node_count            = optional(number)
    enable_secure_boot          = optional(bool, false)
    enable_integrity_monitoring = optional(bool, true)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | +| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | 
object({
    enabled                      = bool
    autoscaling_profile          = string
    min_cpu_cores                = optional(number)
    max_cpu_cores                = optional(number)
    min_memory_gb                = optional(number)
    max_memory_gb                = optional(number)
    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
    auto_repair                  = bool
    auto_upgrade                 = bool
    disk_size                    = optional(number)
    disk_type                    = optional(string)
    image_type                   = optional(string)
    strategy                     = optional(string)
    max_surge                    = optional(number)
    max_unavailable              = optional(number)
    node_pool_soak_duration      = optional(string)
    batch_soak_duration          = optional(string)
    batch_percentage             = optional(number)
    batch_node_count             = optional(number)
    enable_secure_boot           = optional(bool, false)
    enable_integrity_monitoring  = optional(bool, true)
    enable_default_compute_class = optional(bool, false)
  })
| 
{
  "auto_repair": true,
  "auto_upgrade": true,
  "autoscaling_profile": "BALANCED",
  "disk_size": 100,
  "disk_type": "pd-standard",
  "enable_default_compute_class": false,
  "enable_integrity_monitoring": true,
  "enable_secure_boot": false,
  "enabled": false,
  "gpu_resources": [],
  "image_type": "COS_CONTAINERD",
  "max_cpu_cores": 0,
  "max_memory_gb": 0,
  "min_cpu_cores": 0,
  "min_memory_gb": 0
}
| no | | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no | | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no | | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no | @@ -166,7 +166,6 @@ Then perform the following commands on the root folder: | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | 
[
  {
    "key_name": "",
    "state": "DECRYPTED"
  }
]
| no | | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no | -| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no | | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no | | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index 6692870264..2fd6874d7b 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -123,7 +123,7 @@ resource "google_container_cluster" "primary" { cluster_autoscaling { enabled = var.cluster_autoscaling.enabled - default_compute_class_enabled = var.default_compute_class_enabled + default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false) dynamic "auto_provisioning_defaults" { for_each = var.cluster_autoscaling.enabled ? [1] : [] diff --git a/modules/private-cluster/metadata.yaml b/modules/private-cluster/metadata.yaml index 3659fecb97..7556036d25 100644 --- a/modules/private-cluster/metadata.yaml +++ b/modules/private-cluster/metadata.yaml @@ -309,27 +309,28 @@ spec: description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) varType: |- object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) defaultValue: auto_repair: true @@ -337,6 +338,7 @@ spec: autoscaling_profile: BALANCED disk_size: 100 disk_type: pd-standard + enable_default_compute_class: false enable_integrity_monitoring: true enable_secure_boot: false enabled: false @@ -637,9 +639,6 @@ spec: description: Enable Shielded Nodes features on all nodes in this cluster varType: bool defaultValue: true - - name: default_compute_class_enabled - description: Enable Spot VMs as the default compute class for Node Auto-Provisioning - varType: bool - name: enable_binary_authorization description: Enable BinAuthZ Admission controller varType: bool diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 3497aed147..9d3673ef24 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -797,13 +799,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller" diff --git a/variables.tf b/variables.tf index 101ad7ee59..fb069c6897 100644 --- a/variables.tf +++ b/variables.tf @@ -302,43 +302,45 @@ variable "enable_resource_consumption_export" { variable "cluster_autoscaling" { type = object({ - enabled = bool - autoscaling_profile = string - min_cpu_cores = optional(number) - max_cpu_cores = optional(number) - min_memory_gb = optional(number) - max_memory_gb = optional(number) - gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) - auto_repair = bool - auto_upgrade = bool - disk_size = optional(number) - disk_type = optional(string) - image_type = optional(string) - strategy = optional(string) - max_surge = optional(number) - max_unavailable = optional(number) - node_pool_soak_duration = optional(string) - batch_soak_duration = optional(string) - batch_percentage = optional(number) - batch_node_count = optional(number) - enable_secure_boot = optional(bool, false) - enable_integrity_monitoring = optional(bool, true) + enabled = bool + autoscaling_profile = string + min_cpu_cores = optional(number) + max_cpu_cores = optional(number) + min_memory_gb = optional(number) + max_memory_gb = optional(number) + gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number })) + auto_repair = bool + auto_upgrade = bool + disk_size = optional(number) + disk_type = optional(string) + image_type = optional(string) + strategy = optional(string) + max_surge = optional(number) + max_unavailable = optional(number) + node_pool_soak_duration = optional(string) + batch_soak_duration = optional(string) + batch_percentage = optional(number) + batch_node_count = optional(number) + enable_secure_boot = optional(bool, false) + enable_integrity_monitoring = optional(bool, true) + enable_default_compute_class = optional(bool, false) }) default = { - enabled = false - autoscaling_profile = "BALANCED" - max_cpu_cores = 0 - min_cpu_cores = 0 - max_memory_gb = 0 - min_memory_gb = 0 - gpu_resources = [] - auto_repair = true - auto_upgrade = true - disk_size = 100 - disk_type = "pd-standard" - image_type = "COS_CONTAINERD" - enable_secure_boot = false - enable_integrity_monitoring = true + enabled = false + autoscaling_profile = "BALANCED" + max_cpu_cores = 0 + min_cpu_cores = 0 + max_memory_gb = 0 + min_memory_gb = 0 + gpu_resources = [] + auto_repair = true + auto_upgrade = true + disk_size = 100 + disk_type = "pd-standard" + image_type = "COS_CONTAINERD" + enable_secure_boot = false + enable_integrity_monitoring = true + enable_default_compute_class = false } description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)" } @@ -761,13 +763,6 @@ variable "enable_shielded_nodes" { default = true } - -variable "default_compute_class_enabled" { - type = bool - description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning" - default = null -} - variable "enable_binary_authorization" { type = bool description = "Enable BinAuthZ Admission controller"