diff --git a/CHANGELOG.md b/CHANGELOG.md index d676d77480..d494e36041 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 Extending the adopted spec, each change should have a link to its corresponding pull request appended. ## [Unreleased] +### Added + +* Support for GCE cluster resource_labels. [#210] ## [4.0.0] 2019-07-12 diff --git a/README.md b/README.md index 5d09951671..e7ec18d844 100644 --- a/README.md +++ b/README.md @@ -129,6 +129,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | basic\_auth\_password | The password to be used with Basic Authentication. | string | `""` | no | | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no | | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no | +| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no | | description | The description of the cluster | string | `""` | no | | disable\_legacy\_metadata\_endpoints | Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated. | bool | `"true"` | no | diff --git a/autogen/cluster_regional.tf b/autogen/cluster_regional.tf index b8878e0378..c749487814 100644 --- a/autogen/cluster_regional.tf +++ b/autogen/cluster_regional.tf @@ -26,10 +26,11 @@ resource "google_container_cluster" "primary" { provider = google {% endif %} - count = var.regional ? 1 : 0 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 1 : 0 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels region = var.region node_locations = coalescelist( diff --git a/autogen/cluster_zonal.tf b/autogen/cluster_zonal.tf index 73ca493d66..21fa20c5e5 100644 --- a/autogen/cluster_zonal.tf +++ b/autogen/cluster_zonal.tf @@ -26,10 +26,11 @@ resource "google_container_cluster" "zonal_primary" { provider = google {% endif %} - count = var.regional ? 0 : 1 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 0 : 1 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels zone = var.zones[0] node_locations = slice(var.zones, 1, length(var.zones)) diff --git a/autogen/main.tf b/autogen/main.tf index 407f65d21e..19d5e27a6a 100644 --- a/autogen/main.tf +++ b/autogen/main.tf @@ -43,7 +43,7 @@ locals { custom_kube_dns_config = length(keys(var.stub_domains)) > 0 upstream_nameservers_config = length(var.upstream_nameservers) > 0 network_project_id = var.network_project_id != "" ? var.network_project_id : var.project_id - zone_count = length(var.zones) + zone_count = length(var.zones) cluster_type = var.regional ? "regional" : "zonal" diff --git a/autogen/variables.tf b/autogen/variables.tf index ef0bea9060..bb4d482f25 100644 --- a/autogen/variables.tf +++ b/autogen/variables.tf @@ -284,6 +284,12 @@ variable "cluster_ipv4_cidr" { description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } +variable "cluster_resource_labels" { + type = map(string) + description = "The GCE resource labels (a map of key/value pairs) to be applied to the cluster" + default = {} +} + {% if private_cluster %} variable "deploy_using_private_endpoint" { diff --git a/cluster_regional.tf b/cluster_regional.tf index 66c3ec33a8..f6afe63d49 100644 --- a/cluster_regional.tf +++ b/cluster_regional.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "primary" { provider = google - count = var.regional ? 1 : 0 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 1 : 0 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels region = var.region node_locations = coalescelist( diff --git a/cluster_zonal.tf b/cluster_zonal.tf index 1bf674f82d..195a67cc42 100644 --- a/cluster_zonal.tf +++ b/cluster_zonal.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "zonal_primary" { provider = google - count = var.regional ? 0 : 1 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 0 : 1 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels zone = var.zones[0] node_locations = slice(var.zones, 1, length(var.zones)) diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 475159e1a6..2ff3fe8bf5 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -137,6 +137,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no | | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no | | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no | +| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key_name is the name of a CloudKMS key. | object | `` | no | | deploy\_using\_private\_endpoint | (Beta) A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | bool | `"false"` | no | diff --git a/modules/beta-private-cluster/cluster_regional.tf b/modules/beta-private-cluster/cluster_regional.tf index 33b07af674..1eec369b3a 100644 --- a/modules/beta-private-cluster/cluster_regional.tf +++ b/modules/beta-private-cluster/cluster_regional.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "primary" { provider = google-beta - count = var.regional ? 1 : 0 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 1 : 0 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels region = var.region node_locations = coalescelist( diff --git a/modules/beta-private-cluster/cluster_zonal.tf b/modules/beta-private-cluster/cluster_zonal.tf index baff6adca7..6f05dbecd6 100644 --- a/modules/beta-private-cluster/cluster_zonal.tf +++ b/modules/beta-private-cluster/cluster_zonal.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "zonal_primary" { provider = google-beta - count = var.regional ? 0 : 1 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 0 : 1 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels zone = var.zones[0] node_locations = slice(var.zones, 1, length(var.zones)) diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 04d202cd46..c3ef14d53a 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -284,6 +284,12 @@ variable "cluster_ipv4_cidr" { description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } +variable "cluster_resource_labels" { + type = map(string) + description = "The GCE resource labels (a map of key/value pairs) to be applied to the cluster" + default = {} +} + variable "deploy_using_private_endpoint" { type = bool diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 32df7c1856..f32c2f5e13 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -132,6 +132,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no | | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no | | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no | +| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key_name is the name of a CloudKMS key. | object | `` | no | | description | The description of the cluster | string | `""` | no | diff --git a/modules/beta-public-cluster/cluster_regional.tf b/modules/beta-public-cluster/cluster_regional.tf index a56ebb5634..2e5ee7e6e6 100644 --- a/modules/beta-public-cluster/cluster_regional.tf +++ b/modules/beta-public-cluster/cluster_regional.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "primary" { provider = google-beta - count = var.regional ? 1 : 0 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 1 : 0 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels region = var.region node_locations = coalescelist( diff --git a/modules/beta-public-cluster/cluster_zonal.tf b/modules/beta-public-cluster/cluster_zonal.tf index 39e7a1a1fb..8be7150783 100644 --- a/modules/beta-public-cluster/cluster_zonal.tf +++ b/modules/beta-public-cluster/cluster_zonal.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "zonal_primary" { provider = google-beta - count = var.regional ? 0 : 1 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 0 : 1 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels zone = var.zones[0] node_locations = slice(var.zones, 1, length(var.zones)) diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 4de786246c..9a5ee6a91a 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -284,6 +284,12 @@ variable "cluster_ipv4_cidr" { description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } +variable "cluster_resource_labels" { + type = map(string) + description = "The GCE resource labels (a map of key/value pairs) to be applied to the cluster" + default = {} +} + variable "istio" { description = "(Beta) Enable Istio addon" diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 906a826a94..e725107466 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -134,6 +134,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | basic\_auth\_password | The password to be used with Basic Authentication. | string | `""` | no | | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no | | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no | +| cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no | | deploy\_using\_private\_endpoint | (Beta) A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | bool | `"false"` | no | | description | The description of the cluster | string | `""` | no | diff --git a/modules/private-cluster/cluster_regional.tf b/modules/private-cluster/cluster_regional.tf index 7e12240b1d..1e5b6669d3 100644 --- a/modules/private-cluster/cluster_regional.tf +++ b/modules/private-cluster/cluster_regional.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "primary" { provider = google-beta - count = var.regional ? 1 : 0 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 1 : 0 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels region = var.region node_locations = coalescelist( diff --git a/modules/private-cluster/cluster_zonal.tf b/modules/private-cluster/cluster_zonal.tf index 0109263b07..361657a34b 100644 --- a/modules/private-cluster/cluster_zonal.tf +++ b/modules/private-cluster/cluster_zonal.tf @@ -22,10 +22,11 @@ resource "google_container_cluster" "zonal_primary" { provider = google-beta - count = var.regional ? 0 : 1 - name = var.name - description = var.description - project = var.project_id + count = var.regional ? 0 : 1 + name = var.name + description = var.description + project = var.project_id + resource_labels = var.cluster_resource_labels zone = var.zones[0] node_locations = slice(var.zones, 1, length(var.zones)) diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 4491851740..73c11d1b87 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -284,6 +284,12 @@ variable "cluster_ipv4_cidr" { description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } +variable "cluster_resource_labels" { + type = map(string) + description = "The GCE resource labels (a map of key/value pairs) to be applied to the cluster" + default = {} +} + variable "deploy_using_private_endpoint" { type = bool diff --git a/variables.tf b/variables.tf index beb05ea126..dea8306c9d 100644 --- a/variables.tf +++ b/variables.tf @@ -284,3 +284,9 @@ variable "cluster_ipv4_cidr" { description = "The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR." } +variable "cluster_resource_labels" { + type = map(string) + description = "The GCE resource labels (a map of key/value pairs) to be applied to the cluster" + default = {} +} +