Combinator infrastructure module that creates a Kubernetes cluster in Google Cloud Platform, powered by Google Kubernetes Engine.
Please note that you need a GCP account and project in order to use this module. The following represents the minimal configuration and creates the cheapest GKE cluster available.
module "terraform-google-kubernetes" {
source = "combinator-ml/kubernetes/google"
gcp_project_id = "your-gpc-project-id"
}There are several examples that provide different functionality. For example there are minimal low-cost and cheap(est) cpu-autoscaling versions. See the examples directory for more information.
See the full configuration options below.
By default, this runs in a single zone, which means it falls under GCP's free management tier and you don't have to pay for management nodes, only worker nodes. After the first zone you pay, and that's when it gets expensive. See the GCP pricing pages for more information.
| Name | Version |
|---|---|
| terraform | ~> 0.15 |
| Name | Version |
|---|---|
| n/a | |
| random | n/a |
| Name | Source | Version |
|---|---|---|
| gke | terraform-google-modules/kubernetes-engine/google//modules/private-cluster | |
| nat | terraform-google-modules/cloud-nat/google | ~> 1.2 |
| router | terraform-google-modules/cloud-router/google | ~> 0.1 |
| vpc | terraform-google-modules/network/google |
| Name |
|---|
| google_project_iam_member |
| google_service_account |
| random_id |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| gcp_project_id | The ID of the project in which the resources belong. | string |
n/a | yes |
| access_private_images | Whether to create the IAM role for storage.objectViewer, required to access GCR for private container images. |
string |
"false" |
no |
| client_certificate_enabled | Enables the creation of a client certificate. This is required if you want to connect from Gitlab. |
string |
"true" |
no |
| cluster_name | The name of the cluster, unique within the project and zone. | string |
"combinator" |
no |
| cluster_secondary_range_cidr | CIDR range for pods | string |
"10.16.0.0/12" |
no |
| cluster_secondary_range_name | The name of the secondary range to be used as for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork. |
string |
"combinator-pod-cidr" |
no |
| daily_maintenance_window_start_time | The start time of the 4 hour window for daily maintenance operations RFC3339 format HH:MM, where HH : [00-23] and MM : [00-59] GMT. |
string |
"03:00" |
no |
| gcp_region | GCP region | string |
"europe-west1" |
no |
| gcp_zones | GCP zone | list(string) |
[ |
no |
| http_load_balancing_disabled | The status of the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. It is enabled by default; set disabled = true to disable. |
string |
"false" |
no |
| master_authorized_networks_cidr_blocks | Defines up to 20 external networks that can access Kubernetes master through HTTPS. |
list(map(string)) |
[ |
no |
| master_ipv4_cidr_block | The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network. |
string |
"172.16.0.0/28" |
no |
| network_policy_enabled | Enables the NetworkPolicy feature. | string |
"false" |
no |
| node_pools | The list of node pool configurations, each should include: name - The name of the node pool, which will be suffixed with '-pool'. Defaults to pool number in the Terraform list, starting from 1. initial_node_count - The initial node count for the pool. Changing this will force recreation of the resource. Defaults to 1. autoscaling_min_node_count - Minimum number of nodes in the NodePool. Must be >=0 and <= max_node_count. Defaults to 2. autoscaling_max_node_count - Maximum number of nodes in the NodePool. Must be >= min_node_count. Defaults to 3. management_auto_repair - Whether the nodes will be automatically repaired. Defaults to 'true'. management_auto_upgrade - Whether the nodes will be automatically upgraded. Defaults to 'true'. node_config_machine_type - The name of a Google Compute Engine machine type. Defaults to n1-standard-1. To create a custom machine type, value should be set as specified here: https://cloud.google.com/compute/docs/reference/rest/v1/instances#machineType node_config_disk_type - Type of the disk attached to each node (e.g. 'pd-standard' or 'pd-ssd'). Defaults to 'pd-standard' node_config_disk_size_gb - Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. node_config_preemptible - Whether or not the underlying node VMs are preemptible. See the official documentation for more information. Defaults to false. https://cloud.google.com/kubernetes-engine/docs/how-to/preemptible-vms |
list(map(string)) |
[ |
no |
| regional | Regional clusters (set true) have masters in multiple regions but are more expensive. Zonal clusters (set false) are cheaper (free for your first one) but are not redundant. |
bool |
false |
no |
| services_secondary_range_cidr | CIDR range for services | string |
"10.1.0.0/20" |
no |
| services_secondary_range_name | The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. |
string |
"combinator-services-cidr" |
no |
| vpc_network_name | The name of the Google Compute Engine network to which the cluster is connected. |
string |
"combinator-network" |
no |
| vpc_subnetwork_cidr_range | CIDR range for node subnet | string |
"10.0.16.0/20" |
no |
| vpc_subnetwork_name | The name of the Google Compute Engine subnetwork in which the cluster's instances are launched. |
string |
"combinator-subnetwork" |
no |
No output.