mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-07-09 03:28:29 +00:00
add gke taints
This commit is contained in:
parent
33f8bc790c
commit
42cca119eb
|
@ -131,6 +131,32 @@ var schemaNodeConfig = &schema.Schema{
|
||||||
Elem: &schema.Schema{Type: schema.TypeString},
|
Elem: &schema.Schema{Type: schema.TypeString},
|
||||||
},
|
},
|
||||||
|
|
||||||
|
"taint": {
|
||||||
|
Type: schema.TypeList,
|
||||||
|
Optional: true,
|
||||||
|
ForceNew: true,
|
||||||
|
Elem: &schema.Resource{
|
||||||
|
Schema: map[string]*schema.Schema{
|
||||||
|
"key": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
"value": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
"effect": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
ValidateFunc: validation.StringInSlice([]string{"NO_SCHEDULE", "PREFER_NO_SCHEDULE", "NO_EXECUTE"}, false),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
"workload_metadata_config": {
|
"workload_metadata_config": {
|
||||||
Type: schema.TypeList,
|
Type: schema.TypeList,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
|
@ -240,6 +266,21 @@ func expandNodeConfig(v interface{}) *containerBeta.NodeConfig {
|
||||||
nc.MinCpuPlatform = v.(string)
|
nc.MinCpuPlatform = v.(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if v, ok := nodeConfig["taint"]; ok && len(v.([]interface{})) > 0 {
|
||||||
|
taints := v.([]interface{})
|
||||||
|
nodeTaints := make([]*containerBeta.NodeTaint, 0, len(taints))
|
||||||
|
for _, raw := range taints {
|
||||||
|
data := raw.(map[string]interface{})
|
||||||
|
taint := &containerBeta.NodeTaint{
|
||||||
|
Key: data["key"].(string),
|
||||||
|
Value: data["value"].(string),
|
||||||
|
Effect: data["effect"].(string),
|
||||||
|
}
|
||||||
|
nodeTaints = append(nodeTaints, taint)
|
||||||
|
}
|
||||||
|
nc.Taints = nodeTaints
|
||||||
|
}
|
||||||
|
|
||||||
if v, ok := nodeConfig["workload_metadata_config"]; ok && len(v.([]interface{})) > 0 {
|
if v, ok := nodeConfig["workload_metadata_config"]; ok && len(v.([]interface{})) > 0 {
|
||||||
conf := v.([]interface{})[0].(map[string]interface{})
|
conf := v.([]interface{})[0].(map[string]interface{})
|
||||||
nc.WorkloadMetadataConfig = &containerBeta.WorkloadMetadataConfig{
|
nc.WorkloadMetadataConfig = &containerBeta.WorkloadMetadataConfig{
|
||||||
|
@ -269,6 +310,7 @@ func flattenNodeConfig(c *containerBeta.NodeConfig) []map[string]interface{} {
|
||||||
"tags": c.Tags,
|
"tags": c.Tags,
|
||||||
"preemptible": c.Preemptible,
|
"preemptible": c.Preemptible,
|
||||||
"min_cpu_platform": c.MinCpuPlatform,
|
"min_cpu_platform": c.MinCpuPlatform,
|
||||||
|
"taint": flattenTaints(c.Taints),
|
||||||
"workload_metadata_config": flattenWorkloadMetadataConfig(c.WorkloadMetadataConfig),
|
"workload_metadata_config": flattenWorkloadMetadataConfig(c.WorkloadMetadataConfig),
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -290,6 +332,18 @@ func flattenContainerGuestAccelerators(c []*containerBeta.AcceleratorConfig) []m
|
||||||
return result
|
return result
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func flattenTaints(c []*containerBeta.NodeTaint) []map[string]interface{} {
|
||||||
|
result := []map[string]interface{}{}
|
||||||
|
for _, taint := range c {
|
||||||
|
result = append(result, map[string]interface{}{
|
||||||
|
"key": taint.Key,
|
||||||
|
"value": taint.Value,
|
||||||
|
"effect": taint.Effect,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
return result
|
||||||
|
}
|
||||||
|
|
||||||
func flattenWorkloadMetadataConfig(c *containerBeta.WorkloadMetadataConfig) []map[string]interface{} {
|
func flattenWorkloadMetadataConfig(c *containerBeta.WorkloadMetadataConfig) []map[string]interface{} {
|
||||||
result := []map[string]interface{}{}
|
result := []map[string]interface{}{}
|
||||||
if c != nil {
|
if c != nil {
|
||||||
|
|
|
@ -21,6 +21,7 @@ var (
|
||||||
ContainerClusterBaseApiVersion = v1
|
ContainerClusterBaseApiVersion = v1
|
||||||
ContainerClusterVersionedFeatures = []Feature{
|
ContainerClusterVersionedFeatures = []Feature{
|
||||||
{Version: v1beta1, Item: "pod_security_policy_config"},
|
{Version: v1beta1, Item: "pod_security_policy_config"},
|
||||||
|
{Version: v1beta1, Item: "node_config.*.taint"},
|
||||||
{Version: v1beta1, Item: "node_config.*.workload_metadata_config"},
|
{Version: v1beta1, Item: "node_config.*.workload_metadata_config"},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -439,6 +439,26 @@ func TestAccContainerCluster_withNodeConfigScopeAlias(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAccContainerCluster_withNodeConfigTaints(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckContainerClusterDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
{
|
||||||
|
Config: testAccContainerCluster_withNodeConfigTaints(),
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
resource.TestCheckResourceAttr("google_container_cluster.with_node_config", "node_config.0.taint.#", "2"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
// Don't include an import step because beta features can't yet be imported.
|
||||||
|
// Once taints are in GA, consider merging this test with the _withNodeConfig test.
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func TestAccContainerCluster_withWorkloadMetadataConfig(t *testing.T) {
|
func TestAccContainerCluster_withWorkloadMetadataConfig(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
|
@ -1377,6 +1397,28 @@ resource "google_container_cluster" "with_node_config_scope_alias" {
|
||||||
}`, acctest.RandString(10))
|
}`, acctest.RandString(10))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func testAccContainerCluster_withNodeConfigTaints() string {
|
||||||
|
return fmt.Sprintf(`
|
||||||
|
resource "google_container_cluster" "with_node_config" {
|
||||||
|
name = "cluster-test-%s"
|
||||||
|
zone = "us-central1-f"
|
||||||
|
initial_node_count = 1
|
||||||
|
|
||||||
|
node_config {
|
||||||
|
taint {
|
||||||
|
key = "taint_key"
|
||||||
|
value = "taint_value"
|
||||||
|
effect = "PREFER_NO_SCHEDULE"
|
||||||
|
}
|
||||||
|
taint {
|
||||||
|
key = "taint_key2"
|
||||||
|
value = "taint_value2"
|
||||||
|
effect = "NO_EXECUTE"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}`, acctest.RandString(10))
|
||||||
|
}
|
||||||
|
|
||||||
func testAccContainerCluster_withWorkloadMetadataConfig() string {
|
func testAccContainerCluster_withWorkloadMetadataConfig() string {
|
||||||
return fmt.Sprintf(`
|
return fmt.Sprintf(`
|
||||||
data "google_container_engine_versions" "central1a" {
|
data "google_container_engine_versions" "central1a" {
|
||||||
|
|
|
@ -16,6 +16,7 @@ import (
|
||||||
var (
|
var (
|
||||||
ContainerNodePoolBaseApiVersion = v1
|
ContainerNodePoolBaseApiVersion = v1
|
||||||
ContainerNodePoolVersionedFeatures = []Feature{
|
ContainerNodePoolVersionedFeatures = []Feature{
|
||||||
|
{Version: v1beta1, Item: "node_config.*.taint"},
|
||||||
{Version: v1beta1, Item: "node_config.*.workload_metadata_config"},
|
{Version: v1beta1, Item: "node_config.*.workload_metadata_config"},
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
|
@ -100,6 +100,26 @@ func TestAccContainerNodePool_withNodeConfig(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAccContainerNodePool_withNodeConfigTaints(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckContainerNodePoolDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccContainerNodePool_withNodeConfigTaints(),
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
resource.TestCheckResourceAttr("google_container_node_pool.np_with_node_config", "node_config.0.taint.#", "2"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
// Don't include an import step because beta features can't yet be imported.
|
||||||
|
// Once taints are in GA, consider merging this test with the _withNodeConfig test.
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func TestAccContainerNodePool_withWorkloadMetadataConfig(t *testing.T) {
|
func TestAccContainerNodePool_withWorkloadMetadataConfig(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
|
@ -511,6 +531,33 @@ resource "google_container_node_pool" "np_with_node_config" {
|
||||||
}`, acctest.RandString(10), acctest.RandString(10))
|
}`, acctest.RandString(10), acctest.RandString(10))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func testAccContainerNodePool_withNodeConfigTaints() string {
|
||||||
|
return fmt.Sprintf(`
|
||||||
|
resource "google_container_cluster" "cluster" {
|
||||||
|
name = "tf-cluster-nodepool-test-%s"
|
||||||
|
zone = "us-central1-a"
|
||||||
|
initial_node_count = 1
|
||||||
|
}
|
||||||
|
resource "google_container_node_pool" "np_with_node_config" {
|
||||||
|
name = "tf-nodepool-test-%s"
|
||||||
|
zone = "us-central1-a"
|
||||||
|
cluster = "${google_container_cluster.cluster.name}"
|
||||||
|
initial_node_count = 1
|
||||||
|
node_config {
|
||||||
|
taint {
|
||||||
|
key = "taint_key"
|
||||||
|
value = "taint_value"
|
||||||
|
effect = "PREFER_NO_SCHEDULE"
|
||||||
|
}
|
||||||
|
taint {
|
||||||
|
key = "taint_key2"
|
||||||
|
value = "taint_value2"
|
||||||
|
effect = "NO_EXECUTE"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}`, acctest.RandString(10), acctest.RandString(10))
|
||||||
|
}
|
||||||
|
|
||||||
func testAccContainerNodePool_withWorkloadMetadataConfig() string {
|
func testAccContainerNodePool_withWorkloadMetadataConfig() string {
|
||||||
return fmt.Sprintf(`
|
return fmt.Sprintf(`
|
||||||
data "google_container_engine_versions" "central1a" {
|
data "google_container_engine_versions" "central1a" {
|
||||||
|
|
|
@ -295,6 +295,10 @@ The `node_config` block supports:
|
||||||
* `tags` - (Optional) The list of instance tags applied to all nodes. Tags are used to identify
|
* `tags` - (Optional) The list of instance tags applied to all nodes. Tags are used to identify
|
||||||
valid sources or targets for network firewalls.
|
valid sources or targets for network firewalls.
|
||||||
|
|
||||||
|
* `taint` - (Optional, [Beta](/docs/providers/google/index.html#beta-features)) List of
|
||||||
|
[kubernetes taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
|
||||||
|
to apply to each node. Structure is documented below.
|
||||||
|
|
||||||
* `workload_metadata_config` - (Optional) Metadata configuration to expose to workloads on the node pool.
|
* `workload_metadata_config` - (Optional) Metadata configuration to expose to workloads on the node pool.
|
||||||
Structure is documented below.
|
Structure is documented below.
|
||||||
|
|
||||||
|
@ -309,6 +313,14 @@ The `pod_security_policy_config` block supports:
|
||||||
* `enabled` (Required) - Enable the PodSecurityPolicy controller for this cluster.
|
* `enabled` (Required) - Enable the PodSecurityPolicy controller for this cluster.
|
||||||
If enabled, pods must be valid under a PodSecurityPolicy to be created.
|
If enabled, pods must be valid under a PodSecurityPolicy to be created.
|
||||||
|
|
||||||
|
The `taint` block supports:
|
||||||
|
|
||||||
|
* `key` (Required) Key for taint.
|
||||||
|
|
||||||
|
* `value` (Required) Value for taint.
|
||||||
|
|
||||||
|
* `effect` (Required) Effect for taint. Accepted values are `NO_SCHEDULE`, `PREFER_NO_SCHEDULE`, and `NO_EXECUTE`.
|
||||||
|
|
||||||
The `workload_metadata_config` block supports:
|
The `workload_metadata_config` block supports:
|
||||||
|
|
||||||
* `node_metadata` (Required) How to expose the node metadata to the workload running on the node.
|
* `node_metadata` (Required) How to expose the node metadata to the workload running on the node.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user