mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-04 17:51:11 +00:00
Merge pull request #2177 from terraform-providers/paddy_container_private_docs
Add documentation for private_cluster_config.
This commit is contained in:
commit
b508dfd1cd
@ -136,11 +136,12 @@ output "cluster_ca_certificate" {
|
|||||||
for master authorized networks. Omit the nested `cidr_blocks` attribute to disallow
|
for master authorized networks. Omit the nested `cidr_blocks` attribute to disallow
|
||||||
external access (except the cluster node IPs, which GKE automatically whitelists).
|
external access (except the cluster node IPs, which GKE automatically whitelists).
|
||||||
|
|
||||||
* `master_ipv4_cidr_block` - (Optional, [Beta](/docs/providers/google/index.html#beta-features)) Specifies a private
|
* `master_ipv4_cidr_block` - (Optional, Deprecated, [Beta](/docs/providers/google/index.html#beta-features)) Specifies a private
|
||||||
[RFC1918](https://tools.ietf.org/html/rfc1918) block for the master's VPC. The master range must not overlap with any subnet in your cluster's VPC.
|
[RFC1918](https://tools.ietf.org/html/rfc1918) block for the master's VPC. The master range must not overlap with any subnet in your cluster's VPC.
|
||||||
The master and your cluster use VPC peering. Must be specified in CIDR notation and must be `/28` subnet.
|
The master and your cluster use VPC peering. Must be specified in CIDR notation and must be `/28` subnet.
|
||||||
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
||||||
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
||||||
|
This field is deprecated, use `private_cluster_config.master_ipv4_cidr_block` instead.
|
||||||
|
|
||||||
* `min_master_version` - (Optional) The minimum version of the master. GKE
|
* `min_master_version` - (Optional) The minimum version of the master. GKE
|
||||||
will auto-update the master to new versions, so this does not guarantee the
|
will auto-update the master to new versions, so this does not guarantee the
|
||||||
@ -180,12 +181,18 @@ output "cluster_ca_certificate" {
|
|||||||
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
||||||
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
||||||
|
|
||||||
* `private_cluster` - (Optional, [Beta](/docs/providers/google/index.html#beta-features)) If true, a
|
* `privat_cluster_config` - (Optional, [Beta](/docs/providers/google/index.html#beta-features)) A set of options for creating
|
||||||
|
a private cluster. Structure is documented below.
|
||||||
|
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
||||||
|
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
||||||
|
|
||||||
|
* `private_cluster` - (Optional, Deprecated, [Beta](/docs/providers/google/index.html#beta-features)) If true, a
|
||||||
[private cluster](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters) will be created, meaning
|
[private cluster](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters) will be created, meaning
|
||||||
nodes do not get public IP addresses. It is mandatory to specify `master_ipv4_cidr_block` and
|
nodes do not get public IP addresses. It is mandatory to specify `master_ipv4_cidr_block` and
|
||||||
`ip_allocation_policy` with this option.
|
`ip_allocation_policy` with this option.
|
||||||
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
This property is in beta, and should be used with the terraform-provider-google-beta provider.
|
||||||
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
See [Provider Versions](https://terraform.io/docs/provider/google/provider_versions.html) for more details on beta fields.
|
||||||
|
This field is deprecated, use `private_cluster_config.enable_private_nodes` instead.
|
||||||
|
|
||||||
* `project` - (Optional) The ID of the project in which the resource belongs. If it
|
* `project` - (Optional) The ID of the project in which the resource belongs. If it
|
||||||
is not provided, the provider project is used.
|
is not provided, the provider project is used.
|
||||||
@ -386,6 +393,23 @@ The `pod_security_policy_config` block supports:
|
|||||||
* `enabled` (Required) - Enable the PodSecurityPolicy controller for this cluster.
|
* `enabled` (Required) - Enable the PodSecurityPolicy controller for this cluster.
|
||||||
If enabled, pods must be valid under a PodSecurityPolicy to be created.
|
If enabled, pods must be valid under a PodSecurityPolicy to be created.
|
||||||
|
|
||||||
|
The `private_cluster_config` block supports:
|
||||||
|
|
||||||
|
* `enable_private_endpoint` (Optional) - Whether the master's internal IP address is used as the cluster endpoint.
|
||||||
|
|
||||||
|
* `enable_private_nodes` (Optional) - Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private
|
||||||
|
addresses and communicate with the master via private networking.
|
||||||
|
|
||||||
|
* `master_ipv4_cidr_block` (Optional) - The IP range in CIDR notation to use for the hosted master network. This range will be used for
|
||||||
|
assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges
|
||||||
|
in use within the cluster's network.
|
||||||
|
|
||||||
|
In addition, the `private_cluster_config` allows access to the following read-only fields:
|
||||||
|
|
||||||
|
* `private_endpoint` - The internal IP address of this cluster's master endpoint.
|
||||||
|
|
||||||
|
* `public_endpoint` - The external IP address of this cluster's master endpoint.
|
||||||
|
|
||||||
The `taint` block supports:
|
The `taint` block supports:
|
||||||
|
|
||||||
* `key` (Required) Key for taint.
|
* `key` (Required) Key for taint.
|
||||||
|
Loading…
Reference in New Issue
Block a user