fix: add kubelet_config to default-pool (terraform-google-modules#2147)

apeabody · MaximF · commit dd31f5725c4c · 2024-10-21T16:22:48.000-07:00
feat: use 'moved' block to address ConfigMap renaming

chore: remove extra empty line
diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl
@@ -530,6 +530,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/autogen/main/dns.tf.tmpl b/autogen/main/dns.tf.tmpl
@@ -68,6 +68,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/cluster.tf b/cluster.tf
@@ -407,6 +407,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/dns.tf b/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-autopilot-private-cluster/dns.tf b/modules/beta-autopilot-private-cluster/dns.tf
@@ -62,6 +62,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-autopilot-public-cluster/dns.tf b/modules/beta-autopilot-public-cluster/dns.tf
@@ -62,6 +62,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf
@@ -453,6 +453,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/beta-private-cluster-update-variant/dns.tf b/modules/beta-private-cluster-update-variant/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf
@@ -453,6 +453,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/beta-private-cluster/dns.tf b/modules/beta-private-cluster/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf
@@ -453,6 +453,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/beta-public-cluster-update-variant/dns.tf b/modules/beta-public-cluster-update-variant/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf
@@ -453,6 +453,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/beta-public-cluster/dns.tf b/modules/beta-public-cluster/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf
@@ -407,6 +407,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/private-cluster-update-variant/dns.tf b/modules/private-cluster-update-variant/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 
diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf
@@ -407,6 +407,21 @@ resource "google_container_cluster" "primary" {
         }
       }
 
+      dynamic "kubelet_config" {
+        for_each = length(setintersection(
+          keys(var.node_pools[0]),
+          ["cpu_manager_policy", "cpu_cfs_quota", "cpu_cfs_quota_period", "insecure_kubelet_readonly_port_enabled", "pod_pids_limit"]
+        )) != 0 || var.insecure_kubelet_readonly_port_enabled != null ? [1] : []
+
+        content {
+          cpu_manager_policy                     = lookup(var.node_pools[0], "cpu_manager_policy", "static")
+          cpu_cfs_quota                          = lookup(var.node_pools[0], "cpu_cfs_quota", null)
+          cpu_cfs_quota_period                   = lookup(var.node_pools[0], "cpu_cfs_quota_period", null)
+          insecure_kubelet_readonly_port_enabled = lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled) != null ? upper(tostring(lookup(var.node_pools[0], "insecure_kubelet_readonly_port_enabled", var.insecure_kubelet_readonly_port_enabled))) : null
+          pod_pids_limit                         = lookup(var.node_pools[0], "pod_pids_limit", null)
+        }
+      }
+
       service_account = lookup(var.node_pools[0], "service_account", local.service_account)
 
       tags = concat(
diff --git a/modules/private-cluster/dns.tf b/modules/private-cluster/dns.tf
@@ -64,6 +64,12 @@ EOF
   ]
 }
 
+# Fix the name typo in the previous ConfigMap creation call
+moved = {
+  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
+  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
+}
+
 resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
   count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
 

Original file line number	Diff line number	Diff line change
`@@ -68,6 +68,12 @@ EOF`
`68`	`68`	`]`
`69`	`69`	`}`
`70`	`70`
	`71`	`+# Fix the name typo in the previous ConfigMap creation call`
	`72`	`+moved = {`
	`73`	`+ from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers`
	`74`	`+ to = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers`
	`75`	`+}`
	`76`	`+`
`71`	`77`	`resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {`
`72`	`78`	`count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0`
`73`	`79`
Original file line number	Diff line number	Diff line change
`@@ -64,6 +64,12 @@ EOF`
`64`	`64`	`]`
`65`	`65`	`}`
`66`	`66`
	`67`	`+# Fix the name typo in the previous ConfigMap creation call`
	`68`	`+moved = {`
	`69`	`+ from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers`
	`70`	`+ to = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers`
	`71`	`+}`
	`72`	`+`
`67`	`73`	`resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {`
`68`	`74`	`count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0`
`69`	`75`
Original file line number	Diff line number	Diff line change
`@@ -62,6 +62,12 @@ EOF`
`62`	`62`	`]`
`63`	`63`	`}`
`64`	`64`
	`65`	`+# Fix the name typo in the previous ConfigMap creation call`
	`66`	`+moved = {`
	`67`	`+ from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers`
	`68`	`+ to = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers`
	`69`	`+}`
	`70`	`+`
`65`	`71`	`resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {`
`66`	`72`	`count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0`
`67`	`73`