fix: remove dns from autopilot

apeabody · apeabody · commit 2bbdd745e9a2 · 2024-10-24T19:11:24.000Z
diff --git a/autogen/main/dns.tf.tmpl b/autogen/main/dns.tf.tmpl
@@ -16,6 +16,7 @@
 
 {{ autogeneration_note }}
 
+{% if autopilot_cluster != true %}
 /******************************************
   Manage kube-dns configmaps
  *****************************************/
@@ -101,3 +102,4 @@ EOF
     {% endif %}
   ]
 }
+{% endif %}
diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl
@@ -78,8 +78,10 @@ locals {
   {% endif %}
 
 
+{% if autopilot_cluster != true %}
   custom_kube_dns_config      = length(keys(var.stub_domains)) > 0
   upstream_nameservers_config = length(var.upstream_nameservers) > 0
+{% endif %}
   network_project_id          = var.network_project_id != "" ? var.network_project_id : var.project_id
   zone_count                  = length(var.zones)
   cluster_type                = var.regional ? "regional" : "zonal"
diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl
@@ -357,6 +357,7 @@ variable "network_tags" {
   default = []
 }
 
+{% if autopilot_cluster != true %}
 variable "stub_domains" {
   type        = map(list(string))
   description = "Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server"
@@ -368,6 +369,7 @@ variable "upstream_nameservers" {
   description = "If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf"
   default     = []
 }
+{% endif %}
 
 variable "non_masquerade_cidrs" {
   type        = list(string)
diff --git a/modules/beta-autopilot-private-cluster/README.md b/modules/beta-autopilot-private-cluster/README.md
@@ -152,10 +152,8 @@ Then perform the following commands on the root folder:
 | shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
 | stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
 | stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
-| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
 | subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
 | timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
-| upstream\_nameservers | If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf | `list(string)` | `[]` | no |
 | workload\_config\_audit\_mode | (beta) Sets which mode of auditing should be used for the cluster's workloads. Accepted values are DISABLED, BASIC. | `string` | `"DISABLED"` | no |
 | workload\_vulnerability\_mode | (beta) Sets which mode to use for Protect workload vulnerability scanning feature. Accepted values are DISABLED, BASIC. | `string` | `""` | no |
 | zones | The zones to host the cluster in (optional if regional cluster / required if zonal) | `list(string)` | `[]` | no |
diff --git a/modules/beta-autopilot-private-cluster/dns.tf b/modules/beta-autopilot-private-cluster/dns.tf
@@ -16,79 +16,3 @@
 
 // This file was automatically generated from a template in ./autogen/main
 
-/******************************************
-  Manage kube-dns configmaps
- *****************************************/
-
-resource "kubernetes_config_map_v1_data" "kube-dns" {
-  count = local.custom_kube_dns_config && !local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    stubDomains = <<EOF
-${jsonencode(var.stub_domains)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
-
-resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers" {
-  count = !local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    upstreamNameservers = <<EOF
-${jsonencode(var.upstream_nameservers)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
-
-# Fix the name typo in the previous ConfigMap creation call
-moved {
-  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
-  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
-}
-
-resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
-  count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    upstreamNameservers = <<EOF
-${jsonencode(var.upstream_nameservers)}
-EOF
-
-    stubDomains = <<EOF
-${jsonencode(var.stub_domains)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
diff --git a/modules/beta-autopilot-private-cluster/main.tf b/modules/beta-autopilot-private-cluster/main.tf
@@ -56,11 +56,9 @@ locals {
 
 
 
-  custom_kube_dns_config      = length(keys(var.stub_domains)) > 0
-  upstream_nameservers_config = length(var.upstream_nameservers) > 0
-  network_project_id          = var.network_project_id != "" ? var.network_project_id : var.project_id
-  zone_count                  = length(var.zones)
-  cluster_type                = var.regional ? "regional" : "zonal"
+  network_project_id = var.network_project_id != "" ? var.network_project_id : var.project_id
+  zone_count         = length(var.zones)
+  cluster_type       = var.regional ? "regional" : "zonal"
 
   cluster_subnet_cidr       = var.add_cluster_firewall_rules ? data.google_compute_subnetwork.gke_subnetwork[0].ip_cidr_range : null
   cluster_alias_ranges_cidr = var.add_cluster_firewall_rules ? { for range in toset(data.google_compute_subnetwork.gke_subnetwork[0].secondary_ip_range) : range.range_name => range.ip_cidr_range } : {}
diff --git a/modules/beta-autopilot-private-cluster/variables.tf b/modules/beta-autopilot-private-cluster/variables.tf
@@ -185,17 +185,6 @@ variable "network_tags" {
   default     = []
 }
 
-variable "stub_domains" {
-  type        = map(list(string))
-  description = "Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server"
-  default     = {}
-}
-
-variable "upstream_nameservers" {
-  type        = list(string)
-  description = "If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf"
-  default     = []
-}
 
 variable "non_masquerade_cidrs" {
   type        = list(string)
diff --git a/modules/beta-autopilot-public-cluster/README.md b/modules/beta-autopilot-public-cluster/README.md
@@ -140,10 +140,8 @@ Then perform the following commands on the root folder:
 | shadow\_firewall\_rules\_priority | The firewall priority of GKE shadow firewall rules. The priority should be less than default firewall, which is 1000. | `number` | `999` | no |
 | stack\_type | The stack type to use for this cluster. Either `IPV4` or `IPV4_IPV6`. Defaults to `IPV4`. | `string` | `"IPV4"` | no |
 | stateful\_ha | Whether the Stateful HA Addon is enabled for this cluster. | `bool` | `false` | no |
-| stub\_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | `map(list(string))` | `{}` | no |
 | subnetwork | The subnetwork to host the cluster in (required) | `string` | n/a | yes |
 | timeouts | Timeout for cluster operations. | `map(string)` | `{}` | no |
-| upstream\_nameservers | If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf | `list(string)` | `[]` | no |
 | workload\_config\_audit\_mode | (beta) Sets which mode of auditing should be used for the cluster's workloads. Accepted values are DISABLED, BASIC. | `string` | `"DISABLED"` | no |
 | workload\_vulnerability\_mode | (beta) Sets which mode to use for Protect workload vulnerability scanning feature. Accepted values are DISABLED, BASIC. | `string` | `""` | no |
 | zones | The zones to host the cluster in (optional if regional cluster / required if zonal) | `list(string)` | `[]` | no |
diff --git a/modules/beta-autopilot-public-cluster/dns.tf b/modules/beta-autopilot-public-cluster/dns.tf
@@ -16,79 +16,3 @@
 
 // This file was automatically generated from a template in ./autogen/main
 
-/******************************************
-  Manage kube-dns configmaps
- *****************************************/
-
-resource "kubernetes_config_map_v1_data" "kube-dns" {
-  count = local.custom_kube_dns_config && !local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    stubDomains = <<EOF
-${jsonencode(var.stub_domains)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
-
-resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers" {
-  count = !local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    upstreamNameservers = <<EOF
-${jsonencode(var.upstream_nameservers)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
-
-# Fix the name typo in the previous ConfigMap creation call
-moved {
-  from = kubernetes_config_map_v1_data.kube-dns-upstream-namservers
-  to   = kubernetes_config_map_v1_data.kube-dns-upstream-nameservers
-}
-
-resource "kubernetes_config_map_v1_data" "kube-dns-upstream-nameservers-and-stub-domains" {
-  count = local.custom_kube_dns_config && local.upstream_nameservers_config ? 1 : 0
-
-  metadata {
-    name      = "kube-dns"
-    namespace = "kube-system"
-  }
-
-  data = {
-    upstreamNameservers = <<EOF
-${jsonencode(var.upstream_nameservers)}
-EOF
-
-    stubDomains = <<EOF
-${jsonencode(var.stub_domains)}
-EOF
-  }
-
-  force = true
-
-  depends_on = [
-    google_container_cluster.primary,
-  ]
-}
diff --git a/modules/beta-autopilot-public-cluster/main.tf b/modules/beta-autopilot-public-cluster/main.tf
@@ -56,11 +56,9 @@ locals {
 
 
 
-  custom_kube_dns_config      = length(keys(var.stub_domains)) > 0
-  upstream_nameservers_config = length(var.upstream_nameservers) > 0
-  network_project_id          = var.network_project_id != "" ? var.network_project_id : var.project_id
-  zone_count                  = length(var.zones)
-  cluster_type                = var.regional ? "regional" : "zonal"
+  network_project_id = var.network_project_id != "" ? var.network_project_id : var.project_id
+  zone_count         = length(var.zones)
+  cluster_type       = var.regional ? "regional" : "zonal"
 
   cluster_subnet_cidr       = var.add_cluster_firewall_rules ? data.google_compute_subnetwork.gke_subnetwork[0].ip_cidr_range : null
   cluster_alias_ranges_cidr = var.add_cluster_firewall_rules ? { for range in toset(data.google_compute_subnetwork.gke_subnetwork[0].secondary_ip_range) : range.range_name => range.ip_cidr_range } : {}
diff --git a/modules/beta-autopilot-public-cluster/variables.tf b/modules/beta-autopilot-public-cluster/variables.tf
@@ -185,17 +185,6 @@ variable "network_tags" {
   default     = []
 }
 
-variable "stub_domains" {
-  type        = map(list(string))
-  description = "Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server"
-  default     = {}
-}
-
-variable "upstream_nameservers" {
-  type        = list(string)
-  description = "If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf"
-  default     = []
-}
 
 variable "non_masquerade_cidrs" {
   type        = list(string)

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,7 @@`
`16`	`16`
`17`	`17`	`{{ autogeneration_note }}`
`18`	`18`
	`19`	`+{% if autopilot_cluster != true %}`
`19`	`20`	`/******************************************`
`20`	`21`	`Manage kube-dns configmaps`
`21`	`22`	`*****************************************/`
`@@ -101,3 +102,4 @@ EOF`
`101`	`102`	`{% endif %}`
`102`	`103`	`]`
`103`	`104`	`}`
	`105`	`+{% endif %}`
Original file line number	Diff line number	Diff line change
`@@ -357,6 +357,7 @@ variable "network_tags" {`
`357`	`357`	`default = []`
`358`	`358`	`}`
`359`	`359`
	`360`	`+{% if autopilot_cluster != true %}`
`360`	`361`	`variable "stub_domains" {`
`361`	`362`	`type = map(list(string))`
`362`	`363`	`description = "Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server"`
`@@ -368,6 +369,7 @@ variable "upstream_nameservers" {`
`368`	`369`	`description = "If specified, the values replace the nameservers taken by default from the node’s /etc/resolv.conf"`
`369`	`370`	`default = []`
`370`	`371`	`}`
	`372`	`+{% endif %}`
`371`	`373`
`372`	`374`	`variable "non_masquerade_cidrs" {`
`373`	`375`	`type = list(string)`