terraform-google-modules
diff --git a/‎examples/simple_zonal_with_hub/README.md‎
Lines changed: 57 additions & 0 deletions b/‎examples/simple_zonal_with_hub/README.md‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎examples/simple_zonal_with_hub/hub.tf‎
Lines changed: 23 additions & 0 deletions b/‎examples/simple_zonal_with_hub/hub.tf‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎examples/simple_zonal_with_hub/main.tf‎
Lines changed: 41 additions & 0 deletions b/‎examples/simple_zonal_with_hub/main.tf‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎examples/simple_zonal_with_hub/outputs.tf‎
Lines changed: 34 additions & 0 deletions b/‎examples/simple_zonal_with_hub/outputs.tf‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎examples/simple_zonal_with_hub/test_outputs.tf‎
Lines changed: 63 additions & 0 deletions b/‎examples/simple_zonal_with_hub/test_outputs.tf‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎examples/simple_zonal_with_hub/variables.tf‎
Lines changed: 53 additions & 0 deletions b/‎examples/simple_zonal_with_hub/variables.tf‎
Lines changed: 53 additions & 0 deletions
diff --git a/‎modules/asm/README.md‎
Lines changed: 7 additions & 0 deletions b/‎modules/asm/README.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎modules/asm/main.tf‎
Lines changed: 11 additions & 36 deletions b/‎modules/asm/main.tf‎
Lines changed: 11 additions & 36 deletions
diff --git a/‎modules/asm/outputs.tf‎
Lines changed: 10 additions & 0 deletions b/‎modules/asm/outputs.tf‎
Lines changed: 10 additions & 0 deletions
@@ -0,0 +1,57 @@
+# Simple Zonal Cluster
+
+This example illustrates how to create a simple cluster and register it with [Anthos](https://cloud.google.com/anthos/multicluster-management/environs)
+
+It incorporates the standard cluster module and the [Hub registration module](../../modules/hub).
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| cluster\_name\_suffix | A suffix to append to the default cluster name | string | `""` | no |
+| ip\_range\_pods | The secondary ip range to use for pods | string | `""` | no |
+| ip\_range\_services | The secondary ip range to use for services | string | `""` | no |
+| network | The VPC network to host the cluster in | string | `"default"` | no |
+| project\_id | The project ID to host the cluster in | string | n/a | yes |
+| region | The region to host the cluster in | string | n/a | yes |
+| subnetwork | The subnetwork to host the cluster in | string | `"default"` | no |
+| zones | The zone to host the cluster in (required if is a zonal cluster) | list(string) | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| ca\_certificate |  |
+| client\_token |  |
+| cluster\_name | Cluster name |
+| ip\_range\_pods | The secondary IP range used for pods |
+| ip\_range\_services | The secondary IP range used for services |
+| kubernetes\_endpoint |  |
+| location |  |
+| master\_kubernetes\_version | The master Kubernetes version |
+| network |  |
+| project\_id |  |
+| region |  |
+| service\_account | The default service account used for running nodes. |
+| subnetwork |  |
+| zones | List of zones in which the cluster resides |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+To provision this example, run the following from within this directory:
+- `terraform init` to get the plugins
+- `terraform plan` to see the infrastructure plan
+- `terraform apply` to apply the infrastructure build
+- `terraform destroy` to destroy the built infrastructure
+
+Example:
+
+```
+terraform init
+
+terraform apply \
+    -var project_id=${PROJECT} \
+    -var region="us-central1" \
+    -var zones='["us-central1-c"]'
+```
@@ -0,0 +1,23 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "hub" {
+  source           = "../../modules/hub"
+  project_id       = var.project_id
+  location         = module.gke.location
+  cluster_name     = module.gke.name
+  cluster_endpoint = module.gke.endpoint
+}
@@ -0,0 +1,41 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  cluster_type = "simple-zonal"
+}
+
+provider "google" {
+  version = "~> 3.16.0"
+  region  = var.region
+}
+
+module "gke" {
+  source            = "../../"
+  project_id        = var.project_id
+  name              = "${local.cluster_type}-cluster${var.cluster_name_suffix}"
+  regional          = false
+  region            = var.region
+  zones             = var.zones
+  network           = var.network
+  subnetwork        = var.subnetwork
+  ip_range_pods     = var.ip_range_pods
+  ip_range_services = var.ip_range_services
+  service_account   = "create"
+}
+
+data "google_client_config" "default" {
+}
@@ -0,0 +1,34 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "kubernetes_endpoint" {
+  sensitive = true
+  value     = module.gke.endpoint
+}
+
+output "client_token" {
+  sensitive = true
+  value     = base64encode(data.google_client_config.default.access_token)
+}
+
+output "ca_certificate" {
+  value = module.gke.ca_certificate
+}
+
+output "service_account" {
+  description = "The default service account used for running nodes."
+  value       = module.gke.service_account
+}
@@ -0,0 +1,63 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// These outputs are used to test the module with kitchen-terraform
+// They do not need to be included in real-world uses of this module
+
+output "project_id" {
+  value = var.project_id
+}
+
+output "region" {
+  value = module.gke.region
+}
+
+output "cluster_name" {
+  description = "Cluster name"
+  value       = module.gke.name
+}
+
+output "network" {
+  value = var.network
+}
+
+output "subnetwork" {
+  value = var.subnetwork
+}
+
+output "location" {
+  value = module.gke.location
+}
+
+output "ip_range_pods" {
+  description = "The secondary IP range used for pods"
+  value       = var.ip_range_pods
+}
+
+output "ip_range_services" {
+  description = "The secondary IP range used for services"
+  value       = var.ip_range_services
+}
+
+output "zones" {
+  description = "List of zones in which the cluster resides"
+  value       = module.gke.zones
+}
+
+output "master_kubernetes_version" {
+  description = "The master Kubernetes version"
+  value       = module.gke.master_version
+}
@@ -0,0 +1,53 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The project ID to host the cluster in"
+}
+
+variable "cluster_name_suffix" {
+  description = "A suffix to append to the default cluster name"
+  default     = ""
+}
+
+variable "region" {
+  description = "The region to host the cluster in"
+}
+
+variable "zones" {
+  type        = list(string)
+  description = "The zone to host the cluster in (required if is a zonal cluster)"
+}
+
+variable "network" {
+  description = "The VPC network to host the cluster in"
+  default     = "default"
+}
+
+variable "subnetwork" {
+  description = "The subnetwork to host the cluster in"
+  default     = "default"
+}
+
+variable "ip_range_pods" {
+  description = "The secondary ip range to use for pods"
+  default     = ""
+}
+
+variable "ip_range_services" {
+  description = "The secondary ip range to use for services"
+  default     = ""
+}
@@ -53,4 +53,11 @@ To deploy this config:
 | project\_id | The project in which the resource belongs. | string | n/a | yes |
 | skip\_gcloud\_download | Whether to skip downloading gcloud (assumes gcloud and kubectl already available outside the module) | bool | `"true"` | no |
 
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| asm\_wait | An output to use when you want to depend on ASM finishing |
+| hub\_wait | An output to use when you want to depend on GKE hub finishing |
+
  <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -14,10 +14,6 @@
  * limitations under the License.
  */
 
-locals {
-  gke_hub_sa_key = var.enable_gke_hub_registration ? google_service_account_key.gke_hub_key[0].private_key : ""
-}
-
 module "asm_install" {
   source            = "terraform-google-modules/gcloud/google//modules/kubectl-wrapper"
   version           = "~> 1.4"
@@ -36,38 +32,17 @@ module "asm_install" {
   kubectl_destroy_command = "kubectl delete ns istio-system"
 }
 
-resource "google_service_account" "gke_hub_sa" {
-  count        = var.enable_gke_hub_registration ? 1 : 0
-  account_id   = var.gke_hub_sa_name
-  project      = var.project_id
-  display_name = "Service Account for GKE Hub Registration"
-}
-
-resource "google_project_iam_member" "gke_hub_member" {
-  count   = var.enable_gke_hub_registration ? 1 : 0
-  project = var.project_id
-  role    = "roles/gkehub.connect"
-  member  = "serviceAccount:${google_service_account.gke_hub_sa[0].email}"
-}
-
-resource "google_service_account_key" "gke_hub_key" {
-  count              = var.enable_gke_hub_registration ? 1 : 0
-  service_account_id = google_service_account.gke_hub_sa[0].name
-}
-
 module "gke_hub_registration" {
-  source  = "terraform-google-modules/gcloud/google"
-  version = "~> 1.2"
-
-  platform           = "linux"
-  gcloud_sdk_version = var.gcloud_sdk_version
-  skip_download      = var.skip_gcloud_download
-  upgrade            = true
-  enabled            = var.enable_gke_hub_registration
-  module_depends_on  = [module.asm_install.wait]
+  source = "../hub"
+
+  project_id                  = var.project_id
+  cluster_name                = var.cluster_name
+  cluster_endpoint            = var.cluster_endpoint
+  location                    = var.location
+  skip_gcloud_download        = var.skip_gcloud_download
+  gcloud_sdk_version          = var.gcloud_sdk_version
+  enable_gke_hub_registration = var.enable_gke_hub_registration
+  gke_hub_sa_name             = var.gke_hub_sa_name
+  gke_hub_membership_name     = var.gke_hub_membership_name
 
-  create_cmd_entrypoint  = "${path.module}/scripts/gke_hub_registration.sh"
-  create_cmd_body        = "${var.gke_hub_membership_name} ${var.location} ${var.cluster_name} ${local.gke_hub_sa_key}"
-  destroy_cmd_entrypoint = "gcloud"
-  destroy_cmd_body       = "container hub memberships unregister ${var.gke_hub_membership_name} --gke-cluster=${var.location}/${var.cluster_name} --project ${var.project_id}"
 }
@@ -13,3 +13,13 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
+output "asm_wait" {
+  description = "An output to use when you want to depend on ASM finishing"
+  value       = module.asm_install.wait
+}
+
+output "hub_wait" {
+  description = "An output to use when you want to depend on GKE hub finishing"
+  value       = module.gke_hub_registration.wait
+}