diff --git a/README.md b/README.md index f5480b2183..c2d89bc55c 100644 --- a/README.md +++ b/README.md @@ -206,7 +206,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index b9ac123849..1b2ef3ecf7 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -107,7 +107,7 @@ resource "google_container_cluster" "primary" { {% if beta_cluster %} for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] {% else %} - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] {% endif %} {% else %} for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] @@ -116,7 +116,7 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components {% if autopilot_cluster != true %} managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 772cd1e548..97a802eba9 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -106,7 +106,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null {% endif %} gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index 1cc0fff491..6892401ea2 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -914,7 +914,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/cluster.tf b/cluster.tf index d23489b24c..8478f66e94 100644 --- a/cluster.tf +++ b/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/main.tf b/main.tf index ef235581f1..5a3caac731 100644 --- a/main.tf +++ b/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 2212904155..053ce781b4 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -252,7 +252,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 1b0df01ed9..8633a8fe15 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 96cb1aa8fe..315c0940c5 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 812d4c6f60..fd8c1c0a52 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -868,7 +868,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 103bcd6a3d..7408b4bf29 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -230,7 +230,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index cbce275c59..4b83413c40 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 96cb1aa8fe..315c0940c5 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 812d4c6f60..fd8c1c0a52 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -868,7 +868,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 96be1cef85..e29957deed 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -241,7 +241,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index a449aacd27..2497ab7714 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index a425742d18..a08408273d 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 041910f047..9884acfb29 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -832,7 +832,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index b38627a23b..47b4c12d86 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -219,7 +219,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 7ce9ad4f88..d11ca4684d 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index a425742d18..a08408273d 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 041910f047..9884acfb29 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -832,7 +832,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 94ea65a81d..b1467d1536 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -239,7 +239,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 52d7070b7d..7577f9eadb 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index 77d2d8a2e0..8c446274bd 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 4f9fd582ee..49aef8b1ca 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -839,7 +839,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 67d51ef6d3..a5a9dcd1df 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -217,7 +217,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index a361cb9dc6..74a6df0f26 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index 77d2d8a2e0..8c446274bd 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 4f9fd582ee..49aef8b1ca 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -839,7 +839,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/variables.tf b/variables.tf index f4c7477c0d..2cc7f905ca 100644 --- a/variables.tf +++ b/variables.tf @@ -803,7 +803,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" {