diff --git a/autogen/safer-cluster/main.tf.tmpl b/autogen/safer-cluster/main.tf.tmpl
index 3a06a87e3f..13ed26c9b6 100644
--- a/autogen/safer-cluster/main.tf.tmpl
+++ b/autogen/safer-cluster/main.tf.tmpl
@@ -97,7 +97,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags
- node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
+ node_pools_cgroup_mode = var.node_pools_cgroup_mode
cluster_autoscaling = var.cluster_autoscaling
diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl
index 678eaa2a3a..e18a47a852 100644
--- a/autogen/safer-cluster/variables.tf.tmpl
+++ b/autogen/safer-cluster/variables.tf.tmpl
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}
+variable "node_pools_linux_node_configs_sysctls" {
+ type = map(map(string))
+ description = "Map of maps containing linux node config sysctls by node-pool name"
+
+ default = {
+ all = {}
+ default-node-pool = {}
+ }
+}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
+
variable "cluster_autoscaling" {
type = object({
enabled = bool
diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md
index ee0e3c39e8..4a832f4616 100644
--- a/modules/safer-cluster-update-variant/README.md
+++ b/modules/safer-cluster-update-variant/README.md
@@ -257,7 +257,9 @@ For simplicity, we suggest using `roles/container.admin` and
| network | The VPC network to host the cluster in | `string` | n/a | yes |
| network\_project\_id | The project ID of the shared VPC's host (for shared vpc support) | `string` | `""` | no |
| node\_pools | List of maps containing node pools | `list(map(string))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
+| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | `map(list(string))` | {
"all": [
"https://www.googleapis.com/auth/cloud-platform"
],
"default-node-pool": []
} | no |
| node\_pools\_resource\_labels | Map of maps containing resource labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/safer-cluster-update-variant/main.tf b/modules/safer-cluster-update-variant/main.tf
index a13fafe5fe..7af46dc1d1 100644
--- a/modules/safer-cluster-update-variant/main.tf
+++ b/modules/safer-cluster-update-variant/main.tf
@@ -93,7 +93,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags
- node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
+ node_pools_cgroup_mode = var.node_pools_cgroup_mode
cluster_autoscaling = var.cluster_autoscaling
diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf
index 02d6f8e526..c481cd926c 100644
--- a/modules/safer-cluster-update-variant/variables.tf
+++ b/modules/safer-cluster-update-variant/variables.tf
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}
+variable "node_pools_linux_node_configs_sysctls" {
+ type = map(map(string))
+ description = "Map of maps containing linux node config sysctls by node-pool name"
+
+ default = {
+ all = {}
+ default-node-pool = {}
+ }
+}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
+
variable "cluster_autoscaling" {
type = object({
enabled = bool
diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md
index ee0e3c39e8..4a832f4616 100644
--- a/modules/safer-cluster/README.md
+++ b/modules/safer-cluster/README.md
@@ -257,7 +257,9 @@ For simplicity, we suggest using `roles/container.admin` and
| network | The VPC network to host the cluster in | `string` | n/a | yes |
| network\_project\_id | The project ID of the shared VPC's host (for shared vpc support) | `string` | `""` | no |
| node\_pools | List of maps containing node pools | `list(map(string))` | [
{
"name": "default-node-pool"
}
]
| no |
+| node\_pools\_cgroup\_mode | Map of strings containing cgroup node config by node-pool name | `map(string)` | {
"all": "",
"default-node-pool": ""
} | no |
| node\_pools\_labels | Map of maps containing node labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
+| node\_pools\_linux\_node\_configs\_sysctls | Map of maps containing linux node config sysctls by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_metadata | Map of maps containing node metadata by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
| node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | `map(list(string))` | {
"all": [
"https://www.googleapis.com/auth/cloud-platform"
],
"default-node-pool": []
} | no |
| node\_pools\_resource\_labels | Map of maps containing resource labels by node-pool name | `map(map(string))` | {
"all": {},
"default-node-pool": {}
} | no |
diff --git a/modules/safer-cluster/main.tf b/modules/safer-cluster/main.tf
index e113c09a6a..ea8042fe28 100644
--- a/modules/safer-cluster/main.tf
+++ b/modules/safer-cluster/main.tf
@@ -93,7 +93,9 @@ module "gke" {
node_pools_taints = var.node_pools_taints
node_pools_tags = var.node_pools_tags
- node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_oauth_scopes = var.node_pools_oauth_scopes
+ node_pools_linux_node_configs_sysctls = var.node_pools_linux_node_configs_sysctls
+ node_pools_cgroup_mode = var.node_pools_cgroup_mode
cluster_autoscaling = var.cluster_autoscaling
diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf
index 02d6f8e526..c481cd926c 100644
--- a/modules/safer-cluster/variables.tf
+++ b/modules/safer-cluster/variables.tf
@@ -224,6 +224,25 @@ variable "node_pools_oauth_scopes" {
}
}
+variable "node_pools_linux_node_configs_sysctls" {
+ type = map(map(string))
+ description = "Map of maps containing linux node config sysctls by node-pool name"
+
+ default = {
+ all = {}
+ default-node-pool = {}
+ }
+}
+variable "node_pools_cgroup_mode" {
+ type = map(string)
+ description = "Map of strings containing cgroup node config by node-pool name"
+
+ default = {
+ all = ""
+ default-node-pool = ""
+ }
+}
+
variable "cluster_autoscaling" {
type = object({
enabled = bool