diff --git a/README.md b/README.md index f5480b218..c2d89bc55 100644 --- a/README.md +++ b/README.md @@ -206,7 +206,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index b9ac12384..1b2ef3ecf 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -107,7 +107,7 @@ resource "google_container_cluster" "primary" { {% if beta_cluster %} for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] {% else %} - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] {% endif %} {% else %} for_each = length(var.monitoring_enabled_components) > 0 ? [1] : [] @@ -116,7 +116,7 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components {% if autopilot_cluster != true %} managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 772cd1e54..97a802eba 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -106,7 +106,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null {% endif %} gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index 1cc0fff49..6892401ea 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -914,7 +914,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/cluster.tf b/cluster.tf index d23489b24..8478f66e9 100644 --- a/cluster.tf +++ b/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/main.tf b/main.tf index ef235581f..5a3caac73 100644 --- a/main.tf +++ b/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 221290415..053ce781b 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -252,7 +252,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 1b0df01ed..8633a8fe1 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 96cb1aa8f..315c0940c 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 812d4c6f6..fd8c1c0a5 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -868,7 +868,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 103bcd6a3..7408b4bf2 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -230,7 +230,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index cbce275c5..4b83413c4 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 96cb1aa8f..315c0940c 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 812d4c6f6..fd8c1c0a5 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -868,7 +868,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 96be1cef8..e29957dee 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -241,7 +241,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index a449aacd2..2497ab771 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index a425742d1..a08408273 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 041910f04..9884acfb2 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -832,7 +832,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index b38627a23..47b4c12d8 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -219,7 +219,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 7ce9ad4f8..d11ca4684 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -99,7 +99,7 @@ resource "google_container_cluster" "primary" { content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index a425742d1..a08408273 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 041910f04..9884acfb2 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -832,7 +832,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 94ea65a81..b1467d153 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -239,7 +239,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 52d7070b7..7577f9ead 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index 77d2d8a2e..8c446274b 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 4f9fd582e..49aef8b1c 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -839,7 +839,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 67d51ef6d..a5a9dcd1d 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -217,7 +217,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER\_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration. | `list(string)` | `[]` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index a361cb9dc..74a6df0f2 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -89,11 +89,11 @@ resource "google_container_cluster" "primary" { } dynamic "monitoring_config" { - for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] + for_each = local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index 77d2d8a2e..8c446274b 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -89,7 +89,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 4f9fd582e..49aef8b1c 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -839,7 +839,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { diff --git a/variables.tf b/variables.tf index f4c7477c0..2cc7f905c 100644 --- a/variables.tf +++ b/variables.tf @@ -803,7 +803,7 @@ variable "logging_enabled_components" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" {