diff --git a/README.md b/README.md
index 601c953a09..d03c0a3540 100644
--- a/README.md
+++ b/README.md
@@ -45,6 +45,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
node_pools = [
{
@@ -143,6 +144,7 @@ Then perform the following commands on the root folder:
| enable\_resource\_consumption\_export | Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. | `bool` | `true` | no |
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gcloud\_upgrade | Whether to upgrade gcloud at runtime | `bool` | `false` | no |
diff --git a/autogen/main/README.md b/autogen/main/README.md
index 483ba08af8..d9d74c6d27 100644
--- a/autogen/main/README.md
+++ b/autogen/main/README.md
@@ -77,6 +77,7 @@ module "gke" {
network_policy = false
{% endif %}
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
{% if private_cluster %}
enable_private_endpoint = true
enable_private_nodes = true
diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl
index 741356f66b..60831abc97 100644
--- a/autogen/main/cluster.tf.tmpl
+++ b/autogen/main/cluster.tf.tmpl
@@ -185,10 +185,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
{% if autopilot_cluster != true %}
network_policy_config {
disabled = !var.network_policy
}
+
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
{% endif %}
{% if beta_cluster and autopilot_cluster != true %}
diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl
index 5b123a0ea3..17b3e273ca 100644
--- a/autogen/main/variables.tf.tmpl
+++ b/autogen/main/variables.tf.tmpl
@@ -162,6 +162,12 @@ variable "remove_default_node_pool" {
description = "Remove default node pool while setting up the cluster"
default = false
}
+
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
{% endif %}
variable "disable_legacy_metadata_endpoints" {
diff --git a/autogen/main/versions.tf.tmpl b/autogen/main/versions.tf.tmpl
index dfbfb59a46..c49c75fa99 100644
--- a/autogen/main/versions.tf.tmpl
+++ b/autogen/main/versions.tf.tmpl
@@ -24,7 +24,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
@@ -38,7 +38,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/cluster.tf b/cluster.tf
index fdfa8d572b..a06712b2d1 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -106,9 +106,14 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
}
datapath_provider = var.datapath_provider
diff --git a/modules/beta-autopilot-private-cluster/README.md b/modules/beta-autopilot-private-cluster/README.md
index f5d916f4d3..9f39b2f6c0 100644
--- a/modules/beta-autopilot-private-cluster/README.md
+++ b/modules/beta-autopilot-private-cluster/README.md
@@ -46,6 +46,7 @@ module "gke" {
ip_range_pods = "us-central1-01-gke-01-pods"
ip_range_services = "us-central1-01-gke-01-services"
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
diff --git a/modules/beta-autopilot-private-cluster/cluster.tf b/modules/beta-autopilot-private-cluster/cluster.tf
index fb0237755f..7a9ae23e5f 100644
--- a/modules/beta-autopilot-private-cluster/cluster.tf
+++ b/modules/beta-autopilot-private-cluster/cluster.tf
@@ -86,6 +86,7 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
}
datapath_provider = var.datapath_provider
diff --git a/modules/beta-autopilot-private-cluster/versions.tf b/modules/beta-autopilot-private-cluster/versions.tf
index dcf4235ae2..59ada13dfc 100644
--- a/modules/beta-autopilot-private-cluster/versions.tf
+++ b/modules/beta-autopilot-private-cluster/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/beta-autopilot-public-cluster/README.md b/modules/beta-autopilot-public-cluster/README.md
index 8ab379df96..92cd7f6342 100644
--- a/modules/beta-autopilot-public-cluster/README.md
+++ b/modules/beta-autopilot-public-cluster/README.md
@@ -43,6 +43,7 @@ module "gke" {
ip_range_pods = "us-central1-01-gke-01-pods"
ip_range_services = "us-central1-01-gke-01-services"
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_autopilot = true
}
diff --git a/modules/beta-autopilot-public-cluster/cluster.tf b/modules/beta-autopilot-public-cluster/cluster.tf
index f047f4ac1f..ef848bc88d 100644
--- a/modules/beta-autopilot-public-cluster/cluster.tf
+++ b/modules/beta-autopilot-public-cluster/cluster.tf
@@ -86,6 +86,7 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
}
datapath_provider = var.datapath_provider
diff --git a/modules/beta-autopilot-public-cluster/versions.tf b/modules/beta-autopilot-public-cluster/versions.tf
index e9f3882544..f128b73447 100644
--- a/modules/beta-autopilot-public-cluster/versions.tf
+++ b/modules/beta-autopilot-public-cluster/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md
index 3bb6709467..c51e71be19 100644
--- a/modules/beta-private-cluster-update-variant/README.md
+++ b/modules/beta-private-cluster-update-variant/README.md
@@ -70,6 +70,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
@@ -192,6 +193,7 @@ Then perform the following commands on the root folder:
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_tpu | Enable Cloud TPU resources in the cluster. WARNING: changing this after cluster creation is destructive! | `bool` | `false` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `false` | no |
diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf
index a10536bd8a..8bb01a865c 100644
--- a/modules/beta-private-cluster-update-variant/cluster.tf
+++ b/modules/beta-private-cluster-update-variant/cluster.tf
@@ -157,10 +157,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
+
istio_config {
disabled = !var.istio
auth = var.istio_auth
diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf
index b0c7ceb9e8..06c316f332 100644
--- a/modules/beta-private-cluster-update-variant/variables.tf
+++ b/modules/beta-private-cluster-update-variant/variables.tf
@@ -160,6 +160,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/beta-private-cluster-update-variant/versions.tf b/modules/beta-private-cluster-update-variant/versions.tf
index 4b405cdfa7..73b233cf85 100644
--- a/modules/beta-private-cluster-update-variant/versions.tf
+++ b/modules/beta-private-cluster-update-variant/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md
index b28908fd4e..98379fe5a1 100644
--- a/modules/beta-private-cluster/README.md
+++ b/modules/beta-private-cluster/README.md
@@ -48,6 +48,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
@@ -170,6 +171,7 @@ Then perform the following commands on the root folder:
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_tpu | Enable Cloud TPU resources in the cluster. WARNING: changing this after cluster creation is destructive! | `bool` | `false` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `false` | no |
diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf
index 6bb5e8e459..fe874b7622 100644
--- a/modules/beta-private-cluster/cluster.tf
+++ b/modules/beta-private-cluster/cluster.tf
@@ -157,10 +157,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
+
istio_config {
disabled = !var.istio
auth = var.istio_auth
diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf
index b0c7ceb9e8..06c316f332 100644
--- a/modules/beta-private-cluster/variables.tf
+++ b/modules/beta-private-cluster/variables.tf
@@ -160,6 +160,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf
index d18670b50a..7b66d371b1 100644
--- a/modules/beta-private-cluster/versions.tf
+++ b/modules/beta-private-cluster/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md
index 3b0fa1fc92..8801d7ccde 100644
--- a/modules/beta-public-cluster-update-variant/README.md
+++ b/modules/beta-public-cluster-update-variant/README.md
@@ -67,6 +67,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
istio = true
cloudrun = true
dns_cache = false
@@ -183,6 +184,7 @@ Then perform the following commands on the root folder:
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_tpu | Enable Cloud TPU resources in the cluster. WARNING: changing this after cluster creation is destructive! | `bool` | `false` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `false` | no |
diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf
index fd75857c28..762955d34b 100644
--- a/modules/beta-public-cluster-update-variant/cluster.tf
+++ b/modules/beta-public-cluster-update-variant/cluster.tf
@@ -157,10 +157,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
+
istio_config {
disabled = !var.istio
auth = var.istio_auth
diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf
index 564e019b2a..7ca71309bf 100644
--- a/modules/beta-public-cluster-update-variant/variables.tf
+++ b/modules/beta-public-cluster-update-variant/variables.tf
@@ -160,6 +160,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/beta-public-cluster-update-variant/versions.tf b/modules/beta-public-cluster-update-variant/versions.tf
index 9fdf6935dd..42448fe10e 100644
--- a/modules/beta-public-cluster-update-variant/versions.tf
+++ b/modules/beta-public-cluster-update-variant/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md
index cf329349f3..7d9d2577c5 100644
--- a/modules/beta-public-cluster/README.md
+++ b/modules/beta-public-cluster/README.md
@@ -45,6 +45,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
istio = true
cloudrun = true
dns_cache = false
@@ -161,6 +162,7 @@ Then perform the following commands on the root folder:
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_tpu | Enable Cloud TPU resources in the cluster. WARNING: changing this after cluster creation is destructive! | `bool` | `false` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `false` | no |
diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf
index 539739c9d6..a6d20774d3 100644
--- a/modules/beta-public-cluster/cluster.tf
+++ b/modules/beta-public-cluster/cluster.tf
@@ -157,10 +157,15 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
+
istio_config {
disabled = !var.istio
auth = var.istio_auth
diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf
index 564e019b2a..7ca71309bf 100644
--- a/modules/beta-public-cluster/variables.tf
+++ b/modules/beta-public-cluster/variables.tf
@@ -160,6 +160,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf
index e34e3ac3c0..cd7be4c3f7 100644
--- a/modules/beta-public-cluster/versions.tf
+++ b/modules/beta-public-cluster/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.6.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md
index 993f2be40b..f03158538a 100644
--- a/modules/private-cluster-update-variant/README.md
+++ b/modules/private-cluster-update-variant/README.md
@@ -70,6 +70,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
@@ -174,6 +175,7 @@ Then perform the following commands on the root folder:
| enable\_resource\_consumption\_export | Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. | `bool` | `true` | no |
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gcloud\_upgrade | Whether to upgrade gcloud at runtime | `bool` | `false` | no |
diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf
index 4a79dbe6c2..b5e4df2dcb 100644
--- a/modules/private-cluster-update-variant/cluster.tf
+++ b/modules/private-cluster-update-variant/cluster.tf
@@ -106,9 +106,14 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
}
datapath_provider = var.datapath_provider
diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf
index 0bd3341d92..e0138ec154 100644
--- a/modules/private-cluster-update-variant/variables.tf
+++ b/modules/private-cluster-update-variant/variables.tf
@@ -149,6 +149,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/private-cluster-update-variant/versions.tf b/modules/private-cluster-update-variant/versions.tf
index 7ae6bea1e8..ac30c92cd1 100644
--- a/modules/private-cluster-update-variant/versions.tf
+++ b/modules/private-cluster-update-variant/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md
index 0bb0e7a400..8aabf2e332 100644
--- a/modules/private-cluster/README.md
+++ b/modules/private-cluster/README.md
@@ -48,6 +48,7 @@ module "gke" {
http_load_balancing = false
network_policy = false
horizontal_pod_autoscaling = true
+ filestore_csi_driver = false
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.0.0.0/28"
@@ -152,6 +153,7 @@ Then perform the following commands on the root folder:
| enable\_resource\_consumption\_export | Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. | `bool` | `true` | no |
| enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster | `bool` | `true` | no |
| enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | `bool` | `false` | no |
+| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers. Either flag `add_master_webhook_firewall_rules` or `add_cluster_firewall_rules` (also adds egress rules) must be set to `true` for inbound-ports firewall rules to be applied. | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
| gcloud\_upgrade | Whether to upgrade gcloud at runtime | `bool` | `false` | no |
diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf
index 74ad14a293..ffa8c1a385 100644
--- a/modules/private-cluster/cluster.tf
+++ b/modules/private-cluster/cluster.tf
@@ -106,9 +106,14 @@ resource "google_container_cluster" "primary" {
horizontal_pod_autoscaling {
disabled = !var.horizontal_pod_autoscaling
}
+
network_policy_config {
disabled = !var.network_policy
}
+
+ gcp_filestore_csi_driver_config {
+ enabled = var.filestore_csi_driver
+ }
}
datapath_provider = var.datapath_provider
diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf
index 0bd3341d92..e0138ec154 100644
--- a/modules/private-cluster/variables.tf
+++ b/modules/private-cluster/variables.tf
@@ -149,6 +149,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/modules/private-cluster/versions.tf b/modules/private-cluster/versions.tf
index 245bc86668..ce6030a082 100644
--- a/modules/private-cluster/versions.tf
+++ b/modules/private-cluster/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
diff --git a/variables.tf b/variables.tf
index e01a012cbe..ce76d52bfc 100644
--- a/variables.tf
+++ b/variables.tf
@@ -149,6 +149,12 @@ variable "remove_default_node_pool" {
default = false
}
+variable "filestore_csi_driver" {
+ type = bool
+ description = "The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes"
+ default = false
+}
+
variable "disable_legacy_metadata_endpoints" {
type = bool
description = "Disable the /0.1/ and /v1beta1/ metadata server endpoints on the node. Changing this value will cause all node pools to be recreated."
diff --git a/versions.tf b/versions.tf
index 990c289615..b3239e49f8 100644
--- a/versions.tf
+++ b/versions.tf
@@ -21,7 +21,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0.0, < 5.0"
+ version = ">= 4.10.0, < 5.0"
}
kubernetes = {
source = "hashicorp/kubernetes"