From f59ebe206223946dab80c157b1388e7f0b28d4e4 Mon Sep 17 00:00:00 2001 From: Till Adam Date: Fri, 20 Oct 2023 16:10:27 +0200 Subject: [PATCH] feat: add advanced datapath observability config option --- README.md | 2 ++ autogen/main/cluster.tf.tmpl | 4 ++++ autogen/main/variables.tf.tmpl | 17 +++++++++++++++++ cluster.tf | 4 ++++ .../README.md | 2 ++ .../cluster.tf | 4 ++++ .../variables.tf | 17 +++++++++++++++++ modules/beta-private-cluster/README.md | 2 ++ modules/beta-private-cluster/cluster.tf | 4 ++++ modules/beta-private-cluster/variables.tf | 17 +++++++++++++++++ .../README.md | 2 ++ .../cluster.tf | 4 ++++ .../variables.tf | 17 +++++++++++++++++ modules/beta-public-cluster/README.md | 2 ++ modules/beta-public-cluster/cluster.tf | 4 ++++ modules/beta-public-cluster/variables.tf | 17 +++++++++++++++++ .../private-cluster-update-variant/README.md | 2 ++ .../private-cluster-update-variant/cluster.tf | 4 ++++ .../private-cluster-update-variant/variables.tf | 17 +++++++++++++++++ modules/private-cluster/README.md | 2 ++ modules/private-cluster/cluster.tf | 4 ++++ modules/private-cluster/variables.tf | 17 +++++++++++++++++ variables.tf | 17 +++++++++++++++++ 23 files changed, 182 insertions(+) diff --git a/README.md b/README.md index fdb677beb9..699a7ae51a 100644 --- a/README.md +++ b/README.md @@ -186,6 +186,8 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 4c96c90062..2161010a69 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -123,6 +123,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index 1848cf0afe..773cd7a4a7 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -721,6 +721,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/cluster.tf b/cluster.tf index 7c8b05cdaa..39876120e8 100644 --- a/cluster.tf +++ b/cluster.tf @@ -88,6 +88,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 9784d38d29..4118a47505 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -237,6 +237,8 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index fdbecb2ac2..5b3c85461e 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -100,6 +100,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 6a444b2f53..202f6484f5 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -681,6 +681,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 9563237347..13334833fd 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -215,6 +215,8 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 520b0529a8..c1e67a24c8 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -100,6 +100,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 6a444b2f53..202f6484f5 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -681,6 +681,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 3b515c1f2d..32c88ea210 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -226,6 +226,8 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 63af038480..3caf33442f 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -100,6 +100,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 46572f3c17..8a2f9376db 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -651,6 +651,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 4d606346bd..6562a96794 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -204,6 +204,8 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index a8db1c6e13..0706af539d 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -100,6 +100,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 46572f3c17..8a2f9376db 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -651,6 +651,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 097fb66526..eac2f14cc9 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -219,6 +219,8 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 191c99ec50..9f85385a87 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -88,6 +88,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index f06b1e9d95..8811ac544b 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -645,6 +645,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 3ebfe4acf7..0a17eb308e 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -197,6 +197,8 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Beta) The IP range in CIDR notation to use for the hosted master network | `string` | `"10.0.0.0/28"` | no | +| monitoring\_advanced\_datapath\_observability\_config\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | +| monitoring\_enable\_advanced\_datapath\_observability\_config\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index c2fa9906dc..6d3da21afd 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -88,6 +88,10 @@ resource "google_container_cluster" "primary" { managed_prometheus { enabled = var.monitoring_enable_managed_prometheus } + advanced_datapath_observability_config { + enabled = var.monitoring_enable_advanced_datapath_observability_config_metrics + relay_mode = var.monitoring_advanced_datapath_observability_config_metrics_relay_mode + } } } cluster_autoscaling { diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index f06b1e9d95..8811ac544b 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -645,6 +645,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration." diff --git a/variables.tf b/variables.tf index e5757a9b07..b855060c4f 100644 --- a/variables.tf +++ b/variables.tf @@ -615,6 +615,23 @@ variable "monitoring_enable_managed_prometheus" { default = false } +variable "monitoring_enable_advanced_datapath_observability_config_metrics" { + type = bool + description = "Whether or not the advanced datapath metrics are enabled." + default = null +} + +variable "monitoring_advanced_datapath_observability_config_metrics_relay_mode" { + type = string + description = "Mode used to make advanced datapath metrics relay available." + default = null + validation { + condition = contains(["DISABLED", "INTERNAL_VPC_LB", "EXTERNAL_LB", null], var.node_metadata) + error_message = "The advanced datapath metrics relay value must be one of DISABLED, INTERNAL_VPC_LB, EXTERNAL_LB." + } + +} + variable "monitoring_enabled_components" { type = list(string) description = "List of services to monitor: SYSTEM_COMPONENTS, WORKLOADS (provider version >= 3.89.0). Empty list is default GKE configuration."