diff --git a/README.md b/README.md index 8927e84d4b..1d863fbff8 100644 --- a/README.md +++ b/README.md @@ -198,8 +198,9 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index d197879e47..f9474d78c9 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -121,11 +121,15 @@ resource "google_container_cluster" "primary" { {% endif %} content{ enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 38aa098b0b..84f1970449 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -105,8 +105,8 @@ locals { enabled = false provider = null }] - cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index d420ed96ce..ca47aca016 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -767,13 +767,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/cluster.tf b/cluster.tf index 969a0bf57a..c24134752d 100644 --- a/cluster.tf +++ b/cluster.tf @@ -94,11 +94,15 @@ resource "google_container_cluster" "primary" { for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/main.tf b/main.tf index f41e968be5..ee6350cf77 100644 --- a/main.tf +++ b/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index ba2948a962..25f77b35bd 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -246,8 +246,9 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index f3f6c1d216..d38bafd8fd 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -100,11 +100,15 @@ resource "google_container_cluster" "primary" { for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 15f03a4b94..4f157423f6 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index da51f48691..601d0434e6 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -734,13 +734,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 863d39522f..b1d275d247 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -224,8 +224,9 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index dfcd012def..e847ce8968 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -100,11 +100,15 @@ resource "google_container_cluster" "primary" { for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 15f03a4b94..4f157423f6 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index da51f48691..601d0434e6 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -734,13 +734,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 5976e0a7c8..ac9e2c6b0d 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -235,8 +235,9 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 60a9f80687..c07d109e1b 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -100,11 +100,15 @@ resource "google_container_cluster" "primary" { for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index 69b8c783d6..4dc7618589 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index cc0ae40e23..586bd4e60c 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -704,13 +704,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index fb40bfb57d..d828f5c414 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -213,8 +213,9 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 6be429c0b6..8d8b41a78d 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -100,11 +100,15 @@ resource "google_container_cluster" "primary" { for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index 69b8c783d6..4dc7618589 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index cc0ae40e23..586bd4e60c 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -704,13 +704,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index ffcab6b500..eea21d48a1 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -231,8 +231,9 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 03c3082bb4..727696de29 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -94,11 +94,15 @@ resource "google_container_cluster" "primary" { for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index 7c7de2529f..614babb49a 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 85b100dbb3..4828fd9ea6 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -710,13 +710,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 053b9feb87..452bd579c5 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -209,8 +209,9 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | The IP range in CIDR notation to use for the hosted master network. Optional for Autopilot clusters. | `string` | `"10.0.0.0/28"` | no | -| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `false` | no | -| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | +| monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `null` | no | +| monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `null` | no | | monitoring\_enabled\_components | List of services to monitor: SYSTEM\_COMPONENTS, WORKLOADS. Empty list is default GKE configuration. | `list(string)` | `[]` | no | | monitoring\_observability\_metrics\_relay\_mode | Mode used to make advanced datapath metrics relay available. | `string` | `null` | no | | monitoring\_service | The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none | `string` | `"monitoring.googleapis.com/kubernetes"` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index 21edac9a01..628e14ad1d 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -94,11 +94,15 @@ resource "google_container_cluster" "primary" { for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : [] content { enable_components = var.monitoring_enabled_components - managed_prometheus { - enabled = var.monitoring_enable_managed_prometheus + dynamic "managed_prometheus" { + for_each = var.monitoring_enable_managed_prometheus != null ? [1] : [] + content { + enabled = var.monitoring_enable_managed_prometheus + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics + enable_relay = var.monitoring_enable_observability_relay relay_mode = var.monitoring_observability_metrics_relay_mode } } diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index 7c7de2529f..614babb49a 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -91,7 +91,7 @@ locals { provider = null }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] - logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus != null || var.monitoring_enable_observability_metrics != null || var.monitoring_enable_observability_relay != null || var.monitoring_observability_metrics_relay_mode != null gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] gcs_fuse_csi_driver_config = var.gcs_fuse_csi_driver ? [{ enabled = true }] : [] stateful_ha_config = var.stateful_ha ? [{ enabled = true }] : [] diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 85b100dbb3..4828fd9ea6 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -710,13 +710,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" { diff --git a/test/integration/beta_cluster/testdata/TestBetaCluster.json b/test/integration/beta_cluster/testdata/TestBetaCluster.json index dbc703d59b..80a604c9cd 100755 --- a/test/integration/beta_cluster/testdata/TestBetaCluster.json +++ b/test/integration/beta_cluster/testdata/TestBetaCluster.json @@ -100,7 +100,7 @@ }, "monitoringConfig": { "advancedDatapathObservabilityConfig": { - "enableRelay": false + "enableMetrics": false }, "componentConfig": { "enableComponents": [ diff --git a/test/integration/simple_regional/testdata/TestSimpleRegional.json b/test/integration/simple_regional/testdata/TestSimpleRegional.json index 16d6297fdc..6d5fbcfddd 100644 --- a/test/integration/simple_regional/testdata/TestSimpleRegional.json +++ b/test/integration/simple_regional/testdata/TestSimpleRegional.json @@ -102,7 +102,7 @@ }, "monitoringConfig": { "advancedDatapathObservabilityConfig": { - "enableRelay": false + "enableMetrics": false }, "componentConfig": { "enableComponents": [ diff --git a/variables.tf b/variables.tf index eef896bf04..c77d0e0dfa 100644 --- a/variables.tf +++ b/variables.tf @@ -680,13 +680,19 @@ variable "timeouts" { variable "monitoring_enable_managed_prometheus" { type = bool description = "Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled." - default = false + default = null } variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." - default = false + default = null +} + +variable "monitoring_enable_observability_relay" { + type = bool + description = "Whether or not the advanced datapath relay is enabled." + default = null } variable "monitoring_observability_metrics_relay_mode" {