Added cluster autoscaling

Updated docs

Added tests for cluster autoscaling in node_pool fixture

* Fix hashicorp#93

autogen/cluster.tf.tmpl

@@ -45,6 +45,7 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+
 {% if beta_cluster %}
   dynamic "release_channel" {
     for_each = local.release_channel
@@ -62,6 +63,18 @@ resource "google_container_cluster" "primary" {
   monitoring_service = var.monitoring_service
 
 {% if beta_cluster %}
+  cluster_autoscaling {
+    enabled = var.cluster_autoscaling.enabled
+    dynamic "resource_limits" {
+      for_each = local.autoscalling_resource_limits
+      content {
+        resource_type = lookup(resource_limits.value, "resource_type")
+        minimum       = lookup(resource_limits.value, "minimum")
+        maximum       = lookup(resource_limits.value, "maximum")
+      }
+    }
+  }
+
   enable_binary_authorization = var.enable_binary_authorization
   enable_intranode_visibility = var.enable_intranode_visibility
   default_max_pods_per_node   = var.default_max_pods_per_node

autogen/main.tf.tmpl

@@ -50,6 +50,20 @@ locals {
   node_version            = var.regional ? local.node_version_regional : local.node_version_zonal
 {% if beta_cluster %}
   release_channel         = var.release_channel != null ? [{ channel : var.release_channel }] : []
+  limits                  = var.cluster_autoscaling.resource_limits
+
+  autoscalling_resource_limits = concat(
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_cpu_cores", 0) > lookup(local.limits, "min_cpu_cores", 0) ? [{
+      resource_type = "cpu"
+      minimum       = local.limits["min_cpu_cores"]
+      maximum       = local.limits["max_cpu_cores"]
+    }] : [],
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_memory_gb", 0) > lookup(local.limits, "min_memory_gb", 0) ? [{
+      resource_type = "memory"
+      minimum       = local.limits["min_memory_gb"]
+      maximum       = local.limits["max_memory_gb"]
+    }] : []
+  )
 {% endif %}
 
 

autogen/variables.tf.tmpl

@@ -178,8 +178,20 @@ variable "node_pools_metadata" {
     default-node-pool = {}
   }
 }
-
 {% if beta_cluster %}
+
+variable "cluster_autoscaling" {
+  type = object({
+    enabled         = bool
+    resource_limits = map(number)
+  })
+  default = {
+    enabled         = false
+    resource_limits = {}
+  }
+  description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
+}
+
 variable "node_pools_taints" {
   type        = map(list(object({key=string,value=string,effect=string})))
   description = "Map of lists containing node taints by node-pool name"

cluster.tf

@@ -42,6 +42,7 @@ resource "google_container_cluster" "primary" {
   }
 
 
+
   subnetwork         = data.google_compute_subnetwork.gke_subnetwork.self_link
   min_master_version = local.master_version
 

examples/node_pool/README.md

@@ -7,6 +7,7 @@ This example illustrates how to create a cluster with multiple custom node-pool
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
+| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | object | `<map>` | no |
 | cluster\_name\_suffix | A suffix to append to the default cluster name | string | `""` | no |
 | compute\_engine\_service\_account | Service account to associate to the nodes in the cluster | string | n/a | yes |
 | ip\_range\_pods | The secondary ip range to use for pods | string | n/a | yes |

examples/node_pool/main.tf

@@ -36,6 +36,7 @@ module "gke" {
   create_service_account            = false
   remove_default_node_pool          = true
   disable_legacy_metadata_endpoints = false
+  cluster_autoscaling               = var.cluster_autoscaling
 
   node_pools = [
     {

examples/node_pool/variables.tf

@@ -52,3 +52,14 @@ variable "compute_engine_service_account" {
   description = "Service account to associate to the nodes in the cluster"
 }
 
+variable "cluster_autoscaling" {
+  type = object({
+    enabled         = bool
+    resource_limits = map(number)
+  })
+  default = {
+    enabled         = false
+    resource_limits = {}
+  }
+  description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
+}

modules/beta-private-cluster-update-variant/README.md

@@ -142,6 +142,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
 | basic\_auth\_password | The password to be used with Basic Authentication. | string | `""` | no |
 | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no |
 | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no |
+| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | object | `<map>` | no |
 | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no |
 | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `<map>` | no |
 | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no |

modules/beta-private-cluster-update-variant/cluster.tf

@@ -41,6 +41,7 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+
   dynamic "release_channel" {
     for_each = local.release_channel
 
@@ -55,6 +56,18 @@ resource "google_container_cluster" "primary" {
   logging_service    = var.logging_service
   monitoring_service = var.monitoring_service
 
+  cluster_autoscaling {
+    enabled = var.cluster_autoscaling.enabled
+    dynamic "resource_limits" {
+      for_each = local.autoscalling_resource_limits
+      content {
+        resource_type = lookup(resource_limits.value, "resource_type")
+        minimum       = lookup(resource_limits.value, "minimum")
+        maximum       = lookup(resource_limits.value, "maximum")
+      }
+    }
+  }
+
   enable_binary_authorization = var.enable_binary_authorization
   enable_intranode_visibility = var.enable_intranode_visibility
   default_max_pods_per_node   = var.default_max_pods_per_node

modules/beta-private-cluster-update-variant/main.tf

@@ -45,6 +45,20 @@ locals {
   master_version          = var.regional ? local.master_version_regional : local.master_version_zonal
   node_version            = var.regional ? local.node_version_regional : local.node_version_zonal
   release_channel         = var.release_channel != null ? [{ channel : var.release_channel }] : []
+  limits                  = var.cluster_autoscaling.resource_limits
+
+  autoscalling_resource_limits = concat(
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_cpu_cores", 0) > lookup(local.limits, "min_cpu_cores", 0) ? [{
+      resource_type = "cpu"
+      minimum       = local.limits["min_cpu_cores"]
+      maximum       = local.limits["max_cpu_cores"]
+    }] : [],
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_memory_gb", 0) > lookup(local.limits, "min_memory_gb", 0) ? [{
+      resource_type = "memory"
+      minimum       = local.limits["min_memory_gb"]
+      maximum       = local.limits["max_memory_gb"]
+    }] : []
+  )
 
 
   custom_kube_dns_config      = length(keys(var.stub_domains)) > 0

modules/beta-private-cluster-update-variant/variables.tf

@@ -179,6 +179,18 @@ variable "node_pools_metadata" {
   }
 }
 
+variable "cluster_autoscaling" {
+  type = object({
+    enabled         = bool
+    resource_limits = map(number)
+  })
+  default = {
+    enabled         = false
+    resource_limits = {}
+  }
+  description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
+}
+
 variable "node_pools_taints" {
   type        = map(list(object({ key = string, value = string, effect = string })))
   description = "Map of lists containing node taints by node-pool name"

modules/beta-private-cluster/README.md

@@ -142,6 +142,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
 | basic\_auth\_password | The password to be used with Basic Authentication. | string | `""` | no |
 | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no |
 | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no |
+| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | object | `<map>` | no |
 | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no |
 | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `<map>` | no |
 | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no |

modules/beta-private-cluster/cluster.tf

@@ -41,6 +41,7 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+
   dynamic "release_channel" {
     for_each = local.release_channel
 
@@ -55,6 +56,18 @@ resource "google_container_cluster" "primary" {
   logging_service    = var.logging_service
   monitoring_service = var.monitoring_service
 
+  cluster_autoscaling {
+    enabled = var.cluster_autoscaling.enabled
+    dynamic "resource_limits" {
+      for_each = local.autoscalling_resource_limits
+      content {
+        resource_type = lookup(resource_limits.value, "resource_type")
+        minimum       = lookup(resource_limits.value, "minimum")
+        maximum       = lookup(resource_limits.value, "maximum")
+      }
+    }
+  }
+
   enable_binary_authorization = var.enable_binary_authorization
   enable_intranode_visibility = var.enable_intranode_visibility
   default_max_pods_per_node   = var.default_max_pods_per_node

modules/beta-private-cluster/main.tf

@@ -45,6 +45,20 @@ locals {
   master_version          = var.regional ? local.master_version_regional : local.master_version_zonal
   node_version            = var.regional ? local.node_version_regional : local.node_version_zonal
   release_channel         = var.release_channel != null ? [{ channel : var.release_channel }] : []
+  limits                  = var.cluster_autoscaling.resource_limits
+
+  autoscalling_resource_limits = concat(
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_cpu_cores", 0) > lookup(local.limits, "min_cpu_cores", 0) ? [{
+      resource_type = "cpu"
+      minimum       = local.limits["min_cpu_cores"]
+      maximum       = local.limits["max_cpu_cores"]
+    }] : [],
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_memory_gb", 0) > lookup(local.limits, "min_memory_gb", 0) ? [{
+      resource_type = "memory"
+      minimum       = local.limits["min_memory_gb"]
+      maximum       = local.limits["max_memory_gb"]
+    }] : []
+  )
 
 
   custom_kube_dns_config      = length(keys(var.stub_domains)) > 0

modules/beta-private-cluster/variables.tf

@@ -179,6 +179,18 @@ variable "node_pools_metadata" {
   }
 }
 
+variable "cluster_autoscaling" {
+  type = object({
+    enabled         = bool
+    resource_limits = map(number)
+  })
+  default = {
+    enabled         = false
+    resource_limits = {}
+  }
+  description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
+}
+
 variable "node_pools_taints" {
   type        = map(list(object({ key = string, value = string, effect = string })))
   description = "Map of lists containing node taints by node-pool name"

modules/beta-public-cluster/README.md

@@ -137,6 +137,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o
 | basic\_auth\_password | The password to be used with Basic Authentication. | string | `""` | no |
 | basic\_auth\_username | The username to be used with Basic Authentication. An empty value will disable Basic Authentication, which is the recommended configuration. | string | `""` | no |
 | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no |
+| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | object | `<map>` | no |
 | cluster\_ipv4\_cidr | The IP address range of the kubernetes pods in this cluster. Default is an automatically assigned CIDR. | string | `""` | no |
 | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `<map>` | no |
 | configure\_ip\_masq | Enables the installation of ip masquerading, which is usually no longer required when using aliasied IP addresses. IP masquerading uses a kubectl call, so when you have a private cluster, you will need access to the API server. | string | `"false"` | no |

modules/beta-public-cluster/cluster.tf

@@ -41,6 +41,7 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+
   dynamic "release_channel" {
     for_each = local.release_channel
 
@@ -55,6 +56,18 @@ resource "google_container_cluster" "primary" {
   logging_service    = var.logging_service
   monitoring_service = var.monitoring_service
 
+  cluster_autoscaling {
+    enabled = var.cluster_autoscaling.enabled
+    dynamic "resource_limits" {
+      for_each = local.autoscalling_resource_limits
+      content {
+        resource_type = lookup(resource_limits.value, "resource_type")
+        minimum       = lookup(resource_limits.value, "minimum")
+        maximum       = lookup(resource_limits.value, "maximum")
+      }
+    }
+  }
+
   enable_binary_authorization = var.enable_binary_authorization
   enable_intranode_visibility = var.enable_intranode_visibility
   default_max_pods_per_node   = var.default_max_pods_per_node

modules/beta-public-cluster/main.tf

@@ -45,6 +45,20 @@ locals {
   master_version          = var.regional ? local.master_version_regional : local.master_version_zonal
   node_version            = var.regional ? local.node_version_regional : local.node_version_zonal
   release_channel         = var.release_channel != null ? [{ channel : var.release_channel }] : []
+  limits                  = var.cluster_autoscaling.resource_limits
+
+  autoscalling_resource_limits = concat(
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_cpu_cores", 0) > lookup(local.limits, "min_cpu_cores", 0) ? [{
+      resource_type = "cpu"
+      minimum       = local.limits["min_cpu_cores"]
+      maximum       = local.limits["max_cpu_cores"]
+    }] : [],
+    var.cluster_autoscaling.enabled && lookup(local.limits, "max_memory_gb", 0) > lookup(local.limits, "min_memory_gb", 0) ? [{
+      resource_type = "memory"
+      minimum       = local.limits["min_memory_gb"]
+      maximum       = local.limits["max_memory_gb"]
+    }] : []
+  )
 
 
   custom_kube_dns_config      = length(keys(var.stub_domains)) > 0

modules/beta-public-cluster/variables.tf

@@ -179,6 +179,18 @@ variable "node_pools_metadata" {
   }
 }
 
+variable "cluster_autoscaling" {
+  type = object({
+    enabled         = bool
+    resource_limits = map(number)
+  })
+  default = {
+    enabled         = false
+    resource_limits = {}
+  }
+  description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
+}
+
 variable "node_pools_taints" {
   type        = map(list(object({ key = string, value = string, effect = string })))
   description = "Map of lists containing node taints by node-pool name"

modules/private-cluster-update-variant/cluster.tf

@@ -42,6 +42,7 @@ resource "google_container_cluster" "primary" {
   }
 
 
+
   subnetwork         = data.google_compute_subnetwork.gke_subnetwork.self_link
   min_master_version = local.master_version
 

modules/private-cluster-update-variant/variables.tf

@@ -178,7 +178,6 @@ variable "node_pools_metadata" {
     default-node-pool = {}
   }
 }
-
 variable "node_pools_tags" {
   type        = map(list(string))
   description = "Map of lists containing node network tags by node-pool name"

modules/private-cluster/cluster.tf

@@ -42,6 +42,7 @@ resource "google_container_cluster" "primary" {
   }
 
 
+
   subnetwork         = data.google_compute_subnetwork.gke_subnetwork.self_link
   min_master_version = local.master_version
 

modules/private-cluster/variables.tf

@@ -178,7 +178,6 @@ variable "node_pools_metadata" {
     default-node-pool = {}
   }
 }
-
 variable "node_pools_tags" {
   type        = map(list(string))
   description = "Map of lists containing node network tags by node-pool name"

test/fixtures/node_pool/example.tf

@@ -26,5 +26,15 @@ module "example" {
   ip_range_pods                  = google_compute_subnetwork.main.secondary_ip_range[0].range_name
   ip_range_services              = google_compute_subnetwork.main.secondary_ip_range[1].range_name
   compute_engine_service_account = var.compute_engine_service_account
+
+  cluster_autoscaling = {
+    enabled = true
+    resource_limits = {
+      max_cpu_cores = 20
+      min_cpu_cores = 5
+      max_memory_gb = 30
+      min_memory_gb = 10
+    }
+  }
 }