Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove automatic subnetwork creation in GKE #4638

Closed
rileykarson opened this issue Oct 8, 2019 · 1 comment
Closed

Remove automatic subnetwork creation in GKE #4638

rileykarson opened this issue Oct 8, 2019 · 1 comment
Assignees
@rileykarson
Labels
breaking-change technical-debt
Milestone
3.0.0

Comments

@rileykarson
Copy link
Collaborator

rileykarson commented Oct 8, 2019
edited
Loading 

resource "google_compute_network" "container_network" {
  name                    = "container-network"
  auto_create_subnetworks = false
}

+resource "google_compute_subnetwork" "container_subnetwork" {
+  name          = "container-subnetwork"
+  ip_cidr_range = "10.2.0.0/16"
+  region        = "us-central1"
+  network       = "${google_compute_network.container_network.self_link}"
+}

resource "google_container_cluster" "primary" {
  name       = "my-cluster"
  location   = "us-central1"
  network    = "${google_compute_network.container_network.name}"
+ subnetwork = "${google_compute_subnetwork.container_subnetwork.name}"
  
   ip_allocation_policy {
-    use_ip_aliases           = true
-    create_subnetwork        = true
     cluster_ipv4_cidr_block  = "10.0.0.0/16"
     services_ipv4_cidr_block = "10.1.0.0/16"
-    node_ipv4_cidr_block     = "10.2.0.0/16"
   }
}

Changes:

  • ip_allocation_policy.node_ipv4_cidr_block removed
    (This controls the primary range of the created subnetwork)
  • ip_allocation_policy.create_subnetwork, ip_allocation_policy.subnetwork_name removed.
  • ip_allocation_policy.use_ip_aliases removed
    • Enablement is now based on ip_allocation_policy being defined
  • Conflict added between node_ipv4_cidr, ip_allocation_policy

Motivation:

Mixing control planes isn't a great idea, and using create_subnetwork means that GKE is the control plane for subnetworks; it's a lot more Terraform-friendly for the all GKE subnetworks to be Terraform-managed.

With this change, configuration of subnetworks using the google_compute_subnetwork resource mirrors the Console, where GKE-created subnetworks don’t exist. node_ipv4_cidr vs node_ipv4_cidr_block is no longer confusing as node_ipv4_cidr_block is removed. Additionally, usage with Shared VPC will be more clear, as create_subnetwork does not work in those circumstances.

This change will require manual intervention on the part of users to import subnetworks that were previously manually created.
@rileykarson rileykarson added this to the 3.0.0 milestone Oct 8, 2019
@rileykarson rileykarson self-assigned this Oct 8, 2019
This was referenced Oct 8, 2019
Closed
Closed
@rileykarson rileykarson mentioned this issue Oct 29, 2019
Merged
@rileykarson rileykarson mentioned this issue Nov 7, 2019
Merged
@ghost
Copy link

ghost commented Dec 9, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Dec 9, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rileykarson rileykarson

Labels
breaking-change technical-debt
Projects
None yet
Milestone
3.0.0
Development

No branches or pull requests
1 participant
@rileykarson