All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Extending the adopted spec, each change should have a link to its corresponding pull request appended.
8.1.0 (2020-04-10)
- Add peering_name output for private clusters and increase minimum provider version to 3.14 (#484) (ff6b5cc)
- Add support for enabling Nodelocal dns cache (var.dns_cache) (#477) (de8e1d5)
8.0.0 (2020-04-07)
v8.0.0 is a backwards-incompatible release. Please see the upgrading guide.
- Beta clusters now have Workload Identity enabled by default. To disable Workload Identity, set
identity_namespace = null
- Beta clusters now have shielded nodes enabled by default. To disable, set
enable_shielded_nodes = false
.
- Add support for setting var.istio_auth (#462) (fff4272)
- Added support for specifying autoscaling_profile in var.cluster_autoscaling (#456) (1ac2c5c)
- Enable WI and shielded nodes by default in beta clusters (#441) (704962b)
- Rollout default_max_pods_per_node setting to GA modules (#439) (36ddbbb)
- Correct bug in passing var.zones for safer cluster modules (#474) (7660b51)
- Fix CI for Workload Identity (#460) (025f8b7)
- Remove unused variable
service_account
in safer-cluster to avoid confusion (#448) (a30e7cd) - update and pin kubernetes provider to >= 1.11.1 (#453) (418d9b3)
- Use gcloud module for ACM submodule, will force reinstall of ACM (#442) (9737190), closes #454
7.3.0 (2020-02-19)
7.2.0 (2020-02-11)
- Add master_ipv4_cidr_block output for private clusters (#427) (2cc64c8)
- Allow workload identity submodule to update existing k8s SA. (#430) (51fba38)
7.1.0 (2020-02-07)
- Change for_each splat syntax on update variants, closes #414 (#415) (a20425f)
- If release_channel is active, set min_master_version to null (#412) (4c7b399)
- Prevents "Invalid index" when creating private cluster (#422) (cc53d1c), closes #419
- Stop warning about deprecated external references from destroy provisioners. (#420) (c8fde26)
7.0.0 (2020-01-29)
- Minimum beta provider version increased to 3.1 to allow surge upgrades.
- Beta clusters now have surge upgrades turned on by default. This behavior can be tuned using the max_surge and max_unavailable inputs.
- Moves node pool state location to allow using for_each on them, see the upgrade guide for details.
- Add a service activation module (#146) (658ea51)
- Enable Surge Upgrades by specifying max_surge and max_unavailable (Beta) (#394) (e4abe78)
- Move to using for_each for node pools (#257) (7d0c9aa)
- Change pod_security_policy_config type to list(object()) (#408) (a99352a)
- Removed dependency on jq from wait-for-cluster.sh script (#402) (d2a5e28)
v6.2.0 - 2019-12-27
- Breaking: Changed default logging and monitoring providers to new Stackdriver versions. #384
- Updated to support Google Provider version 3.x #381
v6.1.1 - 2019-12-04
- Fix endpoint output for private clusters where
private_nodes=false
. #365
v6.1.0 - 2019-12-03
- Support for using a pre-existing Service Account with the ACM submodule. #346
- Compute region output for zonal clusters. #362
v6.0.1 - 2019-12-02
- The required Google provider constraint has been relaxed to
~> 2.18
(>= 2.18, <3.0). #359
v6.0.0 - 2019-11-28
v6.0.0 is a backwards-incompatible release. Please see the upgrading guide.
- Support for Shielded Nodes beta feature via
enabled_shielded_nodes
variable. #300 - Support for setting node_locations on node pools. #303
- Fix for specifying
node_count
on node pools when autoscaling is disabled. #311 - Added submodule for installing Anthos Config Management. #268
- Support for
local_ssd_count
in node pool configuration. #339 - Wait for cluster to be ready before returning endpoint. #340
safer-cluster
submodule. #315simple_regional_with_networking
example. #195release_channel
variable for beta submodules. #271- The
node_locations
attribute to thenode_pools
object for beta submodules. #290 private_zonal_with_networking
example. #308regional_private_node_pool_oauth_scopes
example. #321- The
cluster_autoscaling
variable for beta submodules. #93 - The
master_authorized_networks
variable. #354
- The
node_pool_labels
,node_pool_tags
, andnode_pool_taints
variables have defaults and can be overridden within thenode_pools
object. #3 upstream_nameservers
variable is typed as a list of strings. #350- The
network_policy
variable defaults totrue
. #138
- Breaking: Removed support for enabling the Kubernetes dashboard, as this is deprecated on GKE. #337
- Breaking: Removed support for versions of the Google provider and the Google Beta provider older than 2.18. #261
- Breaking: Removed the
master_authorized_networks_config
variable. #354
identity_namespace
output depends on thegoogle_container_cluster.primary
resource. #301- Idempotency of the beta submodules. #326
v5.1.1 - 2019-10-25
- Fixed bug with setting up sandboxing on nodes. #286
v5.1.0 - 2019-10-24
- Added ability to skip local-exec provisioners. #258
- Added private and beta private variants which allow node pools to be created before being destroyed. #256
- Add a parameter
registry_project_id
to allow connecting to registries in other projects. #273
- Made
region
variable optional for zonal clusters. #247 - Made default metadata, labels, and tags optional. #282
v5.0.0 - 2019-09-25
v5.0.0 is a backwards-incompatible release. Please see the upgrading guide.
The v5.0.0 module requires using the 2.12 version of the Google provider.
- Breaking: Enabled metadata-concealment by default #248
- All beta functionality removed from non-beta clusters, moved
node_pool_taints
to beta modules #228
- Added support for resource usage export config #238
- Added
sandbox_enabled
variable to use GKE Sandbox #241 - Added
grant_registry_access
variable to grant Container Registry access to created SA #236 - Support for Intranode Visbiility (IV) and Veritical Pod Autoscaling (VPA) beta features #216
- Support for Workload Identity beta feature #234
- Support for Google Groups based RBAC beta feature #217
- Support for disabling node pool autoscaling by setting
autoscaling
tofalse
within the node pool variable. #250
- Fixed issue with passing a dynamically created Service Account to the module. #27
v4.1.0 2019-07-24
- Support for GCE cluster resource_labels. #210
endpoint
output depends on cluster and node pool resources to avoid a race condition. #214
v4.0.0 2019-07-12
- Supported version of Terraform is 0.12. #177
v3.0.0 - 2019-07-08
v3.0.0 is a breaking release. Refer to the Upgrading to v3.0 guide for details.
- Add configuration flag for enable BinAuthZ Admission controller #160 #188
- Add configuration flag for
pod_security_policy_config
#163 #188 - Support for a guest accelerator in node pool configuration. #197
- Support to scale the default node cluster. #149
- Support for configuring the network policy provider. #159
- Support for database encryption. #165
- Submodules for public and private clusters with beta features. #124 #188 #203
- Support for configuring cluster IPv4 CIDRs. #193
- Support for configuring IP Masquerade. #187
- Support for v2.9 of the Google providers. #198
- Support for upstreamNameservers. #207
- Dropped support for versions of the Google provider earlier than v2.9; these versions multiple incompatibilities with the module. #198
v2.1.0 - 2019-05-30
- Support for v2.6 and v2.7 of the Google providers. #152
deploy_using_private_endpoint
variable onprivate-cluster
submodule. #136
- The dependency on jq has been documented in the README. #151
v2.0.1 - 2019-05-01
- Explicitly pinned supported version of Terraform Google provider to 2.3. #148
v2.0.0 - 2019-04-12
v2.0.0 is a breaking release. Refer to the Upgrading to v2.0 guide for details.
- Add
basic_auth_username
set to""
by default. #40 - Add
basic_auth_password
set to""
by default. #40 - Add
issue_client_certificate
set tofalse
by default. #40 - Add
node_pool_oauth_scopes
which enables overriding the default node pool OAuth scopes. #94
- The
service_account
variable defaults to"create"
which causes a cluster-specific service account to be created. - Disabled Basic Authentication by default. #40
v1.0.1 - 2019-04-04
- Note about using Terraform with private clusters. #121
- Optimized dependency between node pools and primary cluster. #77
- Removed
credentials_path
variables from examples. #89
- Fix empty zone list. #132
v1.0.0 - 2019-03-25
Version 1.0.0 of this module introduces a breaking change: adding the disable-legacy-endpoints
metadata field to all node pools. This metadata is required by GKE and determines whether the /0.1/
and /v1beta1/
paths are available in the nodes' metadata server. If your applications do not require access to the node's metadata server, you can leave the default value of true
provided by the module. If your applications require access to the metadata server, be sure to read the linked documentation to see if you need to set the value for this field to false
to allow your applications access to the above metadata server paths.
In either case, upgrading to module version v1.0.0
will trigger a recreation of all node pools in the cluster.
- Allow creation of service accounts. #80
- Add support for private clusters via submodule. #69
- Add
remove_default_node_pool
set tofalse
by default. Fixes #15. #55 - Allow arbitrary key-value pairs to be set on node pool metadata. #52
- Add
initial_node_count
parameter to node_pool block. #60 - Added
disable_legacy_metadata_endpoints
parameter. [#114]
- Set
horizontal_pod_autoscaling
totrue
by default. Fixes #42. #54 - Update simple-zonal example GKE version to supported version. #49
- Drop explicit version from simple_zonal example. #74
- Remove explicit versions from test cases and examples. #62
- Set up submodule structure for public and private clusters. #61
- Update the google and google-beta providers to v2.2 #106
- Zonal clusters can now accept a single zone. Fixes #43. #50
- Fix link to "configure a service account" #73
- Fix issue with regional cluster roll outs causing version skews #108
- Fix permanent metadata skew due to disable-legacy-endpoints keys [#114]
v0.4.0 - 2018-12-19
- Updated default version to
1.10.6
. #31
region
argument on google_compute_subnetwork caused errors. #22- Added check to wait for GKE cluster to be
READY
before completing. #46
v0.3.0 - 2018-10-10
- Updated network/subnetwork lookup to use data source. #16
- Make zone configuration optional when creating a regional cluster. #19
v0.2.0 - 2018-09-26
- Support for configuring master authorized networks. #10
- Support specifying monitoring and logging services. #9
- Initial release of module.