Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GKE cluster cluster_dns_provider doesn't get applied #1833

Closed
54nd20 opened this issue Jan 3, 2024 · 5 comments
Closed

GKE cluster cluster_dns_provider doesn't get applied #1833

54nd20 opened this issue Jan 3, 2024 · 5 comments
Labels
bug Something isn't working Stale

Comments

@54nd20
Copy link
Contributor

54nd20 commented Jan 3, 2024

TL;DR

Only if cluster_dns_provider is set to "CLOUD_DNS" it is actually applied. Other valid values would be "PROVIDER_UNSPECIFIED" or "PLATFORM_DEFAULT". Setting the variable to those values doesn't have any effect because of the condition in

for_each = var.cluster_dns_provider == "CLOUD_DNS" ? [1] : []
.

This leads to the problem that after a value was set via GCP UI or gcloud CLI, terraform would recreate the cluster:

      - dns_config { # forces replacement
          - cluster_dns = "PLATFORM_DEFAULT" -> null
        }

Terraform Configuration

module "gke" {
  source             = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
  version            = "28.0.0"
  project_id         = var.project_id
  name               = var.cluster_name
  region             = var.region
  zones              = var.availability_zones
  network            = var.network
  subnetwork         = var.subnet
  release_channel    = var.release_channel
  kubernetes_version = var.cluster_version
  node_pools         = var.worker_groups
  node_pools_labels  = var.node_pools_labels
  node_pools_oauth_scopes = {
    all = [
      "https://www.googleapis.com/auth/cloud-platform",
    ]
  }

  datapath_provider               = var.datapath_provider
  ip_range_pods                   = var.ip_range_pods != "" ? var.ip_range_pods : "${var.cluster_name}-pods"
  ip_range_services               = var.ip_range_services != "" ? var.ip_range_services : "${var.cluster_name}-services"
  enable_private_nodes            = true
  gce_pd_csi_driver               = true
  remove_default_node_pool        = true
  logging_service                 = var.logging_service
  monitoring_service              = var.monitoring_service
  http_load_balancing             = true
  network_policy                  = false
  authenticator_security_group    = var.authenticator_security_group
  add_cluster_firewall_rules      = var.add_cluster_firewall_rules
  maintenance_start_time          = var.maintenance_start_time
  maintenance_end_time            = var.maintenance_end_time
  maintenance_recurrence          = var.maintenance_recurrence
  maintenance_exclusions          = var.maintenance_exclusions
  enable_vertical_pod_autoscaling = var.enable_vertical_pod_autoscaling
  cluster_dns_provider            = "PLATFORM_DEFAULT"
  depends_on = [
    var.network
  ]
}

Expected behavior

All valid values get applied.

Observed behavior

Only if cluster_dns_provider is set to "CLOUD_DNS" it is actually applied

Terraform Configuration

module "gke" {
  source             = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
  version            = "29.0.0"
  project_id         = var.project_id
  name               = var.cluster_name
  region             = var.region
  zones              = var.availability_zones
  network            = var.network
  subnetwork         = var.subnet
  release_channel    = var.release_channel
  kubernetes_version = var.cluster_version
  node_pools         = var.worker_groups
  node_pools_labels  = var.node_pools_labels
  node_pools_oauth_scopes = {
    all = [
      "https://www.googleapis.com/auth/cloud-platform",
    ]
  }

  datapath_provider               = var.datapath_provider
  ip_range_pods                   = var.ip_range_pods != "" ? var.ip_range_pods : "${var.cluster_name}-pods"
  ip_range_services               = var.ip_range_services != "" ? var.ip_range_services : "${var.cluster_name}-services"
  enable_private_nodes            = true
  gce_pd_csi_driver               = true
  remove_default_node_pool        = true
  logging_service                 = var.logging_service
  monitoring_service              = var.monitoring_service
  http_load_balancing             = true
  network_policy                  = false
  authenticator_security_group    = var.authenticator_security_group
  add_cluster_firewall_rules      = var.add_cluster_firewall_rules
  maintenance_start_time          = var.maintenance_start_time
  maintenance_end_time            = var.maintenance_end_time
  maintenance_recurrence          = var.maintenance_recurrence
  maintenance_exclusions          = var.maintenance_exclusions
  enable_vertical_pod_autoscaling = var.enable_vertical_pod_autoscaling
  cluster_dns_provider            = "PLATFORM_DEFAULT"
  depends_on = [
    var.network
  ]
}

Terraform Version

1.6.2

Additional information

#1783

Copy link

github-actions bot commented Mar 3, 2024

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Mar 3, 2024
@AlvaroGG0
Copy link

Facing the same issue here. Any update on this?

@54nd20
Copy link
Contributor Author

54nd20 commented Mar 4, 2024

This is still relevant.

@github-actions github-actions bot removed the Stale label Mar 4, 2024
Copy link

github-actions bot commented May 4, 2024

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label May 4, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 11, 2024
@lestich
Copy link

lestich commented Aug 13, 2024

We run into the same issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working Stale
Projects
None yet
Development

No branches or pull requests

3 participants