Reputation: 1310
Terraforming a Google Kubernetes Engine Cluster with Config Connector Enabled
The Google Kubernetes Engine cluster $GKE_CLUSTER_NAME is running inside of Google Cloud Platform (GCP) project $GCP_PROJECT_NAME with a matching Terraform configuration stored inside of container_cluster.tf that can be checked with:
terraform plan
#=>
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
I wish to enable Config Connector (more on that here) for $GKE_CLUSTER_NAME using Terraform by adding the following arguments to container_cluster.tf:
resource "google_container_cluster" ". . ." {
addons_config {
config_connector_config {
enabled = true
}
. . .
}
but when I go to plan this change I encounter the following error:
terraform plan
#=>
╷
│ Error: Unsupported block type
│
│ on container_cluster.tf line 3, in resource "google_container_cluster" ". . .":
│ 3: config_connector_config {
│
│ Blocks of type "config_connector_config" are not expected here.
even though the official documentation, found here, states that config_connector_config is supported by the addons_config block.
I am using the latest versions of Terraform and the google provider:
terraform version
#=>
Terraform v1.0.6
on . . .
+ provider registry.terraform.io/hashicorp/google v3.84.0
What change do I need to make so that I can successfully enable Config Connector for $GKE_CLUSTER_NAME using Terraform?
Upvotes: 0
Views: 634
Answers (1)
Reputation: 1310
The config_connector_config argument is still in Beta, so you will need to use the google-beta provider for $GKE_CLUSTER_NAME:
Add the
providerargument for every resource:specify
google-betafor any resource (e.g.,$GKE_CLUSTER_NAME) with at least one Beta argument:resource "google_container_cluster" ". . ." { . . . provider = google-beta . . . }specify
googlefor all other resources:resource resource "google_container_node_pool" ". . ." { . . . provider = google . . . }
even though the
providerarg. is not found in the official reference documentation forgoogle_container_clusterhere.Add the
google-betaprovider alongside thegoogleprovider found in aproviders.tffile:. . . provider "google" { project = ". . ." } provider "google-beta" { project = ". . ." } . . . terraform { required_providers { . . . google = { version = "~> 3.84.0" } google-beta = { version = "~> 3.84.0" } . . . } }It is safe to use both
googleandgoogle-betaproviders in the same Terraform config. More on that here.Note: setting your GCP project name in the provider definitions above allows you to run
importcommands (found here) without specifying your project.Attempts to
planorapplyyour changes so far can result in the following:terraform plan #=> ╷ │ Error: Could not load plugin │ │ │ Plugin reinitialization required. Please run "terraform init". │ │ Plugins are external binaries that Terraform uses to . . .so you may have to
initagain:terraform init #=> Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/google-beta... - Reusing previous version of hashicorp/google from the dependency lock file - Installing hashicorp/google-beta v3.84.0... - Installed hashicorp/google-beta v3.84.0 (signed by HashiCorp) - Using previously-installed hashicorp/google v3.84.0 Terraform has made some changes to the provider dependency selections recorded in the .terraform.lock.hcl file. Review those changes and commit them to your version control system if they represent changes you intended to make. Terraform has been successfully initialized! You may now begin working with Terraform. . . .The
providerscommand should now confirm thatgoogle-betais required by your current configuration:terraform providers #=> Providers required by configuration: . ├── provider[registry.terraform.io/hashicorp/google] ~> 3.84.0 └── provider[registry.terraform.io/hashicorp/google-beta] ~> 3.84.0 Providers required by state: provider[registry.terraform.io/hashicorp/google]Run a
planto confirm Config Connector will be enabled:terraform plan #=> . . . Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # google_container_cluster.$GKE_CLUSTER_NAME will be updated in-place ~ resource "google_container_cluster" ". . ." { . . . ~ addons_config { + config_connector_config { + enabled = true } . . . Plan: 0 to add, 1 to change, 0 to destroy. . . .and then
applyyour changes:terraform apply #=> google_container_cluster.. . .: Modifying... [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME] . . . google_container_cluster.. . .: Modifications complete after xmxxs [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME] Apply complete! Resources: 0 added, 1 changed, 0 destroyed.Check to see if Config Connector is enabled for your cluster:
gcloud container clusters describe $GKE_CLUSTER_NAME \ --format="value(addonsConfig.configConnectorConfig.enabled)" \ --zone=$GKE_CLUSTER_ZONE #=> True
Want to learn more about using the google-beta provider? Visit here and here.
Upvotes: 0
Related Questions
- Terraform gcp with shared vpc, gke
- GCP Using Compute Engine sole-tenant nodes in GKE
- Deploy docker image into GCP GKE using Terraform
- Terraform data.google_container_cluster.cluster.endpoint is null
- Terraform code for GCP private cluster not working
- What is the Correct Terraform Provider Configuration for Google Cloud Platform Resources with Beta Arguments?
- Use Kubernetes provider on Terraform with private GKE cluster
- Managing GCP Composer Kubernetes cluster using Terraform
- How to Create Terraform code for GKE cluster
- Terraform: Create single node GKE cluster