-
Notifications
You must be signed in to change notification settings - Fork 32
/
terraform.tfvars.sample
55 lines (43 loc) · 1.73 KB
/
terraform.tfvars.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
project_id = "my-project"
region = "northamerica-northeast1"
zone = "northamerica-northeast1-c"
gke_cluster_name = "playground"
primary_ip_cidr = "192.168.0.0/26" # max node IPs = 64 (max nodes = 60; 4 IPs reservered in every VPC)
max_pods_per_node = 32 # max pods per node <= half of max node IPs
cluster_ipv4_cidr_block = "10.0.0.0/18" # max pod IPs = 15360 (60 * 256), CIDR must be able to cover for all the potential IPs
services_ipv4_cidr_block = "10.1.0.0/20"
channel = "RAPID"
auto_upgrade = true
enable_managed_prometheus = false
enable_intranode_visibility = true
# mutually exclusive with the the custom node taint example shown below
# the custom node taint is required only for OSS Cilium
dataplane_v2_enabled = false
enable_dpv2_metrics = false
enable_dpv2_relay = false
machine_type = "e2-medium"
disk_size_gb = 40
max_nodes = 1
addons_config = {
gcs_fuse_csi_driver_enabled = true
}
oauth_scopes = [
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/logging.write",
"https://www.googleapis.com/auth/monitoring",
]
workload_metadata_enabled = true
# custom node taints
taint = [
{
key = "node.cilium.io/agent-not-ready"
value = "true"
effect = "NO_SCHEDULE"
}
]
# private GKE cluster settings
enable_private_endpoint = true
#master_authorized_network_cidr = "my.ext.ip.addr/32" # this gets used only if enable_private_endpoint = false
enable_private_nodes = true # ATTENTION: when enable_private_nodes = true, Cloud NAT will be provisioned
master_ipv4_cidr_block = "10.100.100.0/28" # CIDR of GKE control-plane, this needs to be /28
iap_proxy_ip_cidr = "192.168.100.0/29"