forked from gruntwork-io/terraform-google-gke
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
122 lines (98 loc) · 4.49 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# ---------------------------------------------------------------------------------------------------------------------
# REQUIRED PARAMETERS
# These variables are expected to be passed in by the operator.
# ---------------------------------------------------------------------------------------------------------------------
variable "project" {
description = "The project ID where all resources will be launched."
}
variable "location" {
description = "The location (region or zone) of the GKE cluster."
}
variable "region" {
description = "The region for the network. If the cluster is regional, this must be the same region. Otherwise, it should be the region of the zone."
}
# ---------------------------------------------------------------------------------------------------------------------
# OPTIONAL PARAMETERS
# These parameters have reasonable defaults.
# ---------------------------------------------------------------------------------------------------------------------
variable "cluster_name" {
description = "The name of the Kubernetes cluster."
default = "example-cluster"
}
variable "cluster_service_account_name" {
description = "The name of the custom service account used for the GKE cluster. This parameter is limited to a maximum of 28 characters."
default = "example-cluster-sa"
}
variable "cluster_service_account_description" {
description = "A description of the custom service account used for the GKE cluster."
default = "Example GKE Cluster Service Account managed by Terraform"
}
# Tiller TLS settings
variable "tls_subject" {
description = "The issuer information that contains the identifying information for the Tiller server. Used to generate the TLS certificate keypairs."
type = "map"
default = {
common_name = "tiller"
org = "Gruntwork"
}
# Expects the following keys
# - common_name (required)
# - org (required)
# - org_unit
# - city
# - state
# - country
}
variable "client_tls_subject" {
description = "The issuer information that contains the identifying information for the helm client of the operator. Used to generate the TLS certificate keypairs."
type = "map"
default = {
common_name = "admin"
org = "Gruntwork"
}
# Expects the following keys
# - common_name (required)
# - org (required)
# - org_unit
# - city
# - state
# - country
}
# TLS algorithm configuration
variable "private_key_algorithm" {
description = "The name of the algorithm to use for private keys. Must be one of: RSA or ECDSA."
default = "ECDSA"
}
variable "private_key_ecdsa_curve" {
description = "The name of the elliptic curve to use. Should only be used if var.private_key_algorithm is ECDSA. Must be one of P224, P256, P384 or P521."
default = "P256"
}
variable "private_key_rsa_bits" {
description = "The size of the generated RSA key in bits. Should only be used if var.private_key_algorithm is RSA."
default = "2048"
}
# Tiller undeploy options
variable "force_undeploy" {
description = "If true, will remove the Tiller server resources even if there are releases deployed."
default = false
}
variable "undeploy_releases" {
description = "If true, will delete deployed releases from the Tiller instance before undeploying Tiller."
default = false
}
variable "master_ipv4_cidr_block" {
description = "The IP range in CIDR notation (size must be /28) to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network."
default = "10.5.0.0/28"
}
# For the example, we recommend a /16 network for the VPC. Note that when changing the size of the network,
# you will have to adjust the 'cidr_subnetwork_width_delta' in the 'vpc_network' -module accordingly.
variable "vpc_cidr_block" {
description = "The IP address range of the VPC in CIDR notation. A prefix of /16 is recommended. Do not use a prefix higher than /27."
default = "10.3.0.0/16"
}
# For the example, we recommend a /16 network for the secondary range. Note that when changing the size of the network,
# you will have to adjust the 'cidr_subnetwork_width_delta' in the 'vpc_network' -module accordingly.
variable "vpc_secondary_cidr_block" {
description = "The IP address range of the VPC's secondary address range in CIDR notation. A prefix of /16 is recommended. Do not use a prefix higher than /27."
default = "10.4.0.0/16"
}