在启用配置连接器的情况下改造 Google Kubernetes Engine 集群
Terraforming a Google Kubernetes Engine Cluster with Config Connector Enabled
-
google-cloud-platform
-
google-kubernetes-engine
-
terraform
-
terraform-provider-gcp
-
gcp-config-connector
Google Kubernetes Engine 集群 $GKE_CLUSTER_NAME 运行 在 Google 云平台 (GCP) 项目 $GCP_PROJECT_NAME 内部,其中存储了匹配的 Terraform 配置的 container_cluster.tf 可以通过以下方式检查:
terraform plan
#=>
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
我希望通过将以下参数添加到 container_cluster.tf 来使用 Terraform 为 $GKE_CLUSTER_NAME 启用 Config Connector(更多关于 here):
resource "google_container_cluster" ". . ." {
addons_config {
config_connector_config {
enabled = true
}
. . .
}
但是当我转到 plan 这个更改时,我遇到了以下错误:
terraform plan
#=>
╷
│ Error: Unsupported block type
│
│ on container_cluster.tf line 3, in resource "google_container_cluster" ". . .":
│ 3: config_connector_config {
│
│ Blocks of type "config_connector_config" are not expected here.
尽管官方文档 here 指出 config_connector_config 受 addons_config 块支持。
我正在使用最新版本的 Terraform 和 google 提供商:
terraform version
#=>
Terraform v1.0.6
on . . .
+ provider registry.terraform.io/hashicorp/google v3.84.0
我需要进行哪些更改才能使用 Terraform 为 $GKE_CLUSTER_NAME 成功启用 Config Connector?
config_connector_config 参数仍处于 Beta,因此您需要为 $GKE_CLUSTER_NAME 使用 google-beta 提供程序:
为每个资源添加provider参数:
为任何资源(例如,$GKE_CLUSTER_NAME)指定 google-beta,至少
一个 测试参数:
resource "google_container_cluster" ". . ." {
. . .
provider = google-beta
. . .
}
为所有其他资源指定 google:
resource resource "google_container_node_pool" ". . ." {
. . .
provider = google
. . .
}
即使 provider arg。 不是在官方参考中找到的
google_container_cluster here.
的文档
在 google 提供程序旁边添加 google-beta 提供程序
providers.tf 文件:
. . .
provider "google" {
project = ". . ."
}
provider "google-beta" {
project = ". . ."
}
. . .
terraform {
required_providers {
. . .
google = {
version = "~> 3.84.0"
}
google-beta = {
version = "~> 3.84.0"
}
. . .
}
}
在同一个 Terraform 中同时使用 google 和 google-beta 提供商是 安全的
配置。更多关于 here.
注意:在上面的提供程序定义中设置您的 GCP 项目名称允许您
到 运行 import 命令(发现 here)而不指定您的项目。
尝试 plan 或 apply 您目前的更改 可以 导致以下结果:
terraform plan
#=>
╷
│ Error: Could not load plugin
│
│
│ Plugin reinitialization required. Please run "terraform init".
│
│ Plugins are external binaries that Terraform uses to . . .
所以你可能必须再次init:
terraform init
#=>
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/google-beta...
- Reusing previous version of hashicorp/google from the dependency lock file
- Installing hashicorp/google-beta v3.84.0...
- Installed hashicorp/google-beta v3.84.0 (signed by HashiCorp)
- Using previously-installed hashicorp/google v3.84.0
Terraform has made some changes to the provider dependency selections recorded
in the .terraform.lock.hcl file. Review those changes and commit them to your
version control system if they represent changes you intended to make.
Terraform has been successfully initialized!
You may now begin working with Terraform. . . .
providers 命令 应该 现在确认 google-beta 是你的要求
当前配置:
terraform providers
#=>
Providers required by configuration:
.
├── provider[registry.terraform.io/hashicorp/google] ~> 3.84.0
└── provider[registry.terraform.io/hashicorp/google-beta] ~> 3.84.0
Providers required by state:
provider[registry.terraform.io/hashicorp/google]
运行 plan 确认配置连接器将被启用:
terraform plan
#=>
. . .
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# google_container_cluster.$GKE_CLUSTER_NAME will be updated in-place
~ resource "google_container_cluster" ". . ." {
. . .
~ addons_config {
+ config_connector_config {
+ enabled = true
}
. . .
Plan: 0 to add, 1 to change, 0 to destroy.
. . .
然后 apply 您的更改:
terraform apply
#=>
google_container_cluster.. . .: Modifying... [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME]
. . .
google_container_cluster.. . .: Modifications complete after xmxxs [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
检查您的集群是否启用了 Config Connector:
gcloud container clusters describe $GKE_CLUSTER_NAME \
--format="value(addonsConfig.configConnectorConfig.enabled)" \
--zone=$GKE_CLUSTER_ZONE
#=>
True
想详细了解如何使用 google-beta 提供商?访问 here and .
google-cloud-platform
google-kubernetes-engine
terraform
terraform-provider-gcp
gcp-config-connector
Google Kubernetes Engine 集群 $GKE_CLUSTER_NAME 运行 在 Google 云平台 (GCP) 项目 $GCP_PROJECT_NAME 内部,其中存储了匹配的 Terraform 配置的 container_cluster.tf 可以通过以下方式检查:
terraform plan
#=>
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
我希望通过将以下参数添加到 container_cluster.tf 来使用 Terraform 为 $GKE_CLUSTER_NAME 启用 Config Connector(更多关于 here):
resource "google_container_cluster" ". . ." {
addons_config {
config_connector_config {
enabled = true
}
. . .
}
但是当我转到 plan 这个更改时,我遇到了以下错误:
terraform plan
#=>
╷
│ Error: Unsupported block type
│
│ on container_cluster.tf line 3, in resource "google_container_cluster" ". . .":
│ 3: config_connector_config {
│
│ Blocks of type "config_connector_config" are not expected here.
尽管官方文档 here 指出 config_connector_config 受 addons_config 块支持。
我正在使用最新版本的 Terraform 和 google 提供商:
terraform version
#=>
Terraform v1.0.6
on . . .
+ provider registry.terraform.io/hashicorp/google v3.84.0
我需要进行哪些更改才能使用 Terraform 为 $GKE_CLUSTER_NAME 成功启用 Config Connector?
config_connector_config 参数仍处于 Beta,因此您需要为 $GKE_CLUSTER_NAME 使用 google-beta 提供程序:
为每个资源添加
provider参数:为任何资源(例如,
$GKE_CLUSTER_NAME)指定google-beta,至少 一个 测试参数:resource "google_container_cluster" ". . ." { . . . provider = google-beta . . . }为所有其他资源指定
google:resource resource "google_container_node_pool" ". . ." { . . . provider = google . . . }
即使
的文档providerarg。 不是在官方参考中找到的google_container_clusterhere.在
google提供程序旁边添加google-beta提供程序providers.tf文件:. . . provider "google" { project = ". . ." } provider "google-beta" { project = ". . ." } . . . terraform { required_providers { . . . google = { version = "~> 3.84.0" } google-beta = { version = "~> 3.84.0" } . . . } }在同一个 Terraform 中同时使用
google和google-beta提供商是 安全的 配置。更多关于 here.注意:在上面的提供程序定义中设置您的 GCP 项目名称允许您 到 运行
import命令(发现 here)而不指定您的项目。尝试
plan或apply您目前的更改 可以 导致以下结果:terraform plan #=> ╷ │ Error: Could not load plugin │ │ │ Plugin reinitialization required. Please run "terraform init". │ │ Plugins are external binaries that Terraform uses to . . .所以你可能必须再次
init:terraform init #=> Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/google-beta... - Reusing previous version of hashicorp/google from the dependency lock file - Installing hashicorp/google-beta v3.84.0... - Installed hashicorp/google-beta v3.84.0 (signed by HashiCorp) - Using previously-installed hashicorp/google v3.84.0 Terraform has made some changes to the provider dependency selections recorded in the .terraform.lock.hcl file. Review those changes and commit them to your version control system if they represent changes you intended to make. Terraform has been successfully initialized! You may now begin working with Terraform. . . .providers命令 应该 现在确认google-beta是你的要求 当前配置:terraform providers #=> Providers required by configuration: . ├── provider[registry.terraform.io/hashicorp/google] ~> 3.84.0 └── provider[registry.terraform.io/hashicorp/google-beta] ~> 3.84.0 Providers required by state: provider[registry.terraform.io/hashicorp/google]运行
plan确认配置连接器将被启用:terraform plan #=> . . . Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # google_container_cluster.$GKE_CLUSTER_NAME will be updated in-place ~ resource "google_container_cluster" ". . ." { . . . ~ addons_config { + config_connector_config { + enabled = true } . . . Plan: 0 to add, 1 to change, 0 to destroy. . . .然后
apply您的更改:terraform apply #=> google_container_cluster.. . .: Modifying... [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME] . . . google_container_cluster.. . .: Modifications complete after xmxxs [id=projects/$GCP_PROJECT_NAME/locations/$GKE_CLUSTER_ZONE/clusters/$GKE_CLUSTER_NAME] Apply complete! Resources: 0 added, 1 changed, 0 destroyed.检查您的集群是否启用了 Config Connector:
gcloud container clusters describe $GKE_CLUSTER_NAME \ --format="value(addonsConfig.configConnectorConfig.enabled)" \ --zone=$GKE_CLUSTER_ZONE #=> True
想详细了解如何使用 google-beta 提供商?访问 here and