search

terraform-google-modules / terraform-google-kubernetes-engine

Configures opinionated GKE clusters
https://registry.terraform.io/modules/terraform-google-modules/kubernetes-engine/google
Apache License 2.0
1.15k stars 1.17k forks source link

additive_vpc_scope_dns_domain feature support for autopilot mode GKE Cluster #2042

Open acloudpotato opened 3 months ago

acloudpotato commented 3 months ago

TL;DR

When creating an Autopilot cluster using the google_container_cluster resource block, the dns_config block is unsupported if enable_autopilot is set to true.

Although the console and REST documentation indicate that the additive_vpc_scope_dns_domain value can be set on a GKE Autopilot cluster(Reference Link) However, as the dns_config block is not supported in this context, the additive_vpc_scope_dns_domain variable is also ignored for autopilot mode GKE Cluster.

Terraform Resources

google_container_cluster - https://registry.terraform.io/providers/hashicorp/google-beta/latest/docs/resources/container_cluster

Used Versions: 
Provider version --> google_beta (5.41.0) - https://github.com/hashicorp/terraform-provider-google-beta/tree/v5.41.0
terraform version --> v1.8.3

Detailed design

The GKE Autopilot cluster allows configuration of DNS settings via the console and REST API, specifically the additive_vpc_scope_dns_domain. This setting should ideally be handled within the Terraform resource block using a dns_config attribute. However, When enable_autopilot is set to true, the dns_config block is currently unsupported, resulting in the omission of crucial DNS settings from the Terraform deployment.

Additional information

Expected Behavior: The Terraform google_container_cluster resource should support configuring DNS settings for Autopilot clusters through the dns_config block(maybe along with Cloud DNS as default DNS), enabling management of parameters like additive_vpc_scope_dns_domain within the infrastructure as code definition.

Current Workaround: Currently, DNS settings for Autopilot clusters must be configured manually post-creation using the Google Cloud Console or the REST API.

Impact: This limitation prevents users from fully automating GKE Autopilot cluster creation and management using Terraform, increasing the risk of configuration drift and requiring manual intervention.

ajinkya101 commented 3 months ago

Hi Team, We are also looking for this feature available in the GKE Autopilot cluster. A similar feature is already supported on the standard GKE terraform code. We hope this will come out as soon as possible.

omkarsuperb commented 3 months ago

Hi Team, We are not able to use GKE auto pilot to one of our customer due to unavailability of this feature. Let us know once this feature is rolled out.

pranavdhopey commented 3 months ago

Team, We are looking for this feature to be available in the GKE Autopilot cluster, similar to what is already supported in the standard GKE terraform code.

maci0 commented 3 months ago

This is a bug in the google-beta terraform provider. I have submitted a PR to fix this https://github.com/GoogleCloudPlatform/magic-modules/pull/11562

github-actions[bot] commented 1 month ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

pranavdhopey commented 1 month ago

There is still no option of additive_vpc_scope_dns_domain under autopilot TF code dns_config , this option is only available from console.

Please look into this issue on priority basis as this is needed to be set for one of our customer through TF.

dns_config