search

terraform-google-modules / terraform-google-kubernetes-engine

Configures opinionated GKE clusters
https://registry.terraform.io/modules/terraform-google-modules/kubernetes-engine/google
Apache License 2.0
1.15k stars 1.18k forks source link

GKE Hub enhancements #637

Open bharathkkb opened 4 years ago

bharathkkb commented 4 years ago

Currently we support GKE hub membership registration via SA key. Moving forward we should also consider supporting hub memberships via Workload Identity and via kubeconfig for non GCP Kubernetes clusters.

module "hub" {
  source                = "terraform-google-modules/kubernetes-engine/google//modules/hub"
  project_id            = "my-project-id"
  cluster_name          = "my-cluster-name"
  location              = module.gke.location
  cluster_endpoint      = module.gke.endpoint
+ use_workload_identity = true
}
module "hub" {
  source                = "terraform-google-modules/kubernetes-engine/google//modules/hub"
  project_id            = "my-project-id"
  cluster_name          = "my-cluster-name"
  location              = module.gke.location
  cluster_endpoint      = module.gke.endpoint
+ use_kubeconfig = true
}

TODO:

abhinavrau commented 3 years ago

@bharathkkb Following up on kubeconfig support, it looks like there is no explicit integration test for the hub module. It is being tested with asm in simple_zonal_with_asm.

To test the use_kubeconfig feature, would it make sense to create a new integration test based on the simple_zonal_with_asm test and use kubeconfig to register with hub?