DEV Community

loading...
Cover image for Creating a Google Kubernetes Engine Autopilot cluster using Terraform
Stack Labs

Creating a Google Kubernetes Engine Autopilot cluster using Terraform

Chabane R.
I hold a passion for DevOps, Security and Networking and I love bringing these principles to my customers by empowering them with the power of the public cloud.
・2 min read

In the previous part we created our network stack. In this part we will configure the GKE Autopilot cluster.

The following resources will be created:

  • GKE Autopilot Cluster

GKE autopilot

GKE Autopilot Cluster

Our GKE Autopilot Cluster is hosted in the Web subnet. The public API server endpoint can only be accessed from a specific range of IP addresses.

Create the terraform file infra/plan/gke.tf:

resource "google_container_cluster" "private" {
  provider                 = google-beta

  name                     = "private"
  location                 = var.region

  network                  = google_compute_network.custom.name
  subnetwork               = google_compute_subnetwork.web.id

  private_cluster_config {
    enable_private_endpoint = false
    enable_private_nodes    = true
    master_ipv4_cidr_block  = var.gke_master_ipv4_cidr_block
  }

  master_authorized_networks_config {
    dynamic "cidr_blocks" {
        for_each = var.authorized_source_ranges
        content {
            cidr_block = cidr_blocks.value
        }
    }
   }

  maintenance_policy {
    recurring_window {
      start_time = "2021-06-18T00:00:00Z"
      end_time   = "2050-01-01T04:00:00Z"
      recurrence = "FREQ=WEEKLY"
    }
  }

  # Enable Autopilot for this cluster
  enable_autopilot = true

  # Configuration of cluster IP allocation for VPC-native clusters
  ip_allocation_policy {
    cluster_secondary_range_name  = "pods"
    services_secondary_range_name = "services"
  }

  # Configuration options for the Release channel feature, which provide more control over automatic upgrades of your GKE clusters.
  release_channel {
    channel = "REGULAR"
  }
}
Enter fullscreen mode Exit fullscreen mode

Complete the file infra/plan/variable.tf:

variable "gke_master_ipv4_cidr_block" {
  type    = string
  default = "172.23.0.0/28"
}
Enter fullscreen mode Exit fullscreen mode

Let's deploy our cluster

cd infra/plan

gcloud services enable container.googleapis.com --project $PROJECT_ID
terraform apply
Enter fullscreen mode Exit fullscreen mode

Let's check if the cluster has been created and is working correctly:

GKE Autopilot cluster

Cluster basicsAutomationNetworkingSecurityMetadata & Features

Conclusion

Our GKE cluster is now active. In the next part, we will focus on setting up the Cloud SQL instance.

Discussion (0)