我想要一种在私有GKE集群创建时自动生成master_ipv4_cidr_block的值的方法。
resource "google_compute_global_address" "default" {
provider = "google-beta"
project = "${var.project}"
name = "${var.cluster_name}"
description = "Private address for the gke master instance of ${var.cluster_name}"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 28
network = "${var.network}"
}
data "google_compute_zones" "available" {
project = "${var.project}"
region = "${var.region}"
status = "UP"
}
/******************************************
Cluster configuration
*****************************************/
resource "google_container_cluster" "default" {
project = "${var.project}"
name = "${var.cluster_name}"
zone = "${data.google_compute_zones.available.names[0]}"
additional_zones = ["${data.google_compute_zones.available.names[1]}"]
# We can't create a cluster with no node pool defined, but we want to only use
# separately managed node pools. So we create the smallest possible default
# node pool and immediately delete it.
remove_default_node_pool = true
initial_node_count = 1
min_master_version = "1.11.6-gke.6"
master_auth {...}
ip_allocation_policy {..}
private_cluster_config {
enable_private_endpoint = "false"
enable_private_nodes = "true"
master_ipv4_cidr_block = "${google_compute_global_address.default.address}/${google_compute_global_address.default.prefix_length}"
}
network = "${var.network}"
# https://github.com/terraform-providers/terraform-provider-google/issues/2231
master_authorized_networks_config {...}
maintenance_policy {...}
logging_service = "logging.googleapis.com/kubernetes"
monitoring_service = "monitoring.googleapis.com/kubernetes"
resource_labels {...}
}
resource "google_container_node_pool" "default" {...}