Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / website / docs / r / gkeonprem_vmware_cluster.html.markdown
blob: d9a9cb52245307ef29da3d24a40e2bc3ea644549 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Anthos On-Prem"
description: |-
A Google VMware User Cluster.
---
# google\_gkeonprem\_vmware\_cluster
A Google VMware User Cluster.
## Example Usage - Gkeonprem Vmware Cluster Basic
```hcl
resource "google_gkeonprem_vmware_cluster" "cluster-basic" {
name = "cluster-basic"
location = "us-west1"
admin_cluster_membership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"
description = "test cluster"
on_prem_version = "1.13.1-gke.35"
annotations = {}
network_config {
service_address_cidr_blocks = ["10.96.0.0/12"]
pod_address_cidr_blocks = ["192.168.0.0/16"]
dhcp_ip_config {
enabled = true
}
}
control_plane_node {
cpus = 4
memory = 8192
replicas = 1
}
load_balancer {
vip_config {
control_plane_vip = "10.251.133.5"
ingress_vip = "10.251.135.19"
}
metal_lb_config {
address_pools {
pool = "ingress-ip"
manual_assign = "true"
addresses = ["10.251.135.19"]
avoid_buggy_ips = true
}
address_pools {
pool = "lb-test-ip"
manual_assign = "true"
addresses = ["10.251.135.19"]
avoid_buggy_ips = true
}
}
}
}
```
## Example Usage - Gkeonprem Vmware Cluster F5lb
```hcl
resource "google_gkeonprem_vmware_cluster" "cluster-f5lb" {
name = "cluster-f5lb"
location = "us-west1"
admin_cluster_membership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"
description = "test cluster"
on_prem_version = "1.13.1-gke.35"
annotations = {}
network_config {
service_address_cidr_blocks = ["10.96.0.0/12"]
pod_address_cidr_blocks = ["192.168.0.0/16"]
dhcp_ip_config {
enabled = true
}
control_plane_v2_config {
control_plane_ip_block {
ips {
hostname = "test-hostname"
ip = "10.0.0.1"
}
netmask="10.0.0.1/32"
gateway="test-gateway"
}
}
}
control_plane_node {
cpus = 4
memory = 8192
replicas = 1
auto_resize_config {
enabled = true
}
}
load_balancer {
vip_config {
control_plane_vip = "10.251.133.5"
ingress_vip = "10.251.135.19"
}
f5_config {
address = "10.0.0.1"
partition = "test-partition"
snat_pool = "test-snap-pool"
}
}
dataplane_v2 {
dataplane_v2_enabled = true
windows_dataplane_v2_enabled = true
advanced_networking = true
}
vm_tracking_enabled = true
enable_control_plane_v2 = true
authorization {
admin_users {
username = "testuser@gmail.com"
}
}
anti_affinity_groups {
aag_config_disabled = true
}
auto_repair_config {
enabled = true
}
storage {
vsphere_csi_disabled = true
}
}
```
## Example Usage - Gkeonprem Vmware Cluster Manuallb
```hcl
resource "google_gkeonprem_vmware_cluster" "cluster-manuallb" {
name = "cluster-manuallb"
location = "us-west1"
admin_cluster_membership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"
description = "test cluster"
on_prem_version = "1.13.1-gke.35"
annotations = {}
network_config {
service_address_cidr_blocks = ["10.96.0.0/12"]
pod_address_cidr_blocks = ["192.168.0.0/16"]
host_config {
dns_servers = ["10.254.41.1"]
ntp_servers = ["216.239.35.8"]
dns_search_domains = ["test-domain"]
}
static_ip_config {
ip_blocks {
netmask = "255.255.252.0"
gateway = "10.251.31.254"
ips {
ip = "10.251.30.153"
hostname = "test-hostname1"
}
ips {
ip = "10.251.31.206"
hostname = "test-hostname2"
}
ips {
ip = "10.251.31.193"
hostname = "test-hostname3"
}
ips {
ip = "10.251.30.230"
hostname = "test-hostname4"
}
}
}
}
control_plane_node {
cpus = 4
memory = 8192
replicas = 1
auto_resize_config {
enabled = true
}
}
load_balancer {
vip_config {
control_plane_vip = "10.251.133.5"
ingress_vip = "10.251.135.19"
}
manual_lb_config {
ingress_http_node_port = 30005
ingress_https_node_port = 30006
control_plane_node_port = 30007
konnectivity_server_node_port = 30008
}
}
vcenter {
resource_pool = "test-resource-pool"
datastore = "test-datastore"
datacenter = "test-datacenter"
cluster = "test-cluster"
folder = "test-folder"
ca_cert_data = "test-ca-cert-data"
storage_policy_name = "test-storage-policy-name"
}
dataplane_v2 {
dataplane_v2_enabled = true
windows_dataplane_v2_enabled = true
advanced_networking = true
}
vm_tracking_enabled = true
enable_control_plane_v2 = true
upgrade_policy {
control_plane_only = true
}
authorization {
admin_users {
username = "testuser@gmail.com"
}
}
anti_affinity_groups {
aag_config_disabled = true
}
auto_repair_config {
enabled = true
}
}
```
## Argument Reference
The following arguments are supported:
* `admin_cluster_membership` -
(Required)
The admin cluster this VMware User Cluster belongs to.
This is the full resource name of the admin cluster's hub membership.
In the future, references to other resource types might be allowed if
admin clusters are modeled as their own resources.
* `on_prem_version` -
(Required)
The Anthos clusters on the VMware version for your user cluster.
* `control_plane_node` -
(Required)
VMware User Cluster control plane nodes must have either 1 or 3 replicas.
Structure is [documented below](#nested_control_plane_node).
* `name` -
(Required)
The VMware cluster name.
* `location` -
(Required)
The location of the resource.
<a name="nested_control_plane_node"></a>The `control_plane_node` block supports:
* `cpus` -
(Optional)
The number of CPUs for each admin cluster node that serve as control planes
for this VMware User Cluster. (default: 4 CPUs)
* `memory` -
(Optional)
The megabytes of memory for each admin cluster node that serves as a
control plane for this VMware User Cluster (default: 8192 MB memory).
* `replicas` -
(Optional)
The number of control plane nodes for this VMware User Cluster.
(default: 1 replica).
* `auto_resize_config` -
(Optional)
AutoResizeConfig provides auto resizing configurations.
Structure is [documented below](#nested_auto_resize_config).
* `vsphere_config` -
(Output)
Vsphere-specific config.
Structure is [documented below](#nested_vsphere_config).
<a name="nested_auto_resize_config"></a>The `auto_resize_config` block supports:
* `enabled` -
(Required)
Whether to enable control plane node auto resizing.
<a name="nested_vsphere_config"></a>The `vsphere_config` block contains:
* `datastore` -
(Output)
The Vsphere datastore used by the Control Plane Node.
* `storage_policy_name` -
(Output)
The Vsphere storage policy used by the control plane Node.
- - -
* `description` -
(Optional)
A human readable description of this VMware User Cluster.
* `annotations` -
(Optional)
Annotations on the VMware User Cluster.
This field has the same restrictions as Kubernetes annotations.
The total size of all keys and values combined is limited to 256k.
Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/).
Prefix must be a DNS subdomain.
Name must be 63 characters or less, begin and end with alphanumerics,
with dashes (-), underscores (_), dots (.), and alphanumerics between.
**Note**: This field is non-authoritative, and will only manage the annotations present in your configuration.
Please refer to the field `effective_annotations` for all of the annotations present on the resource.
* `anti_affinity_groups` -
(Optional)
AAGConfig specifies whether to spread VMware User Cluster nodes across at
least three physical hosts in the datacenter.
Structure is [documented below](#nested_anti_affinity_groups).
* `storage` -
(Optional)
Storage configuration.
Structure is [documented below](#nested_storage).
* `network_config` -
(Optional)
The VMware User Cluster network configuration.
Structure is [documented below](#nested_network_config).
* `load_balancer` -
(Optional)
Load Balancer configuration.
Structure is [documented below](#nested_load_balancer).
* `dataplane_v2` -
(Optional)
VmwareDataplaneV2Config specifies configuration for Dataplane V2.
Structure is [documented below](#nested_dataplane_v2).
* `vm_tracking_enabled` -
(Optional)
Enable VM tracking.
* `auto_repair_config` -
(Optional)
Configuration for auto repairing.
Structure is [documented below](#nested_auto_repair_config).
* `authorization` -
(Optional)
RBAC policy that will be applied and managed by GKE On-Prem.
Structure is [documented below](#nested_authorization).
* `enable_control_plane_v2` -
(Optional)
Enable control plane V2. Default to false.
* `upgrade_policy` -
(Optional)
Specifies upgrade policy for the cluster.
Structure is [documented below](#nested_upgrade_policy).
* `vcenter` -
(Optional)
VmwareVCenterConfig specifies vCenter config for the user cluster.
Inherited from the admin cluster.
Structure is [documented below](#nested_vcenter).
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
<a name="nested_anti_affinity_groups"></a>The `anti_affinity_groups` block supports:
* `aag_config_disabled` -
(Required)
Spread nodes across at least three physical hosts (requires at least three
hosts).
Enabled by default.
<a name="nested_storage"></a>The `storage` block supports:
* `vsphere_csi_disabled` -
(Required)
Whether or not to deploy vSphere CSI components in the VMware User Cluster.
Enabled by default.
<a name="nested_network_config"></a>The `network_config` block supports:
* `service_address_cidr_blocks` -
(Required)
All services in the cluster are assigned an RFC1918 IPv4 address
from these ranges. Only a single range is supported.. This field
cannot be changed after creation.
* `pod_address_cidr_blocks` -
(Required)
All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges.
Only a single range is supported. This field cannot be changed after creation.
* `static_ip_config` -
(Optional)
Configuration settings for a static IP configuration.
Structure is [documented below](#nested_static_ip_config).
* `dhcp_ip_config` -
(Optional)
Configuration settings for a DHCP IP configuration.
Structure is [documented below](#nested_dhcp_ip_config).
* `vcenter_network` -
(Output)
vcenter_network specifies vCenter network name. Inherited from the admin cluster.
* `host_config` -
(Optional)
Represents common network settings irrespective of the host's IP address.
Structure is [documented below](#nested_host_config).
* `control_plane_v2_config` -
(Optional)
Configuration for control plane V2 mode.
Structure is [documented below](#nested_control_plane_v2_config).
<a name="nested_static_ip_config"></a>The `static_ip_config` block supports:
* `ip_blocks` -
(Required)
Represents the configuration values for static IP allocation to nodes.
Structure is [documented below](#nested_ip_blocks).
<a name="nested_ip_blocks"></a>The `ip_blocks` block supports:
* `netmask` -
(Required)
The netmask used by the VMware User Cluster.
* `gateway` -
(Required)
The network gateway used by the VMware User Cluster.
* `ips` -
(Required)
The node's network configurations used by the VMware User Cluster.
Structure is [documented below](#nested_ips).
<a name="nested_ips"></a>The `ips` block supports:
* `ip` -
(Required)
IP could be an IP address (like 1.2.3.4) or a CIDR (like 1.2.3.0/24).
* `hostname` -
(Optional)
Hostname of the machine. VM's name will be used if this field is empty.
<a name="nested_dhcp_ip_config"></a>The `dhcp_ip_config` block supports:
* `enabled` -
(Required)
enabled is a flag to mark if DHCP IP allocation is
used for VMware user clusters.
<a name="nested_host_config"></a>The `host_config` block supports:
* `dns_servers` -
(Optional)
DNS servers.
* `ntp_servers` -
(Optional)
NTP servers.
* `dns_search_domains` -
(Optional)
DNS search domains.
<a name="nested_control_plane_v2_config"></a>The `control_plane_v2_config` block supports:
* `control_plane_ip_block` -
(Optional)
Static IP addresses for the control plane nodes.
Structure is [documented below](#nested_control_plane_ip_block).
<a name="nested_control_plane_ip_block"></a>The `control_plane_ip_block` block supports:
* `netmask` -
(Optional)
The netmask used by the VMware User Cluster.
* `gateway` -
(Optional)
The network gateway used by the VMware User Cluster.
* `ips` -
(Optional)
The node's network configurations used by the VMware User Cluster.
Structure is [documented below](#nested_ips).
<a name="nested_ips"></a>The `ips` block supports:
* `ip` -
(Optional)
IP could be an IP address (like 1.2.3.4) or a CIDR (like 1.2.3.0/24).
* `hostname` -
(Optional)
Hostname of the machine. VM's name will be used if this field is empty.
<a name="nested_load_balancer"></a>The `load_balancer` block supports:
* `vip_config` -
(Optional)
The VIPs used by the load balancer.
Structure is [documented below](#nested_vip_config).
* `f5_config` -
(Optional)
Configuration for F5 Big IP typed load balancers.
Structure is [documented below](#nested_f5_config).
* `manual_lb_config` -
(Optional)
Manually configured load balancers.
Structure is [documented below](#nested_manual_lb_config).
* `metal_lb_config` -
(Optional)
Configuration for MetalLB typed load balancers.
Structure is [documented below](#nested_metal_lb_config).
<a name="nested_vip_config"></a>The `vip_config` block supports:
* `control_plane_vip` -
(Optional)
The VIP which you previously set aside for the Kubernetes API of this cluster.
* `ingress_vip` -
(Optional)
The VIP which you previously set aside for ingress traffic into this cluster.
<a name="nested_f5_config"></a>The `f5_config` block supports:
* `address` -
(Optional)
The load balancer's IP address.
* `partition` -
(Optional)
he preexisting partition to be used by the load balancer. T
his partition is usually created for the admin cluster for example:
'my-f5-admin-partition'.
* `snat_pool` -
(Optional)
The pool name. Only necessary, if using SNAT.
<a name="nested_manual_lb_config"></a>The `manual_lb_config` block supports:
* `ingress_http_node_port` -
(Optional)
NodePort for ingress service's http. The ingress service in the admin
cluster is implemented as a Service of type NodePort (ex. 32527).
* `ingress_https_node_port` -
(Optional)
NodePort for ingress service's https. The ingress service in the admin
cluster is implemented as a Service of type NodePort (ex. 30139).
* `control_plane_node_port` -
(Optional)
NodePort for control plane service. The Kubernetes API server in the admin
cluster is implemented as a Service of type NodePort (ex. 30968).
* `konnectivity_server_node_port` -
(Optional)
NodePort for konnectivity server service running as a sidecar in each
kube-apiserver pod (ex. 30564).
<a name="nested_metal_lb_config"></a>The `metal_lb_config` block supports:
* `address_pools` -
(Required)
AddressPools is a list of non-overlapping IP pools used by load balancer
typed services. All addresses must be routable to load balancer nodes.
IngressVIP must be included in the pools.
Structure is [documented below](#nested_address_pools).
<a name="nested_address_pools"></a>The `address_pools` block supports:
* `pool` -
(Required)
The name of the address pool.
* `addresses` -
(Required)
The addresses that are part of this pool. Each address
must be either in the CIDR form (1.2.3.0/24) or range
form (1.2.3.1-1.2.3.5).
* `avoid_buggy_ips` -
(Optional)
If true, avoid using IPs ending in .0 or .255.
This avoids buggy consumer devices mistakenly dropping IPv4 traffic for
those special IP addresses.
* `manual_assign` -
(Optional)
If true, prevent IP addresses from being automatically assigned.
<a name="nested_dataplane_v2"></a>The `dataplane_v2` block supports:
* `dataplane_v2_enabled` -
(Optional)
Enables Dataplane V2.
* `windows_dataplane_v2_enabled` -
(Optional)
Enable Dataplane V2 for clusters with Windows nodes.
* `advanced_networking` -
(Optional)
Enable advanced networking which requires dataplane_v2_enabled to be set true.
<a name="nested_auto_repair_config"></a>The `auto_repair_config` block supports:
* `enabled` -
(Required)
Whether auto repair is enabled.
<a name="nested_authorization"></a>The `authorization` block supports:
* `admin_users` -
(Optional)
Users that will be granted the cluster-admin role on the cluster, providing
full access to the cluster.
Structure is [documented below](#nested_admin_users).
<a name="nested_admin_users"></a>The `admin_users` block supports:
* `username` -
(Required)
The name of the user, e.g. `my-gcp-id@gmail.com`.
<a name="nested_upgrade_policy"></a>The `upgrade_policy` block supports:
* `control_plane_only` -
(Optional)
Controls whether the upgrade applies to the control plane only.
<a name="nested_vcenter"></a>The `vcenter` block supports:
* `resource_pool` -
(Optional)
The name of the vCenter resource pool for the user cluster.
* `datastore` -
(Optional)
The name of the vCenter datastore for the user cluster.
* `datacenter` -
(Optional)
The name of the vCenter datacenter for the user cluster.
* `cluster` -
(Optional)
The name of the vCenter cluster for the user cluster.
* `folder` -
(Optional)
The name of the vCenter folder for the user cluster.
* `ca_cert_data` -
(Optional)
Contains the vCenter CA certificate public key for SSL verification.
* `address` -
(Output)
The vCenter IP address.
* `storage_policy_name` -
(Optional)
The name of the vCenter storage policy for the user cluster.
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/vmwareClusters/{{name}}`
* `validation_check` -
ValidationCheck represents the result of the preflight check job.
Structure is [documented below](#nested_validation_check).
* `uid` -
The unique identifier of the VMware User Cluster.
* `state` -
The current state of this cluster.
* `endpoint` -
The DNS name of VMware User Cluster's API server.
* `reconciling` -
If set, there are currently changes in flight to the VMware User Cluster.
* `create_time` -
The time at which VMware User Cluster was created.
* `update_time` -
The time at which VMware User Cluster was last updated.
* `delete_time` -
The time at which VMware User Cluster was deleted.
* `local_name` -
The object name of the VMware OnPremUserCluster custom resource on the
associated admin cluster. This field is used to support conflicting
names when enrolling existing clusters to the API. When used as a part of
cluster enrollment, this field will differ from the ID in the resource
name. For new clusters, this field will match the user provided cluster ID
and be visible in the last component of the resource name. It is not
modifiable.
All users should use this name to access their cluster using gkectl or
kubectl and should expect to see the local name when viewing admin
cluster controller logs.
* `etag` -
This checksum is computed by the server based on the value of other
fields, and may be sent on update and delete requests to ensure the
client has an up-to-date value before proceeding.
Allows clients to perform consistent read-modify-writes
through optimistic concurrency control.
* `fleet` -
Fleet configuration for the cluster.
Structure is [documented below](#nested_fleet).
* `status` -
ResourceStatus representing detailed cluster state.
Structure is [documented below](#nested_status).
* `effective_annotations` -
All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
<a name="nested_validation_check"></a>The `validation_check` block contains:
* `options` -
(Output)
Options used for the validation check.
* `status` -
(Output)
Specifies the detailed validation check status
Structure is [documented below](#nested_status).
* `scenario` -
(Output)
The scenario when the preflight checks were run..
<a name="nested_status"></a>The `status` block contains:
* `result` -
(Output)
Individual checks which failed as part of the Preflight check execution.
Structure is [documented below](#nested_result).
<a name="nested_result"></a>The `result` block contains:
* `options` -
(Output)
Options used for the validation check.
* `description` -
(Output)
The description of the validation check.
* `category` -
(Output)
The category of the validation.
* `reason` -
(Output)
A human-readable message of the check failure.
* `details` -
(Output)
Detailed failure information, which might be unformatted.
<a name="nested_fleet"></a>The `fleet` block contains:
* `membership` -
(Output)
The name of the managed Hub Membership resource associated to this cluster.
Membership names are formatted as
`projects/<project-number>/locations/<location>/memberships/<cluster-id>`.
<a name="nested_status"></a>The `status` block contains:
* `error_message` -
(Output)
Human-friendly representation of the error message from the user cluster
controller. The error message can be temporary as the user cluster
controller creates a cluster or node pool. If the error message persists
for a longer period of time, it can be used to surface error message to
indicate real problems requiring user intervention.
* `conditions` -
(Output)
ResourceConditions provide a standard mechanism for higher-level status reporting from user cluster controller.
Structure is [documented below](#nested_conditions).
<a name="nested_conditions"></a>The `conditions` block contains:
* `type` -
(Output)
Type of the condition.
(e.g., ClusterRunning, NodePoolRunning or ServerSidePreflightReady)
* `reason` -
(Output)
Machine-readable message indicating details about last transition.
* `message` -
(Output)
Human-readable message indicating details about last transition.
* `last_transition_time` -
(Output)
Last time the condition transit from one status to another.
* `state` -
(Output)
The lifecycle state of the condition.
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 60 minutes.
- `update` - Default is 60 minutes.
- `delete` - Default is 60 minutes.
## Import
VmwareCluster can be imported using any of these accepted formats:
* `projects/{{project}}/locations/{{location}}/vmwareClusters/{{name}}`
* `{{project}}/{{location}}/{{name}}`
* `{{location}}/{{name}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import VmwareCluster using one of the formats above. For example:
```tf
import {
id = "projects/{{project}}/locations/{{location}}/vmwareClusters/{{name}}"
to = google_gkeonprem_vmware_cluster.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), VmwareCluster can be imported using one of the formats above. For example:
```
$ terraform import google_gkeonprem_vmware_cluster.default projects/{{project}}/locations/{{location}}/vmwareClusters/{{name}}
$ terraform import google_gkeonprem_vmware_cluster.default {{project}}/{{location}}/{{name}}
$ terraform import google_gkeonprem_vmware_cluster.default {{location}}/{{name}}
```
## User Project Overrides
This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).