feat!: support enabling default compute class in cluster autoscaler (#2442)

Author: romancin

README.md

@@ -149,7 +149,7 @@ Then perform the following commands on the root folder:
 | anonymous\_authentication\_config\_mode | Allows users to restrict or enable anonymous access to the cluster. Valid values are `ENABLED` and `LIMITED`. | `string` | `null` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format gke-security-groups@yourdomain.com | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |
-| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | <pre>object({<br>    enabled                     = bool<br>    autoscaling_profile         = string<br>    min_cpu_cores               = optional(number)<br>    max_cpu_cores               = optional(number)<br>    min_memory_gb               = optional(number)<br>    max_memory_gb               = optional(number)<br>    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))<br>    auto_repair                 = bool<br>    auto_upgrade                = bool<br>    disk_size                   = optional(number)<br>    disk_type                   = optional(string)<br>    image_type                  = optional(string)<br>    strategy                    = optional(string)<br>    max_surge                   = optional(number)<br>    max_unavailable             = optional(number)<br>    node_pool_soak_duration     = optional(string)<br>    batch_soak_duration         = optional(string)<br>    batch_percentage            = optional(number)<br>    batch_node_count            = optional(number)<br>    enable_secure_boot          = optional(bool, false)<br>    enable_integrity_monitoring = optional(bool, true)<br>  })</pre> | <pre>{<br>  "auto_repair": true,<br>  "auto_upgrade": true,<br>  "autoscaling_profile": "BALANCED",<br>  "disk_size": 100,<br>  "disk_type": "pd-standard",<br>  "enable_integrity_monitoring": true,<br>  "enable_secure_boot": false,<br>  "enabled": false,<br>  "gpu_resources": [],<br>  "image_type": "COS_CONTAINERD",<br>  "max_cpu_cores": 0,<br>  "max_memory_gb": 0,<br>  "min_cpu_cores": 0,<br>  "min_memory_gb": 0<br>}</pre> | no |
+| cluster\_autoscaling | Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling) | <pre>object({<br>    enabled                      = bool<br>    autoscaling_profile          = string<br>    min_cpu_cores                = optional(number)<br>    max_cpu_cores                = optional(number)<br>    min_memory_gb                = optional(number)<br>    max_memory_gb                = optional(number)<br>    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))<br>    auto_repair                  = bool<br>    auto_upgrade                 = bool<br>    disk_size                    = optional(number)<br>    disk_type                    = optional(string)<br>    image_type                   = optional(string)<br>    strategy                     = optional(string)<br>    max_surge                    = optional(number)<br>    max_unavailable              = optional(number)<br>    node_pool_soak_duration      = optional(string)<br>    batch_soak_duration          = optional(string)<br>    batch_percentage             = optional(number)<br>    batch_node_count             = optional(number)<br>    enable_secure_boot           = optional(bool, false)<br>    enable_integrity_monitoring  = optional(bool, true)<br>    enable_default_compute_class = optional(bool, false)<br>  })</pre> | <pre>{<br>  "auto_repair": true,<br>  "auto_upgrade": true,<br>  "autoscaling_profile": "BALANCED",<br>  "disk_size": 100,<br>  "disk_type": "pd-standard",<br>  "enable_default_compute_class": false,<br>  "enable_integrity_monitoring": true,<br>  "enable_secure_boot": false,<br>  "enabled": false,<br>  "gpu_resources": [],<br>  "image_type": "COS_CONTAINERD",<br>  "max_cpu_cores": 0,<br>  "max_memory_gb": 0,<br>  "min_cpu_cores": 0,<br>  "min_memory_gb": 0<br>}</pre> | no |
 | cluster\_dns\_domain | The suffix used for all cluster service records. | `string` | `""` | no |
 | cluster\_dns\_provider | Which in-cluster DNS provider should be used. PROVIDER\_UNSPECIFIED (default) or PLATFORM\_DEFAULT or CLOUD\_DNS. | `string` | `"PROVIDER_UNSPECIFIED"` | no |
 | cluster\_dns\_scope | The scope of access to cluster DNS records. DNS\_SCOPE\_UNSPECIFIED (default) or CLUSTER\_SCOPE or VPC\_SCOPE. | `string` | `"DNS_SCOPE_UNSPECIFIED"` | no |
@@ -160,7 +160,6 @@ Then perform the following commands on the root folder:
 | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no |
 | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | <pre>[<br>  {<br>    "key_name": "",<br>    "state": "DECRYPTED"<br>  }<br>]</pre> | no |
 | datapath\_provider | The desired datapath provider for this cluster. By default, `DATAPATH_PROVIDER_UNSPECIFIED` enables the IPTables-based kube-proxy implementation. `ADVANCED_DATAPATH` enables Dataplane-V2 feature. | `string` | `"DATAPATH_PROVIDER_UNSPECIFIED"` | no |
-| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no |
 | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | `number` | `110` | no |
 | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no |
 | description | The description of the cluster | `string` | `""` | no |

autogen/main/cluster.tf.tmpl

@@ -162,7 +162,7 @@ resource "google_container_cluster" "primary" {
 
   cluster_autoscaling {
     enabled = var.cluster_autoscaling.enabled
-    default_compute_class_enabled = var.default_compute_class_enabled
+    default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false)
     dynamic "auto_provisioning_defaults" {
       for_each = var.cluster_autoscaling.enabled ? [1] : []
 

autogen/main/variables.tf.tmpl

@@ -346,43 +346,45 @@ variable "enable_resource_consumption_export" {
 {% if autopilot_cluster != true %}
 variable "cluster_autoscaling" {
   type = object({
-    enabled                     = bool
-    autoscaling_profile         = string
-    min_cpu_cores               = optional(number)
-    max_cpu_cores               = optional(number)
-    min_memory_gb               = optional(number)
-    max_memory_gb               = optional(number)
-    gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
-    auto_repair                 = bool
-    auto_upgrade                = bool
-    disk_size                   = optional(number)
-    disk_type                   = optional(string)
-    image_type                  = optional(string)
-    strategy                    = optional(string)
-    max_surge                   = optional(number)
-    max_unavailable             = optional(number)
-    node_pool_soak_duration     = optional(string)
-    batch_soak_duration         = optional(string)
-    batch_percentage            = optional(number)
-    batch_node_count            = optional(number)
-    enable_secure_boot          = optional(bool, false)
-    enable_integrity_monitoring = optional(bool, true)
+    enabled                      = bool
+    autoscaling_profile          = string
+    min_cpu_cores                = optional(number)
+    max_cpu_cores                = optional(number)
+    min_memory_gb                = optional(number)
+    max_memory_gb                = optional(number)
+    gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
+    auto_repair                  = bool
+    auto_upgrade                 = bool
+    disk_size                    = optional(number)
+    disk_type                    = optional(string)
+    image_type                   = optional(string)
+    strategy                     = optional(string)
+    max_surge                    = optional(number)
+    max_unavailable              = optional(number)
+    node_pool_soak_duration      = optional(string)
+    batch_soak_duration          = optional(string)
+    batch_percentage             = optional(number)
+    batch_node_count             = optional(number)
+    enable_secure_boot           = optional(bool, false)
+    enable_integrity_monitoring  = optional(bool, true)
+    enable_default_compute_class = optional(bool,false)
   })
   default = {
-    enabled                     = false
-    autoscaling_profile         = "BALANCED"
-    max_cpu_cores               = 0
-    min_cpu_cores               = 0
-    max_memory_gb               = 0
-    min_memory_gb               = 0
-    gpu_resources               = []
-    auto_repair                 = true
-    auto_upgrade                = true
-    disk_size                   = 100
-    disk_type                   = "pd-standard"
-    image_type                  = "COS_CONTAINERD"
-    enable_secure_boot          = false
-    enable_integrity_monitoring = true
+    enabled                      = false
+    autoscaling_profile          = "BALANCED"
+    max_cpu_cores                = 0
+    min_cpu_cores                = 0
+    max_memory_gb                = 0
+    min_memory_gb                = 0
+    gpu_resources                = []
+    auto_repair                  = true
+    auto_upgrade                 = true
+    disk_size                    = 100
+    disk_type                    = "pd-standard"
+    image_type                   = "COS_CONTAINERD"
+    enable_secure_boot           = false
+    enable_integrity_monitoring  = true
+    enable_default_compute_class = false
   }
   description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
 }
@@ -886,13 +888,14 @@ variable "enable_shielded_nodes" {
 }
 
 {% endif %}
-
+{% if autopilot_cluster == true %}
 variable "default_compute_class_enabled" {
   type        = bool
-  description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning"
+  description = "Enable default compute class for Node Auto-Provisioning"
   default     = null
 }
 
+{% endif %}
 variable "enable_binary_authorization" {
   type        = bool
   description = "Enable BinAuthZ Admission controller"

cluster.tf

@@ -129,7 +129,7 @@ resource "google_container_cluster" "primary" {
 
   cluster_autoscaling {
     enabled                       = var.cluster_autoscaling.enabled
-    default_compute_class_enabled = var.default_compute_class_enabled
+    default_compute_class_enabled = lookup(var.cluster_autoscaling, "enable_default_compute_class", false)
     dynamic "auto_provisioning_defaults" {
       for_each = var.cluster_autoscaling.enabled ? [1] : []
 

metadata.yaml

@@ -361,34 +361,36 @@ spec:
         description: Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)
         varType: |-
           object({
-              enabled                     = bool
-              autoscaling_profile         = string
-              min_cpu_cores               = optional(number)
-              max_cpu_cores               = optional(number)
-              min_memory_gb               = optional(number)
-              max_memory_gb               = optional(number)
-              gpu_resources               = list(object({ resource_type = string, minimum = number, maximum = number }))
-              auto_repair                 = bool
-              auto_upgrade                = bool
-              disk_size                   = optional(number)
-              disk_type                   = optional(string)
-              image_type                  = optional(string)
-              strategy                    = optional(string)
-              max_surge                   = optional(number)
-              max_unavailable             = optional(number)
-              node_pool_soak_duration     = optional(string)
-              batch_soak_duration         = optional(string)
-              batch_percentage            = optional(number)
-              batch_node_count            = optional(number)
-              enable_secure_boot          = optional(bool, false)
-              enable_integrity_monitoring = optional(bool, true)
+              enabled                      = bool
+              autoscaling_profile          = string
+              min_cpu_cores                = optional(number)
+              max_cpu_cores                = optional(number)
+              min_memory_gb                = optional(number)
+              max_memory_gb                = optional(number)
+              gpu_resources                = list(object({ resource_type = string, minimum = number, maximum = number }))
+              auto_repair                  = bool
+              auto_upgrade                 = bool
+              disk_size                    = optional(number)
+              disk_type                    = optional(string)
+              image_type                   = optional(string)
+              strategy                     = optional(string)
+              max_surge                    = optional(number)
+              max_unavailable              = optional(number)
+              node_pool_soak_duration      = optional(string)
+              batch_soak_duration          = optional(string)
+              batch_percentage             = optional(number)
+              batch_node_count             = optional(number)
+              enable_secure_boot           = optional(bool, false)
+              enable_integrity_monitoring  = optional(bool, true)
+              enable_default_compute_class = optional(bool, false)
             })
         defaultValue:
           auto_repair: true
           auto_upgrade: true
           autoscaling_profile: BALANCED
           disk_size: 100
           disk_type: pd-standard
+          enable_default_compute_class: false
           enable_integrity_monitoring: true
           enable_secure_boot: false
           enabled: false
@@ -667,9 +669,6 @@ spec:
         description: Enable Shielded Nodes features on all nodes in this cluster
         varType: bool
         defaultValue: true
-      - name: default_compute_class_enabled
-        description: Enable Spot VMs as the default compute class for Node Auto-Provisioning
-        varType: bool
       - name: enable_binary_authorization
         description: Enable BinAuthZ Admission controller
         varType: bool

modules/beta-autopilot-private-cluster/README.md

@@ -86,7 +86,7 @@ Then perform the following commands on the root folder:
 | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no |
 | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no |
 | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | <pre>[<br>  {<br>    "key_name": "",<br>    "state": "DECRYPTED"<br>  }<br>]</pre> | no |
-| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no |
+| default\_compute\_class\_enabled | Enable default compute class for Node Auto-Provisioning | `bool` | `null` | no |
 | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no |
 | deploy\_using\_private\_endpoint | A toggle for Terraform and kubectl to connect to the master's internal IP address during deployment. | `bool` | `false` | no |
 | description | The description of the cluster | `string` | `""` | no |

modules/beta-autopilot-private-cluster/metadata.yaml

@@ -453,7 +453,7 @@ spec:
           - key_name: ""
             state: DECRYPTED
       - name: default_compute_class_enabled
-        description: Enable Spot VMs as the default compute class for Node Auto-Provisioning
+        description: Enable default compute class for Node Auto-Provisioning
         varType: bool
       - name: enable_binary_authorization
         description: Enable BinAuthZ Admission controller

modules/beta-autopilot-private-cluster/variables.tf

@@ -536,10 +536,9 @@ variable "database_encryption" {
   }]
 }
 
-
 variable "default_compute_class_enabled" {
   type        = bool
-  description = "Enable Spot VMs as the default compute class for Node Auto-Provisioning"
+  description = "Enable default compute class for Node Auto-Provisioning"
   default     = null
 }
 

modules/beta-autopilot-public-cluster/README.md

@@ -80,7 +80,7 @@ Then perform the following commands on the root folder:
 | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | `map(string)` | `{}` | no |
 | create\_service\_account | Defines if service account specified to run nodes should be created. | `bool` | `true` | no |
 | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key\_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key\_name is the name of a CloudKMS key. | `list(object({ state = string, key_name = string }))` | <pre>[<br>  {<br>    "key_name": "",<br>    "state": "DECRYPTED"<br>  }<br>]</pre> | no |
-| default\_compute\_class\_enabled | Enable Spot VMs as the default compute class for Node Auto-Provisioning | `bool` | `null` | no |
+| default\_compute\_class\_enabled | Enable default compute class for Node Auto-Provisioning | `bool` | `null` | no |
 | deletion\_protection | Whether or not to allow Terraform to destroy the cluster. | `bool` | `true` | no |
 | description | The description of the cluster | `string` | `""` | no |
 | disable\_default\_snat | Whether to disable the default SNAT to support the private use of public IP addresses | `bool` | `false` | no |

modules/beta-autopilot-public-cluster/metadata.yaml

@@ -431,7 +431,7 @@ spec:
           - key_name: ""
             state: DECRYPTED
       - name: default_compute_class_enabled
-        description: Enable Spot VMs as the default compute class for Node Auto-Provisioning
+        description: Enable default compute class for Node Auto-Provisioning
         varType: bool
       - name: enable_binary_authorization
         description: Enable BinAuthZ Admission controller