terraform

Terraform Adds Support for GKE Autopilot

The Google Cloud Terraform provider now supports deployment of GKE Autopilot clusters. Learn how to use the new feature with a short example.

Dec 14 2021Tejitha Raju

We are pleased to announce support for Google Kubernetes Engine (GKE) Autopilot in HashiCorp Terraform. Released in February 2021, GKE Autopilot is a new mode of operation for GKE that automates node configuration and management. GKE Autopilot gives you a hands-off approach to using Kubernetes on Google Cloud by eliminating node management operations and maximizing your cluster efficiency. This post will detail what GKE Autopilot does, and how to use it with Terraform.

»What GKE Autopilot Does

Users can create a GKE cluster in standard mode or autopilot mode. The GKE standard mode is beneficial if you have a fair amount of experience managing the data plane of a Kubernetes environment and you would like to maintain control of resource consumption. On the other hand, GKE Autopilot provides management of nodes, pre-configuration of clusters, auto-scaling, auto-upgrades and security by Google Cloud so you can focus just on the development and not on the underlying infrastructure.

GKE Autopilot provides:

  1. A completely automated Kubernetes platform
  2. Auto health-monitoring, checks, compute calculation, and auto-repair
  3. Efficient per-pod billing

Autopilot helps shift several site reliability engineering (SRE) responsibilities from your team to Google Cloud’s, specifically for nodes and control planes where they help with cluster provisioning and maintenance. A comparison of both standard and autopilot modes can be found in Google Cloud’s GKE documentation.

»How to Use GKE Autopilot with HashiCorp Terraform

GKE Autopilot can be enabled for your Kubernetes cluster by adding the variable enable_autopilot = true to your GKE Terraform configuration.

In order to use the GKE Autopilot, you will need:

  1. A Google Cloud account
  2. A configured gcloud SDK
  3. Kubectl
  4. The Google Cloud Terraform provider version 3.63.0 or higher

Here is an example workflow for enabling GKE Autopilot on a Kubernetes cluster using Terraform:

First, create a Terraform file that contains the GKE cluster.

Gke.tf:

Write out a Terraform configuration to provision a GKE Autopilot cluster using google_container_cluser and enable Autopilot for that cluster. Please note that while using Autopilot, you do not have to specify the number of nodes required; they will be automatically calculated for you.

variable "gke_username" {
  default     = ""
  description = "gke username"
}
 
variable "gke_password" {
  default     = ""
  description = "gke password"
}
 
# GKE cluster
resource "google_container_cluster" "primary" {
  name     = "${var.project_id}-gke"
  location = var.region
 
  network    = google_compute_network.vpc.name
  subnetwork = google_compute_subnetwork.subnet.name
 
# Enabling Autopilot for this cluster
  enable_autopilot = true
}

Make sure to choose the correct version of the Google Cloud Terraform provider for your cluster: It must be 3.63.0, or later. If needed, you can update the provider using terraform init -upgrade.

Versions.tf:

Set the Terraform version to at least 0.14 and the provider version to 3.63.0 or higher.

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "3.63.0"
    }
  }
 
  required_version = "~> 0.14"
}

Replace the values in your terraform.tfvars file with your project_id and region. Terraform will use these values to target your project when provisioning your resources. Your terraform.tfvars file should look like this:

project_id = "[YOUR-PROJECTID-HERE]"
region     = "us-central1"

After you have saved your customized variables file, initialize your Terraform workspace, which will download the provider and initialize it with the values mentioned in terraform.tfvars file.

learn-terraform-provision-gke-autopiloy-cluster % terraform init
 
Initializing the backend...
 
Initializing provider plugins...
- Finding hashicorp/google versions matching "3.63.0"...
- Installing hashicorp/google v3.63.0...
- Installed hashicorp/google v3.63.0 (self-signed, key ID 34365D9472D7468F)
 
Terraform has been successfully initialized!
 
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
 
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

To provision your GKE Autopilot cluster, in your initialized directory, run terraform apply and review the planned actions. Your terminal output should indicate the plan is running and what resources will be created.

learn-terraform-provision-gke-cluster % terraform apply
 
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create
 
Terraform will perform the following actions:
 
Plan: 3 to add, 0 to change, 0 to destroy.

You can see this terraform apply will provision a VPC, subnet, and GKE Autopilot cluster. Confirm the apply with a yes. This process should take approximately 10 minutes. Upon successful application, your terminal prints the outputs defined in vpc.tf and gke.tf.

Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
 
Outputs:
 
kubernetes_cluster_host = "34.136.240.175"
kubernetes_cluster_name = "gkeautopilot2-gke"
project_id = "gkautopilot2"
region = "us-central1"

Once the cluster is deployed, you can review that it is live in your Google Cloud account:

The information page shows settings that can and can’t be changed.

The information page shows settings that can and can’t be changed. In the automation page, you can adjust the maintenance window after cluster creation.

In the automation page, you can adjust the maintenance window after cluster creation.

GKE Autopilot is now active and providing automated node management, improved utilization, security, and reduced cost of maintenance. Users can leverage Google Cloud’s SRE tooling to maintain their nodes and pods.

Google Cloud offers a 99.95% SLA for the control plane of its GKE Autopilot clusters, and a 99.9% SLA for GKE Autopilot pods, while reducing the overall operational load required for managing the clusters.

»Learn More

For more information on how to get started with GKE using HashiCorp Terraform, please visit our tutorial on how to Provision a GKE Cluster Using Terraform or visit our developer documentation for detailed information on Using GKE with Terraform.

We would love to hear your feedback on this feature. You can post bugs and feature requests for this provider by opening an issue on the GitHub Repository.

GCPPartners

Sign up for the latest HashiCorp news

More blog posts like this one

HashiCorp Terraform Ecosystem passes 3,000 providers with over 250 partners
March 29 2023 | Company
HashiCorp Terraform Ecosystem passes 3,000 providers with over 250 partners

The Terraform integrations ecosystem has reached a new milestone, surpassing 3,000 providers in the registry.

The producer-consumer infrastructure model
March 28 2023 | Products & Technology
The producer-consumer infrastructure model

Infrastructure producers and consumers require very different capabilities from their automation tools. Vendors need to provide a flexible infrastructure as code solution that meets users at their different levels of expertise.

Terraform Enterprise adds projects, drift detection, and more
March 27 2023 | Products & Technology
Terraform Enterprise adds projects, drift detection, and more

Recent Terraform Enterprise releases include powerful new features such as projects, native OPA support, dynamic provider credentials, and drift detection.