terraform

Terraform Adds Support for GKE Autopilot

The Google Cloud Terraform provider now supports deployment of GKE Autopilot clusters. Learn how to use the new feature with a short example.

Dec 14 2021Tejitha Raju

We are pleased to announce support for Google Kubernetes Engine (GKE) Autopilot in HashiCorp Terraform. Released in February 2021, GKE Autopilot is a new mode of operation for GKE that automates node configuration and management. GKE Autopilot gives you a hands-off approach to using Kubernetes on Google Cloud by eliminating node management operations and maximizing your cluster efficiency. This post will detail what GKE Autopilot does, and how to use it with Terraform.

»What GKE Autopilot Does

Users can create a GKE cluster in standard mode or autopilot mode. The GKE standard mode is beneficial if you have a fair amount of experience managing the data plane of a Kubernetes environment and you would like to maintain control of resource consumption. On the other hand, GKE Autopilot provides management of nodes, pre-configuration of clusters, auto-scaling, auto-upgrades and security by Google Cloud so you can focus just on the development and not on the underlying infrastructure.

GKE Autopilot provides:

  1. A completely automated Kubernetes platform
  2. Auto health-monitoring, checks, compute calculation, and auto-repair
  3. Efficient per-pod billing

Autopilot helps shift several site reliability engineering (SRE) responsibilities from your team to Google Cloud’s, specifically for nodes and control planes where they help with cluster provisioning and maintenance. A comparison of both standard and autopilot modes can be found in Google Cloud’s GKE documentation.

»How to Use GKE Autopilot with HashiCorp Terraform

GKE Autopilot can be enabled for your Kubernetes cluster by adding the variable enable_autopilot = true to your GKE Terraform configuration.

In order to use the GKE Autopilot, you will need:

  1. A Google Cloud account
  2. A configured gcloud SDK
  3. Kubectl
  4. The Google Cloud Terraform provider version 3.63.0 or higher

Here is an example workflow for enabling GKE Autopilot on a Kubernetes cluster using Terraform:

First, create a Terraform file that contains the GKE cluster.

Gke.tf:

Write out a Terraform configuration to provision a GKE Autopilot cluster using google_container_cluser and enable Autopilot for that cluster. Please note that while using Autopilot, you do not have to specify the number of nodes required; they will be automatically calculated for you.

variable "gke_username" {  default     = ""  description = "gke username"} variable "gke_password" {  default     = ""  description = "gke password"} # GKE clusterresource "google_container_cluster" "primary" {  name     = "${var.project_id}-gke"  location = var.region   network    = google_compute_network.vpc.name  subnetwork = google_compute_subnetwork.subnet.name # Enabling Autopilot for this cluster  enable_autopilot = true}

Make sure to choose the correct version of the Google Cloud Terraform provider for your cluster: It must be 3.63.0, or later. If needed, you can update the provider using terraform init -upgrade.

Versions.tf:

Set the Terraform version to at least 0.14 and the provider version to 3.63.0 or higher.

terraform {  required_providers {    google = {      source  = "hashicorp/google"      version = "3.63.0"    }  }   required_version = "~> 0.14"}

Replace the values in your terraform.tfvars file with your project_id and region. Terraform will use these values to target your project when provisioning your resources. Your terraform.tfvars file should look like this:

project_id = "[YOUR-PROJECTID-HERE]"region     = "us-central1"

After you have saved your customized variables file, initialize your Terraform workspace, which will download the provider and initialize it with the values mentioned in terraform.tfvars file.

learn-terraform-provision-gke-autopiloy-cluster % terraform init Initializing the backend... Initializing provider plugins...- Finding hashicorp/google versions matching "3.63.0"...- Installing hashicorp/google v3.63.0...- Installed hashicorp/google v3.63.0 (self-signed, key ID 34365D9472D7468F) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to seeany changes that are required for your infrastructure. All Terraform commandsshould now work. If you ever set or change modules or backend configuration for Terraform,rerun this command to reinitialize your working directory. If you forget, othercommands will detect it and remind you to do so if necessary.

To provision your GKE Autopilot cluster, in your initialized directory, run terraform apply and review the planned actions. Your terminal output should indicate the plan is running and what resources will be created.

learn-terraform-provision-gke-cluster % terraform apply An execution plan has been generated and is shown below.Resource actions are indicated with the following symbols:  + create Terraform will perform the following actions: Plan: 3 to add, 0 to change, 0 to destroy.

You can see this terraform apply will provision a VPC, subnet, and GKE Autopilot cluster. Confirm the apply with a yes. This process should take approximately 10 minutes. Upon successful application, your terminal prints the outputs defined in vpc.tf and gke.tf.

Apply complete! Resources: 3 added, 0 changed, 0 destroyed. Outputs: kubernetes_cluster_host = "34.136.240.175"kubernetes_cluster_name = "gkeautopilot2-gke"project_id = "gkautopilot2"region = "us-central1"

Once the cluster is deployed, you can review that it is live in your Google Cloud account:

The information page shows settings that can and can’t be changed.

The information page shows settings that can and can’t be changed. In the automation page, you can adjust the maintenance window after cluster creation.

In the automation page, you can adjust the maintenance window after cluster creation.

GKE Autopilot is now active and providing automated node management, improved utilization, security, and reduced cost of maintenance. Users can leverage Google Cloud’s SRE tooling to maintain their nodes and pods.

Google Cloud offers a 99.95% SLA for the control plane of its GKE Autopilot clusters, and a 99.9% SLA for GKE Autopilot pods, while reducing the overall operational load required for managing the clusters.

»Learn More

For more information on how to get started with GKE using HashiCorp Terraform, please visit our tutorial on how to Provision a GKE Cluster Using Terraform or visit our developer documentation for detailed information on Using GKE with Terraform.

We would love to hear your feedback on this feature. You can post bugs and feature requests for this provider by opening an issue on the GitHub Repository.

Google CloudPartners

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.

More blog posts like this one

A blueprint for cloud success with HashiCorp at Google Cloud Next
April 11 2024 | Products & Technology
A blueprint for cloud success with HashiCorp at Google Cloud Next

A recap of HashiCorp infrastructure and security news and developments from Google Cloud Next, from scaling infrastructure as code to fighting secrets sprawl and more.

Terraform 1.8 improves extensibility with provider-defined functions
April 10 2024 | Products & Technology
Terraform 1.8 improves extensibility with provider-defined functions

New in Terraform 1.8: Provider-defined functions let users extend Terraform with custom capabilities. Plus, refactoring can now be done across resource types.

Terraform 1.8 provider functions for AWS, Google Cloud, and Kubernetes
April 10 2024 | Products & Technology
Terraform 1.8 provider functions for AWS, Google Cloud, and Kubernetes

See usage examples of Terraform 1.8's new launch-day provider-defined functions for AWS, Google Cloud, and Kubernetes.