https://github.com/osinfra-io/google-cloud-kubernetes
Infrastructure as Code (IaC) example for Google Cloud Platform Kubernetes resources.
https://github.com/osinfra-io/google-cloud-kubernetes
google-cloud-kubernetes-platform google-cloud-platform infrastructure-as-code kubernetes osinfra platform-team terraform
Last synced: about 1 month ago
JSON representation
Infrastructure as Code (IaC) example for Google Cloud Platform Kubernetes resources.
- Host: GitHub
- URL: https://github.com/osinfra-io/google-cloud-kubernetes
- Owner: osinfra-io
- License: gpl-2.0
- Created: 2023-11-21T12:21:16.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-03-13T22:26:02.000Z (about 2 months ago)
- Last Synced: 2025-03-13T23:26:47.360Z (about 2 months ago)
- Topics: google-cloud-kubernetes-platform, google-cloud-platform, infrastructure-as-code, kubernetes, osinfra, platform-team, terraform
- Language: HCL
- Homepage: https://www.osinfra.io
- Size: 652 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# 
Google Cloud Platform - Kubernetes
**[GitHub Actions](https://github.com/osinfra-io/google-cloud-kubernetes/actions):**
[](https://github.com/osinfra-io/google-cloud-kubernetes/actions/workflows/dependabot.yml)
**[Infracost](https://www.infracost.io):**
[](https://dashboard.infracost.io/org/osinfra-io/repos/19dee006-53a6-4007-be23-d2e44617e789?tab=settings)
## 📄 Repository Description
This repository manages Kubernetes resources.
## 🏭 Platform Information
- Documentation: [docs.osinfra.io](https://docs.osinfra.io/product-guides/google-cloud-platform/kubernetes)
- Service Interfaces: [github.com](https://github.com/osinfra-io/google-cloud-kubernetes/issues/new/choose)
## 
Development
Our focus is on the core fundamental practice of platform engineering, Infrastructure as Code.
>Open Source Infrastructure (as Code) is a development model for infrastructure that focuses on open collaboration and applying relative lessons learned from software development practices that organizations can use internally at scale. - [Open Source Infrastructure (as Code)](https://www.osinfra.io)
To avoid slowing down stream-aligned teams, we want to open up the possibility for contributions. The Open Source Infrastructure (as Code) model allows team members external to the platform team to contribute with only a slight increase in cognitive load. This section is for developers who want to contribute to this repository, describing the tools used, the skills, and the knowledge required, along with Terraform documentation.
See the documentation for setting up a development environment [here](https://docs.osinfra.io/fundamentals/development-setup).
### 🛠️ Tools
- [infracost](https://github.com/infracost/infracost)
- [pre-commit](https://github.com/pre-commit/pre-commit)
- [pre-commit-terraform](https://github.com/antonbabenko/pre-commit-terraform)
- [terraform-docs](https://github.com/terraform-docs/terraform-docs)
### 📋 Skills and Knowledge
Links to documentation and other resources required to develop and iterate in this repository successfully.
- [kubernetes](https://kubernetes.io/docs/home)
### 📓 Terraform Documentation
#### Requirements
No requirements.
#### Providers
No providers.
#### Modules
| Name | Source | Version |
|------|--------|---------|
| [datadog](#module\_datadog) | github.com/osinfra-io/terraform-datadog-google-integration | v0.3.3 |
| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 |
| [kubernetes\_cert\_manager](#module\_kubernetes\_cert\_manager) | github.com/osinfra-io/terraform-kubernetes-cert-manager | v0.1.5 |
| [kubernetes\_engine](#module\_kubernetes\_engine) | github.com/osinfra-io/terraform-google-kubernetes-engine | v0.2.4 |
| [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio | v0.1.8 |
| [project](#module\_project) | github.com/osinfra-io/terraform-google-project | v0.4.5 |
#### Resources
No resources.
#### Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [datadog\_api\_key](#input\_datadog\_api\_key) | Datadog API key | `string` | n/a | yes |
| [datadog\_app\_key](#input\_datadog\_app\_key) | Datadog APP key | `string` | n/a | yes |
| [datadog\_enable](#input\_datadog\_enable) | Enable Datadog integration | `bool` | `false` | no |
| [kubernetes\_engine\_namespaces](#input\_kubernetes\_engine\_namespaces) | A map of namespaces with the Google service account used for the namespace administrator and whether Istio injection is enabled or disabled |
map(object({
google_service_account = string
istio_injection = optional(string, "disabled")
})) | `{}` | no |
| [kubernetes\_engine\_shared\_vpc\_host\_project\_id](#input\_kubernetes\_engine\_shared\_vpc\_host\_project\_id) | The project ID of the shared VPC host project | `string` | n/a | yes |
| [kubernetes\_istio\_gateway\_dns](#input\_kubernetes\_istio\_gateway\_dns) | Map of attributes for the Istio gateway domain names, it is also used to create the managed certificate resource | map(object({
managed_zone = string
project = string
})) | `{}` | no |
| [project\_billing\_account](#input\_project\_billing\_account) | The alphanumeric ID of the billing account this project belongs to | `string` | `"01C550-A2C86B-B8F16B"` | no |
| [project\_cis\_2\_2\_logging\_sink\_project\_id](#input\_project\_cis\_2\_2\_logging\_sink\_project\_id) | The CIS 2.2 logging sink benchmark project ID | `string` | n/a | yes |
| [project\_folder\_id](#input\_project\_folder\_id) | The numeric ID of the folder this project should be created under. Only one of `org_id` or `folder_id` may be specified | `string` | n/a | yes |
| [project\_monthly\_budget\_amount](#input\_project\_monthly\_budget\_amount) | The monthly budget amount in USD to set for the project | `number` | `5` | no |
#### Outputs
| Name | Description |
|------|-------------|
| [kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_cert](#output\_kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_cert) | The self-signed certificate for the cert-manager root certificate |
| [kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_key](#output\_kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_key) | The private key for the cert-manager root certificate |
| [kubernetes\_engine\_container\_deployer\_service\_accounts](#output\_kubernetes\_engine\_container\_deployer\_service\_accounts) | The service accounts for the container deployer |
| [kubernetes\_engine\_workload\_identity\_service\_account\_emails](#output\_kubernetes\_engine\_workload\_identity\_service\_account\_emails) | The email addresses of the service accounts for the Kubernetes namespace workload identity |
| [kubernetes\_istio\_gateway\_mci\_global\_address](#output\_kubernetes\_istio\_gateway\_mci\_global\_address) | The IP address for the Istio Gateway multi-cluster ingress |
| [kubernetes\_istio\_gateway\_mci\_ssl\_certificate\_name](#output\_kubernetes\_istio\_gateway\_mci\_ssl\_certificate\_name) | The name of the SSL certificate for the Istio Gateway multi-cluster ingress |
| [project\_id](#output\_project\_id) | The project ID |
| [project\_number](#output\_project\_number) | The project number |
### 📓 Terraform Regional Documentation
- [regional](regional/README.md)
- [regional/istio](regional/istio/README.md)
- [regional/mci](regional/mci/README.md)
- [regional/onboarding](regional/onboarding/README.md)