Merge pull request #3276 from chengcongdu/TII

add GKE support for node local dns

examples/tii-poc-gke-a3mega.yaml

@@ -100,6 +100,7 @@ deployment_groups:
       enable_gcsfuse_csi: true
       enable_parallelstore_csi: true
       enable_dcgm_monitoring: true
+      enable_node_local_dns_cache: true
       enable_private_endpoint: false  # Allows for access from authorized public IPs
       master_authorized_networks:
       - cidr_block: $(vars.authorized_cidr)  # Allows your machine run kubectl command. It's required for the multi-network setup.

modules/scheduler/gke-cluster/README.md

@@ -152,6 +152,7 @@ limitations under the License.
 | <a name="input_enable_gcsfuse_csi"></a> [enable\_gcsfuse\_csi](#input\_enable\_gcsfuse\_csi) | The status of the GCSFuse Filestore Container Storage Interface (CSI) driver addon, which allows the usage of a gcs bucket as volumes. | `bool` | `false` | no |
 | <a name="input_enable_master_global_access"></a> [enable\_master\_global\_access](#input\_enable\_master\_global\_access) | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `false` | no |
 | <a name="input_enable_multi_networking"></a> [enable\_multi\_networking](#input\_enable\_multi\_networking) | Enables [multi networking](https://cloud.google.com/kubernetes-engine/docs/how-to/setup-multinetwork-support-for-pods#create-a-gke-cluster) (Requires GKE Enterprise). This setting is immutable on clusters and enables [Dataplane V2](https://cloud.google.com/kubernetes-engine/docs/concepts/dataplane-v2?hl=en). If null, will determine state based on if additional\_networks are passed in. | `bool` | `null` | no |
+| <a name="input_enable_node_local_dns_cache"></a> [enable\_node\_local\_dns\_cache](#input\_enable\_node\_local\_dns\_cache) | Enable GKE NodeLocal DNSCache addon to improve DNS lookup latency | `bool` | `false` | no |
 | <a name="input_enable_parallelstore_csi"></a> [enable\_parallelstore\_csi](#input\_enable\_parallelstore\_csi) | The status of the Google Compute Engine Parallelstore Container Storage Interface (CSI) driver addon, which allows the usage of a parallelstore as volumes. | `bool` | `false` | no |
 | <a name="input_enable_persistent_disk_csi"></a> [enable\_persistent\_disk\_csi](#input\_enable\_persistent\_disk\_csi) | The status of the Google Compute Engine Persistent Disk Container Storage Interface (CSI) driver addon, which allows the usage of a PD as volumes. | `bool` | `true` | no |
 | <a name="input_enable_private_endpoint"></a> [enable\_private\_endpoint](#input\_enable\_private\_endpoint) | (Beta) Whether the master's internal IP address is used as the cluster endpoint. | `bool` | `true` | no |

modules/scheduler/gke-cluster/main.tf

@@ -49,6 +49,11 @@ locals {
     "CADVISOR",
     "KUBELET"
   ]
+
+  default_logging_component = [
+    "SYSTEM_COMPONENTS",
+    "WORKLOADS"
+  ]
 }
 
 data "google_project" "project" {
@@ -177,6 +182,9 @@ resource "google_container_cluster" "gke_cluster" {
     gce_persistent_disk_csi_driver_config {
       enabled = var.enable_persistent_disk_csi
     }
+    dns_cache_config {
+      enabled = var.enable_node_local_dns_cache
+    }
   }
 
   timeouts {
@@ -199,15 +207,16 @@ resource "google_container_cluster" "gke_cluster" {
     }
   }
 
-  logging_service    = "logging.googleapis.com/kubernetes"
-  monitoring_service = "monitoring.googleapis.com/kubernetes"
-
   monitoring_config {
     enable_components = var.enable_dcgm_monitoring ? concat(local.default_monitoring_component, ["DCGM"]) : local.default_monitoring_component
     managed_prometheus {
       enabled = true
     }
   }
+
+  logging_config {
+    enable_components = local.default_logging_component
+  }
 }
 
 # We define explicit node pools, so that it can be modified without

modules/scheduler/gke-cluster/variables.tf

@@ -139,6 +139,12 @@ variable "enable_dcgm_monitoring" {
   default     = false
 }
 
+variable "enable_node_local_dns_cache" {
+  description = "Enable GKE NodeLocal DNSCache addon to improve DNS lookup latency"
+  type        = bool
+  default     = false
+}
+
 variable "system_node_pool_enabled" {
   description = "Create a system node pool."
   type        = bool