Marketplace
BrowsePublish
Marketplace
upbound/platform-ref-gcp@v0.9.0
xgke.gcp.platformref.upbound.io

xgke.gcp.platformref.upbound.io

xgke.gcp.platformref.upbound.io
upbound/platform-ref-gcp@v0.9.0xgke.gcp.platformref.upbound.io
Type

Composition

Referenced XRD

XGKE

Source Codegithub.com/upbound/platform-ref-gcp
Resources (6)

The following resources are composed to implement the referenced Composite Resource Definition (XRD).

Kind
Group
Version

ServiceAccount

cloudplatform.gcp.upbound.io
v1beta1

ServiceAccountKey

cloudplatform.gcp.upbound.io
v1beta1

ProjectIAMMember

cloudplatform.gcp.upbound.io
v1beta1

Cluster

container.gcp.upbound.io
v1beta1

NodePool

container.gcp.upbound.io
v1beta1

ProviderConfig

helm.crossplane.io
v1beta1
YAML
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
  name: xgke.gcp.platformref.upbound.io
  creationTimestamp: null
  labels:
    provider: GCP
spec:
  compositeTypeRef:
    apiVersion: gcp.platformref.upbound.io/v1alpha1
    kind: XGKE
  resources:
    - name: service-account
      base:
        apiVersion: cloudplatform.gcp.upbound.io/v1beta1
        kind: ServiceAccount
      patches:
        - fromFieldPath: spec.id
          toFieldPath: metadata.annotations[crossplane.io/external-name]
        - fromFieldPath: spec.id
          toFieldPath: spec.forProvider.displayName
        - type: ToCompositeFieldPath
          fromFieldPath: status.atProvider.email
          toFieldPath: status.gke.serviceAccount
          policy:
            fromFieldPath: Required
        - type: ToCompositeFieldPath
          fromFieldPath: status.atProvider.id
          toFieldPath: status.gke.project
          transforms:
            - type: string
              string:
                type: Regexp
                regexp:
                  match: projects\/(.+)\/serviceAccounts\/.*
                  group: 1
          policy:
            fromFieldPath: Required
    - name: service-account-key
      base:
        apiVersion: cloudplatform.gcp.upbound.io/v1beta1
        kind: ServiceAccountKey
        spec:
          forProvider:
            serviceAccountIdSelector:
              matchControllerRef: true
      patches:
        - fromFieldPath: metadata.uid
          toFieldPath: spec.writeConnectionSecretToRef.name
          transforms:
            - type: string
              string:
                fmt: "%s-sakey"
        - fromFieldPath: spec.writeConnectionSecretToRef.namespace
          toFieldPath: spec.writeConnectionSecretToRef.namespace
    - name: project-iam-member
      base:
        apiVersion: cloudplatform.gcp.upbound.io/v1beta1
        kind: ProjectIAMMember
        spec:
          forProvider:
            role: roles/container.admin
      patches:
        - fromFieldPath: spec.id
          toFieldPath: metadata.annotations[crossplane.io/external-name]
        - fromFieldPath: status.gke.serviceAccount
          toFieldPath: spec.forProvider.member
          transforms:
            - type: string
              string:
                fmt: serviceAccount:%s
          policy:
            fromFieldPath: Required
        - fromFieldPath: status.gke.project
          toFieldPath: spec.forProvider.project
          policy:
            fromFieldPath: Required
    - name: gke-cluster
      base:
        apiVersion: container.gcp.upbound.io/v1beta1
        kind: Cluster
        spec:
          forProvider:
            enableIntranodeVisibility: true
            initialNodeCount: 1
            ipAllocationPolicy:
              - clusterSecondaryRangeName: pods
                servicesSecondaryRangeName: services
            location: us-west2
            loggingService: logging.googleapis.com/kubernetes
            monitoringService: monitoring.googleapis.com/kubernetes
      patches:
        - fromFieldPath: metadata.uid
          toFieldPath: spec.writeConnectionSecretToRef.name
          transforms:
            - type: string
              string:
                fmt: "%s-gkecluster"
        - fromFieldPath: spec.writeConnectionSecretToRef.namespace
          toFieldPath: spec.writeConnectionSecretToRef.namespace
        - fromFieldPath: spec.parameters.XNetworkSelector.matchLabels
          toFieldPath: spec.forProvider.networkSelector.matchLabels
        - fromFieldPath: spec.parameters.XNetworkSelector.matchLabels
          toFieldPath: spec.forProvider.subnetworkSelector.matchLabels
        - fromFieldPath: status.gke.serviceAccount
          toFieldPath: spec.forProvider.nodeConfig[0].serviceAccount
          policy:
            fromFieldPath: Required
      connectionDetails:
        - fromConnectionSecretKey: kubeconfig
    - name: node-pool
      base:
        apiVersion: container.gcp.upbound.io/v1beta1
        kind: NodePool
        spec:
          forProvider:
            autoscaling:
              - maxNodeCount: 3
                minNodeCount: 1
            clusterSelector:
              matchControllerRef: true
            initialNodeCount: 1
            location: us-west2
            management:
              - autoRepair: true
                autoUpgrade: true
            maxPodsPerNode: 55
            nodeConfig:
              - diskSizeGb: 10
                imageType: COS_CONTAINERD
                machineType: e2-medium
                metadata:
                  disable-legacy-endpoints: "true"
                oauthScopes:
                  - https://www.googleapis.com/auth/cloud-platform
                preemptible: true
                shieldedInstanceConfig:
                  - enableIntegrityMonitoring: true
                    enableSecureBoot: true
      patches:
        - fromFieldPath: spec.parameters.nodes.size
          toFieldPath: spec.forProvider.nodeConfig[0].machineType
          transforms:
            - type: map
              map:
                large: n1-standard-32
                medium: n1-standard-16
                small: n1-standard-4
        - fromFieldPath: spec.parameters.nodes.count
          toFieldPath: spec.forProvider.initialNodeCount
        - fromFieldPath: spec.parameters.nodes.count
          toFieldPath: spec.forProvider.autoscaling[0].minNodeCount
        - fromFieldPath: spec.parameters.nodes.count
          toFieldPath: spec.forProvider.autoscaling[0].maxNodeCount
        - fromFieldPath: status.gke.serviceAccount
          toFieldPath: spec.forProvider.nodeConfig[0].serviceAccount
          policy:
            fromFieldPath: Required
    - name: helm-provider-config
      base:
        apiVersion: helm.crossplane.io/v1beta1
        kind: ProviderConfig
        spec:
          credentials:
            secretRef:
              key: kubeconfig
            source: Secret
          identity:
            secretRef:
              key: private_key
            source: Secret
            type: GoogleApplicationCredentials
      patches:
        - fromFieldPath: spec.id
          toFieldPath: metadata.name
        - fromFieldPath: spec.writeConnectionSecretToRef.namespace
          toFieldPath: spec.credentials.secretRef.namespace
        - fromFieldPath: metadata.uid
          toFieldPath: spec.credentials.secretRef.name
          transforms:
            - type: string
              string:
                fmt: "%s-gkecluster"
        - fromFieldPath: spec.writeConnectionSecretToRef.namespace
          toFieldPath: spec.identity.secretRef.namespace
        - fromFieldPath: metadata.uid
          toFieldPath: spec.identity.secretRef.name
          transforms:
            - type: string
              string:
                fmt: "%s-sakey"
      readinessChecks:
        - type: None
  writeConnectionSecretsToNamespace: upbound-system
Marketplace

Discover the building blocks for your internal cloud platform.

© 2022 Upbound, Inc.

SolutionsProvidersConfigurations
LearnDocumentationTry for Free
MorePrivacy PolicyTerms & Conditions
Marketplace

© 2022 Upbound, Inc.

Marketplace

Discover the building blocksfor your internal cloud platform.