Skip to content

app/gcp/k8s:gke

cluster-namespace - connection

Connection Type: cluster-namespace/gcp/k8s:gke

service_namespace - string

The namespace in kubernetes where the service is created. This is used to scope kubernetes API calls when performing deployments.

service_name - string [optional]

The name of the service in Kubernetes. This is usually unique from the application name to prevent collisions in GKE.

This value will be blank if the module does not provision a pod. This is used to create an app in Nullstone as a task that can be executed on-demand.

image_repo_url - string

The image repository URL where the service pulls its images.

Format: gcr.io/[project-id]/[image-repo-name]

image_pusher - object

A GCP service account and keyfile that have explicit access to push images to the image repository.

Format

value = {
    email       = try(google_service_account.image_pusher.email, "")
    private_key = try(google_service_account_key.image_pusher.private_key, "")
}
value = {
    email       = try(google_service_account.image_pusher.email, "")
    private_key = try(google_service_account_key.image_pusher.private_key, "")
}

Required IAM permissions

roles/storage.legacyBucketWriter
roles/storage.legacyBucketWriter

main_container_name - string

The name of the container definition for the main service container.

A kubernetes service consists of a pod with container definitions. Since a pod can contain one or many container definitions, main_container_name identifies the primary container. This is used by the Nullstone CLI to upgrade the image tag when deploying new versions.

deployer - object

A GCP user and keyfile with explicit access to deploy new versions.

Format

value = {
    email       = try(google_service_account.image_pusher.email, "")
    private_key = try(google_service_account_key.image_pusher.private_key, "")
}
value = {
    email       = try(google_service_account.image_pusher.email, "")
    private_key = try(google_service_account_key.image_pusher.private_key, "")
}

Required IAM permissions

roles/container.developer
roles/container.developer