GoogleCloudPlatform
diff --git a/‎.github/workflows/dictionary/terraform.txt
+1 b/‎.github/workflows/dictionary/terraform.txt
+1
diff --git a/‎platforms/gke/base/_shared_config/cluster_variables.tf
+7-10 b/‎platforms/gke/base/_shared_config/cluster_variables.tf
+7-10
diff --git a/‎platforms/gke/base/_shared_config/scripts/link_shared_config.sh
+42 b/‎platforms/gke/base/_shared_config/scripts/link_shared_config.sh
+42
diff --git a/‎platforms/gke/base/_shared_config/workloads_variables.tf
+2-2 b/‎platforms/gke/base/_shared_config/workloads_variables.tf
+2-2
diff --git a/‎platforms/gke/base/core/container_cluster/container_cluster.tf
+1 b/‎platforms/gke/base/core/container_cluster/container_cluster.tf
+1
diff --git a/‎platforms/gke/base/core/container_node_pool/cpu/region/us-central1/container_node_pool_cpu_n4.tf
+2 b/‎platforms/gke/base/core/container_node_pool/cpu/region/us-central1/container_node_pool_cpu_n4.tf
+2
diff --git a/‎platforms/gke/base/core/container_node_pool/cpu/region/us-east4/container_node_pool_cpu_n4.tf
+2 b/‎platforms/gke/base/core/container_node_pool/cpu/region/us-east4/container_node_pool_cpu_n4.tf
+2
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_a100.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_a100.tf
+5
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_h100.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_h100.tf
+5
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_l4.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-central1/container_node_pool_gpu_l4.tf
+5
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_a100.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_a100.tf
+5
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_h100.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_h100.tf
+5
diff --git a/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_l4.tf
+5 b/‎platforms/gke/base/core/container_node_pool/gpu/region/us-east4/container_node_pool_gpu_l4.tf
+5
diff --git a/‎platforms/gke/base/core/deploy.sh
+1 b/‎platforms/gke/base/core/deploy.sh
+1
diff --git a/‎platforms/gke/base/core/workloads/cluster_credentials/.terraform.lock.hcl
+2 b/‎platforms/gke/base/core/workloads/cluster_credentials/.terraform.lock.hcl
+2
diff --git a/‎platforms/gke/base/core/workloads/cluster_credentials/_cluster.auto.tfvars
+1 b/‎platforms/gke/base/core/workloads/cluster_credentials/_cluster.auto.tfvars
+1
diff --git a/‎platforms/gke/base/core/workloads/cluster_credentials/_cluster_variables.tf
+1 b/‎platforms/gke/base/core/workloads/cluster_credentials/_cluster_variables.tf
+1
diff --git a/‎platforms/gke/base/core/workloads/cluster_credentials/_platform.auto.tfvars
+1 b/‎platforms/gke/base/core/workloads/cluster_credentials/_platform.auto.tfvars
+1
diff --git a/‎platforms/gke/base/core/workloads/cluster_credentials/_platform_variables.tf
+1 b/‎platforms/gke/base/core/workloads/cluster_credentials/_platform_variables.tf
+1
@@ -1,5 +1,6 @@
 abspath
 cidrhost
+direxists
 endfor
 filemd
 fileset
 
@@ -18,11 +18,9 @@
 #
 
 locals {
-  cluster_credentials_command_private = "gcloud container clusters get-credentials ${local.cluster_name} --internal-ip --location ${var.cluster_region} --project ${var.cluster_project_id}"
-  cluster_credentials_command_public  = "gcloud container clusters get-credentials ${local.cluster_name} --location ${var.cluster_region} --project ${var.cluster_project_id}"
-  cluster_credentials_command_gke     = var.cluster_enable_private_endpoint ? local.cluster_credentials_command_private : local.cluster_credentials_command_public
-  cluster_credentials_command_gkee    = "gcloud container fleet memberships get-credentials ${local.cluster_name} --project ${var.cluster_project_id}"
-  cluster_credentials_command         = var.cluster_use_connect_gateway ? local.cluster_credentials_command_gkee : local.cluster_credentials_command_gke
+  cluster_credentials_command_gke  = "gcloud container clusters get-credentials ${local.cluster_name} --dns-endpoint --location ${var.cluster_region} --project ${var.cluster_project_id}"
+  cluster_credentials_command_gkee = "gcloud container fleet memberships get-credentials ${local.cluster_name} --project ${var.cluster_project_id}"
+  cluster_credentials_command      = var.cluster_use_connect_gateway ? local.cluster_credentials_command_gkee : local.cluster_credentials_command_gke
 
   cluster_name = local.unique_identifier_prefix
 
@@ -31,9 +29,6 @@ locals {
   cluster_node_pool_service_account_id         = var.cluster_node_pool_default_service_account_id != null ? var.cluster_node_pool_default_service_account_id : "vm-${local.cluster_name}"
   cluster_node_pool_service_account_project_id = var.cluster_node_pool_default_service_account_project_id != null ? var.cluster_node_pool_default_service_account_project_id : var.cluster_project_id
 
-  kubeconfig_directory = abspath("${path.module}/../kubeconfig")
-  kubeconfig_file      = abspath("${local.kubeconfig_directory}/${var.cluster_project_id}-${local.unique_identifier_prefix}")
-
   # Minimal roles for nodepool SA https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster#use_least_privilege_sa
   cluster_sa_roles = [
     "roles/artifactregistry.reader",
@@ -44,6 +39,8 @@ locals {
     "roles/serviceusage.serviceUsageConsumer",
     "roles/stackdriver.resourceMetadata.writer",
   ]
+
+  kubeconfig_file_name = "${var.cluster_project_id}-${local.cluster_name}"
 }
 
 variable "cluster_binary_authorization_evaluation_mode" {
@@ -231,7 +228,7 @@ variable "cluster_system_node_pool_machine_type" {
 }
 
 variable "cluster_use_connect_gateway" {
-  default     = true
-  description = "Use Connect gateway to connect to the cluster, require GKE Enterprise. (https://cloud.google.com/kubernetes-engine/enterprise/multicluster-management/gateway)"
+  default     = false
+  description = "Use Connect gateway to connect to the cluster, requires GKE Enterprise. (https://cloud.google.com/kubernetes-engine/enterprise/multicluster-management/gateway)"
   type        = bool
 }
@@ -0,0 +1,42 @@
+#!/bin/bash
+#
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+SHARED_CONFIG_DIRECTORY=${1}
+SHARED_CONFIG_NAME=${2}
+
+if [[ ${SHARED_CONFIG_DIRECTORY} != \.* ]]; then
+  echo "The shared config directory path must be a relative path!"
+  exit 1
+fi
+
+if test ! -d "${SHARED_CONFIG_DIRECTORY}"; then
+  echo "Shared config directory '${SHARED_CONFIG_DIRECTORY}' does not exist!"
+  exit 2
+fi
+
+if test ! -f "${SHARED_CONFIG_DIRECTORY}/${SHARED_CONFIG_NAME}_variables.tf"; then
+  echo "Shared config '${SHARED_CONFIG_NAME}' does not exist in '${SHARED_CONFIG_DIRECTORY}'!"
+  exit 3
+fi
+
+ln -s ${SHARED_CONFIG_DIRECTORY}/${SHARED_CONFIG_NAME}_variables.tf _${SHARED_CONFIG_NAME}_variables.tf
+ln -s ${SHARED_CONFIG_DIRECTORY}/${SHARED_CONFIG_NAME}.auto.tfvars _${SHARED_CONFIG_NAME}.auto.tfvars
+
+echo "Successfully linked shared config '${SHARED_CONFIG_NAME}' from '${SHARED_CONFIG_DIRECTORY}'."
@@ -17,11 +17,11 @@
 #
 
 locals {
-  manifests_directory = abspath("${path.module}/../manifests")
+  manifests_directory_root = "${path.module}/../../../kubernetes/manifests"
 }
 
 variable "kueue_version" {
-  default     = "0.10.0"
+  default     = "0.10.2"
   description = "Version of Kueue (https://kueue.sigs.k8s.io/) to install."
   type        = string
 }
@@ -247,6 +247,7 @@ resource "google_container_node_pool" "system" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-type" : "system"
     }
     machine_type    = var.cluster_system_node_pool_machine_type
 
@@ -48,6 +48,7 @@ resource "google_container_node_pool" "cpu_n4s8" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "n4"
       "resource-type" : "cpu"
     }
@@ -118,6 +119,7 @@ resource "google_container_node_pool" "cpu_n4s8_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "n4"
       "resource-type" : "cpu"
     }
 
@@ -48,6 +48,7 @@ resource "google_container_node_pool" "cpu_n4s8" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "n4"
       "resource-type" : "cpu"
     }
@@ -117,6 +118,7 @@ resource "google_container_node_pool" "cpu_n4s8_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "n4"
       "resource-type" : "cpu"
     }
 
@@ -56,6 +56,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2h2" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "40GB"
@@ -143,6 +144,8 @@ resource "google_container_node_pool" "gpu_a100x2_a2h2_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "40GB"
@@ -234,6 +237,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2h2_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "40GB"
@@ -321,6 +325,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2h2_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "40GB"
 
@@ -54,6 +54,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -142,6 +143,8 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -234,6 +237,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -322,6 +326,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
 
@@ -54,6 +54,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -138,6 +139,8 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -226,6 +229,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -311,6 +315,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
 
@@ -55,6 +55,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2u2" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "80GB"
@@ -141,6 +142,8 @@ resource "google_container_node_pool" "gpu_a100x2_a2u2_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "80GB"
@@ -231,6 +234,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2u2_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "80GB"
@@ -317,6 +321,7 @@ resource "google_container_node_pool" "gpu_a100x2_a2u2_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "a100"
       "resource-type" : "gpu"
       "resource-variant" : "80GB"
 
@@ -56,6 +56,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -146,6 +147,8 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -240,6 +243,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
@@ -330,6 +334,7 @@ resource "google_container_node_pool" "gpu_h100x8_a3h8_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "h100"
       "resource-type" : "gpu"
     }
 
@@ -56,6 +56,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -142,6 +143,8 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_dws" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "on-demand"
+      "queued-provisioning" : "true"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -232,6 +235,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_res" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "reservation"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
@@ -318,6 +322,7 @@ resource "google_container_node_pool" "gpu_l4x2_g2s24_spot" {
   node_config {
     # Variables
     labels = {
+      "node-provisioning-model" : "spot"
       "resource-model" : "l4"
       "resource-type" : "gpu"
     }
 
@@ -35,6 +35,7 @@ else
     "gke_enterprise/fleet_membership"
     # Disable gke_enterprise/servicemesh due to b/376312292
     # "gke_enterprise/servicemesh"
+    "workloads/cluster_credentials"
     "workloads/kueue"
   )
 fi
 
@@ -0,0 +1 @@
+../../../_shared_config/cluster.auto.tfvars
@@ -0,0 +1 @@
+../../../_shared_config/cluster_variables.tf
@@ -0,0 +1 @@
+../../../_shared_config/platform.auto.tfvars
@@ -0,0 +1 @@
+../../../_shared_config/platform_variables.tf
-Original file line number
+Diff line change
@@ @@ -1,5 +1,6 @@ @@
 abspath
 cidrhost
 +direxists
 endfor
 filemd
 fileset
Original file line number	Diff line number	Diff line change
`@@ -17,11 +17,11 @@`
`17`	`17`	`#`
`18`	`18`
`19`	`19`	`locals {`
`20`		`- manifests_directory = abspath("${path.module}/../manifests")`
	`20`	`+ manifests_directory_root = "${path.module}/../../../kubernetes/manifests"`
`21`	`21`	`}`
`22`	`22`
`23`	`23`	`variable "kueue_version" {`
`24`		`- default = "0.10.0"`
	`24`	`+ default = "0.10.2"`
`25`	`25`	`description = "Version of Kueue (https://kueue.sigs.k8s.io/) to install."`
`26`	`26`	`type = string`
`27`	`27`	`}`
Original file line number	Diff line number	Diff line change
`@@ -247,6 +247,7 @@ resource "google_container_node_pool" "system" {`
`247`	`247`	`node_config {`
`248`	`248`	`# Variables`
`249`	`249`	`labels = {`
	`250`	`+ "node-provisioning-model" : "on-demand"`
`250`	`251`	`"resource-type" : "system"`
`251`	`252`	`}`
`252`	`253`	`machine_type = var.cluster_system_node_pool_machine_type`
Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,7 @@ else`
`35`	`35`	`"gke_enterprise/fleet_membership"`
`36`	`36`	`# Disable gke_enterprise/servicemesh due to b/376312292`
`37`	`37`	`# "gke_enterprise/servicemesh"`
	`38`	`+ "workloads/cluster_credentials"`
`38`	`39`	`"workloads/kueue"`
`39`	`40`	`)`
`40`	`41`	`fi`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+../../../_shared_config/cluster.auto.tfvars`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+../../../_shared_config/cluster_variables.tf`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+../../../_shared_config/platform.auto.tfvars`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+../../../_shared_config/platform_variables.tf`