HashiCorp Terraform is an infrastructure-as-code (IaC) tool that lets you provision and manage cloud infrastructure. Terraform provides plugins called providers that let you interact with cloud providers and other APIs. You can use the Terraform provider for Google Cloud to provision and manage Google Cloud resources, including GKE.
This page introduces you to using Terraform with GKE, including an introduction to how Terraform works and some resources to help you get started using Terraform with Google Cloud. You'll also find links to Terraform reference docs for GKE, code examples, and guides for using Terraform to provision GKE resources.
For instructions on how to get started with Terraform for Google Cloud, see Install and configure Terraform or the Terraform for Google Cloud quickstart.
How Terraform works
Terraform has a declarative and configuration-oriented syntax, which you can use to describe the infrastructure that you want to provision in your Google Cloud project. After you author this configuration in one or more Terraform configuration files, you can use the Terraform CLI to apply this configuration to your GKE resources.
The following steps explain how Terraform works:
- You describe the infrastructure you want to provision in a Terraform configuration file. You don't need to write code describing how to provision the infrastructure. Terraform provisions the infrastructure for you.
- You run the
terraform plancommand, which evaluates your configuration and generates an execution plan. You can review the plan and make changes as needed. -
You run the
terraform applycommand, which performs the following actions:- It provisions your infrastructure based on your execution plan by invoking the corresponding GKE APIs in the background.
- It creates a Terraform state file, which is a JSON file that maps the resources in your configuration file to the resources in the real-world infrastructure. Terraform uses this file to keep a record of the most recent state of your infrastructure, and to determine when to create, update, and destroy resources.
-
When you run
terraform apply, Terraform uses the mapping in the state file to compare the existing infrastructure to the code, and make updates as necessary:- If a resource object is defined in the configuration file, but doesn't exist in the state file, Terraform creates it.
- If a resource object exists in the state file, but has a different configuration from your configuration file, Terraform updates the resource to match your configuration file.
- If a resource object in the state file matches your configuration file, Terraform leaves the resource unchanged.
Terraform resources for GKE
Resources are the fundamental elements in the Terraform language. Each resource block describes one or more infrastructure objects, such as virtual networks or compute instances.
The following table lists the Terraform resources available for GKE:
Terraform-based guides for GKE
The following table lists Terraform-based how-to guides and tutorials for GKE:
| Guide | Details |
|---|---|
| Create a GKE cluster and deploy a workload using Terraform | Explains how to create a Google Kubernetes Engine (GKE) Autopilot cluster and deploy a workload using Terraform. |
| Provision Cloud Service Mesh on a GKE Autopilot cluster | Describes how to set up managed Cloud Service Mesh on a GKE Autopilot cluster. |
| Create and manage cluster and node pool labels | Explains how to create a cluster with labels. |
| Manage GKE resources using Tags | Explains how to use Tags to manage your GKE clusters. |
| Create an Autopilot cluster | Explains how to create a GKE cluster in Autopilot. |
| Run GPUs in GKE Standard node pools | Explains how to run and optimize your compute-intensive workloads, such as artificial intelligence (AI) and graphics processing, by attaching and using NVIDIA® graphics processing unit (GPU) hardware accelerators in your GKE Standard clusters' nodes. |
| Use secondary boot disks to preload data or container images | Explains how to improve workload startup latency by using secondary boot disks. |
| Create a VPC-native cluster | Explains how to configure VPC-native clusters in GKE. |
| Deploy TPU workloads in GKEStandard | Explains how to request and deploy large-scale artificial intelligence (AI) and machine learning (ML) model training, tuning, and inference workloads using Cloud TPU accelerators (TPUs) in GKE Standard clusters. |
| Create an internal load balancer | Explains how to create an internal passthrough Network Load Balancer or internal load balancer on GKE. |
| Add and manage node pools | Explains how to add and perform operations on node pools running your GKE Standard clusters. |
| Create clusters and node pools with Arm nodes | Explains how to create a GKE Standard cluster or node pool with Arm nodes, so that you can run Arm workloads on GKE. |
| Consuming reserved zonal resources | Explains how to consume reserved Compute Engine resources in GKE. |
| Deploy a highly-available PostgreSQL database on GKE | Describes deploying a highly-available PostgreSQL topology on GKE. PostgreSQL is an open source object-relational database known for reliability and data integrity. |
| Specify a node image | Explains how to specify a node image for nodes in GKE Standard clusters. |
| Creating a cluster using Windows Server node pools | Explains how to create a GKE cluster with node pools running Microsoft Windows Server. |
| Running multi-instance GPUs | Explains how to increase utilization and reduce costs by running multi-instance GPUs. |
| Sequence the rollout of cluster upgrades | Explains how to manage GKE cluster upgrades using rollout sequencing. |
| Creating a zonal cluster | Explains shows you how to create a Standard zonal cluster with the default features enabled in GKE. |
| Configure networking for a basic production cluster | Describes how to deploy a web application to a GKE cluster and exposing it with an HTTPS load balancer. |
| Collect and view control plane metrics | Describes how to configure a GKE cluster to send metrics emitted by the Kubernetes API server, Scheduler, and Controller Manager to Cloud Monitoring using Google Cloud Managed Service for Prometheus. |
| Collect and view cAdvisor/Kubelet metrics | Describes how to configure a Google Kubernetes Engine (GKE) cluster to send a curated set of cAdvisor/Kubelet metrics to Cloud Monitoring using Google Cloud Managed Service for Prometheus. |
| Adjust log throughput | Describes default log throughput and how to increase throughput. |
| Enable Backup for GKE for a cluster | Describes how to enable Backup for GKE for a cluster. |
| Modify resources during restoration | Describes how to make modifications to Kubernetes resources during the restoration process using transformation rules. |
| Enable permissive mode on a backup plan | Explains how to enable permissive mode on a backup plan. |
| Enable Backup for GKE API | Describes how to enable Backup for GKE. |
| Plan a set of backups | Describes how to create a Backup for GKE backup plan, which is used for backing up your workloads in GKE. |
Terraform modules and blueprints for GKE
Modules and blueprints help you automate provisioning and managing of Google Cloud resources at scale. A module is a reusable set of Terraform configuration files that creates a logical abstraction of Terraform resources. A blueprint is a package of deployable and reusable modules, and a policy that implements and documents a specific solution.
The following table lists modules and blueprints related to GKE:
| Module or blueprint | Details |
|---|---|
| terraform-google-container-vm | Configures opinionated GKE clusters. |
| terraform-google-gke-gitlab | Installs GitLab on GKE. |
What's next
- Terraform code samples for GKE
- Terraform on Google Cloud documentation
- Google Cloud provider documentation in HashiCorp
- Infrastructure as code for Google Cloud