Skip to content

Latest commit

 

History

History

cos-coredns

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
assets
assets
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

CoreDNS on Container Optimized OS

This module implements a DNS service running CoreDNS as a container on Container Optimized OS instances.

The following resources are created and managed by this module:

  • google_compute_address, one reserved IP address per instance
  • google_compute_instance, one or more COS instances
  • google_compute_firewall, one firewall rule to allow traffic from specific IP ranges to the DNS port

Variables allow controlling several aspects of the created resurces, like number of instances (instance_count), container image used for CoreDNS (container_image), client IP ranges allowed to connect to the service(client_cidrs), and CoreDNS configuration file (corefile).

Sample Usage

module "dns-service" {
  source         = "terraform-google-modules/container-vm/google//modules/cos-coredns"
  instance_count = "1"
  project_id     = "my-project"
  region         = "europe-west3"
  zone           = "europe-west3-c"
  prefix         = "cloud"
  corefile       = "assets/Corefile.cloud"
  vm_tags        = ["ssh"]
  client_cidrs   = ["0.0.0.0/0"]
  network        = "my-network-name"
  subnetwork     = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west3/subnetworks/my-subnetwork"
}

Inputs

Name Description Type Default Required
boot_disk_size Size of the boot disk. number 10 no
client_cidrs Client IP CIDR ranges to set in the firewall rule. list(string) [] no
container_image CoreDNS container version. string "coredns/coredns" no
corefile Path to the CoreDNS configuration file to use. string "" no
create_firewall_rule Create tag-based firewall rule. bool false no
instance_count Number of instances to create. number 1 no
instance_type Instance machine type. string "g1-small" no
labels Labels to be attached to the resources map(string) 
{
  "service": "coredns"
}
 no
log_driver Docker log driver to use for CoreDNS. string "gcplogs" no
network Self link of the VPC subnet to use for firewall rules. string n/a yes
network_tag Network tag that identifies the instances. string "coredns" no
prefix Prefix to prepend to resource names. string "" no
project_id Project id where the instances will be created. string n/a yes
region Region for external addresses. string n/a yes
scopes Instance scopes. list(string) 
[
  "https://www.googleapis.com/auth/devstorage.read_only",
  "https://www.googleapis.com/auth/logging.write",
  "https://www.googleapis.com/auth/monitoring.write",
  "https://www.googleapis.com/auth/pubsub",
  "https://www.googleapis.com/auth/service.management.readonly",
  "https://www.googleapis.com/auth/servicecontrol",
  "https://www.googleapis.com/auth/trace.append"
]
 no
service_account Instance service account. string "" no
stackdriver_logging Enable the Stackdriver logging agent. bool true no
stackdriver_monitoring Enable the Stackdriver monitoring agent. bool true no
subnetwork Self link of the VPC subnet to use for the internal interface. string n/a yes
vm_tags Additional network tags for the instances. list(string) [] no
zone Instance zone. string n/a yes

Outputs

Name Description
instances Instance name => address map.
internal_addresses List of instance internal addresses.
names List of instance names.