google_container_node_pool

Manages a node pool in a Google Kubernetes Engine (GKE) cluster separately from the cluster control plane. For more information see the official documentation and the API reference.

resource "google_service_account" "default" {
  account_id   = "service-account-id"
  display_name = "Service Account"
}

resource "google_container_cluster" "primary" {
  name     = "my-gke-cluster"
  location = "us-central1"

  # We can't create a cluster with no node pool defined, but we want to only use
  # separately managed node pools. So we create the smallest possible default
  # node pool and immediately delete it.
  remove_default_node_pool = true
  initial_node_count       = 1
}

resource "google_container_node_pool" "primary_preemptible_nodes" {
  name       = "my-node-pool"
  cluster    = google_container_cluster.primary.id
  node_count = 1

  node_config {
    preemptible  = true
    machine_type = "e2-medium"

    # Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
    service_account = google_service_account.default.email
    oauth_scopes = [
      "https://www.googleapis.com/auth/cloud-platform"
    ]
  }
}

Example Usage - 2 node pools, 1 separately managed + the default node pool

resource "google_service_account" "default" {
  account_id   = "service-account-id"
  display_name = "Service Account"
}

resource "google_container_node_pool" "np" {
  name       = "my-node-pool"
  cluster    = google_container_cluster.primary.id
  node_config {
    machine_type = "e2-medium"
    # Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
    service_account = google_service_account.default.email
    oauth_scopes    = [
      "https://www.googleapis.com/auth/cloud-platform"
    ]
  }
  timeouts {
    create = "30m"
    update = "20m"
  }
}

resource "google_container_cluster" "primary" {
  name               = "marcellus-wallace"
  location           = "us-central1-a"
  initial_node_count = 3

  node_locations = [
    "us-central1-c",
  ]

  node_config {
    # Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
    service_account = google_service_account.default.email
    oauth_scopes = [
      "https://www.googleapis.com/auth/cloud-platform"
    ]
    guest_accelerator {
      type  = "nvidia-tesla-k80"
      count = 1
    }
  }
}

Argument Reference



The autoscaling block supports (either total or per zone limits are required):

The confidential_nodes block supports:

The management block supports:

The network_config block supports:

The additional_node_network_configs block supports:

The additional_pod_network_configs block supports:

The upgrade_settings block supports:

max_surge and max_unavailable must not be negative and at least one of them must be greater than zero.

The blue_green_settings block supports:

The placement_policy block supports:

The queued_provisioning block supports:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

google_container_node_pool provides the following Timeouts configuration options: configuration options:

Import

Node pools can be imported using the project, location, cluster and name. If the project is omitted, the project value in the provider configuration will be used. Examples:

In Terraform v1.5.0 and later, use an import block to import node pools using one of the formats above. For example:

import {
  id = "{{project_id}}/{{location}}/{{cluster_id}}/{{pool_id}}"
  to = google_container_node_pool.default
}

When using the terraform import command, node pools can be imported using one of the formats above. For example:

$ terraform import google_container_node_pool.default {{project_id}}/{{location}}/{{cluster_id}}/{{pool_id}}

$ terraform import google_container_node_pool.default {{location}}/{{cluster_id}}/{{pool_id}}