-
Notifications
You must be signed in to change notification settings - Fork 0
GCP GKE Node Pool
Andy Potanin edited this page Jun 21, 2026
·
3 revisions
Creates a GKE node pool with configurable machine types, autoscaling, and security settings.
Use this module when a Rabbit cluster needs a managed node pool with specific compute, disk, or scheduling requirements.
- Node pool creation for an existing GKE cluster.
- Autoscaling with configurable min and max node counts.
- Machine type and disk configuration.
- Shielded VM settings (secure boot, integrity monitoring).
- Preemptible node support.
- Node taints and labels.
- OAuth scopes.
- Surge upgrade settings.
- Workload metadata configuration.
- A GKE cluster provisioned by the
gcp-gke-clustermodule. - GCP credentials with permission to manage GKE node pools.
-
cluster_nameandcluster_regionmust match the target GKE cluster. -
image_typedefaults tocos_containerd(Container-Optimized OS). - Taints use Kubernetes taint syntax with
key,value, andeffect. -
workload_metadata_config_modeshould beGKE_METADATAfor Workload Identity.
services:
- name: "GKE Node Pool"
module: "gcp-gke-nodepool"
id: "primary-nodepool"
deployment_order: 40
configurations:
cluster_name: "my-cluster"
cluster_region: "us-central1"
name: "primary-pool"
machine_type: "n1-standard-2"
node_count: 1
autoscaling_min_node_count: 1
autoscaling_max_node_count: 5| Output | Description |
|---|---|
node_pool_name |
The name of the node pool. |
node_pool_id |
The ID of the node pool. |
node_pool_version |
The version of the node pool. |
node_pool_location |
The location of the node pool. |
The fields below are public module inputs under configurations.
configurations:
cluster_name: "my-cluster"
cluster_region: "us-central1"
node_count: 1
autoscaling_min_node_count: 1
autoscaling_max_node_count: 5
node_auto_repair: true
node_auto_upgrade: true
enable_private_nodes: true
upgrade_max_surge: 1
upgrade_max_unavailable: 0
name: "my-node-pool"
disk_size_gb: 100
disk_type: "pd-standard"
image_type: "cos_containerd"
labels:
environment: "production"
machine_type: "n1-standard-2"
enable_secure_boot: true
enable_integrity_monitoring: true
preemptible: false
tags:
- "network"
- "security"
taint:
- key: "node-type"
value: "spot"
effect: "NO_SCHEDULE"
oauth_scopes:
- "https://www.googleapis.com/auth/devstorage.read_only"
- "https://www.googleapis.com/auth/logging.write"
- "https://www.googleapis.com/auth/monitoring"
- "https://www.googleapis.com/auth/service.management"
- "https://www.googleapis.com/auth/servicecontrol"
- "https://www.googleapis.com/auth/trace.append"
workload_metadata_config_mode: "GKE_METADATA"| Field | Type | Required | Description |
|---|---|---|---|
cluster_name |
string | Yes | Name of the GKE cluster. |
cluster_region |
string | Yes | Region of the GKE cluster. |
name |
string | Yes | Node pool name. |
machine_type |
string | No | GCE machine type. Defaults to n1-standard-2. |
node_count |
number | No | Initial node count. Defaults to 1. |
autoscaling_min_node_count |
number | No | Minimum node count for autoscaling. Defaults to 1. |
autoscaling_max_node_count |
number | No | Maximum node count for autoscaling. Defaults to 5. |
node_auto_repair |
boolean | No | Enables automatic node repair. Defaults to true. |
node_auto_upgrade |
boolean | No | Enables automatic node upgrade. Defaults to true. |
enable_private_nodes |
boolean | No | Enables private nodes. Defaults to true. |
upgrade_max_surge |
number | No | Maximum surge nodes during upgrades. Defaults to 1. |
upgrade_max_unavailable |
number | No | Maximum unavailable nodes during upgrades. Defaults to 0. |
disk_size_gb |
number | No | Boot disk size in GB. Defaults to 100. |
disk_type |
string | No | Boot disk type. Defaults to pd-standard. |
image_type |
string | No | Node image type. Defaults to cos_containerd. |
labels |
map[string] | No | Kubernetes labels applied to nodes. |
enable_secure_boot |
boolean | No | Enables secure boot on nodes. Defaults to true. |
enable_integrity_monitoring |
boolean | No | Enables integrity monitoring on nodes. Defaults to true. |
preemptible |
boolean | No | Uses preemptible VMs. Defaults to false. |
tags |
array[string] | No | Network tags applied to node instances. |
taint |
array[taint] | No | Kubernetes taints applied to nodes. |
taint[].key |
string | Yes | Taint key. |
taint[].value |
string | Yes | Taint value. |
taint[].effect |
string | Yes | Taint effect: NO_SCHEDULE, PREFER_NO_SCHEDULE, or NO_EXECUTE. |
oauth_scopes |
array[string] | No | OAuth scopes for node service accounts. |
workload_metadata_config_mode |
string | No | Workload metadata configuration mode. Defaults to GKE_METADATA. |
- AWS ACM Certificate
- AWS CloudFormation Stack
- AWS CloudFront Distribution
- AWS CloudFront Response Headers Policy
- AWS Route53 DNS
- AWS WAF
- GCP GKE Cluster
- GCP GKE Node Pool
- GCP IAM
- GCP Monitoring
- GCP Networking
- GCP PostgreSQL Instance
- GCP Secret Manager
- GCP SQL Instance
- GCP Static IP
- GCP Storage
- Ghost Inspector Sync
- K8s Access
- K8s ConfigMap
- K8s Deployment
- K8s HPA
- K8s HTTP Gateway Route
- K8s HTTP Health Check Policy
- K8s Memcached
- K8s Namespace
- K8s PDB
- K8s Secret
- K8s Service
- K8s Shared HTTP Gateway
- NewRelic APM Browser
- NewRelic Synthetic Monitors