Skip to content

Commit 666a991

Browse files
splichysplichy
committed
update docs
1 parent 3316c64 commit 666a991

File tree

2 files changed

+11
-1
lines changed

2 files changed

+11
-1
lines changed

autogen/main/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -218,7 +218,7 @@ The node_pools variable takes the following parameters:
218218
| name | The name of the node pool | | Required |
219219
{% if beta_cluster %}
220220
| placement_policy | Placement type to set for nodes in a node pool. Can be set as [COMPACT](https://cloud.google.com/kubernetes-engine/docs/how-to/compact-placement#overview) if desired | Optional |
221-
| pod_range | The ID of the secondary range for pod IPs. | | Optional |
221+
| pod_range | The name of the secondary range for pod IPs. | | Optional |
222222
{% endif %}
223223
| node_count | The number of nodes in the nodepool when autoscaling is false. Otherwise defaults to 1. Only valid for non-autoscaling clusters | | Required |
224224
| node_locations | The list of zones in which the cluster's nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. Defaults to cluster level node locations if nothing is specified | " " | Optional |

docs/private_clusters.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,16 @@ If you are using these features with a private cluster, you will need to either:
2020

2121
If you are going to isolate your GKE private clusters from internet access you could check [this guide](https://medium.com/google-cloud/completely-private-gke-clusters-with-no-internet-connectivity-945fffae1ccd) and the associated [repo](https://github.com/andreyk-code/no-inet-gke-cluster).
2222

23+
## Discontiguous multi-Pod CIDR
24+
If you are going to use [discontiguous multi-Pod CIDR](https://cloud.google.com/kubernetes-engine/docs/how-to/multi-pod-cidr) it can happen that GKE robot will not update `gke-[cluster-name]-[cluster-hash]-all` and other firewall rules automatically when you add a new node pool (as stated in [documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/multi-pod-cidr#modified_firewall_rule)). You can prevent this from happening, by using a workaround with shadow firewall rules:
25+
```
26+
module "gke" {
27+
...
28+
add_shadow_firewall_rules = true
29+
shadow_firewall_rules_log_config = null # to save some $ on logs
30+
}
31+
```
32+
2333
## Troubleshooting
2434

2535
### Master Authorized Network

0 commit comments

Comments
 (0)