Skip to content

deploy datadog to gke clusters #8589

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

deploy datadog to gke clusters #8589

wants to merge 1 commit into from

Conversation

upodroid
Copy link
Member

@upodroid upodroid commented Oct 1, 2025

I deployed this recently to our clusters so upgrading DD version and pushing final tweaks.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 1, 2025
@k8s-ci-robot k8s-ci-robot requested a review from jbpratt October 1, 2025 20:23
@k8s-ci-robot k8s-ci-robot added the area/infra Infrastructure management, infrastructure design, code in infra/ label Oct 1, 2025
@k8s-ci-robot

This comment was marked as outdated.

Sign in to view
@k8s-ci-robot k8s-ci-robot requested a review from xmudrii October 1, 2025 20:23
@k8s-ci-robot k8s-ci-robot added area/infra/gcp Issues or PRs related to Kubernetes GCP infrastructure approved Indicates a PR has been approved by an approver from all required OWNERS files. area/prow Setting up or working with prow in general, prow.k8s.io, prow build clusters area/terraform Terraform modules, testing them, writing more of them, code in infra/gcp/clusters/ sig/k8s-infra Categorizes an issue or PR as relevant to SIG K8s Infra. sig/testing Categorizes an issue or PR as relevant to SIG Testing. labels Oct 1, 2025
@k8s-infra-ci-robot
Copy link
Contributor

Ran Plan for dir: infra/gcp/terraform/kubernetes-public workspace: default

Show Output 
Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:

  # google_pubsub_subscription.kettle_subscription has been deleted
- resource "google_pubsub_subscription" "kettle_subscription" {
        id                           = "projects/kubernetes-public/subscriptions/k8s-infra-kettle-staging"
      - name                         = "k8s-infra-kettle-staging" -> null
        # (11 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.

─────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place

Terraform will perform the following actions:

  # google_container_cluster.cluster will be updated in-place
~ resource "google_container_cluster" "cluster" {
        id                                       = "aaa"
        name                                     = "aaa"
        # (36 unchanged attributes hidden)

      ~ cluster_autoscaling {
            # (3 unchanged attributes hidden)

          ~ auto_provisioning_defaults {
                # (7 unchanged attributes hidden)

              - shielded_instance_config {
                  - enable_integrity_monitoring = false -> null
                  - enable_secure_boot          = false -> null
                }

                # (2 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (30 unchanged blocks hidden)
    }

  # google_pubsub_subscription.kettle_subscription will be created
+ resource "google_pubsub_subscription" "kettle_subscription" {
      + ack_deadline_seconds       = (known after apply)
      + effective_labels           = {
          + "goog-terraform-provisioned" = "true"
        }
      + filter                     = "attributes.eventType = \"OBJECT_FINALIZE\""
      + id                         = (known after apply)
      + message_retention_duration = "604800s"
      + name                       = "k8s-infra-kettle-staging"
      + project                    = "kubernetes-public"
      + terraform_labels           = {
          + "goog-terraform-provisioned" = "true"
        }
      + topic                      = "k8s-infra-kubernetes-jenkins-changes"

      + expiration_policy (known after apply)
    }

  # google_pubsub_subscription_iam_binding.subscription_binding will be created
+ resource "google_pubsub_subscription_iam_binding" "subscription_binding" {
      + etag         = (known after apply)
      + id           = (known after apply)
      + members      = [
          + "serviceAccount:kettle@kubernetes-public.iam.gserviceaccount.com",
        ]
      + project      = "kubernetes-public"
      + role         = "roles/pubsub.editor"
      + subscription = "k8s-infra-kettle-staging"
    }

  # module.iam.google_project_iam_binding.project_iam_authoritative["default--roles/container.admin"] will be created
+ resource "google_project_iam_binding" "project_iam_authoritative" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + members = [
          + "serviceAccount:argocd@k8s-infra-prow.iam.gserviceaccount.com",
        ]
      + project = "kubernetes-public"
      + role    = "roles/container.admin"
    }

Plan: 3 to add, 1 to change, 0 to destroy.
  • ▶️ To apply this plan, comment: 
    atlantis apply -d infra/gcp/terraform/kubernetes-public
  • 🚮 To delete this plan and lock, click here
  • 🔁 To plan this project again, comment: 
    atlantis plan -d infra/gcp/terraform/kubernetes-public

Note: Objects have changed outside of Terraform
Plan: 3 to add, 1 to change, 0 to destroy.

  • ⏩ To apply all unapplied plans from this Pull Request, comment: 
    atlantis apply
  • 🚮 To delete all plans and locks from this Pull Request, comment: 
    atlantis unlock

@upodroid upodroid requested a review from dims October 1, 2025 20:29
@k8s-infra-ci-robot
Copy link
Contributor

Ran Plan for dir: infra/gcp/terraform/kubernetes-public workspace: default

Show Output 
Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:

  # google_pubsub_subscription.kettle_subscription has been deleted
- resource "google_pubsub_subscription" "kettle_subscription" {
        id                           = "projects/kubernetes-public/subscriptions/k8s-infra-kettle-staging"
      - name                         = "k8s-infra-kettle-staging" -> null
        # (11 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.

─────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place

Terraform will perform the following actions:

  # google_container_cluster.cluster will be updated in-place
~ resource "google_container_cluster" "cluster" {
        id                                       = "aaa"
        name                                     = "aaa"
        # (36 unchanged attributes hidden)

      ~ cluster_autoscaling {
            # (3 unchanged attributes hidden)

          ~ auto_provisioning_defaults {
                # (7 unchanged attributes hidden)

              - shielded_instance_config {
                  - enable_integrity_monitoring = false -> null
                  - enable_secure_boot          = false -> null
                }

                # (2 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (30 unchanged blocks hidden)
    }

  # google_pubsub_subscription.kettle_subscription will be created
+ resource "google_pubsub_subscription" "kettle_subscription" {
      + ack_deadline_seconds       = (known after apply)
      + effective_labels           = {
          + "goog-terraform-provisioned" = "true"
        }
      + filter                     = "attributes.eventType = \"OBJECT_FINALIZE\""
      + id                         = (known after apply)
      + message_retention_duration = "604800s"
      + name                       = "k8s-infra-kettle-staging"
      + project                    = "kubernetes-public"
      + terraform_labels           = {
          + "goog-terraform-provisioned" = "true"
        }
      + topic                      = "k8s-infra-kubernetes-jenkins-changes"

      + expiration_policy (known after apply)
    }

  # google_pubsub_subscription_iam_binding.subscription_binding will be created
+ resource "google_pubsub_subscription_iam_binding" "subscription_binding" {
      + etag         = (known after apply)
      + id           = (known after apply)
      + members      = [
          + "serviceAccount:kettle@kubernetes-public.iam.gserviceaccount.com",
        ]
      + project      = "kubernetes-public"
      + role         = "roles/pubsub.editor"
      + subscription = "k8s-infra-kettle-staging"
    }

  # module.iam.google_project_iam_binding.project_iam_authoritative["default--roles/container.admin"] will be created
+ resource "google_project_iam_binding" "project_iam_authoritative" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + members = [
          + "serviceAccount:argocd@k8s-infra-prow.iam.gserviceaccount.com",
        ]
      + project = "kubernetes-public"
      + role    = "roles/container.admin"
    }

Plan: 3 to add, 1 to change, 0 to destroy.
  • ▶️ To apply this plan, comment: 
    atlantis apply -d infra/gcp/terraform/kubernetes-public
  • 🚮 To delete this plan and lock, click here
  • 🔁 To plan this project again, comment: 
    atlantis plan -d infra/gcp/terraform/kubernetes-public

Note: Objects have changed outside of Terraform
Plan: 3 to add, 1 to change, 0 to destroy.

  • ⏩ To apply all unapplied plans from this Pull Request, comment: 
    atlantis apply
  • 🚮 To delete all plans and locks from this Pull Request, comment: 
    atlantis unlock

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbpratt jbpratt Awaiting requested review from jbpratt

@xmudrii xmudrii Awaiting requested review from xmudrii

@dims dims Awaiting requested review from dims

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/infra/gcp Issues or PRs related to Kubernetes GCP infrastructure area/infra Infrastructure management, infrastructure design, code in infra/ area/prow Setting up or working with prow in general, prow.k8s.io, prow build clusters area/terraform Terraform modules, testing them, writing more of them, code in infra/gcp/clusters/ cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. sig/k8s-infra Categorizes an issue or PR as relevant to SIG K8s Infra. sig/testing Categorizes an issue or PR as relevant to SIG Testing. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@upodroid @k8s-ci-robot @k8s-infra-ci-robot