For autopilot clusters, the networking is pre-configured. With container gen-client, we want to send IPAllocationPolicy.UseIpAliases and IPAllocationPolicy.UseRoutes as false, so that the service can pick the default IP allocation mode [1].

Only when the networkingMode is specifically set to "ROUTES", IPAllocationPolicy.UseRoutes is passed with true.

[1] https://github.com/googleapis/google-api-go-client/blob/main/container/v1/container-gen.go#L2238:L2241

This change fixes the following error when applying an autopilot cluster

resource "google_container_cluster" "tf-cluster" {
  name     = "tf-cluster"
  location = "europe-west1"
  project = "my-project"

  enable_autopilot = "true"
  release_channel {
    channel = "REGULAR"
  }
  min_master_version = "1.21.5-gke.1302"
}

google_container_cluster.tf-cluster: Creating...

Error: googleapi: Error 400: Max pods constraint on node pools for Autopilot clusters should be 32., badRequest

  on container_cluster.tf line 1, in resource "google_container_cluster" "tf-cluster":
   1: resource "google_container_cluster" "tf-cluster" {

If this PR is for Terraform, I acknowledge that I have:

[x] Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
[ ] Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
[ ] Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
[ ] Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
[ ] Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

Dec 10 '21 22:12 xiaobaitusi

Oops! It looks like you're using an unknown release-note type in your changelog entries:

REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

Dec 10 '21 22:12 modular-magician

Hello! I am a robot who works on Magic Modules PRs.

I have detected that you are a community contributor, so your PR will be assigned to someone with a commit-bit on this repo for initial review.

Thanks for your contribution! A human will be with you soon.

@rileykarson, please review this PR or find an appropriate assignee.

Dec 10 '21 22:12 modular-magician

For transparency, I didn't have the ruby setup for my local MM repo. So this CL didn't go through steps to generate terraform code, and run related tests locally.

Dec 10 '21 22:12 xiaobaitusi

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 23 insertions(+), 23 deletions(-)) Terraform Beta: Diff ( 2 files changed, 23 insertions(+), 23 deletions(-))

Dec 10 '21 22:12 modular-magician

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccContainerClusterDatasource_zonal|TestAccContainerClusterDatasource_regional|TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccApigeeEnvironmentIamMemberGenerated|TestAccApigeeEnvironmentIamPolicyGenerated|TestAccCloudFunctionsFunction_vpcConnector|TestAccComputeForwardingRule_forwardingRuleRegionalHttpXlbExample|TestAccComputeForwardingRule_update|TestAccContainerCluster_basic|TestAccContainerCluster_misc|TestAccContainerCluster_withConfidentialNodes|TestAccContainerCluster_withAddons|TestAccContainerCluster_withMasterAuthConfig_NoCert|TestAccContainerCluster_withILBSubsetting|TestAccContainerCluster_withNotificationConfig|TestAccContainerCluster_withNetworkPolicyEnabled|TestAccContainerCluster_withReleaseChannelEnabled|TestAccContainerCluster_withTelemetryEnabled|TestAccContainerCluster_regional|TestAccContainerCluster_withMasterAuthorizedNetworksConfig|TestAccContainerCluster_withReleaseChannelEnabledDefaultVersion|TestAccContainerCluster_regionalWithNodePool|TestAccContainerCluster_regionalWithNodeLocations|TestAccContainerCluster_withIntraNodeVisibility|TestAccContainerCluster_withVersion|TestAccContainerCluster_withNodeConfig|TestAccContainerCluster_withNodeConfigScopeAlias|TestAccContainerCluster_updateVersion|TestAccContainerCluster_withNodeConfigShieldedInstanceConfig|TestAccContainerCluster_withWorkloadMetadataConfig|TestAccContainerCluster_withSandboxConfig|TestAccContainerCluster_withNodePoolBasic|TestAccContainerCluster_network|TestAccContainerCluster_withNodePoolResize|TestAccContainerCluster_backend|TestAccContainerCluster_withNodePoolAutoscaling|TestAccContainerCluster_withNodePoolUpdateVersion|TestAccContainerCluster_withNodePoolMultiple|TestAccContainerCluster_withRecurringMaintenanceWindow|TestAccContainerCluster_withMaintenanceWindow|TestAccContainerCluster_withNodePoolNodeConfig|TestAccContainerCluster_withMaintenanceExclusionWindow|TestAccContainerCluster_deleteExclusionWindow|TestAccContainerCluster_errorAutopilotLocation|TestAccContainerCluster_nodeAutoprovisioning|TestAccContainerCluster_withShieldedNodes|TestAccContainerCluster_nodeAutoprovisioningDefaults|TestAccContainerCluster_withLoggingConfig|TestAccContainerCluster_withWorkloadIdentityConfig|TestAccContainerCluster_withSoleTenantGroup|TestAccContainerCluster_withAutoscalingProfile|TestAccContainerCluster_nodeAutoprovisioningDefaultsMinCpuPlatform|TestAccContainerCluster_withBinaryAuthorization|TestAccContainerCluster_errorNoClusterCreated|TestAccContainerCluster_withDatabaseEncryption|TestAccContainerCluster_withEnableKubernetesAlpha|TestAccContainerCluster_withDNSConfig|TestAccContainerCluster_withResourceUsageExportConfig|TestAccContainerNodePool_basic|TestAccContainerNodePool_basicWithClusterId|TestAccContainerNodePool_withNodeConfig|TestAccContainerNodePool_withWorkloadIdentityConfig|TestAccContainerNodePool_withSandboxConfig|TestAccContainerNodePool_withKubeletConfig|TestAccContainerNodePool_withLinuxNodeConfig|TestAccContainerNodePool_withUpgradeSettings|TestAccContainerNodePool_withManagement|TestAccContainerNodePool_withGPU|TestAccContainerNodePool_withNodeConfigScopeAlias|TestAccContainerNodePool_regionalAutoscaling|TestAccContainerNodePool_autoscaling|TestAccContainerNodePool_resize|TestAccContainerNodePool_EmptyGuestAccelerator|TestAccContainerNodePool_012_ConfigModeAttr|TestAccContainerNodePool_regionalClusters|TestAccContainerNodePool_shieldedInstanceConfig|TestAccContainerNodePool_ephemeralStorageConfig|TestAccContainerNodePool_version|TestAccContainerNodePool_gcfsConfig|TestAccGKEHubMembership_gkehubMembershipBasicExample|TestAccGKEHubMembership_gkehubMembershipIssuerExample You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=230447

Dec 11 '21 00:12 modular-magician

related to https://github.com/hashicorp/terraform-provider-google/issues/10782

Dec 28 '21 18:12 ScottSuarez

Oops! It looks like you're using an unknown release-note type in your changelog entries:

REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

Jan 26 '22 19:01 modular-magician

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-)) Terraform Beta: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-)) TF Validator: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-))

Jan 26 '22 19:01 modular-magician

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccApigeeEnvironmentIamBindingGenerated|TestAccApigeeEnvironmentIamMemberGenerated|TestAccApigeeEnvironmentIamPolicyGenerated|TestAccCloudbuildWorkerPool_basic|TestAccComputeGlobalForwardingRule_externalCndLbWithBackendBucketExample|TestAccContainerCluster_withMasterAuthConfig_NoCert|TestAccContainerCluster_withNetworkPolicyEnabled|TestAccContainerCluster_withBootDiskKmsKey|TestAccContainerCluster_withNodePoolResize|TestAccContainerCluster_withIdentityServiceConfig|TestAccContainerCluster_withDNSConfig|TestAccServiceNetworkingPeeredDNSDomain_basic You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=248669

Jan 26 '22 21:01 modular-magician

Oops! It looks like you're using an unknown release-note type in your changelog entries:

REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

Jan 27 '22 02:01 modular-magician

any update on this change?

continues to be an issue for https://github.com/hashicorp/terraform-provider-google/issues/10782#issuecomment-1023601603

Jan 27 '22 21:01 ScottSuarez

I think autopilot is effectively broken without this fix?

Jan 27 '22 21:01 ScottSuarez

or I'm unsure what the failure scenario is here

Jan 27 '22 21:01 ScottSuarez

Can't autopilot users specify the mode explicitly?

Jan 27 '22 21:01 rileykarson

This is a big point of friction for people using Terraform and GKE. Can you please prioritize it?

May 03 '22 18:05 hessjcg

Could you revert changes to the files other then the intended logic. Looks like there are dependency changes that seem unrelated.

May 04 '22 17:05 ScottSuarez

closing in favor of https://github.com/GoogleCloudPlatform/magic-modules/pull/6696

Oct 14 '22 17:10 ScottSuarez

Make google_container_cluster work for both routes-based and autopilot clusters

Diff report:

Diff report: