Merge pull request #1097 from wiktorn/google_gkehub_feature_membership

Use terraform resource to activate Anthos Service Mesh

blueprints/gke/multi-cluster-mesh-gke-fleet-api/ansible/roles/install/tasks/install.yaml

@@ -23,25 +23,6 @@
   set_fact:
     context: "gke_{{ project_id }}_{{ region }}_{{ cluster }}"
 
-- name: Install ASM in cluster
-  shell: > 
-    gcloud container fleet mesh update \
-    --control-plane automatic \
-    --memberships {{ cluster }} \
-    --project {{ project_id }}
-
-- name: Wait until MCP is provisioned
-  shell: > 
-    for i in $(seq 12); do
-      result=$(gcloud container fleet mesh describe --project {{ project_id }} --format json \
-      | jq -r '.membershipStates | to_entries[] | select(.key | endswith("{{ cluster }}")) | .value.servicemesh.controlPlaneManagement.state')
-      if [ "$result" = "ACTIVE" ]; then
-        break
-      fi
-      echo "ASM control plane is not ready yet..."
-      sleep 60
-    done
- 
 - name: Get endpoint IP
   shell: > 
     gcloud container clusters describe "{{ cluster }}" \

blueprints/gke/multitenant-fleet/README.md

@@ -224,7 +224,7 @@ module "gke" {
   }
 }
 
-# tftest modules=8 resources=35
+# tftest modules=8 resources=37
 ```
 
 <!-- TFDOC OPTS files:1 -->

modules/gke-hub/README.md

@@ -295,7 +295,7 @@ module "hub" {
   ]
 }
 
-# tftest modules=8 resources=28
+# tftest modules=8 resources=30
 ```
 <!-- BEGIN TFDOC -->
 

modules/gke-hub/main.tf

@@ -70,6 +70,20 @@ resource "google_gke_hub_feature" "default" {
   }
 }
 
+resource "google_gke_hub_feature_membership" "servicemesh" {
+  provider   = google-beta
+  for_each   = var.features.servicemesh ? var.clusters : {}
+  project    = var.project_id
+  location   = "global"
+  feature    = google_gke_hub_feature.default["servicemesh"].name
+  membership = google_gke_hub_membership.default[each.key].membership_id
+
+  mesh {
+    management    = "MANAGEMENT_AUTOMATIC"
+    control_plane = "AUTOMATIC"
+  }
+}
+
 resource "google_gke_hub_feature_membership" "default" {
   provider   = google-beta
   for_each   = local.cluster_cm_config

tests/blueprints/gke/multi_cluster_mesh_gke_fleet_api/test_plan.py

@@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner):
   "Test that plan works and the numbers of resources is as expected."
   modules, resources = e2e_plan_runner()
   assert len(modules) == 12
-  assert len(resources) == 53
+  assert len(resources) == 55

tests/modules/gke_hub/fixture/variables.tf

@@ -31,7 +31,7 @@ variable "features" {
     configmanagement             = true
     identityservice              = false
     multiclusteringress          = null
-    servicemesh                  = false
+    servicemesh                  = true
     multiclusterservicediscovery = false
   }
 }

tests/modules/gke_hub/test_plan.py

@@ -23,11 +23,14 @@ def resources(plan_runner):
 
 def test_resource_count(resources):
   "Test number of resources created."
-  assert len(resources) == 5
+  assert len(resources) == 8
   assert sorted(r['address'] for r in resources) == [
       'module.hub.google_gke_hub_feature.default["configmanagement"]',
+      'module.hub.google_gke_hub_feature.default["servicemesh"]',
       'module.hub.google_gke_hub_feature_membership.default["cluster-1"]',
       'module.hub.google_gke_hub_feature_membership.default["cluster-2"]',
+      'module.hub.google_gke_hub_feature_membership.servicemesh["cluster-1"]',
+      'module.hub.google_gke_hub_feature_membership.servicemesh["cluster-2"]',
       'module.hub.google_gke_hub_membership.default["cluster-1"]',
       'module.hub.google_gke_hub_membership.default["cluster-2"]'
   ]