Add support for rePD and existing disk attachment to compute VM (#194)

* initial untested support for repd in compute-vm * fix repd reference in instance disks * add support for snapshot source, change disk variable * fix attach existing disk to instance * fix examples, add documentation on disk sources * fix attaching disk for instance templates, add examples * fix data e2e examples * update vars table in README
2021-02-03 08:00:08 +01:00
parent 8d27f8f2b5
commit e3a03a76ff
5 changed files with 226 additions and 77 deletions
--- a/modules/compute-vm/main.tf
+++ b/modules/compute-vm/main.tf
@@ -25,6 +25,14 @@ locals {
    for pair in setproduct(keys(local.names), keys(local.attached_disks)) :
    "${pair[0]}-${pair[1]}" => { disk_name = pair[1], name = pair[0] }
  }
+  attached_region_disks_pairs = {
+    for k, v in local.attached_disks_pairs :
+    k => v if local.attached_disks[v.disk_name].options.regional
+  }
+  attached_zone_disks_pairs = {
+    for k, v in local.attached_disks_pairs :
+    k => v if !local.attached_disks[v.disk_name].options.regional
+  }
  on_host_maintenance = (
    var.options.preemptible || var.confidential_compute
    ? "TERMINATE"
@@ -68,24 +76,34 @@ locals {
 }

 resource "google_compute_disk" "disks" {
-  for_each = var.use_instance_template ? {} : local.attached_disks_pairs
-  project  = var.project_id
-  zone     = local.zones[each.value.name]
-  name     = each.key
-  type     = local.attached_disks[each.value.disk_name].options.type
-  size     = local.attached_disks[each.value.disk_name].size
-  image    = local.attached_disks[each.value.disk_name].image
+  for_each = var.use_instance_template ? {} : {
+    for k, v in local.attached_zone_disks_pairs :
+    k => v if local.attached_disks[v.disk_name].source_type != "attach"
+  }
+  project = var.project_id
+  zone    = local.zones[each.value.name]
+  name    = each.key
+  type    = local.attached_disks[each.value.disk_name].options.type
+  size    = local.attached_disks[each.value.disk_name].size
+  image = (
+    local.attached_disks[each.value.disk_name].source_type == "image"
+    ? local.attached_disks[each.value.disk_name].source
+    : null
+  )
+  snapshot = (
+    local.attached_disks[each.value.disk_name].source_type == "snapshot"
+    ? local.attached_disks[each.value.disk_name].source
+    : null
+  )
  labels = merge(var.labels, {
    disk_name = local.attached_disks[each.value.disk_name].name
    disk_type = local.attached_disks[each.value.disk_name].options.type
-
    # Disk images usually have slashes, which is against label
    # restrictions
    # image     = local.attached_disks[each.value.disk_name].image
  })
-  dynamic disk_encryption_key {
+  dynamic "disk_encryption_key" {
    for_each = var.encryption != null ? [""] : []
-
    content {
      raw_key           = var.encryption.disk_encryption_key_raw
      kms_key_self_link = var.encryption.kms_key_self_link
@@ -93,6 +111,36 @@ resource "google_compute_disk" "disks" {
  }
 }

+resource "google_compute_region_disk" "disks" {
+  provider = google-beta
+  for_each = var.use_instance_template ? {} : {
+    for k, v in local.attached_region_disks_pairs :
+    k => v if local.attached_disks[v.disk_name].source_type != "attach"
+  }
+  project       = var.project_id
+  region        = var.region
+  replica_zones = var.zones
+  name          = each.key
+  type          = local.attached_disks[each.value.disk_name].options.type
+  size          = local.attached_disks[each.value.disk_name].size
+  snapshot = (
+    local.attached_disks[each.value.disk_name].source_type == "snapshot"
+    ? local.attached_disks[each.value.disk_name].source
+    : null
+  )
+  labels = merge(var.labels, {
+    disk_name = local.attached_disks[each.value.disk_name].name
+    disk_type = local.attached_disks[each.value.disk_name].options.type
+  })
+  dynamic "disk_encryption_key" {
+    for_each = var.encryption != null ? [""] : []
+    content {
+      raw_key      = var.encryption.disk_encryption_key_raw
+      kms_key_name = var.encryption.kms_key_self_link
+    }
+  }
+}
+
 resource "google_compute_instance" "default" {
  provider                  = google-beta
  for_each                  = var.use_instance_template ? {} : local.names
@@ -113,16 +161,25 @@ resource "google_compute_instance" "default" {
    var.metadata, try(element(var.metadata_list, each.value), {})
  )

-  dynamic attached_disk {
+  dynamic "attached_disk" {
    for_each = {
      for resource_name, pair in local.attached_disks_pairs :
-      resource_name => local.attached_disks[pair.disk_name] if pair.name == each.key
+      resource_name => local.attached_disks[pair.disk_name]
+      if pair.name == each.key
    }
    iterator = config
    content {
      device_name = config.value.name
      mode        = config.value.options.mode
-      source      = google_compute_disk.disks[config.key].name
+      source = (
+        config.value.source_type == "attach"
+        ? config.value.source
+        : (
+          config.value.options.regional
+          ? google_compute_region_disk.disks[config.key].id
+          : google_compute_disk.disks[config.key].name
+        )
+      )
    }
  }

@@ -136,14 +193,14 @@ resource "google_compute_instance" "default" {
    kms_key_self_link       = var.encryption != null ? var.encryption.kms_key_self_link : null
  }

-  dynamic confidential_instance_config {
+  dynamic "confidential_instance_config" {
    for_each = var.confidential_compute ? [""] : []
    content {
      enable_confidential_compute = true
    }
  }

-  dynamic network_interface {
+  dynamic "network_interface" {
    for_each = var.network_interfaces
    iterator = config
    content {
@@ -154,7 +211,7 @@ resource "google_compute_instance" "default" {
        ? null
        : config.value.addresses.internal[each.value]
      )
-      dynamic access_config {
+      dynamic "access_config" {
        for_each = config.value.nat ? [config.value.addresses] : []
        iterator = addresses
        content {
@@ -163,7 +220,7 @@ resource "google_compute_instance" "default" {
          )
        }
      }
-      dynamic alias_ip_range {
+      dynamic "alias_ip_range" {
        for_each = config.value.alias_ips != null ? config.value.alias_ips : {}
        iterator = alias_ips
        content {
@@ -175,12 +232,12 @@ resource "google_compute_instance" "default" {
  }

  scheduling {
-    automatic_restart   = ! var.options.preemptible
+    automatic_restart   = !var.options.preemptible
    on_host_maintenance = local.on_host_maintenance
    preemptible         = var.options.preemptible
  }

-  dynamic scratch_disk {
+  dynamic "scratch_disk" {
    for_each = [
      for i in range(0, var.scratch_disks.count) : var.scratch_disks.interface
    ]
@@ -195,7 +252,7 @@ resource "google_compute_instance" "default" {
    scopes = local.service_account_scopes
  }

-  dynamic shielded_instance_config {
+  dynamic "shielded_instance_config" {
    for_each = var.shielded_config != null ? [var.shielded_config] : []
    iterator = config
    content {
@@ -239,35 +296,48 @@ resource "google_compute_instance_template" "default" {
    boot         = true
  }

-  dynamic confidential_instance_config {
+  dynamic "confidential_instance_config" {
    for_each = var.confidential_compute ? [""] : []
    content {
      enable_confidential_compute = true
    }
  }

-  dynamic disk {
+  dynamic "disk" {
    for_each = local.attached_disks
    iterator = config
    content {
-      auto_delete  = config.value.options.auto_delete
-      device_name  = config.value.name
-      disk_type    = config.value.options.type
-      disk_size_gb = config.value.size
-      mode         = config.value.options.mode
-      source_image = config.value.image
-      source       = config.value.options.source
-      type         = "PERSISTENT"
+      auto_delete = config.value.options.auto_delete
+      device_name = config.value.name
+      # Cannot use `source` with any of the fields in
+      # [disk_size_gb disk_name disk_type source_image labels]
+      disk_type = (
+        config.value.source_type != "attach" ? config.value.options.type : null
+      )
+      disk_size_gb = (
+        config.value.source_type != "attach" ? config.value.size : null
+      )
+      mode = config.value.options.mode
+      source_image = (
+        config.value.source_type == "image" ? config.value.source : null
+      )
+      source = (
+        config.value.source_type == "attach" ? config.value.source : null
+      )
+      disk_name = (
+        config.value.source_type != "attach" ? config.value.name : null
+      )
+      type = "PERSISTENT"
    }
  }

-  dynamic network_interface {
+  dynamic "network_interface" {
    for_each = var.network_interfaces
    iterator = config
    content {
      network    = config.value.network
      subnetwork = config.value.subnetwork
-      dynamic access_config {
+      dynamic "access_config" {
        for_each = config.value.nat ? [""] : []
        content {}
      }
@@ -275,7 +345,7 @@ resource "google_compute_instance_template" "default" {
  }

  scheduling {
-    automatic_restart   = ! var.options.preemptible
+    automatic_restart   = !var.options.preemptible
    on_host_maintenance = local.on_host_maintenance
    preemptible         = var.options.preemptible
  }
@@ -292,7 +362,7 @@ resource "google_compute_instance_template" "default" {

 resource "google_compute_instance_group" "unmanaged" {
  count = (
-    var.group != null && ! var.use_instance_template ? 1 : 0
+    var.group != null && !var.use_instance_template ? 1 : 0
  )
  project = var.project_id
  network = (
@@ -306,7 +376,7 @@ resource "google_compute_instance_group" "unmanaged" {
  instances = [
    for name, instance in google_compute_instance.default : instance.self_link
  ]
-  dynamic named_port {
+  dynamic "named_port" {
    for_each = var.group.named_ports != null ? var.group.named_ports : {}
    iterator = config
    content {