kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c42c4c141f5a6ec5e34459b5effe37b28a5720fe
hunfabric/blueprints/gke/patterns/autopilot-cluster/cluster.tf
Julio Castillo c42c4c141f GKE stateful blueprints (#2059) 
* var definitions

* skeleton, untested

* fix errors, test with existing cluster

* test vpc creation, todo notes

* initial variables for AR and image

* initial variables for AR and image

* Add support for remote repositories to artifact-registry

* Add support for virtual repositories to artifact-registry

* Add support for extra config options to artifact-registry

* artifact registry module: add validation and precondition, fix tests

* ar module id/name

* registry

* service accoutn and roles

* fetch pods, remove image prefix

* small changes

* use additive IAM at project level

* use additive IAM at project level

* configmaps

* manifests

* fix statefulset manifest

* service manifest

* fix configmap mode

* add todo

* job (broken)

* job

* wait on manifest, endpoints datasource

* fix job

* Fix local

* sa

* Update README.md

* Restructure gke bp

* refactor tree and infra variables

* no create test

* simplify cluster SA

* test cluster and vpc creation

* project creation fixes

* use iam_members variable

* nits

* readme with examples

* readme with examples

* outputs

* variables, provider configuration

* variables, manifests

* start cluster job

* fix redis cluster creation

Co-authored-by: Julio Castillo <juliocc@users.noreply.github.com>

* Revert changes in autopilot cluster

* Default templates path, use namespace for node names

* Update readmes

* Fix IAM bindings

* Make STABLE the default release channel

* Use Cloud DNS as default DNS provider

* Allow optional Cloud NAT creation

* Allow backup agent and proxy only subnet

* Work around terraform not short-circuiting logical operators

* Rename create variables to be more consistent with other blueprints

* Add basic features

* Update variable names

* Initial kafka JS

* Move providers to a new file

* Kafka / Strimzi

* First possibily working version for MySQL (with a lot of todo's left)

* Explicitly use proxy repo + some other fixes

* Strimzi draft

* Refactor variables, use CluterIP as pointer for mysql-router for bootstraping

* Validate number of replicas, autoscale required number of running nodes to n/2+1

* Use seaprate service for bootstrap, do not recreate all resources on change of replicas count as the config is preserved in PV

* Test dual chart kafka

* Update chart for kafka

* Expose basic kafka configuration options

* Remove unused manifest

* Added batch blueprint

* Added README

* switch to kubectl_manifest

* Add README and support for static IP address

* Move namespace creation to helm

* Interpolate kafka variables

* Rename kafka-strimzi to kafka

* Added TUTORIAL for cloudshell for batch blueprint

* deleted tutorial

* Remove commented replace trigger

* Move to helm chart

* WIP of Cloud Shell tutorial for MySQL

* Rename folders

* Fix rename

* Update paths

* Unify styles

* Update paths

* Add Readme links

* Update mysql tutorial

* Fix path according to self-link

* Use relative path to cwd

* Fix service_account variable location

* Fix tfvars creation

* Restore some fixes for helm deployment

* Add cluster deletion_prevention

* Fixes for tutorial

* Update cluster docs

* Fixes to batch tutorial

* Bare bones readme for batch

* Update batch readme

* README fixes

* Fix README title for redis

* Fix Typos

* Make it easy to pass variables from autopilot-cluster to other modules

* Add connectivity test and bastion host

* updates to readme, and gpu fix

* Add versions.tf and README updates

* Fix typo

* Kafka and Redis README updates

* Update versions.tf

* Fixes

* Add boilerplate

* Fix linting

* Move mysql to separate branch

* Update cloud shell links

* Fix broken link

---------

Co-authored-by: Ludo <ludomagno@google.com>
Co-authored-by: Daniel Marzini <44803752+danielmarzini@users.noreply.github.com>
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Miren Esnaola <mirene@google.com>
2024-02-08 18:28:41 +00:00

135 lines
4.0 KiB
HCL
Raw Blame History

/**
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
_cluster_sa = (
local.cluster_create
? module.cluster-service-account.0.email
: data.google_container_cluster.cluster.0.node_config.0.service_account
)
cluster_sa = (
local._cluster_sa == "default"
? module.project.service_accounts.default.compute
: local._cluster_sa
)
cluster_sa_roles = [
"roles/artifactregistry.reader",
"roles/logging.logWriter",
"roles/monitoring.metricWriter",
"roles/monitoring.viewer",
"roles/stackdriver.resourceMetadata.writer"
]
cluster_vpc = (
local.use_shared_vpc || !local.vpc_create
# cluster variable configures networking
? {
network = try(
var.cluster_create.vpc.id, null
)
secondary_range_names = try(
var.cluster_create.vpc.secondary_range_names, null
)
subnet = try(
var.cluster_create.vpc.subnet_id, null
)
}
# VPC creation configures networking
: {
network = module.vpc.0.id
secondary_range_names = { pods = "pods", services = "services" }
subnet = values(module.vpc.0.subnet_ids)[0]
}
)
}
data "google_container_cluster" "cluster" {
count = !local.cluster_create ? 1 : 0
project = var.project_id
location = var.region
name = var.cluster_name
}
module "cluster-service-account" {
source = "../../../../modules/iam-service-account"
count = local.cluster_create ? 1 : 0
project_id = module.project.project_id
name = var.prefix
}
module "cluster" {
source = "../../../../modules/gke-cluster-autopilot"
count = local.cluster_create ? 1 : 0
project_id = module.project.project_id
deletion_protection = var.cluster_create.deletion_protection
name = var.cluster_name
location = var.region
vpc_config = {
network = local.cluster_vpc.network
subnetwork = local.cluster_vpc.subnet
secondary_range_names = local.cluster_vpc.secondary_range_names
master_authorized_ranges = var.cluster_create.master_authorized_ranges
master_ipv4_cidr_block = var.cluster_create.master_ipv4_cidr_block
}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = true
}
node_config = {
service_account = module.cluster-service-account.0.email
}
labels = var.cluster_create.labels
release_channel = var.cluster_create.options.release_channel
backup_configs = {
enable_backup_agent = var.cluster_create.options.enable_backup_agent
}
enable_features = {
dns = {
provider = "CLOUD_DNS"
scope = "CLUSTER_SCOPE"
domain = "cluster.local"
}
cost_management = true
gateway_api = true
}
monitoring_config = {
enable_api_server_metrics = true
enable_controller_manager_metrics = true
enable_scheduler_metrics = true
}
logging_config = {
enable_api_server_logs = true
enable_scheduler_logs = true
enable_controller_manager_logs = true
}
maintenance_config = {
daily_window_start_time = "01:00"
}
}
check "cluster_networking" {
assert {
condition = (
local.use_shared_vpc
? (
try(var.cluster_create.vpc.id, null) != null &&
try(var.cluster_create.vpc.subnet_id, null) != null
)
: true
)
error_message = "Cluster network and subnetwork are required in shared VPC mode."
}
}
Reference in New Issue View Git Blame Copy Permalink