Refactor compute-vm for Terraform 1.3 (#860)

* refactor compute-vm for Terraform 1.3 * bump Terraform version in CI tests config * fix optional null handling (ht jccb) * tfdoc * update blueprints * align fast * align README examples
GoogleCloudPlatform · Oct 7, 2022 · e66340c · e66340c
1 parent 8c88517
commit e66340c
Show file tree

Hide file tree

Showing 17 changed files with 104 additions and 360 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -30,7 +30,7 @@ env:
   PYTEST_ADDOPTS: "--color=yes"
   PYTHON_VERSION: "3.10"
   TF_PLUGIN_CACHE_DIR: "/home/runner/.terraform.d/plugin-cache"
-  TF_VERSION: 1.3.0
+  TF_VERSION: 1.3.2
 
 jobs:
   doc-examples:

diff --git a/blueprints/cloud-operations/adfs/main.tf b/blueprints/cloud-operations/adfs/main.tf
@@ -69,8 +69,6 @@ module "server" {
   network_interfaces = [{
     network    = var.network_config == null ? module.vpc[0].self_link : var.network_config.network
     subnetwork = var.network_config == null ? module.vpc[0].subnet_self_links["${var.region}/subnet"] : var.network_config.subnet
-    nat        = false
-    addresses  = null
   }]
   metadata = {
     # Enables OpenSSH in the Windows instance

diff --git a/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf b/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf
@@ -104,8 +104,6 @@ module "simple-vm-example" {
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = try(module.vpc.subnet_self_links["${var.region}/${var.name}-default"], "")
-    nat        = false
-    addresses  = null
   }]
   tags = ["${var.project_id}-test-feed", "shared-test-feed"]
 }

diff --git a/blueprints/cloud-operations/glb_and_armor/main.tf b/blueprints/cloud-operations/glb_and_armor/main.tf
@@ -94,13 +94,9 @@ module "instance_template_ew1" {
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links["europe-west1/subnet-ew1"]
-    nat        = false
-    addresses  = null
   }]
   boot_disk = {
     image = "projects/debian-cloud/global/images/family/debian-11"
-    type  = "pd-ssd"
-    size  = 10
   }
   metadata = {
     startup-script-url = "gs://cloud-training/gcpnet/httplb/startup.sh"
@@ -119,13 +115,9 @@ module "instance_template_ue1" {
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links["us-east1/subnet-ue1"]
-    nat        = false
-    addresses  = null
   }]
   boot_disk = {
     image = "projects/debian-cloud/global/images/family/debian-11"
-    type  = "pd-ssd"
-    size  = 10
   }
   metadata = {
     startup-script-url = "gs://cloud-training/gcpnet/httplb/startup.sh"
@@ -146,12 +138,9 @@ module "vm_siege" {
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links["us-west1/subnet-uw1"]
     nat        = true
-    addresses  = null
   }]
   boot_disk = {
     image = "projects/debian-cloud/global/images/family/debian-11"
-    type  = "pd-ssd"
-    size  = 10
   }
   metadata = {
     startup-script = <<EOT

diff --git a/blueprints/networking/filtering-proxy/main.tf b/blueprints/networking/filtering-proxy/main.tf
@@ -155,13 +155,9 @@ module "squid-vm" {
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links["${var.region}/proxy"]
-    nat        = false
-    addresses  = null
   }]
   boot_disk = {
     image = "cos-cloud/cos-stable"
-    type  = "pd-standard"
-    size  = 10
   }
   service_account        = module.service-account-squid.email
   service_account_scopes = ["https://www.googleapis.com/auth/cloud-platform"]

diff --git a/blueprints/networking/ilb-next-hop/vms.tf b/blueprints/networking/ilb-next-hop/vms.tf
@@ -33,8 +33,6 @@ module "vm-left" {
     {
       network    = module.vpc-left.self_link
       subnetwork = values(module.vpc-left.subnet_self_links)[0]
-      nat        = false
-      addresses  = null
     }
   ]
   tags = ["ssh"]
@@ -58,8 +56,6 @@ module "vm-right" {
     {
       network    = module.vpc-right.self_link
       subnetwork = values(module.vpc-right.subnet_self_links)[0]
-      nat        = false
-      addresses  = null
     }
   ]
   tags = ["ssh"]

diff --git a/blueprints/networking/nginx-reverse-proxy-cluster/main.tf b/blueprints/networking/nginx-reverse-proxy-cluster/main.tf
@@ -20,7 +20,7 @@ locals {
     Description=Start monitoring agent container
     After=gcr-online.target docker.socket
     Wants=gcr-online.target docker.socket docker-events-collector.service
-    
+
     [Service]
     Environment="HOME=/home/opsagent"
     ExecStartPre=/usr/bin/docker-credential-gcr configure-docker
@@ -35,7 +35,7 @@ locals {
     logging:
       service:
         pipelines:
-          default_pipeline: 
+          default_pipeline:
             receivers: []
     metrics:
       receivers:
@@ -227,42 +227,34 @@ module "service-account-proxy" {
 }
 
 module "cos-nginx" {
-  count  = !var.tls ? 1 : 0
-  source = "../../../modules/cloud-config-container/nginx"
-
-  image = var.nginx_image
-  files = local.nginx_files
-  users = local.users
-
+  count       = !var.tls ? 1 : 0
+  source      = "../../../modules/cloud-config-container/nginx"
+  image       = var.nginx_image
+  files       = local.nginx_files
+  users       = local.users
   runcmd_pre  = ["sed -i \"s/HOSTNAME/$${HOSTNAME}/\" /etc/nginx/conf.d/default.conf"]
   runcmd_post = ["systemctl start monitoring-agent"]
 }
 
 module "cos-nginx-tls" {
-  count  = var.tls ? 1 : 0
-  source = "../../../modules/cloud-config-container/nginx-tls"
-
+  count       = var.tls ? 1 : 0
+  source      = "../../../modules/cloud-config-container/nginx-tls"
   nginx_image = var.nginx_image
   files       = local.nginx_files
   users       = local.users
-
   runcmd_post = ["systemctl start monitoring-agent"]
 }
 
 module "mig-proxy" {
   source     = "../../../modules/compute-mig"
   project_id = module.project.project_id
-
-  location = var.region
-  regional = true
-
-  name = format("%sproxy-cluster", var.prefix)
-
+  location   = var.region
+  regional   = true
+  name       = format("%sproxy-cluster", var.prefix)
   named_ports = {
     http  = "80"
     https = "443"
   }
-
   autoscaler_config = var.autoscaling == null ? null : {
     min_replicas                      = var.autoscaling.min_replicas
     max_replicas                      = var.autoscaling.max_replicas
@@ -271,7 +263,6 @@ module "mig-proxy" {
     load_balancing_utilization_target = null
     metric                            = var.autoscaling_metric
   }
-
   update_policy = {
     type                 = "PROACTIVE"
     minimal_action       = "REPLACE"
@@ -281,12 +272,10 @@ module "mig-proxy" {
     max_unavailable_type = null
     max_unavailable      = null
   }
-
   default_version = {
     instance_template = module.proxy-vm.template.self_link
     name              = "proxy-vm"
   }
-
   health_check_config = {
     type = "http"
     check = {
@@ -308,45 +297,32 @@ module "mig-proxy" {
 }
 
 module "proxy-vm" {
-  source = "../../../modules/compute-vm"
-
-  project_id = module.project.project_id
-
-  zone = format("%s-c", var.region)
-  name = "nginx-test-vm"
-
+  source        = "../../../modules/compute-vm"
+  project_id    = module.project.project_id
+  zone          = format("%s-c", var.region)
+  name          = "nginx-test-vm"
   instance_type = "e2-standard-2"
-
-  tags = ["proxy-cluster"]
+  tags          = ["proxy-cluster"]
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links[format("%s/%s", var.region, var.subnetwork)]
-    nat        = false
-    addresses  = null
   }]
-
   boot_disk = {
     image = "projects/cos-cloud/global/images/family/cos-stable"
-    type  = "pd-ssd"
-    size  = 10
   }
-
   create_template = true
   metadata = {
     user-data = !var.tls ? module.cos-nginx.0.cloud_config : module.cos-nginx-tls.0.cloud_config
   }
-
   service_account        = module.service-account-proxy.email
   service_account_create = false
 }
 
 module "xlb" {
-  source     = "../../../modules/net-glb"
-  name       = format("%sreverse-proxy-xlb", var.prefix)
-  project_id = module.project.project_id
-
+  source             = "../../../modules/net-glb"
+  name               = format("%sreverse-proxy-xlb", var.prefix)
+  project_id         = module.project.project_id
   reserve_ip_address = true
-
   health_checks_config = {
     format("%sreverse-proxy-hc", var.prefix) = {
       type    = "http"
@@ -364,21 +340,18 @@ module "xlb" {
       }
     }
   }
-
   backend_services_config = {
     format("%sreverse-proxy-backend", var.prefix) = {
       bucket_config = null
       enable_cdn    = false
       cdn_config    = null
-
       group_config = {
         backends = [
           {
             group   = module.mig-proxy.group_manager.instance_group
             options = null
           }
         ]
-
         health_checks = [format("%sreverse-proxy-hc", var.prefix)]
         log_config    = null
         options = {

diff --git a/blueprints/networking/onprem-google-access-dns/main.tf b/blueprints/networking/onprem-google-access-dns/main.tf
@@ -237,8 +237,6 @@ module "vm-test1" {
   network_interfaces = [{
     network    = module.vpc.self_link
     subnetwork = module.vpc.subnet_self_links["${var.region.gcp1}/subnet1"]
-    nat        = false
-    addresses  = null
   }]
   metadata               = { startup-script = local.vm-startup-script }
   service_account        = module.service-account-gce.email
@@ -312,17 +310,13 @@ module "vm-onprem" {
   name          = "onprem"
   boot_disk = {
     image = "ubuntu-os-cloud/ubuntu-1804-lts"
-    type  = "pd-ssd"
-    size  = 10
   }
   metadata = {
     user-data = module.config-onprem.cloud_config
   }
   network_interfaces = [{
     network    = module.vpc.name
     subnetwork = module.vpc.subnet_self_links["${var.region.gcp1}/subnet1"]
-    nat        = true
-    addresses  = null
   }]
   service_account        = module.service-account-onprem.email
   service_account_scopes = ["https://www.googleapis.com/auth/cloud-platform"]

diff --git a/blueprints/networking/private-cloud-function-from-onprem/main.tf b/blueprints/networking/private-cloud-function-from-onprem/main.tf
@@ -178,12 +178,8 @@ module "test-vm" {
   instance_type = "e2-micro"
   boot_disk = {
     image = "projects/ubuntu-os-cloud/global/images/family/ubuntu-2104"
-    type  = "pd-balanced"
-    size  = 10
   }
   network_interfaces = [{
-    addresses  = null
-    nat        = false
     network    = module.vpc-onprem.self_link
     subnetwork = module.vpc-onprem.subnet_self_links["${var.region}/${var.name}-onprem"]
   }]

diff --git a/fast/stages/02-networking-nva/nva.tf b/fast/stages/02-networking-nva/nva.tf
@@ -38,28 +38,20 @@ module "nva-template-ew1" {
     {
       network    = module.landing-untrusted-vpc.self_link
       subnetwork = module.landing-untrusted-vpc.subnet_self_links["europe-west1/landing-untrusted-default-ew1"]
-      nat        = false
-      addresses  = null
     },
     {
       network    = module.landing-trusted-vpc.self_link
       subnetwork = module.landing-trusted-vpc.subnet_self_links["europe-west1/landing-trusted-default-ew1"]
-      nat        = false
-      addresses  = null
     }
   ]
   boot_disk = {
     image = "projects/debian-cloud/global/images/family/debian-10"
-    type  = "pd-balanced"
-    size  = 10
   }
   create_template = true
   instance_type   = "f1-micro"
   options = {
-    allow_stopping_for_update = true
-    deletion_protection       = false
-    spot                      = true
-    termination_action        = "STOP"
+    spot               = true
+    termination_action = "STOP"
   }
   metadata = {
     startup-script = templatefile(