Cloud foundation - phase 3 merge to master #343
Conversation
* Add Internal Load Balancer template
* Add Cloud KMS Template
CFT utility
* Add logsink support for org/billing account/project/folder
* Add external load balancer template * Addressed feedback
* Add Forseti template
Test was failing because of latest cluster version can't be defined.
* NAT Gateway Template * Add feedback * Remove setting of project metadata for bats testing * Update ip_reservation.bats
gcloud beta is a pre-requironment and makes the test fail.
|
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
* Update Contributing read me Making it clear where community examples should be published. * Add redis and filestore resource snippets * Load the module by full name (#198) * Load the module fully * Fix spacing * updating master config fixing typo in config property. * Template to create a cloudsql instance, list of databases and users (#189) * Template to create a cloudsql instance, list of databases and users and import sqldump file from public shared file, for more info README.md * Change my email address * change google-container-manifest to gce-container-declaration and added serviceAccounts (#187) * Change the dependencies to fix the operationInProgress Error (#186) * change the dependencies of the replicas to avoid operationInProgress Error * add failover * fix the problem with the replica names (-replica-0-1 instead of -replica-1) * change the dependencies in replicas and failover to avoid operationInProgress Error * fixes: - dependencies with a variable weren't working - failover was always deployed * fix failover section * Add snippets for monitoring v3 * Add folder example for crm-v2 (#215) * upgrade cloud function sample to use cloud functions v1 provider * Support for centos in HTCondor deployment solution (#216) * Added support for centos, different versions of the OS, and different (stable) versions of htcondor * Added support for centos, different versions of the OS, and different (stable) versions of htcondor * Using centos 7 (instead of 6) as the default in the yaml file * Change subnetwork sample to have secondaryIpRanges * Hierarchical configuration v2 (#221) * Hierarchical configuration example * fixing comments * fixing comments * Update diagram * Moving example under community folder * Separating 'basic' and 'Organization with departments' practice. Implementing both of them. * Deletion of extra files. * Removing hidden files * System with external project creation * Helper function example version 1 * Update Actions release to 2018Q2 Actions feature release is currently 2018 Q2. * debian 8>9, import fixes, naming fixes * Applying glob import style * Style check * Adding makefile, stylecheck and integration tests * gitignore to ignore bats and virtualenv installations * Entry point readme * typo * Added tests, removing actual project creation * Sanitize config * Fixing tests * typo * Initial Foundations as a Service PR (#194) * FAAS initial commit * fixes for PR-194 * Add logsink template (#199) * Add cloud router template (#202) * Add cloud router template * Add org policy (#203) * Add Org Policy * Add firewall template (#201) * add firewall template * Add iam custom role template (#204) * Initial check in for iam custom role template * Add route template (#207) * Add route template * Initial check in for vpn template (#208) * Add iam member template (#210) * Add iam member template * Add shared vpc subnet iam template (#211) * Add shared vpc subnet iam template * Added role input. Added outputs. * FAAS Rename and restructure directories by templates (#213) * Renamed FASS directory to cloud-foundation * All FAAS references to cloud-foundation * Restructure all templates into individual directories * Restructure directories by templates * Correct link in testing documentation to reflect new directory structure * Renamed all files that use dashes to underscores for consistency. Documentation and testing updates to reflect file name changes. * Add folder template (#214) * Add project template (#206) Project Factory template * Create Pub/Sub template (#224) * Add Pub/Sub template * Add VM instance template (#225) * Add template for VM instance * Create service accounts and grant project/subnet IAM permissions (#222) creating service accounts with roles and creating subnet. * fixing schema file (#233) corrected schema file. * Added DNS managed zone template (#229) Added DNS managed zone template * Added DNS Records Template. (#230) DNS Records Template * Missing name tag for import resource. * Update requirements.txt (#240) * Template to create a storage bucket, copy files and add an acl. (#190) * Added region to sql instance (#228) * use service account instead of arbitrary email for patch IAM sample * fix prefix for service account * Corrected typo on README file * Clarifying warning (#280) Plus, adding a caution that the DM service account gets elevated privileges. * adding support to set pre-emptible instances on instance templates (#304) * HTCondor autoscaler for GCE (#296) * Removing fluentd config to gather condor jobs stats: condor-jobs.conf is not working * First import into github * autoscaler instructions * Refined argument passing and instructions * Fixed bug where make all was trying to build an unexistent file * Adding option to disable the autoscaler for the MIG, in case we are using the expernal autoscaler.py to control the scale * Fixing autoscaler * Adding a note to use setup_autoscaler=false in the condor-cluster properties. * Fixed spelling * Fixed a bug with scaling up Bug: When jobs are in the queue but not assigned to compute instances yet, autoscaling script should not shut down instances that are not handling jobs * Added option to specify max number of compute instances Added "--computeinstancelimit" option * Added argument to specify compute instance limit to the documentation * Fixed text formating problem * Improved script argument handling Added short form to represent arguments Removed --debug to --verbosity * Fixed argument definition * Updated example of calling the script * Added adjustment for the on-hold jobs On-hold jobs will not be counted when calculated job queue length and resources will not be allocated for jobs that are on-hold * generilized example invocation * Grammar improvements - Grammar improvements - Table with the list of arguments updated * Fixed argument name * Integrated feedback on the documentation after peer review and test by Jamie Kinney * Updating Cloud Functions type from v1beta2 to v1. (#322) * Updating Cloud Functions type from v1beta2 to v1. * Adding `parent` property * Added `parent` property * Add cloudfunctions v1beta2 configs back in temporarily * Remove unnecessary location field from cloudfunctions-v1 resource snippet template. (#325) * Add folder example for crm-v2 * Remove unnecessary location field from cloudfunctions resource template. * Updating Readme with Cloud Foundation Toolkit (#311) * Updating Readme with Cloud Foundation Toolkit * Readme extension with CFT (#327) * Updating Readme with Cloud Foundation Toolkit * add access context manager samples (#340) * Cloud foundation - phase 3 merge to master (#343) * Added `VCP Peering` template * Updated `Project` template documentation * Added `Cloud Build and Build Trigger` template * Added `Managed Instance Group` template * Updated `Health check` template documentation * Add Internal Load Balancer template (#298) * Add Internal Load Balancer template * Added `Dataproc` template * Updated `BigQuery` template documentation * Updated `GCS Bucket` template documentation * Add Cloud Key Management Service (KMS) Template (#266) * Add Cloud KMS Template * Normalizing output variables across templates * CFT deployment tool (#289) CFT utility * Add bastion host template (#308) * Add Cloud SQL template (#317) * Add logsink support for org/billing account/project/folder (#315) * Add logsink support for org/billing account/project/folder * GCS_bucket merge issue fix * Fix PR#333 Logsink destination is storage, not bucket (#336) * Interconnect Attachment Template (#305) * Interconnect Template (#312) * Add external load balancer template (#307) * Add external load balancer template * Addressed feedback * Added `Spanner` template * Add Forseti template (#328) * Add Forseti template * Added `Cloud Runtime Configurator` template * hotfix incorrect installation directory for bats * Added `Stackdriver Metric Descriptor` template * Added `Cloud Tasks` template * CFT test - GKE version hotfix * GKE version update to latest for tests * Hotfix networkURL > selfLink test * CFT - GKE - cluster version assert remove Test was failing because of latest cluster version can't be defined. * NAT Gateway Template (#310) * NAT Gateway Template * Add feedback * Remove setting of project metadata for bats testing * Update ip_reservation.bats * CFT - Test - gcloud beta install removal gcloud beta is a pre-requironment and makes the test fail. * Fix PR#334/330/329 (#342) * Doc update - merged to master Reference to Cloud Foundation repo removed because we merged to master. * Shared VPC projects can be created in a folder (#352) * Shared VPC projects can be created in a folder Fix #351
|
Examples like cloud_sql/README.md assume the user is writing new templates using the |
|
Great question, I'm working on a more detailed answer during the upcoming weeks. Please accept the sort version for now:
It's advised to have a simple bash/ant/etc... script defining the folder structure and the symbolic link for every system. Please let me know if you have follow up questions. |
|
Thanks for the explanation! We're on OSX / Linux and could probably accept the minor issue of committing directory layout conventions as symlinks. My major concern is consistent repository versioning, i.e. every team member has the same contents through
which could be seamless if we never need to patch the templates and contribute upstream. The
since DM would reject a manifest where multiple CloudSQL Instances have the same names for a Database (e.g. |
|
Let me summarize some of our unpublised guidlines: Naming: Creating the issues for tracking: #401 #402 I am not sure about your last comment related to cross organization modifications. A member of an other Org should not be able to touch your resources, even if they explicitly or accidentally try it. |
|
The guideline to ensure consistent version/commit with a script in the repo clears things up. I shouldn't have said "organization" since it's a GCP term. The hypothetical scenario is two independent companies CompA and CompB both checkout CFT
Even if CompA made no changes to their templates the CFT changes would produce unexpected Deployment Manager operations:
|
|
Ok, not I get what you are saying. Yes, eventually every CFT template should be individually versioned and set as a dependency to your project. My best advice is: during development run --preview first to catch unexpcted actions. |
|
FYI #409 |
This merge includes: