From 7b28c9b87b0785bba1fd6502ae331d3ac40ce0bd Mon Sep 17 00:00:00 2001 From: beatlevic Date: Tue, 14 Mar 2023 09:46:29 +0100 Subject: [PATCH 1/2] No longer use provisioning modules cross environments. Use vpc native load balancing. --- .../environments/production/config.json | 7 +- .../provisioning/.terraform.lock.hcl | 38 ---- .../production/provisioning/main.tf | 161 ++++++++++++++--- .../production/provisioning/node_pool.tf | 42 +++++ .../production/provisioning/outputs.tf | 4 +- .../production/provisioning/variables.tf | 36 +++- .../production/services/api-service.yml | 2 +- .../production/services/web-service.yml | 2 +- deployment/environments/staging/config.json | 7 +- .../environments/staging/provisioning/main.tf | 163 +++++++++++++++--- .../staging/provisioning/node_pool.tf | 42 +++++ .../staging/provisioning/outputs.tf | 4 +- .../staging/provisioning/variables.tf | 36 +++- .../staging/services/api-service.yml | 2 +- .../staging/services/web-service.yml | 2 +- .../provisioning/gcp-bucket-module/main.tf | 12 -- .../gcp-bucket-module/variables.tf | 14 -- .../provisioning/gke-cluster-module/main.tf | 46 ----- .../gke-cluster-module/node_pool.tf | 30 ---- .../gke-cluster-module/outputs.tf | 7 - .../gke-cluster-module/variables.tf | 30 ---- deployment/scripts/create_addresses | 4 - 22 files changed, 436 insertions(+), 255 deletions(-) delete mode 100644 deployment/environments/production/provisioning/.terraform.lock.hcl create mode 100644 deployment/environments/production/provisioning/node_pool.tf create mode 100644 deployment/environments/staging/provisioning/node_pool.tf delete mode 100644 deployment/provisioning/gcp-bucket-module/main.tf delete mode 100644 deployment/provisioning/gcp-bucket-module/variables.tf delete mode 100644 deployment/provisioning/gke-cluster-module/main.tf delete mode 100644 deployment/provisioning/gke-cluster-module/node_pool.tf delete mode 100644 deployment/provisioning/gke-cluster-module/outputs.tf delete mode 100644 deployment/provisioning/gke-cluster-module/variables.tf delete mode 100755 deployment/scripts/create_addresses diff --git a/deployment/environments/production/config.json b/deployment/environments/production/config.json index 06b7e443d..2f18ffba2 100644 --- a/deployment/environments/production/config.json +++ b/deployment/environments/production/config.json @@ -9,9 +9,10 @@ "nodePoolCount": 2, "minNodeCount": 2, "maxNodeCount": 4, - "machineType": "n2d-standard-2" + "machineType": "n2-standard-2", + "preemptible": false }, - "ingresses": ["api", "web"], - "label": "app" + "label": "app", + "ingresses": ["api", "web"] } } diff --git a/deployment/environments/production/provisioning/.terraform.lock.hcl b/deployment/environments/production/provisioning/.terraform.lock.hcl deleted file mode 100644 index 3a23baddb..000000000 --- a/deployment/environments/production/provisioning/.terraform.lock.hcl +++ /dev/null @@ -1,38 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/google" { - version = "4.0.0" - hashes = [ - "h1:9Wx5zZikv9lvMzt119deXAnzyNsEcqtA4ifE8MYN0e8=", - "zh:48fbf905a5c1658b042c7edb0183e9a25dc04257cd5e6d4d870b33a0bc70eda4", - "zh:5f7a1579e23f0d187cc9062ec54f30d7336252705d4e0dd9dbd799cebd83429b", - "zh:63bb8f094eec5cecf1acbe7026c0ba31126670282dbcfce01477aec6c134a3bd", - "zh:7654b20e5dc0ed595f084039e8fd49ff70c11e2ed7b9fcc9c6169f3217845adb", - "zh:7bc37430171b2148b2bb835dc2eff967714d2ac515e73784b66c2ddda6d260fa", - "zh:84212e750b3a319055ee0dc43ef40a1096fea6793af8d87aecc330ead4e8e9c9", - "zh:ac53b6cd95fc024b96dba46e204bbc4963e744c7017f11d454ba49a4a8355ee3", - "zh:cc6a4989874fc7a1d3b82f8be761867c85472b37c5656a81cee8385330a5afa2", - "zh:d1ffc766f855995b6117f7f40ec02e2404a8474630dbcc38b8355519af1a47f5", - "zh:e68183a7c0f1efec3e36931ca06d31060218a9d44379aad5269e9d6fc6e6f47f", - "zh:e7c0dbfae422f8ae663c3462d549ac69287038fc880bfad5c58790b82bfde620", - ] -} - -provider "registry.terraform.io/hashicorp/google-beta" { - version = "4.0.0" - hashes = [ - "h1:peWoGRo4L85HpgmeeYl/Aj3CFL/mL590hOvyns6ZcP4=", - "zh:34ce5619a6bb8d34712c1c62926b150fa223e724a2645607f9d2fedd115e3479", - "zh:38ec64d8e1c49ebe53507c0706168d77adfe998a4a112dd4c2e79da435fd8d3d", - "zh:3a20431cd449342f84c69db91e9d68c9fba8fadec5e591257f717ccc4d98a29a", - "zh:7d92053e8fb15ac0ff92e6d9f4ccf3139d26a0ace23ec5477282a05365a21eb0", - "zh:860268215bd28c8d898a24176db8dd0cb95afc18da18b3df9d9faa3cb6b8e954", - "zh:893d093843a8434473404b540a1cb3929d70ad7908080d664db544d23f913cab", - "zh:9566a48125abea26b129999c05822852ed7e4bdc7cee37386101a9efb682f802", - "zh:b8d3af701b7a0070152fb318361171dd35e018f24699ce381f2e5358ff9819b7", - "zh:ce745343c9acfdcde5924cc1118fcbf85092a58c5bd9f0eb358a2a762f51b0b4", - "zh:e426b91d3b5101f27d74b06dc76f89d0a323f5ccbf40e7c48f993f75084e33dd", - "zh:f38d45989765d57a2b793e7a14748146a9859f41943a7015b07e0f9f9d9862d5", - ] -} diff --git a/deployment/environments/production/provisioning/main.tf b/deployment/environments/production/provisioning/main.tf index 962e7fb41..149fe897f 100644 --- a/deployment/environments/production/provisioning/main.tf +++ b/deployment/environments/production/provisioning/main.tf @@ -1,37 +1,152 @@ -locals { - global = { - project = var.project, - region = var.region, - multi_region = var.multi_region, - zone = var.zone, - environment = var.environment, - location = "${var.region}-${var.zone}", - bucket_prefix = var.bucket_prefix, - cluster_name = var.cluster_name, - node_pool_count = var.node_pool_count, - min_node_count = var.min_node_count, - max_node_count = var.max_node_count, - machine_type = var.machine_type, - preemptible = var.preemptible +## https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/using_gke_with_terraform + +## NETWORKING ## +resource "google_compute_network" "gke" { + project = var.project + name = "gke-network" + auto_create_subnetworks = false + description = "Compute Network for GKE nodes" +} + +resource "google_compute_subnetwork" "gke" { + project = var.project + name = "gke-subnetwork" + ip_cidr_range = "10.5.0.0/20" # 4096 IPs + region = var.region + network = google_compute_network.gke.id + + secondary_ip_range { + range_name = "services-range" + ip_cidr_range = "10.4.0.0/19" # 8192 IPs + } + + secondary_ip_range { + range_name = "pod-ranges" + ip_cidr_range = "10.0.0.0/14" # 262.144 IPs } } -module "gke-cluster" { - source = "../../../provisioning/gke-cluster-module" +## CLUSTER ## +resource "google_container_cluster" "default" { + project = var.project + location = "${var.region}-${var.zone}" + name = var.cluster_name + description = var.cluster_description + + remove_default_node_pool = true + initial_node_count = 1 + enable_kubernetes_alpha = false + + network = google_compute_network.gke.id + subnetwork = google_compute_subnetwork.gke.id + + gateway_api_config { + channel = "CHANNEL_STANDARD" + } + + ip_allocation_policy { + cluster_secondary_range_name = "pod-ranges" + services_secondary_range_name = "services-range" + } + + master_auth { + client_certificate_config { + issue_client_certificate = false + } + } + + release_channel { + channel = "REGULAR" + } + + timeouts { + create = "2h" + update = "2h" + delete = "2h" + } + + ## Use when you want to use IP whitelist + master_authorized_networks_config { - global = local.global + dynamic "cidr_blocks" { + for_each = var.master_authorizaed_networks_cidr_blocks + content { + display_name = cidr_blocks.value["display_name"] + cidr_block = cidr_blocks.value["cidr_block"] + } + } + + } + + ## Recommended to use private nodes + # private_cluster_config { + # enable_private_nodes = true + # } +} + +## BUCKETS ## +locals { + buckets = [for bucket in var.buckets : "${var.bucket_prefix}-${bucket}"] } -module "gcp-buckets" { - source = "../../../provisioning/gcp-bucket-module" +resource "google_storage_bucket" "bucket" { + for_each = toset(local.buckets) - global = local.global + name = each.value + project = var.project + location = var.multi_region + storage_class = "MULTI_REGIONAL" } -resource "google_compute_disk" "mongo_disk" { +## DISKS ## +resource "google_compute_disk" "mongo-disk" { project = var.project name = "mongo-disk" type = "pd-ssd" - zone = local.global.location + zone = "${var.region}-${var.zone}" size = 100 + + lifecycle { + ignore_changes = [ + labels + ] + } +} + +resource "google_compute_resource_policy" "hourly" { + name = "hourly-snapshot-policy" + project = var.project + region = var.region + snapshot_schedule_policy { + schedule { + hourly_schedule { + hours_in_cycle = 1 # The number of hours between snapshots + start_time = "00:00" + } + } + retention_policy { + max_retention_days = 7 + # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted. + # Default value is KEEP_AUTO_SNAPSHOTS + on_source_disk_delete = "APPLY_RETENTION_POLICY" + } + } +} + +resource "google_compute_disk_resource_policy_attachment" "attachment" { + project = var.project + name = google_compute_resource_policy.hourly.name + disk = google_compute_disk.mongo-disk.name + zone = "${var.region}-${var.zone}" +} + +## IP ADDRESES ## +resource "google_compute_global_address" "api_ingress" { + name = "api-ingress" + project = var.project +} + +resource "google_compute_global_address" "web_ingress" { + name = "web-ingress" + project = var.project } \ No newline at end of file diff --git a/deployment/environments/production/provisioning/node_pool.tf b/deployment/environments/production/provisioning/node_pool.tf new file mode 100644 index 000000000..147275759 --- /dev/null +++ b/deployment/environments/production/provisioning/node_pool.tf @@ -0,0 +1,42 @@ +resource "google_container_node_pool" "pool_1" { + name = "pool-1" + project = var.project + location = "${var.region}-${var.zone}" + cluster = google_container_cluster.default.name + node_count = var.node_pool_count + + autoscaling { + min_node_count = var.min_node_count + max_node_count = var.max_node_count + } + + lifecycle { + ignore_changes = [ + node_count + ] + } + + node_config { + spot = var.preemptible + machine_type = var.machine_type + disk_type = "pd-standard" + disk_size_gb = 100 + + metadata = { + disable-legacy-endpoints = "true" + } + + oauth_scopes = [ + "https://www.googleapis.com/auth/cloud-platform" # Give full access to all cloud services + ] + } + + management { + auto_repair = true + auto_upgrade = true + } + + depends_on = [ + google_container_cluster.default + ] +} diff --git a/deployment/environments/production/provisioning/outputs.tf b/deployment/environments/production/provisioning/outputs.tf index a7fe21133..35f8980d9 100644 --- a/deployment/environments/production/provisioning/outputs.tf +++ b/deployment/environments/production/provisioning/outputs.tf @@ -1,9 +1,9 @@ output "endpoint" { - value = module.gke-cluster.endpoint + value = google_container_cluster.default.endpoint } output "master_version" { - value = module.gke-cluster.master_version + value = google_container_cluster.default.master_version } output "cli_connect" { diff --git a/deployment/environments/production/provisioning/variables.tf b/deployment/environments/production/provisioning/variables.tf index 814236352..646d67f1c 100644 --- a/deployment/environments/production/provisioning/variables.tf +++ b/deployment/environments/production/provisioning/variables.tf @@ -1,5 +1,5 @@ variable "project" { - default = "bedrock-foundation" + default = "bedrock-production" } variable "environment" { @@ -11,7 +11,7 @@ variable "region" { } variable "zone" { - default = "c" + default = "a" } variable "multi_region" { @@ -19,23 +19,27 @@ variable "multi_region" { } variable "bucket_prefix" { - default = "bedrock_production" + default = "bedrock-production" } variable "cluster_name" { default = "cluster-1" } +variable "cluster_description" { + default = "GKE Cluster" +} + variable "node_pool_count" { - default = 3 + default = 1 } variable "min_node_count" { - default = 3 + default = 1 } variable "max_node_count" { - default = 6 + default = 3 } variable "preemptible" { @@ -45,3 +49,23 @@ variable "preemptible" { variable "machine_type" { default = "n2-standard-2" } + +variable "buckets" { + type = set(string) + + default = [ + "uploads", + "uploads-backup", + "mongodb-backups", + ] +} + +variable "master_authorizaed_networks_cidr_blocks" { + type = list(map(string)) + default = [ + { + display_name = "All", + cidr_block = "0.0.0.0/0" + } + ] +} diff --git a/deployment/environments/production/services/api-service.yml b/deployment/environments/production/services/api-service.yml index b3836462e..e0758bc55 100644 --- a/deployment/environments/production/services/api-service.yml +++ b/deployment/environments/production/services/api-service.yml @@ -5,7 +5,7 @@ metadata: labels: name: api spec: - type: NodePort + type: ClusterIP selector: app: api ports: diff --git a/deployment/environments/production/services/web-service.yml b/deployment/environments/production/services/web-service.yml index afd620e57..9f50085e6 100644 --- a/deployment/environments/production/services/web-service.yml +++ b/deployment/environments/production/services/web-service.yml @@ -5,7 +5,7 @@ metadata: labels: name: web spec: - type: NodePort + type: ClusterIP selector: app: web ports: diff --git a/deployment/environments/staging/config.json b/deployment/environments/staging/config.json index bcd32401c..221afda64 100644 --- a/deployment/environments/staging/config.json +++ b/deployment/environments/staging/config.json @@ -9,9 +9,10 @@ "nodePoolCount": 1, "minNodeCount": 1, "maxNodeCount": 3, - "machineType": "n2d-standard-2" + "machineType": "n2-standard-2", + "preemptible": false }, - "ingresses": ["api", "web"], - "label": "app" + "label": "app", + "ingresses": ["api", "web"] } } diff --git a/deployment/environments/staging/provisioning/main.tf b/deployment/environments/staging/provisioning/main.tf index f32b57a13..149fe897f 100644 --- a/deployment/environments/staging/provisioning/main.tf +++ b/deployment/environments/staging/provisioning/main.tf @@ -1,39 +1,152 @@ -locals { - global = { - project = var.project, - region = var.region, - multi_region = var.multi_region, - zone = var.zone, - environment = var.environment, - location = "${var.region}-${var.zone}", - bucket_prefix = var.bucket_prefix, - cluster_name = var.cluster_name, - node_pool_count = var.node_pool_count, - min_node_count = var.min_node_count, - max_node_count = var.max_node_count, - machine_type = var.machine_type, - preemptible = var.preemptible +## https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/using_gke_with_terraform + +## NETWORKING ## +resource "google_compute_network" "gke" { + project = var.project + name = "gke-network" + auto_create_subnetworks = false + description = "Compute Network for GKE nodes" +} + +resource "google_compute_subnetwork" "gke" { + project = var.project + name = "gke-subnetwork" + ip_cidr_range = "10.5.0.0/20" # 4096 IPs + region = var.region + network = google_compute_network.gke.id + + secondary_ip_range { + range_name = "services-range" + ip_cidr_range = "10.4.0.0/19" # 8192 IPs + } + + secondary_ip_range { + range_name = "pod-ranges" + ip_cidr_range = "10.0.0.0/14" # 262.144 IPs } } -module "gke-cluster" { - source = "../../../provisioning/gke-cluster-module" +## CLUSTER ## +resource "google_container_cluster" "default" { + project = var.project + location = "${var.region}-${var.zone}" + name = var.cluster_name + description = var.cluster_description + + remove_default_node_pool = true + initial_node_count = 1 + enable_kubernetes_alpha = false + + network = google_compute_network.gke.id + subnetwork = google_compute_subnetwork.gke.id + + gateway_api_config { + channel = "CHANNEL_STANDARD" + } + + ip_allocation_policy { + cluster_secondary_range_name = "pod-ranges" + services_secondary_range_name = "services-range" + } + + master_auth { + client_certificate_config { + issue_client_certificate = false + } + } + + release_channel { + channel = "REGULAR" + } + + timeouts { + create = "2h" + update = "2h" + delete = "2h" + } + + ## Use when you want to use IP whitelist + master_authorized_networks_config { - global = local.global - preemptible = true - node_pool_count = 2 + dynamic "cidr_blocks" { + for_each = var.master_authorizaed_networks_cidr_blocks + content { + display_name = cidr_blocks.value["display_name"] + cidr_block = cidr_blocks.value["cidr_block"] + } + } + + } + + ## Recommended to use private nodes + # private_cluster_config { + # enable_private_nodes = true + # } +} + +## BUCKETS ## +locals { + buckets = [for bucket in var.buckets : "${var.bucket_prefix}-${bucket}"] } -module "gcp-buckets" { - source = "../../../provisioning/gcp-bucket-module" +resource "google_storage_bucket" "bucket" { + for_each = toset(local.buckets) - global = local.global + name = each.value + project = var.project + location = var.multi_region + storage_class = "MULTI_REGIONAL" } -resource "google_compute_disk" "mongo_disk" { +## DISKS ## +resource "google_compute_disk" "mongo-disk" { project = var.project name = "mongo-disk" type = "pd-ssd" - zone = local.global.location + zone = "${var.region}-${var.zone}" size = 100 + + lifecycle { + ignore_changes = [ + labels + ] + } +} + +resource "google_compute_resource_policy" "hourly" { + name = "hourly-snapshot-policy" + project = var.project + region = var.region + snapshot_schedule_policy { + schedule { + hourly_schedule { + hours_in_cycle = 1 # The number of hours between snapshots + start_time = "00:00" + } + } + retention_policy { + max_retention_days = 7 + # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted. + # Default value is KEEP_AUTO_SNAPSHOTS + on_source_disk_delete = "APPLY_RETENTION_POLICY" + } + } +} + +resource "google_compute_disk_resource_policy_attachment" "attachment" { + project = var.project + name = google_compute_resource_policy.hourly.name + disk = google_compute_disk.mongo-disk.name + zone = "${var.region}-${var.zone}" +} + +## IP ADDRESES ## +resource "google_compute_global_address" "api_ingress" { + name = "api-ingress" + project = var.project +} + +resource "google_compute_global_address" "web_ingress" { + name = "web-ingress" + project = var.project } \ No newline at end of file diff --git a/deployment/environments/staging/provisioning/node_pool.tf b/deployment/environments/staging/provisioning/node_pool.tf new file mode 100644 index 000000000..147275759 --- /dev/null +++ b/deployment/environments/staging/provisioning/node_pool.tf @@ -0,0 +1,42 @@ +resource "google_container_node_pool" "pool_1" { + name = "pool-1" + project = var.project + location = "${var.region}-${var.zone}" + cluster = google_container_cluster.default.name + node_count = var.node_pool_count + + autoscaling { + min_node_count = var.min_node_count + max_node_count = var.max_node_count + } + + lifecycle { + ignore_changes = [ + node_count + ] + } + + node_config { + spot = var.preemptible + machine_type = var.machine_type + disk_type = "pd-standard" + disk_size_gb = 100 + + metadata = { + disable-legacy-endpoints = "true" + } + + oauth_scopes = [ + "https://www.googleapis.com/auth/cloud-platform" # Give full access to all cloud services + ] + } + + management { + auto_repair = true + auto_upgrade = true + } + + depends_on = [ + google_container_cluster.default + ] +} diff --git a/deployment/environments/staging/provisioning/outputs.tf b/deployment/environments/staging/provisioning/outputs.tf index a7fe21133..35f8980d9 100644 --- a/deployment/environments/staging/provisioning/outputs.tf +++ b/deployment/environments/staging/provisioning/outputs.tf @@ -1,9 +1,9 @@ output "endpoint" { - value = module.gke-cluster.endpoint + value = google_container_cluster.default.endpoint } output "master_version" { - value = module.gke-cluster.master_version + value = google_container_cluster.default.master_version } output "cli_connect" { diff --git a/deployment/environments/staging/provisioning/variables.tf b/deployment/environments/staging/provisioning/variables.tf index 553c38ec9..738ce1e1e 100644 --- a/deployment/environments/staging/provisioning/variables.tf +++ b/deployment/environments/staging/provisioning/variables.tf @@ -1,5 +1,5 @@ variable "project" { - default = "bedrock-foundation" + default = "bedrock-staging" } variable "environment" { @@ -11,7 +11,7 @@ variable "region" { } variable "zone" { - default = "c" + default = "a" } variable "multi_region" { @@ -19,23 +19,27 @@ variable "multi_region" { } variable "bucket_prefix" { - default = "bedrock_staging" + default = "bedrock-staging" } variable "cluster_name" { default = "cluster-1" } +variable "cluster_description" { + default = "GKE Cluster" +} + variable "node_pool_count" { - default = 3 + default = 1 } variable "min_node_count" { - default = 3 + default = 1 } variable "max_node_count" { - default = 6 + default = 3 } variable "preemptible" { @@ -45,3 +49,23 @@ variable "preemptible" { variable "machine_type" { default = "n2-standard-2" } + +variable "buckets" { + type = set(string) + + default = [ + "uploads", + "uploads-backup", + "mongodb-backups", + ] +} + +variable "master_authorizaed_networks_cidr_blocks" { + type = list(map(string)) + default = [ + { + display_name = "All", + cidr_block = "0.0.0.0/0" + } + ] +} diff --git a/deployment/environments/staging/services/api-service.yml b/deployment/environments/staging/services/api-service.yml index b3836462e..e0758bc55 100644 --- a/deployment/environments/staging/services/api-service.yml +++ b/deployment/environments/staging/services/api-service.yml @@ -5,7 +5,7 @@ metadata: labels: name: api spec: - type: NodePort + type: ClusterIP selector: app: api ports: diff --git a/deployment/environments/staging/services/web-service.yml b/deployment/environments/staging/services/web-service.yml index afd620e57..9f50085e6 100644 --- a/deployment/environments/staging/services/web-service.yml +++ b/deployment/environments/staging/services/web-service.yml @@ -5,7 +5,7 @@ metadata: labels: name: web spec: - type: NodePort + type: ClusterIP selector: app: web ports: diff --git a/deployment/provisioning/gcp-bucket-module/main.tf b/deployment/provisioning/gcp-bucket-module/main.tf deleted file mode 100644 index 9a2d4ebca..000000000 --- a/deployment/provisioning/gcp-bucket-module/main.tf +++ /dev/null @@ -1,12 +0,0 @@ -locals { - buckets = [for bucket in var.buckets : "${var.global.bucket_prefix}-${bucket}"] -} - -resource "google_storage_bucket" "bucket" { - for_each = toset(local.buckets) - - name = each.value - project = var.global.project - location = var.global.multi_region - storage_class = "MULTI_REGIONAL" -} \ No newline at end of file diff --git a/deployment/provisioning/gcp-bucket-module/variables.tf b/deployment/provisioning/gcp-bucket-module/variables.tf deleted file mode 100644 index d27b06221..000000000 --- a/deployment/provisioning/gcp-bucket-module/variables.tf +++ /dev/null @@ -1,14 +0,0 @@ -variable "global" { - type = map(string) - description = "Global variables used in all modules" -} - -variable "buckets" { - type = set(string) - - default = [ - "uploads", - "uploads-backup", - "mongodb-backups" - ] -} \ No newline at end of file diff --git a/deployment/provisioning/gke-cluster-module/main.tf b/deployment/provisioning/gke-cluster-module/main.tf deleted file mode 100644 index 80844accc..000000000 --- a/deployment/provisioning/gke-cluster-module/main.tf +++ /dev/null @@ -1,46 +0,0 @@ -resource "google_container_cluster" "default" { - provider = google-beta - project = var.global.project - location = var.global.location - name = var.global.cluster_name - - description = var.description - - remove_default_node_pool = true - initial_node_count = 1 - enable_kubernetes_alpha = false - - master_auth { - client_certificate_config { - issue_client_certificate = false - } - } - - release_channel { - channel = "STABLE" - } - - timeouts { - create = "2h" - update = "2h" - delete = "2h" - } - - ## Use when you want to use IP whitelist - master_authorized_networks_config { - - dynamic "cidr_blocks" { - for_each = var.master_authorizaed_networks_cidr_blocks - content { - display_name = cidr_blocks.value["display_name"] - cidr_block = cidr_blocks.value["cidr_block"] - } - } - - } - - ## Recommended to use private nodes - # private_cluster_config { - # enable_private_nodes = true - # } -} \ No newline at end of file diff --git a/deployment/provisioning/gke-cluster-module/node_pool.tf b/deployment/provisioning/gke-cluster-module/node_pool.tf deleted file mode 100644 index 47e7eb3f8..000000000 --- a/deployment/provisioning/gke-cluster-module/node_pool.tf +++ /dev/null @@ -1,30 +0,0 @@ -resource "google_container_node_pool" "default" { - name = "pool-1" - project = var.global.project - location = var.global.location - cluster = google_container_cluster.default.name - node_count = var.global.node_pool_count - - autoscaling { - min_node_count = var.global.min_node_count - max_node_count = var.global.max_node_count - } - - node_config { - preemptible = var.global.preemptible - machine_type = var.global.machine_type - - metadata = { - disable-legacy-endpoints = "true" - } - - oauth_scopes = [ - "https://www.googleapis.com/auth/cloud-platform" # Give full access to all cloud services - ] - } - - management { - auto_repair = true - auto_upgrade = true - } -} diff --git a/deployment/provisioning/gke-cluster-module/outputs.tf b/deployment/provisioning/gke-cluster-module/outputs.tf deleted file mode 100644 index 12a45c83c..000000000 --- a/deployment/provisioning/gke-cluster-module/outputs.tf +++ /dev/null @@ -1,7 +0,0 @@ -output "endpoint" { - value = google_container_cluster.default.endpoint -} - -output "master_version" { - value = google_container_cluster.default.master_version -} diff --git a/deployment/provisioning/gke-cluster-module/variables.tf b/deployment/provisioning/gke-cluster-module/variables.tf deleted file mode 100644 index d6494efe4..000000000 --- a/deployment/provisioning/gke-cluster-module/variables.tf +++ /dev/null @@ -1,30 +0,0 @@ -variable "global" { - type = map(string) - description = "Global variables used in all modules" -} - -variable "description" { - default = "GKE Cluster" -} - -variable "node_pool_count" { - default = 3 -} - -variable "preemptible" { - default = false -} - -variable "machine_type" { - default = "n2-standard-2" -} - -variable "master_authorizaed_networks_cidr_blocks" { - type = list(map(string)) - default = [ - { - display_name = "All", - cidr_block = "0.0.0.0/0" - } - ] -} \ No newline at end of file diff --git a/deployment/scripts/create_addresses b/deployment/scripts/create_addresses deleted file mode 100755 index 2df35a152..000000000 --- a/deployment/scripts/create_addresses +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -gcloud compute addresses create api --region us-east1 -gcloud compute addresses create web --region us-east1 -gcloud compute addresses list From 3303cda71b694e1b72a4cd57decb3c1a59452ec6 Mon Sep 17 00:00:00 2001 From: beatlevic Date: Tue, 14 Mar 2023 09:56:41 +0100 Subject: [PATCH 2/2] Default us-east1 zone c --- deployment/environments/production/provisioning/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/environments/production/provisioning/variables.tf b/deployment/environments/production/provisioning/variables.tf index 646d67f1c..cf239413d 100644 --- a/deployment/environments/production/provisioning/variables.tf +++ b/deployment/environments/production/provisioning/variables.tf @@ -11,7 +11,7 @@ variable "region" { } variable "zone" { - default = "a" + default = "c" } variable "multi_region" {