This repository contains a terraform module and Go library for deploying probers that perform custom probing logic to Google Cloud. The module packages a custom Go prober as a container image, deploys it to Cloud Run, and then configures an Uptime Check to periodically hit the Cloud Run URL.
With the little Go library provided here, a probe can be defined with as little code as:
import (
"context"
"log"
"github.com/chainguard-dev/terraform-google-prober/pkg/prober"
)
func main() {
prober.Go(context.Background(), prober.Func(func(ctx context.Context) error {
log.Print("Got a probe!")
return nil
}))
}See our basic example.
With the terraform module provided here, a probe can be deployed with a little configuration as:
module "prober" {
source = "chainguard-dev/prober/google"
version = "v0.1.2"
name = "basic-example"
project_id = var.project_id
importpath = "github.com/chainguard-dev/terraform-google-prober/examples/basic"
working_dir = path.module
}See our basic example.
You can pass additional configuration to your custom probes via environment variables passed to the prober application. These can be specified in the prober module:
env = {
"FOO" : "bar"
}See our complex example.
By default, the probers run as a single-homed Cloud Run application, which is great for development, and virtually free, but to take advantage of the geographic distribution of GCP Uptime Checks, we need to deploy Cloud Run applications to multiple regions behind a Google Cloud Load Balancer (expensive!) with a TLS-terminated domain.
This can be done by specifying the following additional configuration:
# Deploy to three regions behind GCLB with a Google-managed
# TLS certificate under the provided domain.
locations = [
"us-east1",
"us-central1",
"us-west1",
]
# The domain under which we will provision hostnames
domain = var.domain
# The Google Cloud DNS Zone to use for directing prober hostnames to the GCLB
# IP address.
dns_zone = google_dns_managed_zone.prober_zone.nameSee our complex example.
No requirements.
| Name | Version |
|---|---|
| cosign | n/a |
| n/a | |
| ko | n/a |
| random | n/a |
No modules.
| Name | Type |
|---|---|
| cosign_sign.image | resource |
| google_cloud_run_service.probers | resource |
| google_cloud_run_service_iam_policy.noauths | resource |
| google_compute_backend_service.probers | resource |
| google_compute_global_address.static_ip | resource |
| google_compute_global_forwarding_rule.forwarding_rule | resource |
| google_compute_managed_ssl_certificate.prober_cert | resource |
| google_compute_region_network_endpoint_group.neg | resource |
| google_compute_target_https_proxy.prober | resource |
| google_compute_url_map.probers | resource |
| google_dns_record_set.prober_dns | resource |
| google_monitoring_alert_policy.uptime_alert | resource |
| google_monitoring_uptime_check_config.global_uptime_check | resource |
| google_monitoring_uptime_check_config.regional_uptime_check | resource |
| ko_build.image | resource |
| random_password.secret | resource |
| cosign_verify.base-image | data source |
| google_iam_policy.noauth | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| alert_description | Alert documentation. Use this to link to playbooks or give additional context. | string |
"An uptime check has failed." |
no |
| cpu | The CPU limit for the prober. | string |
"1000m" |
no |
| dns_zone | The managed DNS zone in which to create prober record sets (required for multiple locations). | string |
"" |
no |
| domain | The domain of the environment to probe (required for multiple locations). | string |
"" |
no |
| enable_alert | If true, alert on failures. Outputs will return the alert ID for notification and dashboards. | bool |
false |
no |
| env | A map of custom environment variables (e.g. key=value) | map |
{} |
no |
| importpath | The import path that contains the prober application. | string |
n/a | yes |
| locations | Where to run the Cloud Run services. | list(string) |
[ |
no |
| memory | The memory limit for the prober. | string |
"512Mi" |
no |
| name | Name to prefix to created resources. | string |
n/a | yes |
| notification_channels | A list of notification channels to send alerts to. | list(string) |
[] |
no |
| period | The period for the prober in seconds. | string |
"300s" |
no |
| project_id | The project that will host the prober. | string |
n/a | yes |
| repository | Container repository to publish images to. | string |
"" |
no |
| service_account | The email address of the service account to run the service as. | string |
n/a | yes |
| timeout | The timeout for the prober in seconds. | string |
"60s" |
no |
| working_dir | The working directory that contains the importpath. | string |
n/a | yes |
| Name | Description |
|---|---|
| alert_id | n/a |
| uptime_check | n/a |
| uptime_check_name | n/a |