Skip to content

Commit e41c81c

Browse files
chmoderchmoder
authored
Merge pull request #1 from chmoder/feat-create-modules
Feat create modules
2 parents 228831a + 8d8ff68 commit e41c81c

35 files changed

+754
-154
lines changed

.terraform.lock.hcl

Lines changed: 42 additions & 20 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

README.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,19 +17,21 @@ Deploy a platform on Google Cloud by setting up basic infrastructure using varia
1717

1818
### TODO
1919

20-
- Refactor using module composition and Dependency Inversion
20+
- ~~Refactor using module composition and Dependency Inversion~~
2121
- Test on a new GCP project
2222
- ~~Automatic dns record (set A record to new static IP)~~
2323
- Variables for Cluster and Node Pool configurations machine type, HPA, etc.
2424
- ~~Add monitoring (new relic)~~
2525
- CloudSQL (Postgres, MySQL)
2626
- Caching (Redis, MemoryStore)
27+
- Use gitops instead of helm charts - maybe for new relic
2728
- ...
2829

2930
### Notes
3031

3132
- ~~You have to update your `ingress_hosts` A records in order to get traffic to your site. And to generate the SSL certificate.~~
3233
- You may need to modify the `certmanager` module to support your particular certificate needs. Current implementation uses [dns01 challenge solver with cloudflare](https://cert-manager.io/docs/configuration/acme/dns01/cloudflare/).
34+
- There is a bug with the `newrelic_cloud_gcp_link_account` resource https://github.com/newrelic/terraform-provider-newrelic/issues/2733
3335

3436
### Usage
3537

apis.tf renamed to apis/main.tf

File renamed without changes.

apis/outputs.tf

Whitespace-only changes.

apis/variables.tf

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
variable "project_id" {
2+
type = string
3+
description = "GCP project id"
4+
}

certmanager.tf renamed to certmanager/main.tf

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,6 @@ resource "kubernetes_namespace_v1" "cert_manager_namespace" {
33
metadata {
44
name = "cert-manager"
55
}
6-
7-
depends_on = [google_container_node_pool.primary_nodes]
86
}
97

108
# cert-manager dns01 challenge api key secret
@@ -62,5 +60,5 @@ module "cert_manager" {
6260
}
6361
}
6462

65-
depends_on = [google_container_node_pool.primary_nodes, kubernetes_secret_v1.cloudflare_api_token]
66-
}
63+
depends_on = [kubernetes_secret_v1.cloudflare_api_token]
64+
}

certmanager/outputs.tf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
output "cluster_issuer_name" {
2+
value = module.cert_manager.cluster_issuer_name
3+
}

certmanager/variables.tf

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
variable "cloudflare_api_key" {
2+
type = string
3+
description = "cloudflare api key for dns01 validation"
4+
}
5+
6+
variable "cluster_issuer_email" {
7+
type = string
8+
description = "email address for cert-manager"
9+
}
10+
11+
variable "cluster_issuer_private_key_secret_name" {
12+
type = string
13+
description = "eventual location of cert-manager tls key and cert"
14+
}
15+
16+
variable "cloudflare_email" {
17+
type = string
18+
description = "email address for cert-manager"
19+
}
20+
21+
variable "ingress_hosts" {
22+
type = map(map(string))
23+
description = "hostnames (domains) that will be used in certs and/or routing"
24+
}

clusters.tf renamed to clusters/main.tf

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,25 @@
1+
data "google_client_config" "example" {}
2+
3+
locals {
4+
k8_provider_config = {
5+
host = "https://${google_container_cluster.primary.endpoint}"
6+
token = data.google_client_config.example.access_token
7+
cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth[0].cluster_ca_certificate)
8+
9+
ignore_annotations = [
10+
"^autopilot\\.gke\\.io\\/.*",
11+
"^cloud\\.google\\.com\\/.*"
12+
]
13+
}
14+
}
15+
116
# Cluster
217
resource "google_container_cluster" "primary" {
318
name = "${var.name_prefix_kebab}-gke-cluster"
419
location = var.project_region
520
node_locations = ["${var.project_region}-f"]
621

7-
network = google_compute_network.example.id
22+
network = var.example_network_id
823

924

1025
remove_default_node_pool = true
@@ -16,8 +31,6 @@ resource "google_container_cluster" "primary" {
1631
start_time = "07:00"
1732
}
1833
}
19-
20-
depends_on = [google_project_iam_binding.cluster_admin]
2134
}
2235

2336
# Node Pool
@@ -41,6 +54,4 @@ resource "google_container_node_pool" "primary_nodes" {
4154
auto_upgrade = true
4255
auto_repair = true
4356
}
44-
45-
depends_on = [google_project_iam_binding.cluster_admin]
46-
}
57+
}

clusters/outputs.tf

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
output "google_container_cluster_primary_name" {
2+
value = google_container_cluster.primary.name
3+
}
4+
5+
output "k8_provider_config" {
6+
value = local.k8_provider_config
7+
}

0 commit comments

Comments
 (0)