You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by om...@apache.org on 2019/09/09 10:21:21 UTC
[incubator-dlab] branch DLAB-terraform updated: added Terraform
scripts for GKE provisioning
This is an automated email from the ASF dual-hosted git repository.
omartushevskyi pushed a commit to branch DLAB-terraform
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
The following commit(s) were added to refs/heads/DLAB-terraform by this push:
new 5e5f42f added Terraform scripts for GKE provisioning
5e5f42f is described below
commit 5e5f42f649e050bf0b253a2c660ea03850238bc8
Author: Oleh Martushevskyi <Ol...@epam.com>
AuthorDate: Mon Sep 9 13:21:12 2019 +0300
added Terraform scripts for GKE provisioning
---
.../terraform/gcp/ssn-gke/main/gke.tf | 73 ++++++++++++++++++++++
.../terraform/gcp/ssn-gke/main/iam.tf | 29 +++++++++
.../terraform/gcp/ssn-gke/main/main.tf | 27 ++++++++
.../terraform/gcp/ssn-gke/main/variables.tf | 72 +++++++++++++++++++++
.../terraform/gcp/ssn-gke/main/vpc.tf | 49 +++++++++++++++
5 files changed, 250 insertions(+)
diff --git a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/gke.tf b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/gke.tf
new file mode 100644
index 0000000..507f710
--- /dev/null
+++ b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/gke.tf
@@ -0,0 +1,73 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+locals {
+ additional_tag = split(":", var.additional_tag)
+ gke_name = "${var.service_base_name}-cluster"
+ gke_node_pool_name = "${var.service_base_name}-node-pool"
+}
+
+resource "google_container_cluster" "ssn_k8s_gke_cluster" {
+ name = local.gke_name
+ location = var.region
+ remove_default_node_pool = true
+ initial_node_count = 1
+ min_master_version = var.gke_cluster_version
+ network = data.google_compute_network.ssn_gke_vpc_data.self_link
+ subnetwork = data.google_compute_subnetwork.ssn_gke_subnet_data.self_link
+ resource_labels = {
+ Name = local.gke_name
+ "${local.additional_tag[0]}" = local.additional_tag[1]
+ "${var.tag_resource_id}" = "${var.service_base_name}:${local.gke_name}"
+ "${var.service_base_name}-Tag" = local.gke_name
+ }
+
+ master_auth {
+ username = ""
+ password = ""
+
+ client_certificate_config {
+ issue_client_certificate = false
+ }
+ }
+}
+
+resource "google_container_node_pool" "ssn_k8s_gke_node_pool" {
+ name = local.gke_node_pool_name
+ location = var.region
+ cluster = google_container_cluster.ssn_k8s_gke_cluster.name
+ node_count = var.ssn_k8s_workers_count
+ version = var.gke_cluster_version
+
+ node_config {
+ machine_type = var.ssn_k8s_workers_shape
+ service_account = google_service_account.ssn_k8s_sa.name
+
+ metadata = {
+ disable-legacy-endpoints = "true"
+ }
+
+ oauth_scopes = [
+ "https://www.googleapis.com/auth/logging.write",
+ "https://www.googleapis.com/auth/monitoring",
+ ]
+ }
+}
\ No newline at end of file
diff --git a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/iam.tf b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/iam.tf
new file mode 100644
index 0000000..147d866
--- /dev/null
+++ b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/iam.tf
@@ -0,0 +1,29 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+locals {
+ service_account_name = "${var.service_base_name}-k8s-sa"
+}
+
+resource "google_service_account" "ssn_k8s_sa" {
+ account_id = local.service_account_name
+ display_name = local.service_account_name
+}
\ No newline at end of file
diff --git a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/main.tf b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/main.tf
new file mode 100644
index 0000000..9374c7b
--- /dev/null
+++ b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/main.tf
@@ -0,0 +1,27 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+provider "google" {
+ credentials = file(var.credentials_file_path)
+ project = var.project_id
+ region = var.region
+ zone = var.zone
+}
\ No newline at end of file
diff --git a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/variables.tf b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/variables.tf
new file mode 100644
index 0000000..725d823
--- /dev/null
+++ b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/variables.tf
@@ -0,0 +1,72 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+variable "credentials_file_path" {
+ default = ""
+}
+
+variable "project_id" {
+ default = ""
+}
+
+variable "region" {
+ default = "us-west1"
+}
+
+variable "zone" {
+ default = "a"
+}
+
+variable "vpc_name" {
+ default = ""
+}
+
+variable "subnet_name" {
+ default = ""
+}
+
+variable "service_base_name" {
+ default = "dlab-k8s"
+}
+
+variable "subnet_cidr" {
+ default = "172.31.0.0/24"
+}
+
+variable "additional_tag" {
+ default = "product:dlab"
+}
+
+variable "ssn_k8s_workers_count" {
+ default = 2
+}
+
+variable "gke_cluster_version" {
+ default = "1.12.8-gke.10"
+}
+
+variable "tag_resource_id" {
+ default = "user:tag"
+}
+
+variable "ssn_k8s_workers_shape" {
+ default = "n1-standard-1"
+}
\ No newline at end of file
diff --git a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/vpc.tf b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/vpc.tf
new file mode 100644
index 0000000..04f7ec7
--- /dev/null
+++ b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/vpc.tf
@@ -0,0 +1,49 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+locals {
+ ssn_vpc_name = "${var.service_base_name}-ssn-vpc"
+ ssn_subnet_name = "${var.service_base_name}-ssn-subnet"
+}
+
+resource "google_compute_network" "ssn_gke_vpc" {
+ count = var.vpc_name == "" ? 1 : 0
+ name = local.ssn_vpc_name
+ auto_create_subnetworks = false
+}
+
+data "google_compute_network" "ssn_gke_vpc_data" {
+ name = var.vpc_name == "" ? google_compute_network.ssn_gke_vpc.0.name : var.vpc_name
+}
+
+resource "google_compute_subnetwork" "ssn_gke_subnet" {
+ count = var.subnet_name == "" ? 1 : 0
+ name = local.ssn_subnet_name
+ ip_cidr_range = var.subnet_cidr
+ region = var.region
+ network = data.google_compute_network.ssn_gke_vpc_data.self_link
+}
+
+data "google_compute_subnetwork" "ssn_gke_subnet_data" {
+ name = var.subnet_name == "" ? google_compute_subnetwork.ssn_gke_subnet.0.name : var.subnet_name
+ region = var.region
+}
+
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org