add gke cluster code

2023-05-03 08:52:20 -04:00 · 2023-05-03 08:52:20 -04:00 · 2598cc76d7
commit 2598cc76d7
10 changed files with 287 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,57 @@
+# These are some examples of commonly ignored file patterns.
+# You should customize this list as applicable to your project.
+# Learn more about .gitignore:
+#     https://www.atlassian.com/git/tutorials/saving-changes/gitignore
+
+# Node artifact files
+node_modules/
+dist/
+
+# Compiled Java class files
+*.class
+
+# Compiled Python bytecode
+*.py[cod]
+
+# Log files
+*.log
+
+# Package files
+*.jar
+
+# Maven
+target/
+dist/
+
+# JetBrains IDE
+.idea/
+
+# Unit test reports
+TEST*.xml
+
+# Generated by MacOS
+.DS_Store
+
+# Generated by Windows
+Thumbs.db
+
+# Applications
+*.app
+*.exe
+*.war
+
+# Large media files
+*.mp4
+*.tiff
+*.avi
+*.flv
+*.mov
+*.wmv
+
+.terraform/
+.terraform*
+terraform.*
+*.tfvars
+flux-git-auth.yaml
+
+.idea
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -0,0 +1,10 @@
+repos:
+  - repo: https://github.com/terraform-docs/terraform-docs
+    rev: "v0.16.0"
+    hooks:
+      - id: terraform-docs-go
+        args: ["markdown", "table", "--output-file", "README.md", "."]
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+    -   id: trailing-whitespace
--- a/README.md
+++ b/README.md
@ -0,0 +1,81 @@
+# How to use
+
+1. Create *.tfvars file with a few variables
+```
+project          = "gcp-project"
+region           = "europe-west1"
+environment_name = "demo"
+```
+
+2. Create cluster
+```
+terraform init
+terraform apply
+```
+
+3. Configure kubeconfig for new cluster
+```
+gcloud container clusters get-credentials $(terraform output -raw kubernetes_cluster_name) --region $(terraform output -raw region) --project $(terraform output -raw project)
+```
+
+4. Destroy all resources
+```
+terraform destroy -target 'kubernetes_namespace.flux-system'
+terraform destroy -target 'google_container_node_pool.primary_nodes'
+terraform destroy -target 'google_container_cluster.primary'
+terraform destroy -target 'google_compute_subnetwork.subnet'
+terraform destroy -target 'google_compute_network.vpc'
+terraform destroy -target 'data.google_client_config.primary'
+```
+
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~>1.4.2 |
+| <a name="requirement_google"></a> [google](#requirement\_google) | ~>4.62.0 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~>2.19.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | 4.62.1 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.19.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [google_compute_network.vpc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network) | resource |
+| [google_compute_subnetwork.subnet](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork) | resource |
+| [google_container_cluster.primary](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource |
+| [google_container_node_pool.primary_nodes](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool) | resource |
+| [kubernetes_namespace.flux-system](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [google_client_config.primary](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_environment_name"></a> [environment\_name](#input\_environment\_name) | n/a | `string` | `"demo"` | no |
+| <a name="input_gke_num_nodes"></a> [gke\_num\_nodes](#input\_gke\_num\_nodes) | number of gke nodes | `number` | `1` | no |
+| <a name="input_project"></a> [project](#input\_project) | Google Project to create resources in | `string` | `"demo"` | no |
+| <a name="input_region"></a> [region](#input\_region) | The region to host the cluster in | `string` | `"us-central1"` | no |
+| <a name="input_vpc_host_project"></a> [vpc\_host\_project](#input\_vpc\_host\_project) | Host Project where virtual network exists | `string` | `"demo"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_kubernetes_cluster_host"></a> [kubernetes\_cluster\_host](#output\_kubernetes\_cluster\_host) | GKE Cluster Host |
+| <a name="output_kubernetes_cluster_name"></a> [kubernetes\_cluster\_name](#output\_kubernetes\_cluster\_name) | GKE Cluster Name |
+| <a name="output_project"></a> [project](#output\_project) | GCloud Project ID |
+| <a name="output_region"></a> [region](#output\_region) | GCloud Region |
+<!-- END_TF_DOCS -->
--- a/flux.tf
+++ b/flux.tf
@ -0,0 +1,5 @@
+resource "kubernetes_namespace" "flux-system" {
+  metadata {
+    name = "flux-system"
+  }
+}
--- a/gke.tf
+++ b/gke.tf
@ -0,0 +1,40 @@
+# GKE cluster
+resource "google_container_cluster" "primary" {
+  name     = "${var.project}-gke"
+  location = var.region
+
+  # We can't create a cluster with no node pool defined, but we want to only use
+  # separately managed node pools. So we create the smallest possible default
+  # node pool and immediately delete it.
+  remove_default_node_pool = true
+  initial_node_count       = 1
+
+  network    = google_compute_network.vpc.name
+  subnetwork = google_compute_subnetwork.subnet.name
+}
+
+# Separately Managed Node Pool
+resource "google_container_node_pool" "primary_nodes" {
+  name       = google_container_cluster.primary.name
+  location   = var.region
+  cluster    = google_container_cluster.primary.name
+  node_count = var.gke_num_nodes
+
+  node_config {
+    oauth_scopes = [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring",
+    ]
+
+    labels = {
+      env = var.project
+    }
+
+    preemptible  = true
+    machine_type = "custom-2-4096" # 1 core too low for Prometheus...
+    tags         = ["gke-node", "${var.project}-gke"]
+    metadata = {
+      disable-legacy-endpoints = "true"
+    }
+  }
+}
--- a/outputs.tf
+++ b/outputs.tf
@ -0,0 +1,19 @@
+output "region" {
+  value       = var.region
+  description = "GCloud Region"
+}
+
+output "project" {
+  value       = var.project
+  description = "GCloud Project ID"
+}
+
+output "kubernetes_cluster_name" {
+  value       = google_container_cluster.primary.name
+  description = "GKE Cluster Name"
+}
+
+output "kubernetes_cluster_host" {
+  value       = google_container_cluster.primary.endpoint
+  description = "GKE Cluster Host"
+}
--- a/providers.tf
+++ b/providers.tf
@ -0,0 +1,15 @@
+data "google_client_config" "primary" {}
+
+provider "kubernetes" {
+  host                   = "https://${google_container_cluster.primary.endpoint}"
+  token                  = data.google_client_config.primary.access_token
+  cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = "https://${google_container_cluster.primary.endpoint}"
+    token                  = data.google_client_config.primary.access_token
+    cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
+  }
+}
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,27 @@
+variable "project" {
+  description = "Google Project to create resources in"
+  type        = string
+  default     = "demo"
+}
+
+variable "vpc_host_project" {
+  description = "Host Project where virtual network exists"
+  type        = string
+  default     = "demo"
+}
+
+variable "environment_name" {
+  type    = string
+  default = "demo"
+}
+
+variable "region" {
+  type        = string
+  description = "The region to host the cluster in"
+  default     = "us-central1"
+}
+
+variable "gke_num_nodes" {
+  default     = 1
+  description = "number of gke nodes"
+}
--- a/versions.tf
+++ b/versions.tf
@ -0,0 +1,14 @@
+terraform {
+  required_version = "~>1.4.2"
+
+  required_providers {
+    google = {
+      source  = "hashicorp/google" # https://github.com/hashicorp/terraform-provider-google
+      version = "~>4.62.0"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes" # https://github.com/hashicorp/terraform-provider-kubernetes
+      version = "~>2.19.0"
+    }
+  }
+}
--- a/vpc.tf
+++ b/vpc.tf
@ -0,0 +1,19 @@
+provider "google" {
+  project = var.project
+  region  = var.region
+}
+
+# VPC
+resource "google_compute_network" "vpc" {
+  name                    = "${var.project}-vpc"
+  auto_create_subnetworks = "false"
+}
+
+# Subnet
+resource "google_compute_subnetwork" "subnet" {
+  name                     = "${var.project}-subnet"
+  region                   = var.region
+  network                  = google_compute_network.vpc.name
+  ip_cidr_range            = "10.10.0.0/24"
+  private_ip_google_access = true
+}