Prod

README.md

@@ -1,4 +1,8 @@
-# Configuring your **dev** environment
+# Managing infrastructure as code with Terraform, Cloud Build, and GitOps
+
+This is the repo for the [Managing infrastructure as code with Terraform, Cloud Build, and GitOps](https://cloud.google.com/solutions/managing-infrastructure-as-code) tutorial. This tutorial explains how to manage infrastructure as code with Terraform and Cloud Build using the popular GitOps methodology. 
+
+## Configuring your **dev** environment...
 
 Just for demostration, this step will:
  1. Configure an apache2 http server on network '**dev**' and subnet '**dev**-subnet-01'
@@ -12,7 +16,7 @@ terraform apply
 terraform destroy
 ```
 
-# Promoting your environment to **production**
+## Promoting your environment to **production**
 
 Once you have tested your app (in this example an apache2 http server), you can promote your configuration to prodution. This step will:
  1. Configure an apache2 http server on network '**prod**' and subnet '**prod**-subnet-01'

cloudbuild.yaml

@@ -25,7 +25,7 @@ steps:
       echo "***********************"
 
 - id: 'tf init'
-  name: 'hashicorp/terraform:0.11.14'
+  name: 'hashicorp/terraform:1.0.0'
   entrypoint: 'sh'
   args: 
   - '-c'
@@ -50,7 +50,7 @@ steps:
 
 # [START tf-plan]
 - id: 'tf plan'
-  name: 'hashicorp/terraform:0.11.14'
+  name: 'hashicorp/terraform:1.0.0'
   entrypoint: 'sh'
   args: 
   - '-c'
@@ -76,7 +76,7 @@ steps:
 
 # [START tf-apply]
 - id: 'tf apply'
-  name: 'hashicorp/terraform:0.11.14'
+  name: 'hashicorp/terraform:1.0.0'
   entrypoint: 'sh'
   args: 
   - '-c'

environments/dev/backend.tf

@@ -15,7 +15,7 @@
 
 terraform {
   backend "gcs" {
-    bucket = "PROJECT_ID-tfstate"
+    bucket = "yash-innovation-tfstate"
     prefix = "env/dev"
   }
 }

environments/dev/main.tf

@@ -14,27 +14,35 @@
 
 
 locals {
-  "env" = "dev"
+  env = "dev"
 }
 
 provider "google" {
   project = "${var.project}"
 }
 
-module "vpc" {
-  source  = "../../modules/vpc"
-  project = "${var.project}"
-  env     = "${local.env}"
-}
 
-module "http_server" {
-  source  = "../../modules/http_server"
-  project = "${var.project}"
-  subnet  = "${module.vpc.subnet}"
-}
 
-module "firewall" {
-  source  = "../../modules/firewall"
-  project = "${var.project}"
-  subnet  = "${module.vpc.subnet}"
+module "kubernetes_engine" {
+	source = "../../modules/vpc"
+	count = var.kubernetes_engine-create ? var.kubernetes_engine-count : 0
+	k8s_cluster_name 		    = var.k8s_cluster_name
+	k8s_cluster_location 	  = var.k8s_cluster_location
+	k8s_remove_default_node_pool = var.k8s_remove_default_node_pool
+	k8s_initial_node_count 	= var.k8s_initial_node_count
+	#k8s_username 			      = var.k8s_username
+	#k8s_password 			      = var.k8s_password
+	k8s_issue_client_certificate = var.k8s_issue_client_certificate
+	k8s_pool_name 			    = var.k8s_pool_name
+	k8s_pool_location 		  = var.k8s_pool_location
+	k8s_pool_node_count 	  = var.k8s_pool_node_count
+	k8s_pool_preemptible 	  = var.k8s_pool_preemptible
+	k8s_pool_machine_type 	= var.k8s_pool_machine_type
+	k8s_pool_disable-legacy-endpoints = var.k8s_pool_disable-legacy-endpoints
+	k8s_pool_oauth_scopes 	= var.k8s_pool_oauth_scopes
+	k8s_min_node_count = var.k8s_min_node_count
+	k8s_max_node_count = var.k8s_max_node_count
+  	project = "${var.project}"
+  	env     = "${local.env}"
 }
+

environments/dev/outputs.tf

@@ -13,22 +13,18 @@
 # limitations under the License.
 
 
-output "network" {
-  value = "${module.vpc.network}"
+output "cluster_id" {
+	value = module.kubernetes_engine[*].cluster_id
 }
 
-output "subnet" {
-  value = "${module.vpc.subnet}"
+output "cluster_endpoint" {
+	value = module.kubernetes_engine[*].cluster_endpoint
 }
 
-output "firewall_rule" {
-  value = "${module.firewall.firewall_rule}"
+output "pool_id" {
+	value = module.kubernetes_engine[*].pool_id
 }
 
-output "instance_name" {
-  value = "${module.http_server.instance_name}"
-}
-
-output "external_ip" {
-  value = "${module.http_server.external_ip}"
+output "pool_instance_group_urls" {
+	value = module.kubernetes_engine[*].pool_instance_group_urls
 }

environments/dev/terraform.tfvars

@@ -1 +1,38 @@
-project="PROJECT_ID"
+project="yash-innovation"
+kubernetes_engine-create=true
+
+
+kubernetes_engine-count=1
+
+
+k8s_cluster_name="tf-gke-cluster1"
+
+k8s_cluster_location="us-central1-a"
+
+
+k8s_remove_default_node_pool=true
+
+k8s_initial_node_count=1
+
+k8s_issue_client_certificate=false
+
+k8s_pool_name="tf-node-pool"
+
+
+k8s_pool_location="us-central1-a"
+
+
+k8s_pool_node_count=2
+
+k8s_pool_preemptible=true
+
+k8s_pool_machine_type="e2-small"
+
+k8s_min_node_count=1
+k8s_max_node_count=3
+
+k8s_pool_disable-legacy-endpoints=true
+k8s_pool_oauth_scopes= [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring"
+    ]

environments/dev/variables.tf

@@ -14,3 +14,85 @@
 
 
 variable "project" {}
+variable "kubernetes_engine-create" {
+	type = bool
+	default = true
+}
+
+variable "kubernetes_engine-count" {
+	type = number
+	default = 1
+}
+
+variable "k8s_cluster_name" {
+	type = string
+	default = "tf-gke-cluster1"
+}
+
+variable "k8s_cluster_location" {
+	type = string
+	default = "us-central1-a"
+}
+
+variable "k8s_remove_default_node_pool" {
+	type = bool
+	default = true
+}
+
+variable "k8s_initial_node_count" {
+	type = number
+	default = 1
+}
+
+
+variable "k8s_issue_client_certificate" {
+	type = bool
+	default = false
+}
+
+variable "k8s_pool_name" {
+	type = string
+	default = "tf-node-pool"
+}
+
+variable "k8s_pool_location" {
+	type = string
+	default = "us-central1-a"
+}
+
+variable "k8s_pool_node_count" {
+	type = number
+	default = 2
+}
+
+variable "k8s_pool_preemptible" {
+	type = bool
+	default = true
+}
+
+variable "k8s_pool_machine_type" {
+	type = string
+	default = "e2-small"
+}
+
+variable "k8s_pool_disable-legacy-endpoints" {
+	type = bool
+	default = true
+}
+variable "k8s_min_node_count" {
+	type = number
+	default = 1
+}
+
+variable "k8s_max_node_count" {
+	type = number
+	default = 3
+}
+
+variable "k8s_pool_oauth_scopes" {
+	type = list(string)
+	default = [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring",
+    ]
+}

environments/dev/versions.tf

@@ -14,5 +14,5 @@
 
 
 terraform {
-  required_version = "~> 0.11.0"
+  required_version = "~> 1.0.0"
 }

environments/prod/backend.tf

@@ -15,7 +15,7 @@
 
 terraform {
   backend "gcs" {
-    bucket = "PROJECT_ID-tfstate"
+    bucket = "yash-innovation-tfstate"
     prefix = "env/prod"
   }
 }

environments/prod/main.tf

@@ -14,27 +14,33 @@
 
 
 locals {
-  "env" = "prod"
+  env = "dev"
 }
 
 provider "google" {
   project = "${var.project}"
 }
 
-module "vpc" {
-  source  = "../../modules/vpc"
-  project = "${var.project}"
-  env     = "${local.env}"
-}
 
-module "http_server" {
-  source  = "../../modules/http_server"
-  project = "${var.project}"
-  subnet  = "${module.vpc.subnet}"
-}
 
-module "firewall" {
-  source  = "../../modules/firewall"
-  project = "${var.project}"
-  subnet  = "${module.vpc.subnet}"
+module "kubernetes_engine" {
+	source = "../../modules/vpc"
+	count = var.kubernetes_engine-create ? var.kubernetes_engine-count : 0
+	k8s_cluster_name 		    = var.k8s_cluster_name
+	k8s_cluster_location 	  = var.k8s_cluster_location
+	k8s_remove_default_node_pool = var.k8s_remove_default_node_pool
+	k8s_initial_node_count 	= var.k8s_initial_node_count
+	#k8s_username 			      = var.k8s_username
+	#k8s_password 			      = var.k8s_password
+	k8s_issue_client_certificate = var.k8s_issue_client_certificate
+	k8s_pool_name 			    = var.k8s_pool_name
+	k8s_pool_location 		  = var.k8s_pool_location
+	k8s_pool_node_count 	  = var.k8s_pool_node_count
+	k8s_pool_preemptible 	  = var.k8s_pool_preemptible
+	k8s_pool_machine_type 	= var.k8s_pool_machine_type
+	k8s_pool_disable-legacy-endpoints = var.k8s_pool_disable-legacy-endpoints
+	k8s_pool_oauth_scopes 	= var.k8s_pool_oauth_scopes
+  	project = "${var.project}"
+  	env     = "${local.env}"
 }
+

environments/prod/outputs.tf

@@ -13,22 +13,18 @@
 # limitations under the License.
 
 
-output "network" {
-  value = "${module.vpc.network}"
+output "cluster_id" {
+	value = module.kubernetes_engine[*].cluster_id
 }
 
-output "subnet" {
-  value = "${module.vpc.subnet}"
+output "cluster_endpoint" {
+	value = module.kubernetes_engine[*].cluster_endpoint
 }
 
-output "firewall_rule" {
-  value = "${module.firewall.firewall_rule}"
+output "pool_id" {
+	value = module.kubernetes_engine[*].pool_id
 }
 
-output "instance_name" {
-  value = "${module.http_server.instance_name}"
-}
-
-output "external_ip" {
-  value = "${module.http_server.external_ip}"
+output "pool_instance_group_urls" {
+	value = module.kubernetes_engine[*].pool_instance_group_urls
 }

environments/prod/terraform.tfvars

@@ -1 +1,36 @@
-project="PROJECT_ID"
+project="yash-innovation"
+kubernetes_engine-create=true
+
+
+kubernetes_engine-count=1
+
+
+k8s_cluster_name="tf-gke-cluster1"
+
+k8s_cluster_location="us-central1-a"
+
+
+k8s_remove_default_node_pool=true
+
+k8s_initial_node_count=1
+
+k8s_issue_client_certificate=false
+
+k8s_pool_name="tf-node-pool"
+
+
+k8s_pool_location="us-central1-a"
+
+
+k8s_pool_node_count=1
+
+k8s_pool_preemptible=true
+
+k8s_pool_machine_type="e2-micro"
+
+
+k8s_pool_disable-legacy-endpoints=true
+k8s_pool_oauth_scopes= [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring"
+    ]