zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

readme updates, removed default prefix, completed vpc-sc compatibility

This commit is contained in:
Maurizio Noseda Pedraglio 2022-11-10 12:44:17 +01:00
parent 06c2ae3d52
commit 2bc60e6dee
3 changed files with 40 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
blueprints/cloud-operations/network-dashboard/README.md
View File

@ -18,20 +18,22 @@ Clone this repository, then go through the following steps to create resources:
```tfvars ```tfvars
- organization_id = "<YOUR-ORG-ID>" - organization_id = "<YOUR-ORG-ID>"
- billing_account = "<YOUR-BILLING-ACCOUNT>" - billing_account = "<YOUR-BILLING-ACCOUNT>"
- monitoring_project_id = "<YOUR-MONITORING-PROJECT>" # Monitoring project where the dashboard will be created and the solution deployed, a project named "mon-network-dahshboard" will be created if left blank - monitoring_project_id = "<YOUR-MONITORING-PROJECT>" # Monitoring project where the dashboard will be created and the solution deployed, a project named "<YOUR-PREFIX>-network-dahshboard" will be created if left blank
- metrics_project_id = "<YOUR-METRICS-PROJECT>" # Optional, overrides monitoring_project_id for metrics writing and dashboard deployment
- monitored_projects_list = ["project-1", "project2"] # Projects to be monitored by the solution - monitored_projects_list = ["project-1", "project2"] # Projects to be monitored by the solution
- monitored_folders_list = ["folder_id"] # Folders to be monitored by the solution - monitored_folders_list = ["folder_id"] # Folders to be monitored by the solution
- prefix = "<YOUR-PREFIX>" # Monitoring project name prefix, monitoring project name is <YOUR-PREFIX>-network-dashboard, ignored if monitoring_project_id variable is provided - prefix = "<YOUR-PREFIX>" # Monitoring project name prefix, monitoring project name is <YOUR-PREFIX>-network-dashboard, ignored if monitoring_project_id variable is provided
- v2 = true|false # Set to true to use V2 Cloud Functions environment - v2 = true|false # Set to true to use V2 Cloud Functions environment
- vpc_connector_name = "<YOUR-VPC-CONNECTOR-NAME>" # when using vpc service controls, it is mandatory to use VPC Connectors, refer to [VPC-SC compliant Cloud Functions deployment documentation](https://cloud.google.com/functions/docs/securing/using-vpc-service-controls#deploy-compliant-functions) for a full reference of requirements.
``` ```
- `terraform init` - `terraform init`
- `terraform apply` - `terraform apply`
Once the resources are deployed, go to the following page to see the dashboard: https://console.cloud.google.com/monitoring/dashboards?project=<YOUR-MONITORING-PROJECT>. Once the resources are deployed, go to the following page to see the dashboard: https://console.cloud.google.com/monitoring/dashboards?project=<YOUR-MONITORING-PROJECT> (or <YOUR-METRICS-PROJECT> if populated)
A dashboard called "quotas-utilization" should be created. A dashboard called "quotas-utilization" should be created.
The Cloud Function runs every 10 minutes by default so you should start getting some data points after a few minutes. The Cloud Function runs every 10 minutes by default so you should start getting some data points after a few minutes.
You can use the metric explorer to view the data points for the different custom metrics created: https://console.cloud.google.com/monitoring/metrics-explorer?project=<YOUR-MONITORING-PROJECT>. You can use the metric explorer to view the data points for the different custom metrics created: https://console.cloud.google.com/monitoring/metrics-explorer?project=<YOUR-MONITORING-PROJECT> (or <YOUR-METRICS-PROJECT> if populated).
You can change this frequency by modifying the "schedule_cron" variable in variables.tf. You can change this frequency by modifying the "schedule_cron" variable in variables.tf.
Note that some charts in the dashboard align values over 1h so you might need to wait 1h to see charts on the dashboard views. Note that some charts in the dashboard align values over 1h so you might need to wait 1h to see charts on the dashboard views.
@ -67,7 +69,8 @@ Note that metrics are created in the cloud-function/metrics.yaml file. You can a
- The CF assumes global routing is ON, this impacts dynamic routes usage calculation - The CF assumes global routing is ON, this impacts dynamic routes usage calculation
- The CF assumes custom routes importing/exporting is ON, this impacts static and dynamic routes usage calculation - The CF assumes custom routes importing/exporting is ON, this impacts static and dynamic routes usage calculation
- The CF assumes all networks in peering groups have the same global routing and custom routes sharing configuration - The CF assumes all networks in peering groups have the same global routing and custom routes sharing configuration
- When using VPC-SC, it is assumed that <YOUR-VPC-CONNECTOR-NAME> exists before the CF deployment starts
- If provided, <YOUR-METRICS-PROJECT> is assumed to exist before the CF deployment starts
## Next steps and ideas ## Next steps and ideas
In a future release, we could support: In a future release, we could support:

18
blueprints/cloud-operations/network-dashboard/main.tf
View File

@ -21,6 +21,8 @@ locals {
folder_ids = toset(var.monitored_folders_list) folder_ids = toset(var.monitored_folders_list)
folders = join(",", local.folder_ids) folders = join(",", local.folder_ids)
monitoring_project = var.monitoring_project_id == "" ? module.project-monitoring[0].project_id : var.monitoring_project_id monitoring_project = var.monitoring_project_id == "" ? module.project-monitoring[0].project_id : var.monitoring_project_id
metrics_project = var.metrics_project_id == "" ? (var.monitoring_project_id == "" ? module.project-monitoring[0].project_id : var.monitoring_project_id) : var.metrics_project_id
} }
################################################ ################################################
@ -61,7 +63,7 @@ module "service-account-function" {
} }
iam_project_roles = { iam_project_roles = {
"${local.monitoring_project}" = [ "${local.metrics_project}" = [
"roles/monitoring.metricWriter", "roles/monitoring.metricWriter",
] ]
} }
@ -142,6 +144,13 @@ module "cloud-function" {
lifecycle_delete_age = null lifecycle_delete_age = null
} }
region = var.region region = var.region
vpc_connector = (var.vpc_connector_name != "" ?
{
create = false
name = var.vpc_connector_name
egress_settings = "ALL_TRAFFIC"
} : null)
bundle_config = { bundle_config = {
source_dir = "cloud-function" source_dir = "cloud-function"
@ -161,7 +170,7 @@ module "cloud-function" {
environment_variables = { environment_variables = {
MONITORED_PROJECTS_LIST = local.projects MONITORED_PROJECTS_LIST = local.projects
MONITORED_FOLDERS_LIST = local.folders MONITORED_FOLDERS_LIST = local.folders
MONITORING_PROJECT_ID = local.monitoring_project MONITORING_PROJECT_ID = local.metrics_project
ORGANIZATION_ID = var.organization_id ORGANIZATION_ID = var.organization_id
CF_VERSION = var.cf_version CF_VERSION = var.cf_version
} }
@ -170,6 +179,9 @@ module "cloud-function" {
# Internal only doesn't seem to work with CFv2: # Internal only doesn't seem to work with CFv2:
ingress_settings = var.cf_version == "V2" ? "ALLOW_ALL" : "ALLOW_INTERNAL_ONLY" ingress_settings = var.cf_version == "V2" ? "ALLOW_ALL" : "ALLOW_INTERNAL_ONLY"
trigger_config = { trigger_config = {
event = "google.pubsub.topic.publish" event = "google.pubsub.topic.publish"
resource = module.pubsub.topic.id resource = module.pubsub.topic.id
@ -183,5 +195,5 @@ module "cloud-function" {
resource "google_monitoring_dashboard" "dashboard" { resource "google_monitoring_dashboard" "dashboard" {
dashboard_json = file("${path.module}/dashboards/quotas-utilization.json") dashboard_json = file("${path.module}/dashboards/quotas-utilization.json")
project = local.monitoring_project project = local.metrics_project
} }

20
blueprints/cloud-operations/network-dashboard/variables.tf
View File

@ -39,10 +39,17 @@ variable "monitored_projects_list" {
} }
variable "monitoring_project_id" { variable "monitoring_project_id" {
description = "Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string" description = "Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string, if metrics_project_id is provided, metrics and dashboard will be deployed there "
default = "" default = ""
} }
variable "metrics_project_id" {
description = "Optional, populate to write metrics and deploy the dashboard in a separated project"
default = ""
}
variable "organization_id" { variable "organization_id" {
description = "The organization id for the associated services" description = "The organization id for the associated services"
@ -50,7 +57,6 @@ variable "organization_id" {
variable "prefix" { variable "prefix" {
description = "Customer name to use as prefix for monitoring project" description = "Customer name to use as prefix for monitoring project"
default = "mon"
} }
@ -88,3 +94,13 @@ variable "schedule_cron" {
description = "Cron format schedule to run the Cloud Function. Default is every 10 minutes." description = "Cron format schedule to run the Cloud Function. Default is every 10 minutes."
default = "*/10 * * * *" default = "*/10 * * * *"
} }
variable "vpc_connector_name" {
description = "Serverless VPC connection name for the Cloud Function"
default = ""
}