Merge branch 'master' of https://github.com/GoogleCloudPlatform/cloud-foundation-fabric into ehorning/support-gcs-object-upload
This commit is contained in:
commit
2fa6369ba0
21
CHANGELOG.md
21
CHANGELOG.md
|
@ -4,7 +4,23 @@ All notable changes to this project will be documented in this file.
|
|||
<!-- markdownlint-disable MD024 -->
|
||||
|
||||
## [Unreleased]
|
||||
<!-- None < 2023-07-07 16:22:14+00:00 -->
|
||||
<!-- None < 2023-08-09 17:02:13+00:00 -->
|
||||
|
||||
### FAST
|
||||
|
||||
- [[#1583](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1583)] Fix module path for teams cicd ([ludoo](https://github.com/ludoo)) <!-- 2023-08-09 21:41:57+00:00 -->
|
||||
|
||||
### MODULES
|
||||
|
||||
- [[#1578](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1578)] Fix: Instance level stateful disk config ([beardedsamwise](https://github.com/beardedsamwise)) <!-- 2023-08-11 15:25:17+00:00 -->
|
||||
- [[#1582](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1582)] feat(modules/cloud-run): add gen2 exec env support ([LiuVII](https://github.com/LiuVII)) <!-- 2023-08-09 21:04:17+00:00 -->
|
||||
|
||||
### TOOLS
|
||||
|
||||
- [[#1585](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1585)] Print inventory path when a test fails ([juliocc](https://github.com/juliocc)) <!-- 2023-08-11 10:28:08+00:00 -->
|
||||
|
||||
## [25.0.0] - 2023-08-09
|
||||
<!-- 2023-08-09 17:02:13+00:00 < 2023-07-07 16:22:14+00:00 -->
|
||||
|
||||
### BLUEPRINTS
|
||||
|
||||
|
@ -1445,7 +1461,8 @@ All notable changes to this project will be documented in this file.
|
|||
- merge development branch with suite of new modules and end-to-end examples
|
||||
|
||||
<!-- markdown-link-check-disable -->
|
||||
[Unreleased]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v24.0.0...HEAD
|
||||
[Unreleased]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v25.0.0...HEAD
|
||||
[25.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v24.0.0...v25.0.0
|
||||
[24.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v23.0.0...v24.0.0
|
||||
[23.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v22.0.0...v23.0.0
|
||||
[22.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v21.0.0...v22.0.0
|
||||
|
|
|
@ -6,8 +6,23 @@ This module can be coupled with the [`compute-vm`](../compute-vm) module which c
|
|||
|
||||
Stateful disks can be created directly, as shown in the last example below.
|
||||
|
||||
<!-- BEGIN TOC -->
|
||||
- [Examples](#examples)
|
||||
- [Simple Example](#simple-example)
|
||||
- [Multiple Versions](#multiple-versions)
|
||||
- [Health Check and Autohealing Policies](#health-check-and-autohealing-policies)
|
||||
- [Autoscaling](#autoscaling)
|
||||
- [Update Policy](#update-policy)
|
||||
- [Stateful MIGs - MIG Config](#stateful-migs-mig-config)
|
||||
- [Stateful MIGs - Instance Config](#stateful-migs-instance-config)
|
||||
- [Variables](#variables)
|
||||
- [Outputs](#outputs)
|
||||
<!-- END TOC -->
|
||||
|
||||
## Examples
|
||||
|
||||
### Simple Example
|
||||
|
||||
This example shows how to manage a simple MIG that leverages the `compute-vm` module to manage the underlying instance template. The following sub-examples will only show how to enable specific features of this module, and won't replicate the combined setup.
|
||||
|
||||
```hcl
|
||||
|
@ -49,7 +64,7 @@ module "nginx-mig" {
|
|||
# tftest modules=2 resources=2 inventory=simple.yaml
|
||||
```
|
||||
|
||||
### Multiple versions
|
||||
### Multiple Versions
|
||||
|
||||
If multiple versions are desired, use more `compute-vm` instances for the additional templates used in each version (not shown here), and reference them like this:
|
||||
|
||||
|
@ -100,7 +115,7 @@ module "nginx-mig" {
|
|||
# tftest modules=2 resources=2
|
||||
```
|
||||
|
||||
### Health check and autohealing policies
|
||||
### Health Check and Autohealing Policies
|
||||
|
||||
Autohealing policies can use an externally defined health check, or have this module auto-create one:
|
||||
|
||||
|
@ -205,7 +220,7 @@ module "nginx-mig" {
|
|||
# tftest modules=2 resources=3 inventory=autoscaling.yaml
|
||||
```
|
||||
|
||||
### Update policy
|
||||
### Update Policy
|
||||
|
||||
```hcl
|
||||
module "cos-nginx" {
|
||||
|
@ -262,7 +277,7 @@ You can configure a disk defined in the instance template to be stateful for al
|
|||
|
||||
An example using only the configuration at the MIG level can be seen below.
|
||||
|
||||
Note that when referencing the stateful disk, you use `device_name` and not `disk_name`.
|
||||
Note that when referencing the stateful disk, you use `device_name` and not `disk_name`. Specifying an existing disk in the template (and stateful config) only allows a single instance to be managed by the MIG, typically coupled with an autohealing policy (shown in the examples above).
|
||||
|
||||
```hcl
|
||||
module "cos-nginx" {
|
||||
|
@ -271,15 +286,14 @@ module "cos-nginx" {
|
|||
|
||||
module "nginx-template" {
|
||||
source = "./fabric/modules/compute-vm"
|
||||
project_id = var.project_id
|
||||
project_id = "my-prj"
|
||||
name = "nginx-template"
|
||||
zone = "europe-west1-b"
|
||||
zone = "europe-west8-b"
|
||||
tags = ["http-server", "ssh"]
|
||||
instance_type = "e2-small"
|
||||
network_interfaces = [{
|
||||
network = var.vpc.self_link
|
||||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
}]
|
||||
boot_disk = {
|
||||
initialize_params = {
|
||||
|
@ -287,15 +301,10 @@ module "nginx-template" {
|
|||
}
|
||||
}
|
||||
attached_disks = [{
|
||||
name = "repd-1"
|
||||
size = null
|
||||
source_type = "attach"
|
||||
source = "regions/${var.region}/disks/repd-test-1"
|
||||
options = {
|
||||
mode = "READ_ONLY"
|
||||
replica_zone = "${var.region}-c"
|
||||
type = "PERSISTENT"
|
||||
}
|
||||
name = "data-1"
|
||||
size = 10
|
||||
source = "test-data-1"
|
||||
}]
|
||||
create_template = true
|
||||
metadata = {
|
||||
|
@ -305,34 +314,21 @@ module "nginx-template" {
|
|||
|
||||
module "nginx-mig" {
|
||||
source = "./fabric/modules/compute-mig"
|
||||
project_id = "my-project"
|
||||
location = "europe-west1-b"
|
||||
name = "mig-test"
|
||||
target_size = 3
|
||||
project_id = "my-prj"
|
||||
location = "europe-west8-b"
|
||||
name = "mig-test-2"
|
||||
target_size = 1
|
||||
instance_template = module.nginx-template.template.self_link
|
||||
autoscaler_config = {
|
||||
max_replicas = 3
|
||||
min_replicas = 1
|
||||
cooldown_period = 30
|
||||
scaling_signals = {
|
||||
cpu_utilization = {
|
||||
target = 0.65
|
||||
}
|
||||
}
|
||||
}
|
||||
stateful_disks = {
|
||||
repd-1 = false
|
||||
data-1 = false
|
||||
}
|
||||
}
|
||||
# tftest modules=2 resources=3
|
||||
|
||||
# tftest modules=2 resources=2
|
||||
```
|
||||
|
||||
### Stateful MIGs - Instance Config
|
||||
|
||||
Here is an example defining the stateful config at the instance level.
|
||||
|
||||
Note that you will need to know the instance name in order to use this configuration.
|
||||
Here is an example defining the stateful config at the instance level. As in the example above, specifying an existing disk in the template (and stateful config) only allows a single instance to be managed by the MIG, typically coupled with an autohealing policy (shown in the examples above).
|
||||
|
||||
```hcl
|
||||
module "cos-nginx" {
|
||||
|
@ -341,15 +337,14 @@ module "cos-nginx" {
|
|||
|
||||
module "nginx-template" {
|
||||
source = "./fabric/modules/compute-vm"
|
||||
project_id = var.project_id
|
||||
project_id = "my-prj"
|
||||
name = "nginx-template"
|
||||
zone = "europe-west1-b"
|
||||
zone = "europe-west8-b"
|
||||
tags = ["http-server", "ssh"]
|
||||
instance_type = "e2-small"
|
||||
network_interfaces = [{
|
||||
network = var.vpc.self_link
|
||||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
}]
|
||||
boot_disk = {
|
||||
initialize_params = {
|
||||
|
@ -357,15 +352,10 @@ module "nginx-template" {
|
|||
}
|
||||
}
|
||||
attached_disks = [{
|
||||
name = "repd-1"
|
||||
size = null
|
||||
source_type = "attach"
|
||||
source = "regions/${var.region}/disks/repd-test-1"
|
||||
options = {
|
||||
mode = "READ_ONLY"
|
||||
replica_zone = "${var.region}-c"
|
||||
type = "PERSISTENT"
|
||||
}
|
||||
name = "data-1"
|
||||
size = 10
|
||||
source = "test-data-1"
|
||||
}]
|
||||
create_template = true
|
||||
metadata = {
|
||||
|
@ -375,30 +365,18 @@ module "nginx-template" {
|
|||
|
||||
module "nginx-mig" {
|
||||
source = "./fabric/modules/compute-mig"
|
||||
project_id = "my-project"
|
||||
location = "europe-west1-b"
|
||||
project_id = "my-prj"
|
||||
location = "europe-west8-b"
|
||||
name = "mig-test"
|
||||
target_size = 3
|
||||
instance_template = module.nginx-template.template.self_link
|
||||
autoscaler_config = {
|
||||
max_replicas = 3
|
||||
min_replicas = 1
|
||||
cooldown_period = 30
|
||||
scaling_signals = {
|
||||
cpu_utilization = {
|
||||
target = 0.65
|
||||
}
|
||||
}
|
||||
}
|
||||
stateful_config = {
|
||||
# name needs to match a MIG instance name
|
||||
instance-1 = {
|
||||
minimal_action = "NONE",
|
||||
most_disruptive_allowed_action = "REPLACE"
|
||||
preserved_state = {
|
||||
disks = {
|
||||
persistent-disk-1 = {
|
||||
source = "test-disk",
|
||||
data-1 = {
|
||||
source = "projects/my-prj/zones/europe-west8-b/disks/test-data-1"
|
||||
}
|
||||
}
|
||||
metadata = {
|
||||
|
@ -408,8 +386,7 @@ module "nginx-mig" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=2 resources=4 inventory=stateful.yaml
|
||||
|
||||
# tftest modules=2 resources=3 inventory=stateful.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ resource "google_compute_per_instance_config" "default" {
|
|||
zone = var.location
|
||||
name = each.key
|
||||
instance_group_manager = try(
|
||||
google_compute_instance_group_manager.default.0.id, null
|
||||
google_compute_instance_group_manager.default.0.name, null
|
||||
)
|
||||
minimal_action = each.value.minimal_action
|
||||
most_disruptive_allowed_action = each.value.most_disruptive_action
|
||||
|
@ -59,7 +59,7 @@ resource "google_compute_region_per_instance_config" "default" {
|
|||
region = var.location
|
||||
name = each.key
|
||||
region_instance_group_manager = try(
|
||||
google_compute_region_instance_group_manager.default.0.id, null
|
||||
google_compute_region_instance_group_manager.default.0.name, null
|
||||
)
|
||||
minimal_action = each.value.minimal_action
|
||||
most_disruptive_allowed_action = each.value.most_disruptive_action
|
||||
|
|
|
@ -626,7 +626,6 @@ module "instance" {
|
|||
# tftest modules=1 resources=5 inventory=snapshot-schedule-create.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|
@ -636,7 +635,7 @@ module "instance" {
|
|||
| [project_id](variables.tf#L277) | Project id. | <code>string</code> | ✓ | |
|
||||
| [zone](variables.tf#L379) | Compute zone. | <code>string</code> | ✓ | |
|
||||
| [attached_disk_defaults](variables.tf#L17) | Defaults for attached disks options. | <code title="object({ auto_delete = optional(bool, false) mode = string replica_zone = string type = string })">object({…})</code> | | <code title="{ auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" }">{…}</code> |
|
||||
| [attached_disks](variables.tf#L38) | Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null. | <code title="list(object({ name = string device_name = optional(string) size = string snapshot_schedule = optional(string) source = optional(string) source_type = optional(string) options = optional( object({ auto_delete = optional(bool, false) mode = optional(string, "READ_WRITE") replica_zone = optional(string) type = optional(string, "pd-balanced") }), { auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" } ) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [attached_disks](variables.tf#L37) | Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null. | <code title="list(object({ name = string device_name = optional(string) size = string snapshot_schedule = optional(string) source = optional(string) source_type = optional(string) options = optional( object({ auto_delete = optional(bool, false) mode = optional(string, "READ_WRITE") replica_zone = optional(string) type = optional(string, "pd-balanced") }), { auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" } ) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [boot_disk](variables.tf#L83) | Boot disk properties. | <code title="object({ auto_delete = optional(bool, true) snapshot_schedule = optional(string) source = optional(string) initialize_params = optional(object({ image = optional(string, "projects/debian-cloud/global/images/family/debian-11") size = optional(number, 10) type = optional(string, "pd-balanced") })) use_independent_disk = optional(bool, false) })">object({…})</code> | | <code title="{ initialize_params = {} }">{…}</code> |
|
||||
| [can_ip_forward](variables.tf#L117) | Enable IP forwarding. | <code>bool</code> | | <code>false</code> |
|
||||
| [confidential_compute](variables.tf#L123) | Enable Confidential Compute for these instances. | <code>bool</code> | | <code>false</code> |
|
||||
|
@ -678,7 +677,6 @@ module "instance" {
|
|||
| [service_account_iam_email](outputs.tf#L74) | Service account email. | |
|
||||
| [template](outputs.tf#L82) | Template resource. | |
|
||||
| [template_name](outputs.tf#L87) | Template name. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
## TODO
|
||||
|
||||
|
|
|
@ -28,7 +28,6 @@ variable "attached_disk_defaults" {
|
|||
replica_zone = null
|
||||
type = "pd-balanced"
|
||||
}
|
||||
|
||||
validation {
|
||||
condition = var.attached_disk_defaults.mode == "READ_WRITE" || !var.attached_disk_defaults.auto_delete
|
||||
error_message = "auto_delete can only be specified on READ_WRITE disks."
|
||||
|
@ -40,6 +39,7 @@ variable "attached_disks" {
|
|||
type = list(object({
|
||||
name = string
|
||||
device_name = optional(string)
|
||||
# TODO: size can be null when source_type is attach
|
||||
size = string
|
||||
snapshot_schedule = optional(string)
|
||||
source = optional(string)
|
||||
|
|
|
@ -168,6 +168,7 @@ def plan_validator(module_path, inventory_paths, basedir, tf_var_files=None,
|
|||
for path in inventory_paths:
|
||||
# allow tfvars and inventory to be relative to the caller
|
||||
path = basedir / path
|
||||
relative_path = path.relative_to(_REPO_ROOT)
|
||||
try:
|
||||
inventory = yaml.safe_load(path.read_text())
|
||||
except (IOError, OSError, yaml.YAMLError) as e:
|
||||
|
@ -193,34 +194,34 @@ def plan_validator(module_path, inventory_paths, basedir, tf_var_files=None,
|
|||
expected_values = inventory['values']
|
||||
for address, expected_value in expected_values.items():
|
||||
assert address in summary.values, \
|
||||
f'{address} is not a valid address in the plan'
|
||||
f'{relative_path}: {address} is not a valid address in the plan'
|
||||
for k, v in expected_value.items():
|
||||
assert k in summary.values[address], \
|
||||
f'{k} not found at {address}'
|
||||
f'{relative_path}: {k} not found at {address}'
|
||||
plan_value = summary.values[address][k]
|
||||
assert plan_value == v, \
|
||||
f'{k} at {address} failed. Got `{plan_value}`, expected `{v}`'
|
||||
f'{relative_path}: {k} at {address} failed. Got `{plan_value}`, expected `{v}`'
|
||||
|
||||
if 'counts' in inventory:
|
||||
expected_counts = inventory['counts']
|
||||
for type_, expected_count in expected_counts.items():
|
||||
assert type_ in summary.counts, \
|
||||
f'module does not create any resources of type `{type_}`'
|
||||
f'{relative_path}: module does not create any resources of type `{type_}`'
|
||||
plan_count = summary.counts[type_]
|
||||
assert plan_count == expected_count, \
|
||||
f'count of {type_} resources failed. Got {plan_count}, expected {expected_count}'
|
||||
f'{relative_path}: count of {type_} resources failed. Got {plan_count}, expected {expected_count}'
|
||||
|
||||
if 'outputs' in inventory:
|
||||
expected_outputs = inventory['outputs']
|
||||
for output_name, expected_output in expected_outputs.items():
|
||||
assert output_name in summary.outputs, \
|
||||
f'module does not output `{output_name}`'
|
||||
f'{relative_path}: module does not output `{output_name}`'
|
||||
output = summary.outputs[output_name]
|
||||
# assert 'value' in output, \
|
||||
# f'output `{output_name}` does not have a value (is it sensitive or dynamic?)'
|
||||
plan_output = output.get('value', '__missing__')
|
||||
assert plan_output == expected_output, \
|
||||
f'output {output_name} failed. Got `{plan_output}`, expected `{expected_output}`'
|
||||
f'{relative_path}: output {output_name} failed. Got `{plan_output}`, expected `{expected_output}`'
|
||||
|
||||
return summary
|
||||
|
||||
|
|
|
@ -13,25 +13,49 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.nginx-mig.google_compute_instance_group_manager.default[0]:
|
||||
all_instances_config: []
|
||||
auto_healing_policies: []
|
||||
base_instance_name: mig-test
|
||||
description: Terraform managed.
|
||||
list_managed_instances_results: PAGELESS
|
||||
name: mig-test
|
||||
named_port: []
|
||||
project: my-prj
|
||||
stateful_disk: []
|
||||
stateful_external_ip: []
|
||||
stateful_internal_ip: []
|
||||
target_pools: null
|
||||
timeouts: null
|
||||
version:
|
||||
- name: default
|
||||
target_size: []
|
||||
wait_for_instances: false
|
||||
wait_for_instances_status: STABLE
|
||||
zone: europe-west8-b
|
||||
module.nginx-mig.google_compute_per_instance_config.default["instance-1"]:
|
||||
instance_group_manager: mig-test
|
||||
minimal_action: NONE
|
||||
most_disruptive_allowed_action: REPLACE
|
||||
name: instance-1
|
||||
preserved_state:
|
||||
- disk:
|
||||
- delete_rule: NEVER
|
||||
device_name: persistent-disk-1
|
||||
device_name: data-1
|
||||
mode: READ_WRITE
|
||||
source: test-disk
|
||||
source: projects/my-prj/zones/europe-west8-b/disks/test-data-1
|
||||
metadata:
|
||||
foo: bar
|
||||
project: my-project
|
||||
project: my-prj
|
||||
remove_instance_state_on_destroy: false
|
||||
timeouts: null
|
||||
zone: europe-west1-b
|
||||
zone: europe-west8-b
|
||||
|
||||
counts:
|
||||
google_compute_autoscaler: 1
|
||||
google_compute_instance_group_manager: 1
|
||||
google_compute_instance_template: 1
|
||||
google_compute_per_instance_config: 1
|
||||
modules: 2
|
||||
resources: 3
|
||||
|
||||
outputs: {}
|
||||
|
|
Loading…
Reference in New Issue