zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More examples for multitenant-fleet example

This commit is contained in:
Julio Castillo 2022-09-07 16:31:42 +02:00
parent 218b374fc5
commit 3ffdd0dd43
3 changed files with 233 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

173
examples/gke-serverless/multitenant-fleet/README.md
View File

@ -44,10 +44,33 @@ The overall architecture is based on the following design decisions:
The following example shows how to deploy a single cluster and a single node pool
```hcl
clusters = {
"mycluster" = {
module "gke" {
source = "./fabric/examples/gke-serverless/multitenant-fleet/"
project_id = var.project_id
billing_account_id = var.billing_account_id
folder_id = var.folder_id
prefix = "myprefix"
vpc_config = {
host_project_id = "my-host-project-id"
vpc_self_link = "projects/my-host-project-id/global/networks/my-network"
}
authenticator_security_group = "gke-rbac-base@example.com"
group_iam = {
"gke-admin@example.com" = [
"roles/container.admin"
]
}
iam = {
"roles/container.clusterAdmin" = [
"cicd@my-cicd-project.iam.gserviceaccount.com"
]
}
clusters = {
mycluster = {
cluster_autoscaling = null
description = "mycluster"
description = "My cluster"
dns_domain = null
location = "europe-west1"
labels = {}
@ -55,14 +78,14 @@ clusters = {
master_range = "172.17.16.0/28"
pods = "pods"
services = "services"
subnet = "//www.googleapis.com/compute/v1/projects/<MY_PROJECT>/regions/europe-west1/subnetworks/<MY_SUBNET>"
subnet = "projects/my-host-project-id/regions/europe-west1/subnetworks/mycluster-subnet"
}
overrides = null
}
}
nodepools = {
"mycluster" = {
"mynodepool" = {
}
nodepools = {
mycluster = {
mynodepool = {
initial_node_count = 1
node_count = 1
node_type = "n2-standard-4"
@ -70,23 +93,35 @@ nodepools = {
spot = false
}
}
}
}
# tftest modules=1 resources=0
```
## Fleet configuration
## Creating Multiple Clusters
## Multi-tenant usage
The following example shows how to deploy two clusters with different configurations.
The first cluster `cluster-euw1` defines the mandatory configuration parameters (description, location, network setup) and inherits the some defaults from the `cluster_defaults` and `nodepool_detaults` variables. These two variables are used whenever the `override` key of the `clusters` and `nodepools` variables are set to `null`.
On the other hand, the second cluster (`cluster-euw3`) defines its own configuration by providing a value to the `overrides` key.
This is an example of that shows the use of the above variables:
```hcl
# the `cluster_defaults` variable defaults are used and not shown here
clusters = {
"gke-00" = {
module "gke" {
source = "./fabric/examples/gke-serverless/multitenant-fleet/"
project_id = var.project_id
billing_account_id = var.billing_account_id
folder_id = var.folder_id
prefix = "myprefix"
vpc_config = {
host_project_id = "my-host-project-id"
vpc_self_link = "projects/my-host-project-id/global/networks/my-network"
}
clusters = {
cluster-euw1 = {
cluster_autoscaling = null
description = "gke-00"
description = "Cluster for europ-west1"
dns_domain = null
location = "europe-west1"
labels = {}
@ -94,13 +129,13 @@ clusters = {
master_range = "172.17.16.0/28"
pods = "pods"
services = "services"
subnet = local.vpc.subnet_self_links["europe-west3/gke-dev-0"]
subnet = "projects/my-host-project-id/regions/europe-west1/subnetworks/euw1-subnet"
}
overrides = null
}
"gke-01" = {
cluster-euw3 = {
cluster_autoscaling = null
description = "gke-01"
description = "Cluster for europe-west3"
dns_domain = null
location = "europe-west3"
labels = {}
@ -108,7 +143,7 @@ clusters = {
master_range = "172.17.17.0/28"
pods = "pods"
services = "services"
subnet = local.vpc.subnet_self_links["europe-west3/gke-dev-0"]
subnet = "projects/my-host-project-id/regions/europe-west3/subnetworks/euw3-subnet"
}
overrides = {
cloudrun_config = false
@ -123,10 +158,10 @@ clusters = {
vertical_pod_autoscaling = false
}
}
}
nodepools = {
"gke-0" = {
"gke-00-000" = {
}
nodepools = {
cluster-euw1 = {
pool-euw1 = {
initial_node_count = 1
node_count = 1
node_type = "n2-standard-4"
@ -134,8 +169,8 @@ nodepools = {
spot = false
}
}
"gke-1" = {
"gke-01-000" = {
cluster-euw3 = {
pool-euw3 = {
initial_node_count = 1
node_count = 1
node_type = "n2-standard-4"
@ -149,11 +184,80 @@ nodepools = {
spot = true
}
}
}
}
# tftest modules=1 resources=0
```
## Multitenant configuration
## Fleet configuration
```hcl
fleet_configmanagement_templates = {
module "gke" {
source = "./fabric/examples/gke-serverless/multitenant-fleet/"
project_id = var.project_id
billing_account_id = var.billing_account_id
folder_id = var.folder_id
prefix = "myprefix"
vpc_config = {
host_project_id = "my-host-project-id"
vpc_self_link = "projects/my-host-project-id/global/networks/my-network"
}
clusters = {
cluster-euw1 = {
cluster_autoscaling = null
description = "Cluster for europe-west1"
dns_domain = null
location = "europe-west1"
labels = {}
net = {
master_range = "172.17.16.0/28"
pods = "pods"
services = "services"
subnet = "projects/my-host-project-id/regions/europe-west1/subnetworks/euw1-subnet"
}
overrides = null
}
cluster-euw3 = {
cluster_autoscaling = null
description = "Cluster for europe-west3"
dns_domain = null
location = "europe-west3"
labels = {}
net = {
master_range = "172.17.17.0/28"
pods = "pods"
services = "services"
subnet = "projects/my-host-project-id/regions/europe-west3/subnetworks/euw3-subnet"
}
overrides = null
}
}
nodepools = {
cluster-euw1 = {
pool-euw1 = {
initial_node_count = 1
node_count = 1
node_type = "n2-standard-4"
overrides = null
spot = false
}
}
cluster-euw3 = {
pool-euw3 = {
initial_node_count = 1
node_count = 1
node_type = "n2-standard-4"
overrides = null
spot = true
}
}
}
fleet_configmanagement_templates = {
default = {
binauthz = false
config_sync = {
@ -175,20 +279,23 @@ fleet_configmanagement_templates = {
policy_controller = null
version = "1.10.2"
}
}
}
fleet_configmanagement_clusters = {
default = ["gke-1", "gke-2"]
}
fleet_configmanagement_clusters = {
default = ["cluster-euw1", "cluster-euw3"]
}
fleet_features = {
fleet_features = {
appdevexperience = false
configmanagement = false
identityservice = false
multiclusteringress = "gke-1"
multiclusteringress = "cluster-euw1"
multiclusterservicediscovery = true
servicemesh = false
}
}
# tftest modules=1 resources=0
```
<!-- TFDOC OPTS files:1 show_extra:1 -->

1
examples/gke-serverless/multitenant-fleet/variables.tf
View File

@ -104,7 +104,6 @@ variable "fleet_configmanagement_clusters" {
nullable = false
}
variable "fleet_configmanagement_templates" {
description = "Sets of config management configurations that can be applied to member clusters, in config name => {options} format."
type = map(object({

2
tests/doc_examples/variables.tf
View File

@ -37,7 +37,7 @@ variable "folder_id" {
}
variable "project_id" {
default = "projects/project-id"
default = "project-id"
}
variable "region" {