zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change naming from 'host' project to 'main' to avoid confusion

This commit is contained in:
Julio Diez 2023-02-17 13:15:58 +01:00
parent b5e51180e6
commit 46c041f59f
3 changed files with 61 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
blueprints/serverless/cloud-run-corporate/main.tf
View File

@ -16,21 +16,22 @@
locals { locals {
domain_cr_host = format("%s.", domain_cr_main = format("%s.",
trimprefix(module.cloud_run_host.service.status[0].url, "https://")) trimprefix(module.cloud_run_main.service.status[0].url, "https://"))
} }
############################################################################### ###############################################################################
# Projects # # Projects #
############################################################################### ###############################################################################
# Main or host project, depending on if there are service projects # Main project
module "project_host" { module "project_main" {
source = "../../../modules/project" source = "../../../modules/project"
name = var.prj_host_id name = var.prj_main_id
project_create = var.prj_host_create != null project_create = var.prj_main_create != null
billing_account = try(var.prj_host_create.billing_account_id, null) billing_account = try(var.prj_main_create.billing_account_id, null)
parent = try(var.prj_host_create.parent, null) parent = try(var.prj_main_create.parent, null)
# Enable Shared VPC by default, some use cases will use this project as host
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
} }
@ -62,9 +63,9 @@ module "project_onprem" {
############################################################################### ###############################################################################
# Cloud Run service in main project # Cloud Run service in main project
module "cloud_run_host" { module "cloud_run_main" {
source = "../../../modules/cloud-run" source = "../../../modules/cloud-run"
project_id = module.project_host.project_id project_id = module.project_main.project_id
name = var.run_svc_name name = var.run_svc_name
region = var.region region = var.region
containers = [{ containers = [{
@ -84,26 +85,26 @@ module "cloud_run_host" {
# VPCs # # VPCs #
############################################################################### ###############################################################################
# VPC in main or host project # VPC in main project
module "vpc_host" { module "vpc_main" {
source = "../../../modules/net-vpc" source = "../../../modules/net-vpc"
project_id = module.project_host.project_id project_id = module.project_main.project_id
name = "vpc-host" name = "vpc-main"
subnets = [ subnets = [
{ {
ip_cidr_range = var.ip_ranges["host"].subnet ip_cidr_range = var.ip_ranges["main"].subnet
name = "subnet-host" name = "subnet-main"
region = var.region region = var.region
enable_private_access = true # PGA enabled enable_private_access = true # PGA enabled
} }
] ]
} }
# Host VPC Firewall with default config, IAP for SSH enabled # Main VPC Firewall with default config, IAP for SSH enabled
module "firewall_host" { module "firewall_main" {
source = "../../../modules/net-vpc-firewall" source = "../../../modules/net-vpc-firewall"
project_id = module.project_host.project_id project_id = module.project_main.project_id
network = module.vpc_host.name network = module.vpc_main.name
default_rules_config = { default_rules_config = {
http_ranges = [] http_ranges = []
https_ranges = [] https_ranges = []
@ -141,24 +142,24 @@ module "firewall_onprem" {
# PSC # # PSC #
############################################################################### ###############################################################################
# PSC configured in the host # PSC configured in the main project
module "psc_addr_host" { module "psc_addr_main" {
source = "../../../modules/net-address" source = "../../../modules/net-address"
project_id = module.project_host.project_id project_id = module.project_main.project_id
psc_addresses = { psc_addresses = {
psc-addr-host = { psc-addr-main = {
address = var.ip_ranges["host"].psc_addr address = var.ip_ranges["main"].psc_addr
network = module.vpc_host.self_link network = module.vpc_main.self_link
} }
} }
} }
resource "google_compute_global_forwarding_rule" "psc_endpoint_host" { resource "google_compute_global_forwarding_rule" "psc_endpoint_main" {
provider = google-beta provider = google-beta
project = module.project_host.project_id project = module.project_main.project_id
name = "pscaddrhost" name = "pscaddrmain"
network = module.vpc_host.self_link network = module.vpc_main.self_link
ip_address = module.psc_addr_host.psc_addresses["psc-addr-host"].self_link ip_address = module.psc_addr_main.psc_addresses["psc-addr-main"].self_link
target = "vpc-sc" target = "vpc-sc"
load_balancing_scheme = "" load_balancing_scheme = ""
} }
@ -167,16 +168,16 @@ resource "google_compute_global_forwarding_rule" "psc_endpoint_host" {
# VMs # # VMs #
############################################################################### ###############################################################################
module "vm_test_host" { module "vm_test_main" {
source = "../../../modules/compute-vm" source = "../../../modules/compute-vm"
count = 1 - length(module.project_onprem) count = 1 - length(module.project_onprem)
project_id = module.project_host.project_id project_id = module.project_main.project_id
zone = "${var.region}-b" zone = "${var.region}-b"
name = "vm-test-host" name = "vm-test-main"
instance_type = "e2-micro" instance_type = "e2-micro"
network_interfaces = [{ network_interfaces = [{
network = module.vpc_host.self_link network = module.vpc_main.self_link
subnetwork = module.vpc_host.subnet_self_links["${var.region}/subnet-host"] subnetwork = module.vpc_main.subnet_self_links["${var.region}/subnet-main"]
}] }]
tags = ["ssh"] tags = ["ssh"]
} }
@ -199,16 +200,16 @@ module "vm_test_onprem" {
# DNS # # DNS #
############################################################################### ###############################################################################
module "private_dns_host" { module "private_dns_main" {
source = "../../../modules/dns" source = "../../../modules/dns"
count = 1 - length(module.project_onprem) count = 1 - length(module.project_onprem)
project_id = module.project_host.project_id project_id = module.project_main.project_id
type = "private" type = "private"
name = "dns-host" name = "dns-main"
client_networks = [module.vpc_host.self_link] client_networks = [module.vpc_main.self_link]
domain = local.domain_cr_host domain = local.domain_cr_main
recordsets = { recordsets = {
"A " = { records = [module.psc_addr_host.psc_addresses["psc-addr-host"].address] } "A " = { records = [module.psc_addr_main.psc_addresses["psc-addr-main"].address] }
} }
} }
@ -219,9 +220,9 @@ module "private_dns_onprem" {
type = "private" type = "private"
name = "dns-onprem" name = "dns-onprem"
client_networks = [module.vpc_onprem[0].self_link] client_networks = [module.vpc_onprem[0].self_link]
domain = local.domain_cr_host domain = local.domain_cr_main
recordsets = { recordsets = {
"A " = { records = [module.psc_addr_host.psc_addresses["psc-addr-host"].address] } "A " = { records = [module.psc_addr_main.psc_addresses["psc-addr-main"].address] }
} }
} }
@ -230,20 +231,20 @@ module "private_dns_onprem" {
############################################################################### ###############################################################################
# VPN between main project and "onprem" environment # VPN between main project and "onprem" environment
module "vpn_host" { module "vpn_main" {
source = "../../../modules/net-vpn-ha" source = "../../../modules/net-vpn-ha"
count = length(module.project_onprem) count = length(module.project_onprem)
project_id = module.project_host.project_id project_id = module.project_main.project_id
region = var.region region = var.region
network = module.vpc_host.self_link network = module.vpc_main.self_link
name = "vpn-host-to-onprem" name = "vpn-main-to-onprem"
peer_gateway = { gcp = module.vpn_onprem[0].self_link } peer_gateway = { gcp = module.vpn_onprem[0].self_link }
router_config = { router_config = {
asn = 65001 asn = 65001
custom_advertise = { custom_advertise = {
all_subnets = true all_subnets = true
ip_ranges = { ip_ranges = {
(var.ip_ranges["host"].psc_addr) = "to-psc-endpoint" (var.ip_ranges["main"].psc_addr) = "to-psc-endpoint"
} }
} }
} }
@ -273,8 +274,8 @@ module "vpn_onprem" {
project_id = module.project_onprem[0].project_id project_id = module.project_onprem[0].project_id
region = var.region region = var.region
network = module.vpc_onprem[0].self_link network = module.vpc_onprem[0].self_link
name = "vpn-onprem-to-host" name = "vpn-onprem-to-main"
peer_gateway = { gcp = module.vpn_host[0].self_link } peer_gateway = { gcp = module.vpn_main[0].self_link }
router_config = { asn = 65002 } router_config = { asn = 65002 }
tunnels = { tunnels = {
tunnel-0 = { tunnel-0 = {
@ -284,7 +285,7 @@ module "vpn_onprem" {
} }
bgp_session_range = "169.254.0.2/30" bgp_session_range = "169.254.0.2/30"
vpn_gateway_interface = 0 vpn_gateway_interface = 0
shared_secret = module.vpn_host[0].random_secret shared_secret = module.vpn_main[0].random_secret
} }
tunnel-1 = { tunnel-1 = {
bgp_peer = { bgp_peer = {
@ -293,7 +294,7 @@ module "vpn_onprem" {
} }
bgp_session_range = "169.254.1.2/30" bgp_session_range = "169.254.1.2/30"
vpn_gateway_interface = 1 vpn_gateway_interface = 1
shared_secret = module.vpn_host[0].random_secret shared_secret = module.vpn_main[0].random_secret
} }
} }
} }

2
blueprints/serverless/cloud-run-corporate/outputs.tf
View File

@ -16,5 +16,5 @@
output "default_URL" { output "default_URL" {
description = "Cloud Run service default URL." description = "Cloud Run service default URL."
value = module.cloud_run_host.service.status[0].url value = module.cloud_run_main.service.status[0].url
} }

12
blueprints/serverless/cloud-run-corporate/variables.tf
View File

@ -30,7 +30,7 @@ variable "ip_ranges" {
description = "IPs or IP ranges used by VPCs" description = "IPs or IP ranges used by VPCs"
type = map(map(string)) type = map(map(string))
default = { default = {
host = { main = {
subnet = "10.0.1.0/24" subnet = "10.0.1.0/24"
psc_addr = "10.0.0.100" psc_addr = "10.0.0.100"
} }
@ -40,8 +40,8 @@ variable "ip_ranges" {
} }
} }
variable "prj_host_create" { variable "prj_main_create" {
description = "Parameters for the creation of a host project." description = "Parameters for the creation of the main project."
type = object({ type = object({
billing_account_id = string billing_account_id = string
parent = string parent = string
@ -49,8 +49,8 @@ variable "prj_host_create" {
default = null default = null
} }
variable "prj_host_id" { variable "prj_main_id" {
description = "Host Project ID." description = "Main Project ID."
type = string type = string
} }
@ -64,7 +64,7 @@ variable "prj_onprem_create" {
} }
variable "prj_onprem_id" { variable "prj_onprem_id" {
description = "Host Project ID." description = "Onprem Project ID."
type = string type = string
default = null default = null
} }