Merge branch 'master' into agutta-patch-1
This commit is contained in:
commit
bd95d597f6
|
@ -18,21 +18,21 @@ Usage: main.py [OPTIONS]
|
|||
CLI entry point.
|
||||
|
||||
Options:
|
||||
-dr, --discovery-root TEXT Root node for asset discovery,
|
||||
organizations/nnn or folders/nnn. [required]
|
||||
-op, --monitoring-project TEXT GCP monitoring project where metrics will be
|
||||
stored. [required]
|
||||
-p, --project TEXT GCP project id, can be specified multiple
|
||||
times.
|
||||
-f, --folder INTEGER GCP folder id, can be specified multiple
|
||||
times.
|
||||
--custom-quota-file FILENAME Custom quota file in yaml format.
|
||||
--dump-file FILENAME Export JSON representation of resources to
|
||||
file.
|
||||
--load-file FILENAME Load JSON resources from file, skips init and
|
||||
discovery.
|
||||
--debug-plugin TEXT Run only core and specified timeseries plugin.
|
||||
--help Show this message and exit.
|
||||
-dr, --discovery-root TEXT Root node for asset discovery,
|
||||
organizations/nnn or folders/nnn. [required]
|
||||
-mon, --monitoring-project TEXT GCP monitoring project where metrics will be
|
||||
stored. [required]
|
||||
-p, --project TEXT GCP project id to be monitored, can be specified multiple
|
||||
times.
|
||||
-f, --folder INTEGER GCP folder id to be monitored, can be specified multiple
|
||||
times.
|
||||
--custom-quota-file FILENAME Custom quota file in yaml format.
|
||||
--dump-file FILENAME Export JSON representation of resources to
|
||||
file.
|
||||
--load-file FILENAME Load JSON resources from file, skips init and
|
||||
discovery.
|
||||
--debug-plugin TEXT Run only core and specified timeseries plugin.
|
||||
--help Show this message and exit.
|
||||
```
|
||||
|
||||
In normal use three pieces of information need to be passed in:
|
||||
|
@ -75,6 +75,11 @@ The main module cycles through stages, calling stage plugins in succession itera
|
|||
|
||||
## Debugging and Troubleshooting
|
||||
|
||||
Note that python version > 3.8 is required.
|
||||
|
||||
If you run into a `ModuleNotFoundError`, install the required dependencies:
|
||||
`pip3 install -r requirements.txt`
|
||||
|
||||
A few convenience options are provided to simplify development, debugging and troubleshooting:
|
||||
|
||||
- the discovery phase results can be dumped to a JSON file, that can then be used to check actual resource representation, or skip the discovery phase entirely to speed up development of timeseries-related functions
|
||||
|
|
|
@ -285,11 +285,13 @@ module "glb-0" {
|
|||
network = "projects/myprj-host/global/networks/svpc"
|
||||
subnetwork = "projects/myprj-host/regions/europe-west8/subnetworks/gce"
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
instance = "myinstance-b-0"
|
||||
ip_address = "10.24.32.25"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
instance = "myinstance-b-0"
|
||||
ip_address = "10.24.32.25"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -322,10 +324,12 @@ module "glb-0" {
|
|||
hybrid = {
|
||||
network = "projects/myprj-host/global/networks/svpc"
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -356,10 +360,12 @@ module "glb-0" {
|
|||
neg-0 = {
|
||||
internet = {
|
||||
use_fqdn = true
|
||||
endpoints = [{
|
||||
destination = "www.example.org"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
destination = "www.example.org"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -601,21 +607,25 @@ module "glb-0" {
|
|||
network = "projects/myprj-host/global/networks/svpc"
|
||||
subnetwork = "projects/myprj-host/regions/europe-west8/subnetworks/gce"
|
||||
zone = "europe-west8-c"
|
||||
endpoints = [{
|
||||
instance = "nginx-ew8-c"
|
||||
ip_address = "10.24.32.26"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
instance = "nginx-ew8-c"
|
||||
ip_address = "10.24.32.26"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
neg-hello = {
|
||||
hybrid = {
|
||||
network = "projects/myprj-host/global/networks/svpc"
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
ip_address = "192.168.0.3"
|
||||
port = 443
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "192.168.0.3"
|
||||
port = 443
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -691,7 +701,7 @@ module "glb-0" {
|
|||
| [health_check_configs](variables-health-check.tf#L19) | Optional auto-created health check configurations, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | <code title="map(object({ check_interval_sec = optional(number) description = optional(string, "Terraform managed.") enable_logging = optional(bool, false) healthy_threshold = optional(number) project_id = optional(string) timeout_sec = optional(number) unhealthy_threshold = optional(number) grpc = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT service_name = optional(string) })) http = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) http2 = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) https = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) tcp = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request = optional(string) response = optional(string) })) ssl = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request = optional(string) response = optional(string) })) }))">map(object({…}))</code> | | <code title="{ default = { http = { port_specification = "USE_SERVING_PORT" } } }">{…}</code> |
|
||||
| [https_proxy_config](variables.tf#L74) | HTTPS proxy connfiguration. | <code title="object({ certificate_map = optional(string) quic_override = optional(string) ssl_policy = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [labels](variables.tf#L85) | Labels set on resources. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [neg_configs](variables.tf#L96) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | <code title="map(object({ description = optional(string) cloudfunction = optional(object({ region = string target_function = optional(string) target_urlmask = optional(string) })) cloudrun = optional(object({ region = string target_service = optional(object({ name = string tag = optional(string) })) target_urlmask = optional(string) })) gce = optional(object({ network = string subnetwork = string zone = string endpoints = optional(list(object({ instance = string ip_address = string port = number }))) })) hybrid = optional(object({ network = string zone = string endpoints = optional(list(object({ ip_address = string port = number }))) })) internet = optional(object({ use_fqdn = optional(bool, true) endpoints = optional(list(object({ destination = string port = number }))) })) psc = optional(object({ region = string target_service = string network = optional(string) subnetwork = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [neg_configs](variables.tf#L96) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | <code title="map(object({ description = optional(string) cloudfunction = optional(object({ region = string target_function = optional(string) target_urlmask = optional(string) })) cloudrun = optional(object({ region = string target_service = optional(object({ name = string tag = optional(string) })) target_urlmask = optional(string) })) gce = optional(object({ network = string subnetwork = string zone = string endpoints = optional(map(object({ instance = string ip_address = string port = number }))) })) hybrid = optional(object({ network = string zone = string endpoints = optional(map(object({ ip_address = string port = number }))) })) internet = optional(object({ use_fqdn = optional(bool, true) endpoints = optional(map(object({ destination = string port = number }))) })) psc = optional(object({ region = string target_service = string network = optional(string) subnetwork = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [ports](variables.tf#L187) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [protocol](variables.tf#L198) | Protocol supported by this load balancer. | <code>string</code> | | <code>"HTTP"</code> |
|
||||
| [ssl_certificates](variables.tf#L211) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | <code title="object({ certificate_ids = optional(list(string), []) create_configs = optional(map(object({ certificate = string private_key = string })), {}) managed_configs = optional(map(object({ domains = list(string) description = optional(string) })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
|
|
|
@ -19,23 +19,23 @@
|
|||
locals {
|
||||
_neg_endpoints_global = flatten([
|
||||
for k, v in local.neg_global : [
|
||||
for vv in v.internet.endpoints :
|
||||
merge(vv, { neg = k, use_fqdn = v.internet.use_fqdn })
|
||||
for kk, vv in v.internet.endpoints : merge(vv, {
|
||||
key = "${k}-${kk}", neg = k, use_fqdn = v.internet.use_fqdn
|
||||
})
|
||||
]
|
||||
])
|
||||
_neg_endpoints_zonal = flatten([
|
||||
for k, v in local.neg_zonal : [
|
||||
for vv in v.endpoints :
|
||||
merge(vv, { neg = k, zone = v.zone })
|
||||
for kk, vv in v.endpoints : merge(vv, {
|
||||
key = "${k}-${kk}", neg = k, zone = v.zone
|
||||
})
|
||||
]
|
||||
])
|
||||
neg_endpoints_global = {
|
||||
for v in local._neg_endpoints_global :
|
||||
"${v.neg}-${v.destination}-${coalesce(v.port, "none")}" => v
|
||||
for v in local._neg_endpoints_global : (v.key) => v
|
||||
}
|
||||
neg_endpoints_zonal = {
|
||||
for v in local._neg_endpoints_zonal :
|
||||
"${v.neg}-${v.ip_address}-${coalesce(v.port, "none")}" => v
|
||||
for v in local._neg_endpoints_zonal : (v.key) => v
|
||||
}
|
||||
neg_global = {
|
||||
for k, v in var.neg_configs :
|
||||
|
|
|
@ -115,7 +115,7 @@ variable "neg_configs" {
|
|||
subnetwork = string
|
||||
zone = string
|
||||
# default_port = optional(number)
|
||||
endpoints = optional(list(object({
|
||||
endpoints = optional(map(object({
|
||||
instance = string
|
||||
ip_address = string
|
||||
port = number
|
||||
|
@ -126,7 +126,7 @@ variable "neg_configs" {
|
|||
zone = string
|
||||
# re-enable once provider properly support this
|
||||
# default_port = optional(number)
|
||||
endpoints = optional(list(object({
|
||||
endpoints = optional(map(object({
|
||||
ip_address = string
|
||||
port = number
|
||||
})))
|
||||
|
@ -135,7 +135,7 @@ variable "neg_configs" {
|
|||
use_fqdn = optional(bool, true)
|
||||
# re-enable once provider properly support this
|
||||
# default_port = optional(number)
|
||||
endpoints = optional(list(object({
|
||||
endpoints = optional(map(object({
|
||||
destination = string
|
||||
port = number
|
||||
})))
|
||||
|
|
|
@ -228,6 +228,14 @@ module "ilb-l7" {
|
|||
Similarly to instance groups, NEGs can also be managed by this module which supports GCE, hybrid, and serverless NEGs:
|
||||
|
||||
```hcl
|
||||
resource "google_compute_address" "test" {
|
||||
name = "neg-test"
|
||||
subnetwork = var.subnet.self_link
|
||||
address_type = "INTERNAL"
|
||||
address = "10.0.0.10"
|
||||
region = "europe-west1"
|
||||
}
|
||||
|
||||
module "ilb-l7" {
|
||||
source = "./fabric/modules/net-ilb-l7"
|
||||
name = "ilb-test"
|
||||
|
@ -246,11 +254,14 @@ module "ilb-l7" {
|
|||
my-neg = {
|
||||
gce = {
|
||||
zone = "europe-west1-b"
|
||||
endpoints = [{
|
||||
instance = "test-1"
|
||||
ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
instance = "test-1"
|
||||
ip_address = google_compute_address.test.address
|
||||
# ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -259,7 +270,7 @@ module "ilb-l7" {
|
|||
subnetwork = var.subnet.self_link
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=7
|
||||
# tftest modules=1 resources=8
|
||||
```
|
||||
|
||||
Hybrid NEGs are also supported:
|
||||
|
@ -283,10 +294,12 @@ module "ilb-l7" {
|
|||
my-neg = {
|
||||
hybrid = {
|
||||
zone = "europe-west1-b"
|
||||
endpoints = [{
|
||||
ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "10.0.0.10"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -512,20 +525,24 @@ module "ilb-l7" {
|
|||
neg-nginx-ew8-c = {
|
||||
gce = {
|
||||
zone = "europe-west8-c"
|
||||
endpoints = [{
|
||||
instance = "nginx-ew8-c"
|
||||
ip_address = "10.24.32.26"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
instance = "nginx-ew8-c"
|
||||
ip_address = "10.24.32.26"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
neg-home-hello = {
|
||||
hybrid = {
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
ip_address = "192.168.0.3"
|
||||
port = 443
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "192.168.0.3"
|
||||
port = 443
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -597,7 +614,7 @@ module "ilb-l7" {
|
|||
| [group_configs](variables.tf#L36) | Optional unmanaged groups to create. Can be referenced in backends via key or outputs. | <code title="map(object({ zone = string instances = optional(list(string), []) named_ports = optional(map(number), {}) project_id = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [health_check_configs](variables-health-check.tf#L19) | Optional auto-created health check configurations, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | <code title="map(object({ check_interval_sec = optional(number) description = optional(string, "Terraform managed.") enable_logging = optional(bool, false) healthy_threshold = optional(number) project_id = optional(string) timeout_sec = optional(number) unhealthy_threshold = optional(number) grpc = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT service_name = optional(string) })) http = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) http2 = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) https = optional(object({ host = optional(string) port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request_path = optional(string) response = optional(string) })) tcp = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request = optional(string) response = optional(string) })) ssl = optional(object({ port = optional(number) port_name = optional(string) port_specification = optional(string) # USE_FIXED_PORT USE_NAMED_PORT USE_SERVING_PORT proxy_header = optional(string) request = optional(string) response = optional(string) })) }))">map(object({…}))</code> | | <code title="{ default = { http = { port_specification = "USE_SERVING_PORT" } } }">{…}</code> |
|
||||
| [labels](variables.tf#L48) | Labels set on resources. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [neg_configs](variables.tf#L59) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | <code title="map(object({ project_id = optional(string) cloudrun = optional(object({ region = string target_service = optional(object({ name = string tag = optional(string) })) target_urlmask = optional(string) })) gce = optional(object({ zone = string network = optional(string) subnetwork = optional(string) endpoints = optional(list(object({ instance = string ip_address = string port = number }))) })) hybrid = optional(object({ zone = string network = optional(string) endpoints = optional(list(object({ ip_address = string port = number }))) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [neg_configs](variables.tf#L59) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | <code title="map(object({ project_id = optional(string) cloudrun = optional(object({ region = string target_service = optional(object({ name = string tag = optional(string) })) target_urlmask = optional(string) })) gce = optional(object({ zone = string network = optional(string) subnetwork = optional(string) endpoints = optional(map(object({ instance = string ip_address = string port = number }))) })) hybrid = optional(object({ zone = string network = optional(string) endpoints = optional(map(object({ ip_address = string port = number }))) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [network_tier_premium](variables.tf#L119) | Use premium network tier. Defaults to true. | <code>bool</code> | | <code>true</code> |
|
||||
| [ports](variables.tf#L126) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [protocol](variables.tf#L137) | Protocol supported by this load balancer. | <code>string</code> | | <code>"HTTP"</code> |
|
||||
|
|
|
@ -15,9 +15,12 @@
|
|||
*/
|
||||
|
||||
locals {
|
||||
# we need keys in the endpoint type to address issue #1055
|
||||
_neg_endpoints = flatten([
|
||||
for k, v in local.neg_zonal : [
|
||||
for vv in v.endpoints : merge(vv, { neg = k, zone = v.zone })
|
||||
for kk, vv in v.endpoints : merge(vv, {
|
||||
key = "${k}-${kk}", neg = k, zone = v.zone
|
||||
})
|
||||
]
|
||||
])
|
||||
fwd_rule_ports = (
|
||||
|
@ -29,8 +32,7 @@ locals {
|
|||
: google_compute_region_target_http_proxy.default.0.id
|
||||
)
|
||||
neg_endpoints = {
|
||||
for v in local._neg_endpoints :
|
||||
"${v.neg}-${v.ip_address}-${coalesce(v.port, "none")}" => v
|
||||
for v in local._neg_endpoints : (v.key) => v
|
||||
}
|
||||
neg_regional = {
|
||||
for k, v in var.neg_configs :
|
||||
|
|
|
@ -73,7 +73,7 @@ variable "neg_configs" {
|
|||
# default_port = optional(number)
|
||||
network = optional(string)
|
||||
subnetwork = optional(string)
|
||||
endpoints = optional(list(object({
|
||||
endpoints = optional(map(object({
|
||||
instance = string
|
||||
ip_address = string
|
||||
port = number
|
||||
|
@ -85,7 +85,7 @@ variable "neg_configs" {
|
|||
network = optional(string)
|
||||
# re-enable once provider properly support this
|
||||
# default_port = optional(number)
|
||||
endpoints = optional(list(object({
|
||||
endpoints = optional(map(object({
|
||||
ip_address = string
|
||||
port = number
|
||||
})))
|
||||
|
|
|
@ -62,30 +62,36 @@ neg_configs = {
|
|||
network = "projects/my-project/global/networks/shared-vpc"
|
||||
subnetwork = "projects/my-project/regions/europe-west8/subnetworks/gce"
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
instance = "nginx-ew8-b"
|
||||
ip_address = "10.24.32.25"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
instance = "nginx-ew8-b"
|
||||
ip_address = "10.24.32.25"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
neg-hybrid = {
|
||||
hybrid = {
|
||||
network = "projects/my-project/global/networks/shared-vpc"
|
||||
zone = "europe-west8-b"
|
||||
endpoints = [{
|
||||
ip_address = "192.168.0.3"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "192.168.0.3"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
neg-internet = {
|
||||
internet = {
|
||||
use_fqdn = true
|
||||
endpoints = [{
|
||||
destination = "hello.example.org"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
destination = "hello.example.org"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,11 +9,13 @@ neg_configs = {
|
|||
custom = {
|
||||
gce = {
|
||||
zone = "europe-west1-b"
|
||||
endpoints = [{
|
||||
ip_address = "10.0.0.10"
|
||||
instance = "test-1"
|
||||
port = 80
|
||||
}]
|
||||
endpoints = {
|
||||
e-0 = {
|
||||
ip_address = "10.0.0.10"
|
||||
instance = "test-1"
|
||||
port = 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue