M4CE (v5) Examples (#413)
* M4CE (v5) Examples * vm-migration new parent folder * New vm-migration section * Updated variables description * Updated variables description * Fixed broken link * Updated variables description * Fix lines spacing * Added output variable * Updated Variables description * New variables layout * fixed new line * M4CE (v5) Examples * vm-migration new parent folder * New vm-migration section * Updated variables description * Updated variables description * Fixed broken link * Updated variables description * Fix lines spacing * Added output variable * Updated Variables description * New variables layout * fixed new line * added test * move test on new folder * Updated variables order and description * Added output file * vm-migration example tests * Updated output description * Updated output description * Fixed Typo Co-authored-by: Simone Ruffilli <sruffilli@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
This commit is contained in:
parent
5396735bc6
commit
e279818b55
|
@ -50,5 +50,10 @@ The example's feed tracks changes to Google Compute instances, and the Cloud Fun
|
|||
|
||||
|
||||
This [example](./onprem-sa-key-management) shows how to manage IAM Service Account Keys by manually generating a key pair and uploading the public part of the key to GCP.
|
||||
s
|
||||
|
||||
<br clear="left">
|
||||
|
||||
## Migrate for Compute Engine (v5)
|
||||
<a href="./vm-migration" title="Packer image builder"><img src="./vm-migration/host-target-projects/diagram.png" align="left" width="280px"></a> This set of [examples](./vm-migration) shows how to deploy Migrate for Compute Engine (v5) on top of existing Cloud Foundations on different scenarios. An example on how to deploy the M4CE connector on VMWare ESXi is also part of the examples.
|
||||
|
||||
<br clear="left">
|
|
@ -0,0 +1,34 @@
|
|||
# Migrate for Compute Engine (v5) examples
|
||||
|
||||
The examples in this folder implement **Migrate for Compute Engine (v5)** environments for the main migration scenarios like the ones with host and target project, or with shared VPC.
|
||||
|
||||
They are meant to be used as minimal but complete starting points to create migration environment **on top of existing cloud foundations**, and as playgrounds to experiment with specific Google Cloud features.
|
||||
|
||||
## Examples
|
||||
|
||||
### M4CE on a single project
|
||||
|
||||
<a href="./single-project/" title="M4CE with single project"><img src="./single-project/diagram.png" align="left" width="280px"></a> This [example](./single-project/) implements a simple environment for Migrate for Compute Engine (v5) where both the API backend and the migration target environment are deployed on a single GCP project.
|
||||
|
||||
This example represents the easiest sceario to implement a Migrate for Compute Engine (v5) enviroment suitable for small migrations on simple enviroments or for product showcases.
|
||||
<br clear="left">
|
||||
|
||||
### M4CE with host and target projects
|
||||
|
||||
<a href="./host-target-projects/" title="M4CE with host and target projects"><img src="./host-target-projects/diagram.png" align="left" width="280px"></a> This [example](./host-target-projects/) implements a Migrate for Compute Engine (v5) host and target projects topology where the API backend and access grants are implemented on the host project while workloads are migrated on a different target project.
|
||||
|
||||
This example shows a complex scenario where Migrate for Compute Engine (v5) can be deployed on top of and existing HUB and SPOKE topology and the migration target projects are deployed with platform foundations.
|
||||
<br clear="left">
|
||||
|
||||
### M4CE with Host and Target Projects and Shared VPC
|
||||
|
||||
<a href="./host-target-sharedvpc/" title="M4CE with host and target projects and shared VPC"><img src="./host-target-sharedvpc/diagram.png" align="left" width="280px"></a> This [example](./host-target-sharedvpc/) implements a Migrate for Compute Engine (v5) host and target projects topology as described above with the support of shared VPC.
|
||||
|
||||
The example shows how to implement a Migrate for Compute Engine (v5) environment on top of an existing shared VPC topology where the shared VPC service projects are the target projects for the migration.
|
||||
<br clear="left">
|
||||
|
||||
### ESXi Connector
|
||||
|
||||
<a href="./esxi/" title="M4CE ESXi connector"><img src="./esxi/diagram.png" align="left" width="280px"></a> This [example](./esxi/) implements a Migrate for Compute Engine (v5) environment on a VMWare ESXi cluster as source for VM migrations.
|
||||
|
||||
The example shows how to deploy the Migrate for Compute Engine (v5) connector and implement all the security prerequisites for the migration to GCP.
|
|
@ -0,0 +1,43 @@
|
|||
# M4CE(v5) - ESXi Connector
|
||||
|
||||
This example deploys a virtual machine from an OVA image and the security prerequisites to run the Migrate for Compute Engine (v5) [connector](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector) on VMWare ESXi.
|
||||
|
||||
The example is designed to deploy the M4CE (v5) connector on and existing VMWare environment. The [network configuration](https://cloud.google.com/migrate/compute-engine/docs/5.0/concepts/architecture#migration_architecture) required to allow the communication of the migrate connetor to the GCP API is not included in this example.
|
||||
|
||||
This is the high level diagram:
|
||||
|
||||
![High-level diagram](diagram.png "High-level diagram")
|
||||
|
||||
## Managed resources and services
|
||||
|
||||
This sample creates several distinct groups of resources:
|
||||
|
||||
- virtual machine
|
||||
- [M4CE migrate connector](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector#installing_the_migrate_connector)
|
||||
- IAM
|
||||
- [vCenter user role](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector#step-1)
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [m4ce_ssh_public_key](variables.tf#L43) | Filesystem path to the public key for the SSH login | <code>string</code> | ✓ | |
|
||||
| [vcenter_password](variables.tf#L48) | VCenter user password. | <code>string</code> | ✓ | |
|
||||
| [vsphere_environment](variables.tf#L53) | VMVware VSphere connection parameters | <code title="object({ vcenter_ip = string vcenter_user = string data_center = string resource_pool = string host_ip = string datastore = string virtual_net = string })">object({…})</code> | ✓ | |
|
||||
| [m4ce_appliance_properties](variables.tf#L15) | M4CE connector OVA image configuration parameters | <code title="object({ hostname = string ip0 = string netmask0 = string gateway = string DNS = string proxy = string route0 = string })">object({…})</code> | | <code title="{ "hostname" = "gcp-m4ce-connector" "ip0" = "0.0.0.0" "netmask0" = "0.0.0.0" "gateway" = "0.0.0.0" "DNS" = "" "proxy" = "" "route0" = "" }">{…}</code> |
|
||||
| [m4ce_connector_ovf_url](variables.tf#L37) | http URL to the public M4CE connector OVA image | <code>string</code> | | <code>"https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"</code> |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
## Manual Steps
|
||||
Once this example is deployed a VCenter user has to be created and binded to the M4CE role in order to allow the connector access the VMWare resources.
|
||||
The user can be created manually through the VCenter web interface or througt GOV commandline if it is available:
|
||||
```bash
|
||||
export GOVC_URL=<VCENTER_URL> (eg. https://192.168.1.100/sdk)
|
||||
export GOVC_USERNAME=<VCENTER_ADMIN_USER> (eg. administrator@example.local)
|
||||
export GOVC_PASSWORD=<PASSWORD>
|
||||
export GOVC_INSECURE=true
|
||||
|
||||
govc sso.user.create -p <USER_PASSWORD> -R gcp-m4ce-role gcp-m4ce-user
|
||||
govc permissions.set -principal gcp-m4ce-user@example.local -propagate=true -role gcp-m4ce-role
|
||||
```
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2021 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
terraform {
|
||||
backend "gcs" {
|
||||
bucket = ""
|
||||
}
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 16 KiB |
|
@ -0,0 +1,58 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
locals {
|
||||
rsa-public-key = file(var.m4ce_ssh_public_key)
|
||||
}
|
||||
|
||||
resource "vsphere_role" "gcp-m4ce-role" {
|
||||
name = "gcp-m4ce-role"
|
||||
role_privileges = [
|
||||
"Global.DisableMethods",
|
||||
"Global.EnableMethods",
|
||||
"VirtualMachine.Config.ChangeTracking",
|
||||
"VirtualMachine.Interact.PowerOff",
|
||||
"VirtualMachine.Provisioning.DiskRandomRead",
|
||||
"VirtualMachine.Provisioning.GetVmFiles",
|
||||
"VirtualMachine.State.CreateSnapshot",
|
||||
"VirtualMachine.State.RemoveSnapshot"
|
||||
]
|
||||
}
|
||||
|
||||
resource "vsphere_virtual_machine" "gcp-m4ce-connector" {
|
||||
name = var.m4ce_appliance_properties.hostname
|
||||
resource_pool_id = data.vsphere_resource_pool.vsphere_pool.id
|
||||
datastore_id = data.vsphere_datastore.vsphere_datastore.id
|
||||
host_system_id = data.vsphere_host.vsphere_host.id
|
||||
datacenter_id = data.vsphere_datacenter.vsphere_dc.id
|
||||
num_cpus = 4
|
||||
memory = 16384
|
||||
|
||||
network_interface {
|
||||
network_id = data.vsphere_network.vsphere_network.id
|
||||
}
|
||||
|
||||
wait_for_guest_net_timeout = 0
|
||||
wait_for_guest_ip_timeout = 0
|
||||
|
||||
scsi_type = "lsilogic-sas"
|
||||
|
||||
ovf_deploy {
|
||||
remote_ovf_url = var.m4ce_connector_ovf_url
|
||||
}
|
||||
|
||||
vapp {
|
||||
properties = merge({ "public-keys" = local.rsa-public-key }, var.m4ce_appliance_properties)
|
||||
}
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
provider "vsphere" {
|
||||
user = var.vsphere_environment.vcenter_user
|
||||
password = var.vcenter_password
|
||||
vsphere_server = var.vsphere_environment.vcenter_ip
|
||||
allow_unverified_ssl = true
|
||||
}
|
|
@ -0,0 +1,66 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
variable "m4ce_appliance_properties" {
|
||||
description = "M4CE connector OVA image configuration parameters"
|
||||
type = object({
|
||||
hostname = string
|
||||
ip0 = string
|
||||
netmask0 = string
|
||||
gateway = string
|
||||
DNS = string
|
||||
proxy = string
|
||||
route0 = string
|
||||
})
|
||||
default = {
|
||||
"hostname" = "gcp-m4ce-connector"
|
||||
"ip0" = "0.0.0.0"
|
||||
"netmask0" = "0.0.0.0"
|
||||
"gateway" = "0.0.0.0"
|
||||
"DNS" = ""
|
||||
"proxy" = ""
|
||||
"route0" = ""
|
||||
}
|
||||
}
|
||||
|
||||
variable "m4ce_connector_ovf_url" {
|
||||
description = "http URL to the public M4CE connector OVA image"
|
||||
type = string
|
||||
default = "https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"
|
||||
}
|
||||
|
||||
variable "m4ce_ssh_public_key" {
|
||||
description = "Filesystem path to the public key for the SSH login"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "vcenter_password" {
|
||||
description = "VCenter user password."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "vsphere_environment" {
|
||||
description = "VMVware VSphere connection parameters"
|
||||
type = object({
|
||||
vcenter_ip = string
|
||||
vcenter_user = string
|
||||
data_center = string
|
||||
resource_pool = string
|
||||
host_ip = string
|
||||
datastore = string
|
||||
virtual_net = string
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
data "vsphere_datacenter" "vsphere_dc" {
|
||||
name = var.vsphere_environment.data_center
|
||||
}
|
||||
|
||||
data "vsphere_resource_pool" "vsphere_pool" {
|
||||
name = var.vsphere_environment.resource_pool
|
||||
datacenter_id = data.vsphere_datacenter.vsphere_dc.id
|
||||
}
|
||||
|
||||
data "vsphere_host" "vsphere_host" {
|
||||
name = var.vsphere_environment.host_ip
|
||||
datacenter_id = data.vsphere_datacenter.vsphere_dc.id
|
||||
}
|
||||
|
||||
data "vsphere_datastore" "vsphere_datastore" {
|
||||
name = var.vsphere_environment.datastore
|
||||
datacenter_id = data.vsphere_datacenter.vsphere_dc.id
|
||||
}
|
||||
|
||||
data "vsphere_network" "vsphere_network" {
|
||||
name = var.vsphere_environment.virtual_net
|
||||
datacenter_id = data.vsphere_datacenter.vsphere_dc.id
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
# M4CE(v5) - Host and Target Projects
|
||||
|
||||
This example creates a Migrate for Compute Engine (v5) environment deployed on an host project with multiple [target projects](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#identifying_your_host_project).
|
||||
|
||||
The example is designed to implement a M4CE (v5) environment on-top of complex migration landing environments where VMs have to be migrated to multiple target projects. It also includes the IAM wiring needed to make such scenarios work.
|
||||
|
||||
This is the high level diagram:
|
||||
|
||||
![High-level diagram](diagram.png "High-level diagram")
|
||||
|
||||
## Managed resources and services
|
||||
|
||||
This sample creates\updates several distinct groups of resources:
|
||||
|
||||
- projects
|
||||
- Deploy M4CE host project with [required services](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#enabling_required_services_on_the_host_project) on a new or existing project.
|
||||
- M4CE target project prerequisites deployed on existing projects.
|
||||
- IAM
|
||||
- Create a [service account](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector#step-3) used at runtime by the M4CE connector for data replication
|
||||
- Grant [migration admin roles](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to provided user accounts
|
||||
- Grant [migration viewer role](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to provided user accounts
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
||||
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations | <code>list(string)</code> | ✓ | |
|
||||
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L31) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [project_name](variables.tf#L40) | Name of an existing project or of the new project assigned as M4CE host project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects | |
|
||||
|
||||
<!-- END TFDOC -->
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
terraform {
|
||||
backend "gcs" {
|
||||
bucket = ""
|
||||
}
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 34 KiB |
|
@ -0,0 +1,73 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "host-project" {
|
||||
source = "../../../../modules/project"
|
||||
billing_account = (var.project_create != null
|
||||
? var.project_create.billing_account_id
|
||||
: null
|
||||
)
|
||||
name = var.project_name
|
||||
parent = (var.project_create != null
|
||||
? var.project_create.parent
|
||||
: null
|
||||
)
|
||||
|
||||
services = [
|
||||
"cloudresourcemanager.googleapis.com",
|
||||
"compute.googleapis.com",
|
||||
"iam.googleapis.com",
|
||||
"logging.googleapis.com",
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com",
|
||||
"vmmigration.googleapis.com",
|
||||
]
|
||||
|
||||
project_create = var.project_create != null
|
||||
|
||||
iam_additive = {
|
||||
"roles/iam.serviceAccountKeyAdmin" = var.migration_admin_users,
|
||||
"roles/iam.serviceAccountCreator" = var.migration_admin_users,
|
||||
"roles/vmmigration.admin" = var.migration_admin_users,
|
||||
"roles/vmmigration.viewer" = var.migration_viewer_users,
|
||||
}
|
||||
}
|
||||
|
||||
module "m4ce-service-account" {
|
||||
source = "../../../../modules/iam-service-account"
|
||||
project_id = module.host-project.project_id
|
||||
name = "m4ce-sa"
|
||||
generate_key = true
|
||||
}
|
||||
|
||||
module "target-projects" {
|
||||
for_each = toset(var.migration_target_projects)
|
||||
source = "../../../../modules/project"
|
||||
name = each.key
|
||||
project_create = false
|
||||
|
||||
services = [
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com",
|
||||
"iam.googleapis.com",
|
||||
"cloudresourcemanager.googleapis.com",
|
||||
"compute.googleapis.com"
|
||||
]
|
||||
|
||||
iam_additive = {
|
||||
"roles/resourcemanager.projectIamAdmin" = var.migration_admin_users,
|
||||
"roles/compute.viewer" = var.migration_admin_users,
|
||||
"roles/iam.serviceAccountUser" = var.migration_admin_users
|
||||
}
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
output "m4ce_gmanaged_service_account" {
|
||||
description = "Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects"
|
||||
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||
}
|
|
@ -0,0 +1,44 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
variable "migration_admin_users" {
|
||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "migration_target_projects" {
|
||||
description = "List of target projects for m4ce workload migrations"
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "migration_viewer_users" {
|
||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "project_create" {
|
||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_name" {
|
||||
description = "Name of an existing project or of the new project assigned as M4CE host project"
|
||||
type = string
|
||||
default = "m4ce-host-project-000"
|
||||
}
|
|
@ -0,0 +1,44 @@
|
|||
# M4CE(v5) - Host and Target Projects with Shared VPC
|
||||
|
||||
This example creates a Migrate for Compute Engine (v5) environment deployed on an host project with multiple [target projects](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#identifying_your_host_project) and shared VPCs.
|
||||
|
||||
The example is designed to implement a M4CE (v5) environment on-top of complex migration landing environment where VMs have to be migrated to multiple target projects. In this example targets are alse service projects for a shared VPC. It also includes the IAM wiring needed to make such scenarios work.
|
||||
|
||||
This is the high level diagram:
|
||||
|
||||
![High-level diagram](diagram.png "High-level diagram")
|
||||
|
||||
## Managed resources and services
|
||||
|
||||
This sample creates\update several distinct groups of resources:
|
||||
|
||||
- projects
|
||||
- M4CE host project with [required services](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#enabling_required_services_on_the_host_project) deployed on a new or existing project.
|
||||
- M4CE target project prerequisites deployed on existing projects.
|
||||
- IAM
|
||||
- Create a [service account](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector#step-3) used at runtime by the M4CE connector for data replication
|
||||
- Grant [migration admin roles](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to provided user accounts.
|
||||
- Grant [migration viewer role](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to provided user accounts.
|
||||
- Grant [roles on shared VPC](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/target-project#configure-permissions) to migration admins
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
||||
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations | <code>list(string)</code> | ✓ | |
|
||||
| [sharedvpc_host_projects](variables.tf#L45) | List of host projects that share a VPC with the selected target projects | <code>list(string)</code> | ✓ | |
|
||||
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L30) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [project_name](variables.tf#L39) | Name of an existing project or of the new project assigned as M4CE host project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
## Manual Steps
|
||||
Once this example is deployed the M4CE [m4ce_gmanaged_service_account](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/target-sa-compute-engine#configuring_the_default_service_account) has to be configured to grant the access to the shared VPC and allow the deploy of Compute Engine instances as the result of the migration.
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
terraform {
|
||||
backend "gcs" {
|
||||
bucket = ""
|
||||
}
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 34 KiB |
|
@ -0,0 +1,84 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "host-project" {
|
||||
source = "../../../../modules/project"
|
||||
billing_account = (var.project_create != null
|
||||
? var.project_create.billing_account_id
|
||||
: null
|
||||
)
|
||||
name = var.project_name
|
||||
parent = (var.project_create != null
|
||||
? var.project_create.parent
|
||||
: null
|
||||
)
|
||||
|
||||
services = [
|
||||
"cloudresourcemanager.googleapis.com",
|
||||
"compute.googleapis.com",
|
||||
"iam.googleapis.com",
|
||||
"logging.googleapis.com",
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com",
|
||||
"vmmigration.googleapis.com",
|
||||
]
|
||||
|
||||
project_create = var.project_create != null
|
||||
|
||||
iam_additive = {
|
||||
"roles/iam.serviceAccountKeyAdmin" = var.migration_admin_users,
|
||||
"roles/iam.serviceAccountCreator" = var.migration_admin_users,
|
||||
"roles/vmmigration.admin" = var.migration_admin_users,
|
||||
"roles/vmmigration.viewer" = var.migration_viewer_users,
|
||||
}
|
||||
}
|
||||
|
||||
module "m4ce-service-account" {
|
||||
source = "../../../../modules/iam-service-account"
|
||||
project_id = module.host-project.project_id
|
||||
name = "m4ce-sa"
|
||||
}
|
||||
|
||||
module "target-projects" {
|
||||
|
||||
for_each = toset(var.migration_target_projects)
|
||||
source = "../../../../modules/project"
|
||||
name = each.key
|
||||
project_create = false
|
||||
|
||||
services = [
|
||||
"cloudresourcemanager.googleapis.com",
|
||||
"compute.googleapis.com",
|
||||
"iam.googleapis.com",
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com",
|
||||
]
|
||||
|
||||
iam_additive = {
|
||||
"roles/resourcemanager.projectIamAdmin" = var.migration_admin_users,
|
||||
"roles/iam.serviceAccountUser" = var.migration_admin_users,
|
||||
}
|
||||
}
|
||||
|
||||
module "sharedvpc_host_project" {
|
||||
|
||||
for_each = toset(var.sharedvpc_host_projects)
|
||||
source = "../../../../modules/project"
|
||||
name = each.key
|
||||
project_create = false
|
||||
|
||||
iam_additive = {
|
||||
"roles/compute.viewer" = var.migration_admin_users,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
output "m4ce_gmanaged_service_account" {
|
||||
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects"
|
||||
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||
}
|
|
@ -0,0 +1,48 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
variable "migration_admin_users" {
|
||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "migration_target_projects" {
|
||||
description = "List of target projects for m4ce workload migrations"
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "migration_viewer_users" {
|
||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
variable "project_create" {
|
||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_name" {
|
||||
description = "Name of an existing project or of the new project assigned as M4CE host project"
|
||||
type = string
|
||||
default = "m4ce-host-project-000"
|
||||
}
|
||||
|
||||
variable "sharedvpc_host_projects" {
|
||||
description = "List of host projects that share a VPC with the selected target projects"
|
||||
type = list(string)
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
# M4CE(v5) - Single Project
|
||||
|
||||
This sample creates a simple M4CE (v5) environment deployed on a signle [host project](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#identifying_your_host_project).
|
||||
|
||||
The example is designed for quick tests or product demos where it is required to setup a simple and minimal M4CE (v5) environment. It also includes the IAM wiring needed to make such scenarios work.
|
||||
|
||||
This is the high level diagram:
|
||||
|
||||
![High-level diagram](diagram.png "High-level diagram")
|
||||
|
||||
## Managed resources and services
|
||||
|
||||
This sample creates several distinct groups of resources:
|
||||
|
||||
- projects
|
||||
- M4CE host project with [required services](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#enabling_required_services_on_the_host_project) deployed on a new or existing project.
|
||||
- networking
|
||||
- Default VPC network
|
||||
- IAM
|
||||
- One [service account](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector#step-3) used at runtime by the M4CE connector for data replication
|
||||
- Grant [migration admin roles](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to admin user accounts
|
||||
- Grant [migration viewer role](https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/enable-services#using_predefined_roles) to viewer user accounts
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
||||
| [migration_viewer_users](variables.tf#L20) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L26) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [project_name](variables.tf#L35) | Name of an existing project or of the new project assigned as M4CE host an target project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||
| [vpc_config](variables.tf#L41) | Parameters to create a simple VPC on the M4CE project | <code title="object({ ip_cidr_range = string, region = string })">object({…})</code> | | <code title="{ ip_cidr_range = "10.200.0.0/20", region = "us-west2" }">{…}</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects | |
|
||||
|
||||
<!-- END TFDOC -->
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
terraform {
|
||||
backend "gcs" {
|
||||
bucket = ""
|
||||
}
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 26 KiB |
|
@ -0,0 +1,90 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "landing-project" {
|
||||
source = "../../../../modules/project"
|
||||
billing_account = (var.project_create != null
|
||||
? var.project_create.billing_account_id
|
||||
: null
|
||||
)
|
||||
name = var.project_name
|
||||
parent = (var.project_create != null
|
||||
? var.project_create.parent
|
||||
: null
|
||||
)
|
||||
|
||||
services = [
|
||||
"cloudresourcemanager.googleapis.com",
|
||||
"compute.googleapis.com",
|
||||
"iam.googleapis.com",
|
||||
"logging.googleapis.com",
|
||||
"networkconnectivity.googleapis.com",
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com",
|
||||
"vmmigration.googleapis.com"
|
||||
]
|
||||
|
||||
project_create = var.project_create != null
|
||||
|
||||
iam_additive = {
|
||||
"roles/iam.serviceAccountKeyAdmin" = var.migration_admin_users,
|
||||
"roles/iam.serviceAccountCreator" = var.migration_admin_users,
|
||||
"roles/vmmigration.admin" = var.migration_admin_users,
|
||||
"roles/vmmigration.viewer" = var.migration_viewer_users
|
||||
}
|
||||
}
|
||||
|
||||
module "m4ce-service-account" {
|
||||
source = "../../../../modules/iam-service-account"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "m4ce-sa"
|
||||
generate_key = true
|
||||
}
|
||||
|
||||
module "landing-vpc" {
|
||||
source = "../../../../modules/net-vpc"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "landing-vpc"
|
||||
subnets = [
|
||||
{
|
||||
ip_cidr_range = var.vpc_config.ip_cidr_range
|
||||
name = "landing-vpc-${var.vpc_config.region}"
|
||||
region = var.vpc_config.region
|
||||
secondary_ip_range = {}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
module "landing-vpc-firewall" {
|
||||
source = "../../../../modules/net-vpc-firewall"
|
||||
project_id = module.landing-project.project_id
|
||||
network = module.landing-vpc.name
|
||||
admin_ranges = []
|
||||
http_source_ranges = []
|
||||
https_source_ranges = []
|
||||
ssh_source_ranges = []
|
||||
custom_rules = {
|
||||
allow-ssh = {
|
||||
description = "Allow SSH from IAP"
|
||||
direction = "INGRESS"
|
||||
action = "allow"
|
||||
sources = []
|
||||
ranges = ["35.235.240.0/20"]
|
||||
targets = []
|
||||
use_service_accounts = false
|
||||
rules = [{ protocol = "tcp", ports = ["22"] }]
|
||||
extra_attributes = {}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
output "m4ce_gmanaged_service_account" {
|
||||
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects"
|
||||
value = "serviceAccount:service-${module.landing-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||
}
|
|
@ -0,0 +1,51 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
variable "migration_admin_users" {
|
||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "migration_viewer_users" {
|
||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "project_create" {
|
||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_name" {
|
||||
description = "Name of an existing project or of the new project assigned as M4CE host an target project"
|
||||
type = string
|
||||
default = "m4ce-host-project-000"
|
||||
}
|
||||
|
||||
variable "vpc_config" {
|
||||
description = "Parameters to create a simple VPC on the M4CE project"
|
||||
type = object({
|
||||
ip_cidr_range = string,
|
||||
region = string
|
||||
})
|
||||
default = {
|
||||
ip_cidr_range = "10.200.0.0/20",
|
||||
region = "us-west2"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
|
@ -0,0 +1,43 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "host-target-projects-test" {
|
||||
source = "../../../../../../examples/cloud-operations/vm-migration/host-target-projects"
|
||||
project_create = var.project_create
|
||||
migration_admin_users = ["user:admin@example.com"]
|
||||
migration_viewer_users = ["user:viewer@example.com"]
|
||||
migration_target_projects = ["${module.test-target-project.name}"]
|
||||
depends_on = [
|
||||
module.test-target-project
|
||||
]
|
||||
}
|
||||
|
||||
variable "project_create" {
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = {
|
||||
billing_account_id = "1234-ABCD-1234"
|
||||
parent = "folders/1234563"
|
||||
}
|
||||
}
|
||||
|
||||
#This is a dummy project created to run this test. The example, here tested, is expected to run on top of existing foundations.
|
||||
module "test-target-project" {
|
||||
source = "../../../../../../modules/project"
|
||||
billing_account = "1234-ABCD-1234"
|
||||
name = "test-target-project"
|
||||
project_create = true
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
import os
|
||||
|
||||
|
||||
FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture')
|
||||
|
||||
|
||||
def test_resources(e2e_plan_runner):
|
||||
"Test that plan works and the numbers of resources is as expected."
|
||||
modules, resources = e2e_plan_runner(FIXTURES_DIR)
|
||||
assert len(modules) == 3
|
||||
assert len(resources) == 23
|
|
@ -0,0 +1,13 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
|
@ -0,0 +1,51 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "host-target-sharedvpc-test" {
|
||||
source = "../../../../../../examples/cloud-operations/vm-migration/host-target-sharedvpc"
|
||||
project_create = var.project_create
|
||||
migration_admin_users = ["user:admin@example.com"]
|
||||
migration_viewer_users = ["user:viewer@example.com"]
|
||||
migration_target_projects = [module.test-target-project.name]
|
||||
sharedvpc_host_projects = [module.test-sharedvpc-host-project.name]
|
||||
depends_on = [
|
||||
module.test-target-project,
|
||||
module.test-sharedvpc-host-project,
|
||||
]
|
||||
}
|
||||
|
||||
variable "project_create" {
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = {
|
||||
billing_account_id = "1234-ABCD-1234"
|
||||
parent = "folders/1234563"
|
||||
}
|
||||
}
|
||||
|
||||
#These are a dummy projects created to run this test. The example, here tested, is expected to run on top of existing foundations.
|
||||
module "test-target-project" {
|
||||
source = "../../../../../../modules/project"
|
||||
billing_account = "1234-ABCD-1234"
|
||||
name = "test-target-project"
|
||||
project_create = true
|
||||
}
|
||||
module "test-sharedvpc-host-project" {
|
||||
source = "../../../../../../modules/project"
|
||||
billing_account = "1234-ABCD-1234"
|
||||
name = "test-sharedvpc-host-project"
|
||||
project_create = true
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
import os
|
||||
|
||||
|
||||
FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture')
|
||||
|
||||
|
||||
def test_resources(e2e_plan_runner):
|
||||
"Test that plan works and the numbers of resources is as expected."
|
||||
modules, resources = e2e_plan_runner(FIXTURES_DIR)
|
||||
assert len(modules) == 4
|
||||
assert len(resources) == 23
|
|
@ -0,0 +1,13 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
|
@ -0,0 +1,31 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "single-project-test" {
|
||||
source = "../../../../../../examples/cloud-operations/vm-migration/single-project"
|
||||
project_create = var.project_create
|
||||
migration_admin_users = ["user:admin@example.com"]
|
||||
migration_viewer_users = ["user:viewer@example.com"]
|
||||
}
|
||||
|
||||
variable "project_create" {
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = {
|
||||
billing_account_id = "1234-ABCD-1234"
|
||||
parent = "folders/1234563"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,25 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import os
|
||||
|
||||
|
||||
FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture')
|
||||
|
||||
|
||||
def test_resources(e2e_plan_runner):
|
||||
"Test that plan works and the numbers of resources is as expected."
|
||||
modules, resources = e2e_plan_runner(FIXTURES_DIR)
|
||||
assert len(modules) == 4
|
||||
assert len(resources) == 18
|
Loading…
Reference in New Issue