Merge branch 'network-dashboard' of https://github.com/aurelienlegrand/cloud-foundation-fabric into network-dashboard
This commit is contained in:
commit
e455a598ae
|
@ -10,6 +10,7 @@ All notable changes to this project will be documented in this file.
|
|||
- add support for IAM to `data-catalog-policy-tag` module
|
||||
- add support for IAM additive to `folder` module, fixes #580
|
||||
- **incompatible change** the variable for PSA ranges in the `net-vpc` module has changed to support configuring peering routes
|
||||
- optionally turn off gcplogs driver in COS modules
|
||||
|
||||
**FAST**
|
||||
|
||||
|
|
|
@ -77,8 +77,9 @@ module "cos-coredns" {
|
|||
| [cloud_config](variables.tf#L17) | Cloud config template path. If null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L23) | Additional variables used to render the cloud-config and CoreDNS templates. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [coredns_config](variables.tf#L29) | CoreDNS configuration path, if null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [file_defaults](variables.tf#L35) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L47) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [docker_logging](variables.tf#L35) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [file_defaults](variables.tf#L41) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L53) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [test_instance](variables-instance.tf#L17) | Test/development instance attributes, leave null to skip creation. | <code title="object({ project_id = string zone = string name = string type = string network = string subnetwork = string })">object({…})</code> | | <code>null</code> |
|
||||
| [test_instance_defaults](variables-instance.tf#L30) | Test/development instance defaults used for optional configuration. If image is null, COS stable will be used. | <code title="object({ disks = map(object({ read_only = bool size = number })) image = string metadata = map(string) nat = bool service_account_roles = list(string) tags = list(string) })">object({…})</code> | | <code title="{ disks = {} image = null metadata = {} nat = false service_account_roles = [ "roles/logging.logWriter", "roles/monitoring.metricWriter" ] tags = ["ssh"] }">{…}</code> |
|
||||
|
||||
|
|
|
@ -58,7 +58,10 @@ write_files:
|
|||
Wants=gcr-online.target docker.socket docker-events-collector.service
|
||||
[Service]
|
||||
ExecStart=/usr/bin/docker run --rm --name=coredns \
|
||||
--log-driver=gcplogs --network host \
|
||||
%{~ if docker_logging ~}
|
||||
--log-driver=gcplogs \
|
||||
%{~ endif ~}
|
||||
--network host \
|
||||
-v /etc/coredns:/etc/coredns \
|
||||
coredns/coredns -conf /etc/coredns/Corefile
|
||||
ExecStop=/usr/bin/docker stop coredns
|
||||
|
|
|
@ -16,8 +16,9 @@
|
|||
|
||||
locals {
|
||||
cloud_config = templatefile(local.template, merge(var.config_variables, {
|
||||
corefile = templatefile(local.corefile, var.config_variables)
|
||||
files = local.files
|
||||
corefile = templatefile(local.corefile, var.config_variables)
|
||||
docker_logging = var.docker_logging
|
||||
files = local.files
|
||||
}))
|
||||
corefile = (
|
||||
var.coredns_config == null ? "${path.module}/Corefile" : var.coredns_config
|
||||
|
|
|
@ -32,6 +32,12 @@ variable "coredns_config" {
|
|||
default = null
|
||||
}
|
||||
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "file_defaults" {
|
||||
description = "Default owner and permissions for files."
|
||||
type = object({
|
||||
|
|
|
@ -64,7 +64,7 @@ module "cos-envoy" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [container_image](variables.tf#L42) | Container image. | <code>string</code> | ✓ | |
|
||||
| [authenticate_gcr](variables.tf#L112) | Setup docker to pull images from private GCR. Requires at least one user since the token is stored in the home of the first user defined. | <code>bool</code> | | <code>false</code> |
|
||||
| [authenticate_gcr](variables.tf#L118) | Setup docker to pull images from private GCR. Requires at least one user since the token is stored in the home of the first user defined. | <code>bool</code> | | <code>false</code> |
|
||||
| [boot_commands](variables.tf#L17) | List of cloud-init `bootcmd`s. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [cloud_config](variables.tf#L23) | Cloud config template path. If provided, takes precedence over all other arguments. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L29) | Additional variables used to render the template passed via `cloud_config`. | <code>map(any)</code> | | <code>{}</code> |
|
||||
|
@ -72,11 +72,12 @@ module "cos-envoy" {
|
|||
| [container_name](variables.tf#L47) | Name of the container to be run. | <code>string</code> | | <code>"container"</code> |
|
||||
| [container_volumes](variables.tf#L53) | List of volumes. | <code title="list(object({ host = string, container = string }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [docker_args](variables.tf#L62) | Extra arguments to be passed for docker. | <code>string</code> | | <code>null</code> |
|
||||
| [file_defaults](variables.tf#L68) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L80) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [gcp_logging](variables.tf#L90) | Should container logs be sent to Google Cloud Logging. | <code>bool</code> | | <code>true</code> |
|
||||
| [run_commands](variables.tf#L96) | List of cloud-init `runcmd`s. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [users](variables.tf#L102) | List of usernames to be created. If provided, first user will be used to run the container. | <code title="list(object({ username = string, uid = number, }))">list(object({…}))</code> | | <code title="[ ]">[…]</code> |
|
||||
| [docker_logging](variables.tf#L68) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [file_defaults](variables.tf#L74) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L86) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [gcp_logging](variables.tf#L96) | Should container logs be sent to Google Cloud Logging. | <code>bool</code> | | <code>true</code> |
|
||||
| [run_commands](variables.tf#L102) | List of cloud-init `runcmd`s. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [users](variables.tf#L108) | List of usernames to be created. If provided, first user will be used to run the container. | <code title="list(object({ username = string, uid = number, }))">list(object({…}))</code> | | <code title="[ ]">[…]</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
@ -44,26 +44,26 @@ write_files:
|
|||
After=gcr-online.target docker.socket
|
||||
Wants=gcr-online.target docker.socket docker-events-collector.service
|
||||
[Service]
|
||||
%{ if authenticate_gcr && length(users) > 0 ~}
|
||||
%{ if authenticate_gcr && length(users) > 0 ~}
|
||||
Environment="HOME=/home/${users[0].username}"
|
||||
ExecStartPre=/usr/bin/docker-credential-gcr configure-docker
|
||||
%{ endif ~}
|
||||
%{ endif ~}
|
||||
ExecStart=/usr/bin/docker run --rm --name=${container_name} \
|
||||
%{ if length(users) > 0 ~}
|
||||
%{ if length(users) > 0 ~}
|
||||
--user=${users[0].uid} \
|
||||
%{ endif ~}
|
||||
%{ if gcp_logging == true ~}
|
||||
%{ endif ~}
|
||||
%{~ if docker_logging ~}
|
||||
--log-driver=gcplogs \
|
||||
%{ endif ~}
|
||||
%{ if docker_args != null ~}
|
||||
%{~ endif ~}
|
||||
%{~ if docker_args != null ~}
|
||||
${docker_args} \
|
||||
%{ endif ~}
|
||||
%{ for volume in container_volumes ~}
|
||||
%{~ endif ~}
|
||||
%{ for volume in container_volumes ~}
|
||||
-v ${volume.host}:${volume.container} \
|
||||
%{ endfor ~}
|
||||
%{ endfor ~}
|
||||
${container_image} ${container_args}
|
||||
ExecStop=/usr/bin/docker stop ${container_name}
|
||||
%{ for path, data in files ~}
|
||||
%{ for path, data in files ~}
|
||||
- path: ${path}
|
||||
owner: ${lookup(data, "owner", "root")}
|
||||
permissions: ${lookup(data, "permissions", "0644")}
|
||||
|
|
|
@ -22,6 +22,7 @@ locals {
|
|||
container_name = var.container_name
|
||||
container_volumes = var.container_volumes
|
||||
docker_args = var.docker_args
|
||||
docker_logging = var.docker_logging
|
||||
files = local.files
|
||||
gcp_logging = var.gcp_logging
|
||||
run_commands = var.run_commands
|
||||
|
|
|
@ -65,6 +65,12 @@ variable "docker_args" {
|
|||
default = null
|
||||
}
|
||||
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "file_defaults" {
|
||||
description = "Default owner and permissions for files."
|
||||
type = object({
|
||||
|
|
|
@ -50,8 +50,8 @@ module "vm-cos" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [docker_logging](variables.tf#L23) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [envoy_image](variables.tf#L17) | Envoy Proxy container image to use. | <code>string</code> | | <code>"envoyproxy/envoy:v1.14.1"</code> |
|
||||
| [gcp_logging](variables.tf#L23) | Should container logs be sent to Google Cloud Logging. | <code>bool</code> | | <code>true</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ module "cos-envoy-td" {
|
|||
}
|
||||
}
|
||||
|
||||
gcp_logging = var.gcp_logging
|
||||
gcp_logging = var.docker_logging
|
||||
|
||||
run_commands = [
|
||||
"iptables -t nat -N ENVOY_IN_REDIRECT",
|
||||
|
|
|
@ -20,8 +20,8 @@ variable "envoy_image" {
|
|||
default = "envoyproxy/envoy:v1.14.1"
|
||||
}
|
||||
|
||||
variable "gcp_logging" {
|
||||
description = "Should container logs be sent to Google Cloud Logging."
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
|
|
@ -79,13 +79,14 @@ module "cos-mysql" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [mysql_password](variables.tf#L58) | MySQL root password. If an encrypted password is set, use the kms_config variable to specify KMS configuration. | <code>string</code> | ✓ | |
|
||||
| [mysql_password](variables.tf#L64) | MySQL root password. If an encrypted password is set, use the kms_config variable to specify KMS configuration. | <code>string</code> | ✓ | |
|
||||
| [cloud_config](variables.tf#L17) | Cloud config template path. If null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L23) | Additional variables used to render the cloud-config template. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [image](variables.tf#L29) | MySQL container image. | <code>string</code> | | <code>"mysql:5.7"</code> |
|
||||
| [kms_config](variables.tf#L35) | Optional KMS configuration to decrypt passed-in password. Leave null if a plaintext password is used. | <code title="object({ project_id = string keyring = string location = string key = string })">object({…})</code> | | <code>null</code> |
|
||||
| [mysql_config](variables.tf#L46) | MySQL configuration file content, if null container default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [mysql_data_disk](variables.tf#L52) | MySQL data disk name in /dev/disk/by-id/ including the google- prefix. If null the boot disk will be used for data. | <code>string</code> | | <code>null</code> |
|
||||
| [docker_logging](variables.tf#L29) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [image](variables.tf#L35) | MySQL container image. | <code>string</code> | | <code>"mysql:5.7"</code> |
|
||||
| [kms_config](variables.tf#L41) | Optional KMS configuration to decrypt passed-in password. Leave null if a plaintext password is used. | <code title="object({ project_id = string keyring = string location = string key = string })">object({…})</code> | | <code>null</code> |
|
||||
| [mysql_config](variables.tf#L52) | MySQL configuration file content, if null container default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [mysql_data_disk](variables.tf#L58) | MySQL data disk name in /dev/disk/by-id/ including the google- prefix. If null the boot disk will be used for data. | <code>string</code> | | <code>null</code> |
|
||||
| [test_instance](variables-instance.tf#L17) | Test/development instance attributes, leave null to skip creation. | <code title="object({ project_id = string zone = string name = string type = string network = string subnetwork = string })">object({…})</code> | | <code>null</code> |
|
||||
| [test_instance_defaults](variables-instance.tf#L30) | Test/development instance defaults used for optional configuration. If image is null, COS stable will be used. | <code title="object({ disks = map(object({ read_only = bool size = number })) image = string metadata = map(string) nat = bool service_account_roles = list(string) tags = list(string) })">object({…})</code> | | <code title="{ disks = {} image = null metadata = {} nat = false service_account_roles = [ "roles/logging.logWriter", "roles/monitoring.metricWriter" ] tags = ["ssh"] }">{…}</code> |
|
||||
|
||||
|
|
|
@ -96,7 +96,9 @@ write_files:
|
|||
ExecStartPre=/bin/chown -R 2000 /run/mysql/secrets /run/mysql/data
|
||||
ExecStart=/usr/bin/docker run --rm --name=mysql \
|
||||
--user 2000:2000 \
|
||||
%{~ if docker_logging ~}
|
||||
--log-driver=gcplogs \
|
||||
%{~ endif ~}
|
||||
--network host \
|
||||
-e MYSQL_ROOT_PASSWORD_FILE=/etc/secrets/mysql-passwd.txt \
|
||||
-v /run/mysql/secrets:/etc/secrets \
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
locals {
|
||||
cloud_config = templatefile(local.template, merge(var.config_variables, {
|
||||
docker_logging = var.docker_logging
|
||||
image = var.image
|
||||
kms_config = var.kms_config
|
||||
mysql_config = var.mysql_config
|
||||
|
|
|
@ -26,6 +26,12 @@ variable "config_variables" {
|
|||
default = {}
|
||||
}
|
||||
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "image" {
|
||||
description = "MySQL container image."
|
||||
type = string
|
||||
|
|
|
@ -59,10 +59,11 @@ module "cos-nginx" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [cloud_config](variables.tf#L17) | Cloud config template path. If null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L23) | Additional variables used to render the cloud-config and Nginx templates. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [file_defaults](variables.tf#L41) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L53) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [image](variables.tf#L29) | Nginx container image. | <code>string</code> | | <code>"nginxdemos/hello:plain-text"</code> |
|
||||
| [nginx_config](variables.tf#L35) | Nginx configuration path, if null container default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [docker_logging](variables.tf#L29) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [file_defaults](variables.tf#L47) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L59) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [image](variables.tf#L35) | Nginx container image. | <code>string</code> | | <code>"nginxdemos/hello:plain-text"</code> |
|
||||
| [nginx_config](variables.tf#L41) | Nginx configuration path, if null container default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [test_instance](variables-instance.tf#L17) | Test/development instance attributes, leave null to skip creation. | <code title="object({ project_id = string zone = string name = string type = string network = string subnetwork = string })">object({…})</code> | | <code>null</code> |
|
||||
| [test_instance_defaults](variables-instance.tf#L30) | Test/development instance defaults used for optional configuration. If image is null, COS stable will be used. | <code title="object({ disks = map(object({ read_only = bool size = number })) image = string metadata = map(string) nat = bool service_account_roles = list(string) tags = list(string) })">object({…})</code> | | <code title="{ disks = {} image = null metadata = {} nat = false service_account_roles = [ "roles/logging.logWriter", "roles/monitoring.metricWriter" ] tags = ["ssh"] }">{…}</code> |
|
||||
|
||||
|
|
|
@ -53,7 +53,10 @@ write_files:
|
|||
Wants=gcr-online.target docker.socket docker-events-collector.service
|
||||
[Service]
|
||||
ExecStart=/usr/bin/docker run --rm --name=nginx \
|
||||
--log-driver=gcplogs --network host \
|
||||
%{~ if docker_logging ~}
|
||||
--log-driver=gcplogs \
|
||||
%{~ endif ~}
|
||||
--network host \
|
||||
%{~ if etc_mount ~}
|
||||
-v /etc/nginx/conf.d:/etc/nginx/conf.d \
|
||||
%{~ endif ~}
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
locals {
|
||||
cloud_config = templatefile(local.template, merge(var.config_variables, {
|
||||
docker_logging = var.docker_logging
|
||||
etc_mount = (
|
||||
var.nginx_config != null || length([
|
||||
for name in keys(var.files) :
|
||||
|
|
|
@ -26,6 +26,12 @@ variable "config_variables" {
|
|||
default = {}
|
||||
}
|
||||
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "image" {
|
||||
description = "Nginx container image."
|
||||
type = string
|
||||
|
|
|
@ -81,3 +81,4 @@ module "on-prem" {
|
|||
| [test_instance](outputs-instance.tf#L17) | Optional test instance name and address. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
||||
|
|
|
@ -61,15 +61,16 @@ module "cos-squid" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [allow](variables.tf#L57) | List of domains Squid will allow connections to. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [clients](variables.tf#L69) | List of CIDR ranges from which Squid will allow connections. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [allow](variables.tf#L63) | List of domains Squid will allow connections to. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [clients](variables.tf#L75) | List of CIDR ranges from which Squid will allow connections. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [cloud_config](variables.tf#L17) | Cloud config template path. If null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L23) | Additional variables used to render the cloud-config and Squid templates. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [default_action](variables.tf#L75) | Default action for domains not matching neither the allow or deny lists. | <code>string</code> | | <code>"deny"</code> |
|
||||
| [deny](variables.tf#L63) | List of domains Squid will deny connections to. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [file_defaults](variables.tf#L35) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L47) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [squid_config](variables.tf#L29) | Squid configuration path, if null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [default_action](variables.tf#L81) | Default action for domains not matching neither the allow or deny lists. | <code>string</code> | | <code>"deny"</code> |
|
||||
| [deny](variables.tf#L69) | List of domains Squid will deny connections to. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [docker_logging](variables.tf#L29) | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | <code>bool</code> | | <code>true</code> |
|
||||
| [file_defaults](variables.tf#L41) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L53) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [squid_config](variables.tf#L35) | Squid configuration path, if null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [test_instance](variables-instance.tf#L17) | Test/development instance attributes, leave null to skip creation. | <code title="object({ project_id = string zone = string name = string type = string network = string subnetwork = string })">object({…})</code> | | <code>null</code> |
|
||||
| [test_instance_defaults](variables-instance.tf#L30) | Test/development instance defaults used for optional configuration. If image is null, COS stable will be used. | <code title="object({ disks = map(object({ read_only = bool size = number })) image = string metadata = map(string) nat = bool service_account_roles = list(string) tags = list(string) })">object({…})</code> | | <code title="{ disks = {} image = null metadata = {} nat = false service_account_roles = [ "roles/logging.logWriter", "roles/monitoring.metricWriter" ] tags = ["ssh"] }">{…}</code> |
|
||||
|
||||
|
|
|
@ -71,7 +71,10 @@ write_files:
|
|||
Environment="HOME=/home/squid"
|
||||
ExecStartPre=/usr/bin/docker-credential-gcr configure-docker
|
||||
ExecStart=/usr/bin/docker run --rm --name=squid \
|
||||
--log-driver=gcplogs --network host \
|
||||
%{~ if docker_logging ~}
|
||||
--log-driver=gcplogs \
|
||||
%{~ endif ~}
|
||||
--network host \
|
||||
-v /etc/squid:/etc/squid \
|
||||
gcr.io/pso-cft-fabric/squid:0.10
|
||||
ExecStop=/usr/bin/docker stop squid
|
||||
|
|
|
@ -16,8 +16,9 @@
|
|||
|
||||
locals {
|
||||
cloud_config = templatefile(local.template, merge(local.config_variables, {
|
||||
squid_config = templatefile(local.squid_config, local.config_variables)
|
||||
files = local.files
|
||||
docker_logging = var.docker_logging
|
||||
squid_config = templatefile(local.squid_config, local.config_variables)
|
||||
files = local.files
|
||||
}))
|
||||
squid_config = (
|
||||
var.squid_config == null ? "${path.module}/squid.conf" : var.squid_config
|
||||
|
|
|
@ -26,6 +26,12 @@ variable "config_variables" {
|
|||
default = {}
|
||||
}
|
||||
|
||||
variable "docker_logging" {
|
||||
description = "Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "squid_config" {
|
||||
description = "Squid configuration path, if null default will be used."
|
||||
type = string
|
||||
|
|
Loading…
Reference in New Issue