zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/modules/gke-hub
History
Daniel Marzini e372b50d19
Add GKE Hub module to fabric (#540) 
* GKE Hub initial PR commit

* variable management adjust

* comments, fixes and alphabetically ordered variables

* Update README.md

* Update README.md

* Update README.md

* fix test

* resources vs modules

still needs some love

* remove modules usage

* comments, readme update and output

* adjusting outputs and README

* fix README.md

* fix README

* adjusted based on comments

still need some love in the google_gke_hub_feature_membership variables management

* types and variable management

* optionally enable required api

* Update README.md

* reorder locals and use standard formatting

* Don't enable services from modules

* Use self links for member clusters

* Update readme

* members_clusters back to map

@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.

* Forcing null feature to false due to a bug in provider

If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow

* Readme update

* Readme.md update

* Update README.md

* bring back tolist, WIP

* Update main.tf

* Readme.md update

* Update README.md

* Update main.tf

* Update main.tf

* Add id and self_links output to gke-cluster

* Use try and make all member feature blocks dynamic/optional

* Change member clusters to map

* Add gke-hub tests

* Address PR comments

* Update gke-hub readme

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 		2022-02-28 12:40:48 +01:00
..
README.md Add GKE Hub module to fabric (#540) 2022-02-28 12:40:48 +01:00
main.tf Add GKE Hub module to fabric (#540) 2022-02-28 12:40:48 +01:00
outputs.tf Add GKE Hub module to fabric (#540) 2022-02-28 12:40:48 +01:00
variables.tf Add GKE Hub module to fabric (#540) 2022-02-28 12:40:48 +01:00
versions.tf Add GKE Hub module to fabric (#540) 2022-02-28 12:40:48 +01:00

README.md

GKE hub module

This module allows simplified creation and management of a GKE Hub object and its features for a given set of clusters. The given list of clusters will be registered inside the Hub and all the configured features will be activated.

To use this module you must ensure the following APIs are enabled in the target project:

"gkehub.googleapis.com"
"gkeconnect.googleapis.com"
"anthosconfigmanagement.googleapis.com"
"multiclusteringress.googleapis.com"
"multiclusterservicediscovery.googleapis.com"

Full GKE Hub example

module "project" {
  source          = "./modules/project"
  billing_account = var.billing_account_id
  name            = "gkehub-test"
  parent          = "folders/12345"
  services = [
    "container.googleapis.com",
    "gkehub.googleapis.com",
    "gkeconnect.googleapis.com",
    "anthosconfigmanagement.googleapis.com",
    "multiclusteringress.googleapis.com",
    "multiclusterservicediscovery.googleapis.com",
  ]
}

module "vpc" {
  source     = "./modules/net-vpc"
  project_id = module.project.project_id
  name       = "network"
  subnets = [{
    ip_cidr_range = "10.0.0.0/24"
    name          = "cluster-1"
    region        = "europe-west1"
    secondary_ip_range = {
      pods     = "10.1.0.0/16"
      services = "10.2.0.0/24"
    }
  }]
}

module "cluster-1" {
  source                   = "./modules/gke-cluster"
  project_id               = module.project.project_id
  name                     = "cluster-1"
  location                 = "europe-west1-b"
  network                  = module.vpc.self_link
  subnetwork               = module.vpc.subnet_self_links["europe-west1/cluster-1"]
  secondary_range_pods     = "pods"
  secondary_range_services = "services"
  enable_dataplane_v2      = true
  master_authorized_ranges = { rfc1918_10_8 = "10.0.0.0/8" }
  private_cluster_config = {
    enable_private_nodes    = true
    enable_private_endpoint = true
    master_ipv4_cidr_block  = "192.168.0.0/28"
    master_global_access    = false
  }
}

module "hub" {
  source     = "./modules/gke-hub"
  project_id = module.project.project_id
  member_clusters = {
    cluster1 = module.cluster-1.id
  }
  member_features = {
    configmanagement = {
      binauthz = true
      config_sync = {
        gcp_service_account_email = null
        https_proxy               = null
        policy_dir                = "configsync"
        secret_type               = "none"
        source_format             = "hierarchy"
        sync_branch               = "main"
        sync_repo                 = "https://github.com/danielmarzini/configsync-platform-example"
        sync_rev                  = null
      }
      hierarchy_controller = null
      policy_controller    = null
      version              = "1.10.2"
    }
  }
}

# tftest modules=4 resources=13

Variables

name description type required default
project_id GKE hub project ID. string
features GKE hub features to enable. object({…}) {…}
member_clusters List for member cluster self links. map(string) {}
member_features Member features for each cluster object({…}) {…}

Outputs

name description sensitive
cluster_ids