zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/blueprints/gke
History
Wiktor Niesiobędzki 22684f49e7 Fix tutorial error. 
Without versions override it fails with:
 Error: Failed to query available provider packages
│
│ Could not retrieve the list of available versions for provider hashicorp/kubectl: provider registry registry.terraform.io does not have a provider named registry.terraform.io/hashicorp/kubectl
│
│ All modules should specify their required_providers so that external consumers will get the correct providers when using a module. To see which modules are currently depending on hashicorp/kubectl, run the following command:
│     terraform providers
 		2024-06-29 08:55:33 +02:00
..
autopilot Update `modules/artifact-registry` with newly-released features. (#2396) 2024-06-28 19:52:25 +02:00
binauthz Update `modules/artifact-registry` with newly-released features. (#2396) 2024-06-28 19:52:25 +02:00
multi-cluster-mesh-gke-fleet-api Introduce mandatory OWNERS file for blueprint maintainership (#2131) 2024-03-08 09:40:46 +01:00
multitenant-fleet resource_labels added to the node_config nodepool (#2317) 2024-05-29 14:56:15 +02:00
patterns Fix tutorial error. 2024-06-29 08:55:33 +02:00
README.md Added autopilot blueprint 2023-03-07 15:37:20 +01:00
shared-vpc-gke Link shared vpc gke blueprint in gke folder 2022-09-12 10:00:38 +02:00

README.md

GKE blueprints

The blueprints in this folder show implement end-to-end scenarios for GKE topologies that show how to automate common configurations or leverage specific products.

They are meant to be used as minimal but complete starting points to create actual infrastructure, and as playgrounds to experiment with Google Cloud features.

Blueprints

Binary Authorization Pipeline

This blueprint shows how to create a CI and a CD pipeline in Cloud Build for the deployment of an application to a private GKE cluster with unrestricted access to a public endpoint. The blueprint enables a Binary Authorization policy in the project so only images that have been attested can be deployed to the cluster. The attestations are created using a cryptographic key pair that has been provisioned in KMS.


Multi-cluster mesh on GKE (fleet API)

This blueprint shows how to create a multi-cluster mesh for two private clusters on GKE. Anthos Service Mesh with automatic control plane management is set up for clusters using the Fleet API. This can only be done if the clusters are in a single project and in the same VPC. In this particular case both clusters having being deployed to different subnets in a shared VPC.


Multitenant GKE fleet

This blueprint allows simple centralized management of similar sets of GKE clusters and their nodepools in a single project, and optional fleet management via GKE Hub templated configurations.


Shared VPC with GKE and per-subnet support

This blueprint shows how to configure a Shared VPC, including the specific IAM configurations needed for GKE, and to give different level of access to the VPC subnets to different identities.

It is meant to be used as a starting point for most Shared VPC configurations, and to be integrated to the above blueprints where Shared VPC is needed in more complex network topologies.


Autopilot

This blueprint creates an Autopilot cluster with Google-managed Prometheus enabled and installs an application that scales as the traffic that is hitting the load balancer exposing it grows.