Commit 0367cf30 authored by John Jarvis's avatar John Jarvis

Resolving differences between gprd and gstg.

parent 3dca3cbf
......@@ -8,9 +8,6 @@ provider "aws" {
region = "us-east-1"
}
variable "gitlab_net_zone_id" {}
variable "gitlab_com_zone_id" {}
## Google
provider "google" {
......@@ -28,10 +25,9 @@ provider "google" {
module "nat" {
source = "GoogleCloudPlatform/nat-gateway/google"
region = "${var.region}"
network = "gprd"
network = "${var.environment}"
}
*/
##################################
#
# Network
......@@ -52,7 +48,7 @@ module "network" {
resource "google_compute_network_peering" "peering_ops" {
name = "peering-ops"
network = "${var.network_gprd}"
network = "${var.network_env}"
peer_network = "${var.network_ops}"
}
......@@ -179,7 +175,7 @@ module "registry" {
#################################
module "postgres" {
bootstrap_version = 5
bootstrap_version = 6
chef_init_run_list = "\"recipe[gitlab-server::hack_gitlab_ctl_reconfigure]\""
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-postgres]\",\"role[${var.environment}-base-db-postgres-replication]\""
......@@ -188,6 +184,7 @@ module "postgres" {
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["db"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["db"]}"
name = "postgres"
node_count = "${var.node_count["db"]}"
......@@ -197,6 +194,7 @@ module "postgres" {
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
......@@ -236,7 +234,6 @@ module "pg-bouncer" {
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["pgb"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["pgb"]}"
......@@ -254,9 +251,8 @@ module "pg-bouncer" {
}
#############################################
module "geo-postgres" {
bootstrap_version = 5
bootstrap_version = 6
chef_init_run_list = "\"recipe[gitlab-server::hack_gitlab_ctl_reconfigure]\""
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-geo-postgres]\""
......@@ -265,6 +261,7 @@ module "geo-postgres" {
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["geodb"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["geodb"]}"
name = "geo-postgres"
node_count = "${var.node_count["geodb"]}"
......@@ -274,6 +271,7 @@ module "geo-postgres" {
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
......@@ -284,7 +282,7 @@ module "geo-postgres" {
##################################
module "redis" {
bootstrap_version = 5
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-redis-server-single]\""
data_disk_size = 100
......@@ -292,6 +290,7 @@ module "redis" {
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["redis"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["redis"]}"
name = "redis"
node_count = "${var.node_count["redis"]}"
......@@ -301,15 +300,17 @@ module "redis" {
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
module "redis-cache" {
bootstrap_version = 5
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["redis-cache"]}"
kernel_version = "${var.default_kernel_version}"
name = "redis-cache"
project = "${var.project}"
public_ports = "${var.public_ports["redis-cache"]}"
......@@ -319,7 +320,7 @@ module "redis-cache" {
redis_data_disk_type = "pd-ssd"
redis_machine_type = "${var.machine_types["redis-cache"]}"
region = "${var.region}"
sentinel_chef_run_list = "\"role[gprd-base-db-redis-sentinel-cache]\""
sentinel_chef_run_list = "\"role[${var.environment}-base-db-redis-sentinel-cache]\""
sentinel_count = "${var.node_count["redis-cache-sentinel"]}"
sentinel_data_disk_size = 100
sentinel_data_disk_type = "pd-ssd"
......@@ -327,6 +328,7 @@ module "redis-cache" {
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor-redis"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
......@@ -411,7 +413,7 @@ module "file" {
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-stor-nfs]\""
data_disk_size = 16000
data_disk_size = "${var.data_disk_sizes["file"]}"
data_disk_type = "pd-ssd"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
......@@ -457,7 +459,7 @@ module "share" {
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-stor]\""
data_disk_size = 16000
data_disk_size = "${var.data_disk_sizes["share"]}"
data_disk_type = "pd-standard"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
......@@ -479,9 +481,8 @@ module "share" {
module "lfs" {
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "${var.empty_chef_run_list}"
chef_run_list = "\"role[${var.environment}-base-stor]\""
data_disk_size = 16000
data_disk_size = "${var.data_disk_sizes["lfs"]}"
data_disk_type = "pd-standard"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
......@@ -501,36 +502,33 @@ module "lfs" {
}
module "pages" {
bootstrap_version = 6
use_new_node_name = true
kernel_version = "${var.default_kernel_version}"
chef_run_list = "\"role[${var.environment}-base-stor]\""
data_disk_size = 16000
data_disk_type = "pd-standard"
chef_provision = "${var.chef_provision}"
chef_run_list = "${var.empty_chef_run_list}"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["pages"]}"
machine_type = "${var.machine_types["stor"]}"
name = "pages"
node_count = "${var.node_count["pages"]}"
project = "${var.project}"
public_ports = "${var.public_ports["stor"]}"
region = "${var.region}"
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-stor]\""
data_disk_size = "${var.data_disk_sizes["pages"]}"
data_disk_type = "pd-standard"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["pages"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["stor"]}"
name = "pages"
node_count = "${var.node_count["pages"]}"
project = "${var.project}"
public_ports = "${var.public_ports["stor"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
module "artifacts" {
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "${var.empty_chef_run_list}"
chef_run_list = "\"role[${var.environment}-base-stor]\""
data_disk_size = 32000
data_disk_size = "${var.data_disk_sizes["artifacts"]}"
data_disk_type = "pd-standard"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
......@@ -661,24 +659,24 @@ module "gcp-tcp-lb" {
targets = ["fe"]
}
##################################
#
# GCP Internal TCP LoadBalancers
#
##################################
### The regional backend service that is required for the internal
### load balancer. Unlike global backend services every instance
### group _must_ contain at least one instance. Also you cannot
### have both a global and a regional backend service.
resource "google_compute_region_backend_service" "internal-lb" {
name = "${format("%v-internal-lb", var.environment)}"
protocol = "TCP"
backend {
group = "${module.fe-lb.instance_groups_self_link[1]}"
}
backend {
group = "${module.fe-lb.instance_groups_self_link[2]}"
}
health_checks = ["${module.fe-lb.http_health_check_self_link}"]
name = "${format("%v-internal-lb", var.environment)}"
protocol = "TCP"
}
###### Internal Load balancer for the main site
......@@ -764,7 +762,7 @@ module "gcp-tcp-lb-bastion" {
module "consul" {
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[gprd-infra-consul]\""
chef_run_list = "\"role[${var.environment}-infra-consul]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["consul"]}"
......@@ -798,25 +796,24 @@ module "consul" {
##################################
module "pubsubbeat" {
allow_stopping_for_update = true
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["pubsubbeat"]}"
kernel_version = "${var.default_kernel_version}"
machine_types = "${var.pubsubbeats["machine_types"]}"
names = "${var.pubsubbeats["names"]}"
project = "${var.project}"
public_ports = "${var.public_ports["pubsubbeat"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 22
source = "../../modules/google/pubsubbeat"
tier = "inf"
use_new_node_name = true
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["pubsubbeat"]}"
kernel_version = "${var.default_kernel_version}"
machine_types = "${var.pubsubbeats["machine_types"]}"
names = "${var.pubsubbeats["names"]}"
project = "${var.project}"
public_ports = "${var.public_ports["pubsubbeat"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 22
source = "../../modules/google/pubsubbeat"
tier = "inf"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
##################################
......@@ -862,7 +859,6 @@ module "monitoring-lb" {
}
#######################
module "prometheus" {
attach_data_disk = true
bootstrap_version = 6
......@@ -928,7 +924,6 @@ module "alerts" {
environment = "${var.environment}"
health_check = "tcp"
kernel_version = "${var.default_kernel_version}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["monitoring"]}"
name = "alerts"
node_count = "${var.node_count["alerts"]}"
......@@ -1121,7 +1116,7 @@ module "bastion" {
public_ports = "${var.public_ports["bastion"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 80
service_port = 22
source = "../../modules/google/generic-sv-with-group"
tier = "inf"
vpc = "${module.network.self_link}"
......
variable "oauth2_client_id_monitoring" {}
variable "oauth2_client_secret_monitoring" {}
variable "gitlab_net_zone_id" {}
variable "gitlab_com_zone_id" {}
variable "default_kernel_version" {
default = "4.10.0-1009"
}
......@@ -110,7 +113,7 @@ variable "network_ops" {
default = "https://www.googleapis.com/compute/v1/projects/gitlab-ops/global/networks/ops"
}
variable "network_gprd" {
variable "network_env" {
default = "https://www.googleapis.com/compute/v1/projects/gitlab-production/global/networks/gprd"
}
......@@ -219,6 +222,18 @@ variable "monitoring_cert_link" {
default = "projects/gitlab-production/global/sslCertificates/wildcard-gprd-gitlab-net"
}
variable "data_disk_sizes" {
type = "map"
default = {
"file" = "16000"
"share" = "16000"
"lfs" = "16000"
"pages" = "16000"
"artifacts" = "32000"
}
}
variable "machine_types" {
type = "map"
......
......@@ -13,6 +13,7 @@ provider "aws" {
provider "google" {
project = "${var.project}"
region = "${var.region}"
version = "~> 1.8.0"
}
/*
......@@ -24,7 +25,7 @@ provider "google" {
module "nat" {
source = "GoogleCloudPlatform/nat-gateway/google"
region = "${var.region}"
network = "gstg"
network = "${var.environment}"
}
*/
##################################
......@@ -47,7 +48,7 @@ module "network" {
resource "google_compute_network_peering" "peering_ops" {
name = "peering-ops"
network = "${var.network_gstg}"
network = "${var.network_env}"
peer_network = "${var.network_ops}"
}
......@@ -58,26 +59,26 @@ resource "google_compute_network_peering" "peering_ops" {
#################################
module "web" {
allow_stopping_for_update = true
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-web]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["web"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["web"]}"
name = "web"
node_count = "${var.node_count["web"]}"
project = "${var.project}"
public_ports = "${var.public_ports["web"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 443
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-web]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["web"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["web"]}"
name = "web"
node_count = "${var.node_count["web"]}"
project = "${var.project}"
public_ports = "${var.public_ports["web"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 443
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
##################################
......@@ -87,26 +88,26 @@ module "web" {
#################################
module "api" {
allow_stopping_for_update = true
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-api]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["api"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["api"]}"
name = "api"
node_count = "${var.node_count["api"]}"
project = "${var.project}"
public_ports = "${var.public_ports["api"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 443
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-api]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["api"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["api"]}"
name = "api"
node_count = "${var.node_count["api"]}"
project = "${var.project}"
public_ports = "${var.public_ports["api"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 443
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
##################################
......@@ -116,26 +117,26 @@ module "api" {
##################################
module "git" {
allow_stopping_for_update = true
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-git]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["git"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["git"]}"
name = "git"
node_count = "${var.node_count["git"]}"
project = "${var.project}"
public_ports = "${var.public_ports["git"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 22
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-git]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["git"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["git"]}"
name = "git"
node_count = "${var.node_count["git"]}"
project = "${var.project}"
public_ports = "${var.public_ports["git"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
service_port = 22
source = "../../modules/google/generic-sv-with-group"
tier = "sv"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
##################################
......@@ -150,6 +151,7 @@ module "registry" {
chef_run_list = "\"role[${var.environment}-base-fe-registry]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
health_check = "tcp"
ip_cidr_range = "${var.subnetworks["registry"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["registry"]}"
......@@ -173,28 +175,27 @@ module "registry" {
#################################
module "postgres" {
allow_stopping_for_update = true
bootstrap_version = 6
chef_init_run_list = "\"recipe[gitlab-server::hack_gitlab_ctl_reconfigure]\""
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-postgres]\""
data_disk_size = 5000
data_disk_type = "pd-ssd"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["db"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["db"]}"
name = "postgres"
node_count = "${var.node_count["db"]}"
project = "${var.project}"
public_ports = "${var.public_ports["db"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
bootstrap_version = 6
chef_init_run_list = "\"recipe[gitlab-server::hack_gitlab_ctl_reconfigure]\""
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-postgres]\",\"role[${var.environment}-base-db-postgres-replication]\""
data_disk_size = 5000
data_disk_type = "pd-ssd"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["db"]}"
kernel_version = "${var.default_kernel_version}"
machine_type = "${var.machine_types["db"]}"
name = "postgres"
node_count = "${var.node_count["db"]}"
project = "${var.project}"
public_ports = "${var.public_ports["db"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
#############################################
......@@ -249,6 +250,7 @@ module "pg-bouncer" {
vpc = "${module.network.self_link}"
}
#############################################
module "geo-postgres" {
bootstrap_version = 6
chef_init_run_list = "\"recipe[gitlab-server::hack_gitlab_ctl_reconfigure]\""
......@@ -280,11 +282,6 @@ module "geo-postgres" {
##################################
module "redis" {
## Setting zone to us-east1-c since there no more compute
## resources in us-east1-d, this should be removed when
## there are more.
allow_stopping_for_update = true
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-redis-server-single]\""
......@@ -305,15 +302,10 @@ module "redis" {
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
zone = "us-east1-c"
}
module "redis-cache" {
## Setting zone to us-east1-c since there no more compute
## resources in us-east1-d, this should be removed when
## there are more.
bootstrap_version = 6
bootstrap_version = 6
chef_provision = "${var.chef_provision}"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
......@@ -338,7 +330,6 @@ module "redis-cache" {
tier = "db"
use_new_node_name = true