Setup altssh for gstg/gprd

Closes https://gitlab.com/gitlab-com/migration/issues/590

Setup altssh for gstg/gprd
Closes https://gitlab.com/gitlab-com/migration/issues/590
1184fc32 · Ahmad Sherif · 47ad9d7c · 1184fc32 · 1184fc32 · 1184fc32
Commit 1184fc32 authored Jun 28, 2018 by Ahmad Sherif
6 changed files
--- a/environments/gprd/main.tf
+++ b/environments/gprd/main.tf
@@ -712,19 +712,20 @@ module "gcp-tcp-lb-pages" {

 #### Load balancer for altssh
 module "gcp-tcp-lb-altssh" {
-  name                   = "gcp-tcp-lb-altssh"
-  lb_count               = "${length(var.tcp_lbs_altssh["names"])}"
-  names                  = "${var.tcp_lbs_altssh["names"]}"
-  fqdn                   = "${var.lb_fqdn_altssh}"
-  gitlab_zone_id         = "${var.gitlab_com_zone_id}"
-  environment            = "${var.environment}"
-  region                 = "${var.region}"
-  project                = "${var.project}"
-  source                 = "../../modules/google/tcp-lb"
-  targets                = ["fe-altssh"]
-  forwarding_port_ranges = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
-  health_check_ports     = "${var.tcp_lbs_altssh["health_check_ports"]}"
-  instances              = ["${module.fe-lb-altssh.instances_self_link}"]
+  name                       = "gcp-tcp-lb-altssh"
+  lb_count                   = "${length(var.tcp_lbs_altssh["names"])}"
+  names                      = "${var.tcp_lbs_altssh["names"]}"
+  fqdn                       = "${var.lb_fqdn_altssh}"
+  gitlab_zone_id             = "${var.gitlab_com_zone_id}"
+  environment                = "${var.environment}"
+  region                     = "${var.region}"
+  project                    = "${var.project}"
+  source                     = "../../modules/google/tcp-lb"
+  targets                    = ["fe-altssh"]
+  forwarding_port_ranges     = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
+  health_check_ports         = "${var.tcp_lbs_altssh["health_check_ports"]}"
+  health_check_request_paths = "${var.tcp_lbs_altssh["health_check_request_paths"]}"
+  instances                  = ["${module.fe-lb-altssh.instances_self_link}"]
 }

 #### Load balancer for bastion

--- a/environments/gprd/variables.tf
+++ b/environments/gprd/variables.tf
@@ -23,7 +23,7 @@ variable "lb_fqdn" {

 ##########
 variable "lb_fqdn_altssh" {
-  default = "lb-test-altssh.gprd.gitlab.com"
+  default = "altssh.gprd.gitlab.com"
 }

 variable "lb_fqdn_pages" {
@@ -77,9 +77,10 @@ variable "tcp_lbs_altssh" {
  type = "map"

  default = {
-    "names"                  = ["ssh"]
-    "forwarding_port_ranges" = ["22"]
-    "health_check_ports"     = ["8003"]
+    "names"                      = ["https"]
+    "forwarding_port_ranges"     = ["443"]
+    "health_check_ports"         = ["8003"]
+    "health_check_request_paths" = ["/-/available-ssh"]
  }
 }


--- a/environments/gstg/main.tf
+++ b/environments/gstg/main.tf
@@ -700,19 +700,20 @@ module "gcp-tcp-lb-pages" {

 #### Load balancer for altssh
 module "gcp-tcp-lb-altssh" {
-  name                   = "gcp-tcp-lb-altssh"
-  lb_count               = "${length(var.tcp_lbs_altssh["names"])}"
-  names                  = "${var.tcp_lbs_altssh["names"]}"
-  fqdn                   = "${var.lb_fqdn_altssh}"
-  gitlab_zone_id         = "${var.gitlab_com_zone_id}"
-  environment            = "${var.environment}"
-  region                 = "${var.region}"
-  project                = "${var.project}"
-  source                 = "../../modules/google/tcp-lb"
-  targets                = ["fe-altssh"]
-  forwarding_port_ranges = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
-  health_check_ports     = "${var.tcp_lbs_altssh["health_check_ports"]}"
-  instances              = ["${module.fe-lb-altssh.instances_self_link}"]
+  name                       = "gcp-tcp-lb-altssh"
+  lb_count                   = "${length(var.tcp_lbs_altssh["names"])}"
+  names                      = "${var.tcp_lbs_altssh["names"]}"
+  fqdn                       = "${var.lb_fqdn_altssh}"
+  gitlab_zone_id             = "${var.gitlab_com_zone_id}"
+  environment                = "${var.environment}"
+  region                     = "${var.region}"
+  project                    = "${var.project}"
+  source                     = "../../modules/google/tcp-lb"
+  targets                    = ["fe-altssh"]
+  forwarding_port_ranges     = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
+  health_check_ports         = "${var.tcp_lbs_altssh["health_check_ports"]}"
+  health_check_request_paths = "${var.tcp_lbs_altssh["health_check_request_paths"]}"
+  instances                  = ["${module.fe-lb-altssh.instances_self_link}"]
 }

 #### Load balancer for bastion

--- a/environments/gstg/variables.tf
+++ b/environments/gstg/variables.tf
@@ -66,7 +66,7 @@ variable "lb_fqdn" {
 #####

 variable "lb_fqdn_altssh" {
-  default = "lb-test-altssh.gstg.gitlab.com"
+  default = "altssh.gstg.gitlab.com"
 }

 variable "lb_fqdn_pages" {
@@ -120,9 +120,10 @@ variable "tcp_lbs_altssh" {
  type = "map"

  default = {
-    "names"                  = ["ssh"]
-    "forwarding_port_ranges" = ["22"]
-    "health_check_ports"     = ["8003"]
+    "names"                      = ["https"]
+    "forwarding_port_ranges"     = ["443"]
+    "health_check_ports"         = ["8003"]
+    "health_check_request_paths" = ["/-/available-ssh"]
  }
 }


--- a/modules/google/tcp-lb/loadbalancing.tf
+++ b/modules/google/tcp-lb/loadbalancing.tf
@@ -75,11 +75,13 @@ resource "google_compute_target_pool" "default" {
 }

 resource "google_compute_http_health_check" "default" {
-  count               = "${var.lb_count}"
-  name                = "${format("%v-%v-%v", var.environment, var.name, var.names[count.index])}"
-  project             = "${var.project}"
-  port                = "${var.health_check_ports[count.index]}"
-  request_path        = "/-/available-${var.names[count.index]}"
+  count   = "${var.lb_count}"
+  name    = "${format("%v-%v-%v", var.environment, var.name, var.names[count.index])}"
+  project = "${var.project}"
+  port    = "${var.health_check_ports[count.index]}"
+
+  # Because request_paths can be empty, we use this element/concat hack, see https://stackoverflow.com/a/47415781/1856239
+  request_path        = "${length(var.health_check_request_paths) > 0 ? element(concat(var.health_check_request_paths, list("")), count.index) : format("/-/available-%v", var.names[count.index])}"
  timeout_sec         = 2
  check_interval_sec  = 2
  healthy_threshold   = 2

--- a/modules/google/tcp-lb/variables.tf
+++ b/modules/google/tcp-lb/variables.tf
@@ -28,6 +28,12 @@ variable "health_check_ports" {
  type = "list"
 }

+variable "health_check_request_paths" {
+  type = "list"
+
+  default = []
+}
+
 variable "forwarding_port_ranges" {
  type = "list"
 }