From 1184fc32f45774c63bf8f291ff22f2d9d2c5a7d3 Mon Sep 17 00:00:00 2001
From: Ahmad Sherif <me@ahmadsherif.com>
Date: Thu, 28 Jun 2018 02:45:17 +0200
Subject: [PATCH] Setup altssh for gstg/gprd

Closes https://gitlab.com/gitlab-com/migration/issues/590
---
 environments/gprd/main.tf              | 27 +++++++++++++-------------
 environments/gprd/variables.tf         |  9 +++++----
 environments/gstg/main.tf              | 27 +++++++++++++-------------
 environments/gstg/variables.tf         |  9 +++++----
 modules/google/tcp-lb/loadbalancing.tf | 12 +++++++-----
 modules/google/tcp-lb/variables.tf     |  6 ++++++
 6 files changed, 51 insertions(+), 39 deletions(-)

diff --git a/environments/gprd/main.tf b/environments/gprd/main.tf
index f16baf2d..fe32456e 100644
--- a/environments/gprd/main.tf
+++ b/environments/gprd/main.tf
@@ -712,19 +712,20 @@ module "gcp-tcp-lb-pages" {
 
 #### Load balancer for altssh
 module "gcp-tcp-lb-altssh" {
-  name                   = "gcp-tcp-lb-altssh"
-  lb_count               = "${length(var.tcp_lbs_altssh["names"])}"
-  names                  = "${var.tcp_lbs_altssh["names"]}"
-  fqdn                   = "${var.lb_fqdn_altssh}"
-  gitlab_zone_id         = "${var.gitlab_com_zone_id}"
-  environment            = "${var.environment}"
-  region                 = "${var.region}"
-  project                = "${var.project}"
-  source                 = "../../modules/google/tcp-lb"
-  targets                = ["fe-altssh"]
-  forwarding_port_ranges = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
-  health_check_ports     = "${var.tcp_lbs_altssh["health_check_ports"]}"
-  instances              = ["${module.fe-lb-altssh.instances_self_link}"]
+  name                       = "gcp-tcp-lb-altssh"
+  lb_count                   = "${length(var.tcp_lbs_altssh["names"])}"
+  names                      = "${var.tcp_lbs_altssh["names"]}"
+  fqdn                       = "${var.lb_fqdn_altssh}"
+  gitlab_zone_id             = "${var.gitlab_com_zone_id}"
+  environment                = "${var.environment}"
+  region                     = "${var.region}"
+  project                    = "${var.project}"
+  source                     = "../../modules/google/tcp-lb"
+  targets                    = ["fe-altssh"]
+  forwarding_port_ranges     = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
+  health_check_ports         = "${var.tcp_lbs_altssh["health_check_ports"]}"
+  health_check_request_paths = "${var.tcp_lbs_altssh["health_check_request_paths"]}"
+  instances                  = ["${module.fe-lb-altssh.instances_self_link}"]
 }
 
 #### Load balancer for bastion
diff --git a/environments/gprd/variables.tf b/environments/gprd/variables.tf
index 676b385f..e4fa2f44 100644
--- a/environments/gprd/variables.tf
+++ b/environments/gprd/variables.tf
@@ -23,7 +23,7 @@ variable "lb_fqdn" {
 
 ##########
 variable "lb_fqdn_altssh" {
-  default = "lb-test-altssh.gprd.gitlab.com"
+  default = "altssh.gprd.gitlab.com"
 }
 
 variable "lb_fqdn_pages" {
@@ -77,9 +77,10 @@ variable "tcp_lbs_altssh" {
   type = "map"
 
   default = {
-    "names"                  = ["ssh"]
-    "forwarding_port_ranges" = ["22"]
-    "health_check_ports"     = ["8003"]
+    "names"                      = ["https"]
+    "forwarding_port_ranges"     = ["443"]
+    "health_check_ports"         = ["8003"]
+    "health_check_request_paths" = ["/-/available-ssh"]
   }
 }
 
diff --git a/environments/gstg/main.tf b/environments/gstg/main.tf
index 7c215cbd..58a68a7f 100644
--- a/environments/gstg/main.tf
+++ b/environments/gstg/main.tf
@@ -700,19 +700,20 @@ module "gcp-tcp-lb-pages" {
 
 #### Load balancer for altssh
 module "gcp-tcp-lb-altssh" {
-  name                   = "gcp-tcp-lb-altssh"
-  lb_count               = "${length(var.tcp_lbs_altssh["names"])}"
-  names                  = "${var.tcp_lbs_altssh["names"]}"
-  fqdn                   = "${var.lb_fqdn_altssh}"
-  gitlab_zone_id         = "${var.gitlab_com_zone_id}"
-  environment            = "${var.environment}"
-  region                 = "${var.region}"
-  project                = "${var.project}"
-  source                 = "../../modules/google/tcp-lb"
-  targets                = ["fe-altssh"]
-  forwarding_port_ranges = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
-  health_check_ports     = "${var.tcp_lbs_altssh["health_check_ports"]}"
-  instances              = ["${module.fe-lb-altssh.instances_self_link}"]
+  name                       = "gcp-tcp-lb-altssh"
+  lb_count                   = "${length(var.tcp_lbs_altssh["names"])}"
+  names                      = "${var.tcp_lbs_altssh["names"]}"
+  fqdn                       = "${var.lb_fqdn_altssh}"
+  gitlab_zone_id             = "${var.gitlab_com_zone_id}"
+  environment                = "${var.environment}"
+  region                     = "${var.region}"
+  project                    = "${var.project}"
+  source                     = "../../modules/google/tcp-lb"
+  targets                    = ["fe-altssh"]
+  forwarding_port_ranges     = "${var.tcp_lbs_altssh["forwarding_port_ranges"]}"
+  health_check_ports         = "${var.tcp_lbs_altssh["health_check_ports"]}"
+  health_check_request_paths = "${var.tcp_lbs_altssh["health_check_request_paths"]}"
+  instances                  = ["${module.fe-lb-altssh.instances_self_link}"]
 }
 
 #### Load balancer for bastion
diff --git a/environments/gstg/variables.tf b/environments/gstg/variables.tf
index 9917eb0c..79e8eac9 100644
--- a/environments/gstg/variables.tf
+++ b/environments/gstg/variables.tf
@@ -66,7 +66,7 @@ variable "lb_fqdn" {
 #####
 
 variable "lb_fqdn_altssh" {
-  default = "lb-test-altssh.gstg.gitlab.com"
+  default = "altssh.gstg.gitlab.com"
 }
 
 variable "lb_fqdn_pages" {
@@ -120,9 +120,10 @@ variable "tcp_lbs_altssh" {
   type = "map"
 
   default = {
-    "names"                  = ["ssh"]
-    "forwarding_port_ranges" = ["22"]
-    "health_check_ports"     = ["8003"]
+    "names"                      = ["https"]
+    "forwarding_port_ranges"     = ["443"]
+    "health_check_ports"         = ["8003"]
+    "health_check_request_paths" = ["/-/available-ssh"]
   }
 }
 
diff --git a/modules/google/tcp-lb/loadbalancing.tf b/modules/google/tcp-lb/loadbalancing.tf
index 5b9be6fe..49b9eda0 100644
--- a/modules/google/tcp-lb/loadbalancing.tf
+++ b/modules/google/tcp-lb/loadbalancing.tf
@@ -75,11 +75,13 @@ resource "google_compute_target_pool" "default" {
 }
 
 resource "google_compute_http_health_check" "default" {
-  count               = "${var.lb_count}"
-  name                = "${format("%v-%v-%v", var.environment, var.name, var.names[count.index])}"
-  project             = "${var.project}"
-  port                = "${var.health_check_ports[count.index]}"
-  request_path        = "/-/available-${var.names[count.index]}"
+  count   = "${var.lb_count}"
+  name    = "${format("%v-%v-%v", var.environment, var.name, var.names[count.index])}"
+  project = "${var.project}"
+  port    = "${var.health_check_ports[count.index]}"
+
+  # Because request_paths can be empty, we use this element/concat hack, see https://stackoverflow.com/a/47415781/1856239
+  request_path        = "${length(var.health_check_request_paths) > 0 ? element(concat(var.health_check_request_paths, list("")), count.index) : format("/-/available-%v", var.names[count.index])}"
   timeout_sec         = 2
   check_interval_sec  = 2
   healthy_threshold   = 2
diff --git a/modules/google/tcp-lb/variables.tf b/modules/google/tcp-lb/variables.tf
index d8b0ffa1..9a21d87f 100644
--- a/modules/google/tcp-lb/variables.tf
+++ b/modules/google/tcp-lb/variables.tf
@@ -28,6 +28,12 @@ variable "health_check_ports" {
   type = "list"
 }
 
+variable "health_check_request_paths" {
+  type = "list"
+
+  default = []
+}
+
 variable "forwarding_port_ranges" {
   type = "list"
 }
-- 
GitLab