Commit 37259490 authored by John Jarvis's avatar John Jarvis

Add tcp healthcheck for alerts.

parent e8cf242b
......@@ -70,4 +70,20 @@ resource "google_compute_url_map" "monitoring-lb" {
service = "${module.kibana.google_compute_backend_service_self_link}"
}
}
###################################
host_rule {
hosts = ["alerts.gprd.gitlab.com"]
path_matcher = "alerts"
}
path_matcher {
name = "alerts"
default_service = "${module.alerts.google_compute_backend_service_self_link}"
path_rule {
paths = ["/*"]
service = "${module.alerts.google_compute_backend_service_self_link}"
}
}
}
......@@ -550,18 +550,18 @@ resource "google_compute_subnetwork" "monitoring" {
private_ip_google_access = true
}
resource "google_compute_firewall" "monitoring" {
name = "${format("monitoring-%v", var.environment)}"
network = "${module.network.self_link}"
allow {
protocol = "tcp"
ports = ["${var.public_ports["monitoring"]}"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["kibana", "prometheus-app", "performance", "prometheus"]
}
# resource "google_compute_firewall" "monitoring" {
# name = "${format("monitoring-%v", var.environment)}"
# network = "${module.network.self_link}"
#
# allow {
# protocol = "tcp"
# ports = ["${var.public_ports["monitoring"]}"]
# }
#
# source_ranges = ["0.0.0.0/0"]
# target_tags = ["${keys(var.monitoring_hosts)}"]
# }
#######################
#
......@@ -579,9 +579,9 @@ module "monitoring-lb" {
region = "${var.region}"
gitlab_com_zone_id = "${var.gitlab_com_zone_id}"
cert_link = "${var.monitoring_cert_link}"
service_port = "80"
service_ports = ["${values(var.monitoring_hosts)}"]
url_map = "${google_compute_url_map.monitoring-lb.self_link}"
hosts = "${var.monitoring_lb_hosts}"
hosts = ["${keys(var.monitoring_hosts)}"]
}
#######################
......@@ -603,7 +603,7 @@ module "performance" {
source = "../../modules/google/monitoring"
tier = "inf"
persistent_disk_path = "/opt"
service_port = "80"
service_port = "${var.monitoring_hosts["performance"]}"
service_path = "/login"
oauth2_client_id = "${var.oauth2_client_id_performance}"
oauth2_client_secret = "${var.oauth2_client_secret_performance}"
......@@ -626,7 +626,7 @@ module "prometheus" {
source = "../../modules/google/monitoring"
tier = "inf"
persistent_disk_path = "/opt/prometheus"
service_port = "9090"
service_port = "${var.monitoring_hosts["prometheus"]}"
service_path = "/graph"
oauth2_client_id = "${var.oauth2_client_id_prometheus}"
oauth2_client_secret = "${var.oauth2_client_secret_prometheus}"
......@@ -649,7 +649,7 @@ module "prometheus-app" {
source = "../../modules/google/monitoring"
tier = "inf"
persistent_disk_path = "/opt/prometheus"
service_port = "9090"
service_port = "${var.monitoring_hosts["prometheus-app"]}"
service_path = "/graph"
oauth2_client_id = "${var.oauth2_client_id_prometheus}"
oauth2_client_secret = "${var.oauth2_client_secret_prometheus}"
......@@ -672,12 +672,36 @@ module "kibana" {
source = "../../modules/google/monitoring"
tier = "inf"
persistent_disk_path = "/opt"
service_port = "80"
service_port = "${var.monitoring_hosts["kibana"]}"
service_path = "/login"
oauth2_client_id = "${var.oauth2_client_id_prometheus}"
oauth2_client_secret = "${var.oauth2_client_secret_prometheus}"
}
module "alerts" {
node_count = 1
bootstrap_version = 3
subnetwork_name = "${google_compute_subnetwork.monitoring.name}"
attach_data_disk = true
data_disk_size = 100
data_disk_type = "pd-standard"
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-infra-alerts]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
machine_type = "${var.machine_types["monitoring"]}"
name = "alerts"
project = "${var.project}"
region = "${var.region}"
source = "../../modules/google/monitoring-with-count"
tier = "inf"
persistent_disk_path = "/opt"
service_port = "${var.monitoring_hosts["alerts"]}"
oauth2_client_id = "${var.oauth2_client_id_prometheus}"
oauth2_client_secret = "${var.oauth2_client_secret_prometheus}"
health_check = "tcp"
}
##################################
#
# Deploy
......
......@@ -4,9 +4,16 @@ variable "oauth2_client_secret_prometheus" {}
variable "oauth2_client_id_performance" {}
variable "oauth2_client_secret_performance" {}
variable "monitoring_lb_hosts" {
type = "list"
default = ["performance", "prometheus", "prometheus-app", "kibana"]
variable "monitoring_hosts" {
type = "map"
default = {
"performance" = "80"
"prometheus" = "9090"
"prometheus-app" = "9090"
"kibana" = "80"
"alerts" = "9093"
}
}
variable "base_chef_run_list" {
......
......@@ -33,7 +33,7 @@ resource "google_compute_firewall" "default" {
allow {
protocol = "tcp"
ports = ["80", "${var.service_port}"]
ports = ["${var.service_ports}"]
}
source_ranges = ["${data.google_compute_lb_ip_ranges.ranges.network}"]
......
......@@ -4,9 +4,9 @@ variable "hosts" {
type = "list"
}
variable "service_port" {
type = "string"
description = "port for the service running on the monitoring node"
variable "service_ports" {
type = "list"
description = "ports to allow for healthchecks"
}
variable "subnetwork_name" {
......
data "google_compute_zones" "available" {
region = "${var.region}"
status = "UP"
}
resource "google_compute_backend_service" "default" {
name = "${format("%v-%v", var.environment, var.name)}"
protocol = "HTTP"
port_name = "${var.name}"
backend {
group = "${google_compute_instance_group.default.self_link}"
}
health_checks = ["${var.health_check == "http" ? google_compute_health_check.http.self_link : google_compute_health_check.tcp.self_link }"]
iap {
oauth2_client_secret = "${var.oauth2_client_secret}"
oauth2_client_id = "${var.oauth2_client_id}"
}
}
resource "google_compute_health_check" "tcp" {
# count = "${var.health_check == "tcp" ? 1 : 0}"
name = "${format("%v-%v-tcp", var.environment, var.name)}"
tcp_health_check {
port = "${var.service_port}"
}
}
resource "google_compute_health_check" "http" {
# count = "${var.health_check == "http" ? 1 : 0}"
name = "${format("%v-%v-http", var.environment, var.name)}"
http_health_check {
port = "${var.service_port}"
request_path = "${var.service_path}"
}
}
resource "google_compute_instance_group" "default" {
name = "${format("%v-%v", var.environment, var.name)}"
description = "Instance group for monitoring VM."
zone = "${var.zone != "" ? var.zone : data.google_compute_zones.available.names[0]}"
named_port {
name = "${var.name}"
port = "${var.service_port}"
}
instances = ["${google_compute_instance.default.*.self_link}"]
}
resource "google_compute_disk" "default" {
count = "${var.node_count}"
project = "${var.project}"
name = "${format("%v-%02d-%v-%v-data", var.name, count.index + 1, var.tier, var.environment)}"
zone = "${var.zone != "" ? var.zone : data.google_compute_zones.available.names[0]}"
size = "${var.data_disk_size}"
type = "${var.data_disk_type}"
labels {
environment = "${var.environment}"
pet_name = "${var.name}"
}
}
resource "google_compute_instance" "default" {
count = "${var.node_count}"
name = "${format("%v-%02d-%v-%v", var.name, count.index + 1, var.tier, var.environment)}"
machine_type = "${var.machine_type}"
metadata = {
"CHEF_URL" = "${var.chef_provision.["server_url"]}"
"CHEF_VERSION" = "${var.chef_provision.["version"]}"
"CHEF_NODE_NAME" = "${format("%v.%v.%v.%v", var.name, var.tier, var.environment, var.dns_zone_name)}"
"CHEF_ENVIRONMENT" = "${var.environment}"
"CHEF_RUN_LIST" = "${var.chef_run_list}"
"CHEF_DNS_ZONE_NAME" = "${var.dns_zone_name}"
"CHEF_PROJECT" = "${var.project}"
"GL_PERSISTENT_DISK_PATH" = "${var.persistent_disk_path}"
"GL_FORMAT_DATA_DISK" = "${var.format_data_disk}"
"shutdown-script" = "${file("${path.module}/../../../scripts/google/teardown-v1.sh")}"
}
metadata_startup_script = "${file("${path.module}/../../../scripts/google/bootstrap-v${var.bootstrap_version}.sh")}"
project = "${var.project}"
zone = "${var.zone != "" ? var.zone : data.google_compute_zones.available.names[0]}"
service_account {
// this should be the instance under which the instance should be running, rather than the one creating it...
email = "[email protected]"
// all the defaults plus cloudkms to access kms
scopes = [
"https://www.googleapis.com/auth/cloud.useraccounts.readonly",
"https://www.googleapis.com/auth/devstorage.read_only",
"https://www.googleapis.com/auth/logging.write",
"https://www.googleapis.com/auth/monitoring.write",
"https://www.googleapis.com/auth/pubsub",
"https://www.googleapis.com/auth/service.management.readonly",
"https://www.googleapis.com/auth/servicecontrol",
"https://www.googleapis.com/auth/trace.append",
"https://www.googleapis.com/auth/cloudkms",
"https://www.googleapis.com/auth/compute.readonly",
]
}
scheduling {
preemptible = "${var.preemptible}"
}
boot_disk {
auto_delete = true
initialize_params {
image = "${var.os_boot_image}"
size = "${var.os_disk_size}"
type = "${var.os_disk_type}"
}
}
attached_disk {
source = "${google_compute_disk.default.self_link}"
}
network_interface {
subnetwork = "${var.subnetwork_name}"
access_config = {}
}
labels {
environment = "${var.environment}"
pet_name = "${var.name}"
}
tags = [
"${var.name}",
"${var.environment}",
]
provisioner "local-exec" {
when = "destroy"
command = "knife node delete ${format("%v.%v.%v.%v", var.name, var.tier, var.environment, var.dns_zone_name)} -y; knife client delete ${format("%v.%v.%v.%v", var.name, var.tier, var.environment, var.dns_zone_name)} -y; exit 0"
}
}
output "instances_self_link" {
value = "${google_compute_instance.default.*.self_link}"
}
output "instance_group_self_link" {
value = "${google_compute_instance_group.default.self_link}"
}
output "google_compute_backend_service_self_link" {
value = "${google_compute_backend_service.default.self_link}"
}
variable "node_count" {}
variable "health_check" {
default = "http"
}
variable "oauth2_client_id" {
type = "string"
}
variable "oauth2_client_secret" {
type = "string"
}
variable "service_port" {
type = "string"
description = "port for the service running on the monitoring node"
}
variable "service_path" {
type = "string"
default = "/"
description = "path for the health check"
}
variable "subnetwork_name" {
type = "string"
description = "subnetwork name for the instances"
}
variable "bootstrap_version" {
description = "version of the bootstrap script"
default = 1
}
variable "persistent_disk_path" {
type = "string"
description = "default location for disk mount"
default = "/var/opt/gitlab"
}
variable "attach_data_disk" {
type = "string"
description = "Attach a data disk to this machine"
default = false
}
variable "chef_provision" {
type = "map"
description = "Configuration details for chef server"
}
variable "chef_run_list" {
type = "string"
description = "run_list for the node in chef"
}
variable "data_disk_size" {
type = "string"
description = "The size of the data disk"
default = 20
}
variable "data_disk_type" {
type = "string"
description = "The type of the data disk"
default = "pd-standard"
}
variable "dns_zone_name" {
type = "string"
description = "The GCP name of the DNS zone to use for this environment"
}
variable "environment" {
type = "string"
description = "The environment name"
}
variable "format_data_disk" {
type = "string"
description = "Force formatting of the persistent disk."
default = "false"
}
variable "machine_type" {
type = "string"
description = "The machine size"
}
variable "name" {
type = "string"
description = "The pet name"
}
variable "os_boot_image" {
type = "string"
description = "The OS image to boot"
default = "ubuntu-os-cloud/ubuntu-1604-xenial-v20180122"
}
variable "os_disk_size" {
type = "string"
description = "The OS disk size in GiB"
default = 20
}
variable "os_disk_type" {
type = "string"
description = "The OS disk type"
default = "pd-standard"
}
variable "preemptible" {
type = "string"
description = "Use preemptible instances for this pet"
default = "false"
}
variable "project" {
type = "string"
description = "The project name"
}
variable "region" {
type = "string"
description = "The target region"
}
variable "tier" {
type = "string"
description = "The tier for this service"
}
variable "zone" {
type = "string"
default = ""
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment