Commit c0a7216c authored by John Jarvis's avatar John Jarvis

Revert "Merge branch 'add-gstg' into 'master'"

This reverts merge request !292
parent 60bf3b2f
......@@ -95,8 +95,6 @@ module "web" {
health_check = "tcp"
service_port = 443
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -123,8 +121,6 @@ module "api" {
service_port = 443
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -151,8 +147,6 @@ module "git" {
service_port = 22
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -179,8 +173,6 @@ module "registry" {
service_port = 22
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -207,8 +199,6 @@ module "postgres" {
source = "../../modules/google/generic-stor"
tier = "db"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
module "pg-bouncer" {
......@@ -230,8 +220,6 @@ module "pg-bouncer" {
service_port = 22
tier = "db"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
module "geo-postgres" {
......@@ -252,8 +240,6 @@ module "geo-postgres" {
source = "../../modules/google/generic-stor"
tier = "db"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -263,24 +249,23 @@ module "geo-postgres" {
##################################
module "redis" {
bootstrap_version = 3
data_disk_size = 100
data_disk_type = "pd-ssd"
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-redis-server-single]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["redis"]}"
machine_type = "${var.machine_types["redis"]}"
name = "redis"
node_count = "${var.node_count["redis"]}"
project = "${var.project}"
public_ports = "${var.public_ports["redis"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-stor"
tier = "db"
vpc = "${module.network.self_link}"
bootstrap_version = 3
data_disk_size = 100
data_disk_type = "pd-ssd"
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-redis-server-single]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["redis"]}"
machine_type = "${var.machine_types["redis"]}"
name = "redis"
node_count = "${var.node_count["redis"]}"
project = "${var.project}"
public_ports = "${var.public_ports["redis"]}"
region = "${var.region}"
source = "../../modules/google/generic-stor"
tier = "db"
vpc = "${module.network.self_link}"
}
module "redis-cache" {
......@@ -342,7 +327,6 @@ module "sidekiq" {
sidekiq_pullmirror_instance_type = "${var.machine_types["sidekiq-pullmirror"]}"
sidekiq_realtime_count = "${var.node_count["sidekiq-realtime"]}"
sidekiq_realtime_instance_type = "${var.machine_types["sidekiq-realtime"]}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-sv-sidekiq"
tier = "sv"
vpc = "${module.network.self_link}"
......@@ -372,8 +356,6 @@ module "mailroom" {
service_port = 22
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -401,8 +383,6 @@ module "file" {
tier = "stor"
vpc = "${module.network.self_link}"
zone = "us-east1-c"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -445,8 +425,6 @@ module "share" {
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
module "lfs" {
......@@ -468,8 +446,6 @@ module "lfs" {
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
module "pages" {
......@@ -491,8 +467,6 @@ module "pages" {
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
module "artifacts" {
......@@ -514,8 +488,6 @@ module "artifacts" {
source = "../../modules/google/generic-stor-dynamic-ip"
tier = "stor"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -525,24 +497,23 @@ module "artifacts" {
##################################
module "fe-lb" {
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-fe]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe"
node_count = "${var.node_count["fe-lb"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-fe]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe"
node_count = "${var.node_count["fe-lb"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
}
##################################
......@@ -552,24 +523,23 @@ module "fe-lb" {
##################################
module "fe-lb-pages" {
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-pages]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb-pages"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe-pages"
node_count = "${var.node_count["fe-lb-pages"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-pages]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb-pages"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe-pages"
node_count = "${var.node_count["fe-lb-pages"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
}
##################################
......@@ -579,24 +549,23 @@ module "fe-lb-pages" {
##################################
module "fe-lb-altssh" {
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-altssh]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb-altssh"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe-altssh"
node_count = "${var.node_count["fe-lb-altssh"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
bootstrap_version = 3
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-lb-altssh]\""
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["fe-lb-altssh"]}"
machine_type = "${var.machine_types["fe-lb"]}"
name = "fe-altssh"
node_count = "${var.node_count["fe-lb-altssh"]}"
project = "${var.project}"
public_ports = "${var.public_ports["fe-lb"]}"
region = "${var.region}"
source = "../../modules/google/generic-sv-with-group"
health_check = "http"
service_port = 7331
tier = "lb"
vpc = "${module.network.self_link}"
}
##################################
......@@ -697,8 +666,6 @@ module "consul" {
source = "../../modules/google/generic-sv-with-group"
tier = "inf"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -779,8 +746,6 @@ module "performance" {
source = "../../modules/google/monitoring-with-count"
subnetwork_name = "${google_compute_subnetwork.monitoring.name}"
tier = "inf"
service_account_email = "${var.service_account_email}"
}
module "prometheus" {
......@@ -805,8 +770,6 @@ module "prometheus" {
source = "../../modules/google/monitoring-with-count"
subnetwork_name = "${google_compute_subnetwork.monitoring.name}"
tier = "inf"
service_account_email = "${var.service_account_email}"
}
module "prometheus-app" {
......@@ -831,8 +794,6 @@ module "prometheus-app" {
source = "../../modules/google/monitoring-with-count"
subnetwork_name = "${google_compute_subnetwork.monitoring.name}"
tier = "inf"
service_account_email = "${var.service_account_email}"
}
module "kibana" {
......@@ -857,8 +818,6 @@ module "kibana" {
source = "../../modules/google/monitoring-with-count"
subnetwork_name = "${google_compute_subnetwork.monitoring.name}"
tier = "inf"
service_account_email = "${var.service_account_email}"
}
module "alerts" {
......@@ -883,8 +842,6 @@ module "alerts" {
oauth2_client_id = "${var.oauth2_client_id_prometheus}"
oauth2_client_secret = "${var.oauth2_client_secret_prometheus}"
health_check = "tcp"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -911,8 +868,6 @@ module "deploy" {
service_port = 22
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -939,8 +894,6 @@ module "runner" {
service_port = 22
tier = "sv"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
##################################
......@@ -988,6 +941,4 @@ module "bastion" {
service_port = 80
tier = "inf"
vpc = "${module.network.self_link}"
service_account_email = "${var.service_account_email}"
}
......@@ -151,10 +151,6 @@ variable "chef_provision" {
description = "Configuration details for chef server"
default = {
bootstrap_bucket = "gitlab-gprd-chef-boostrap"
bootstrap_key = "gitlab-gprd-bootstrap-validation"
bootstrap_keyring = "gitlab-gprd-bootstrap"
server_url = "https://chef.gitlab.com/organizations/gitlab/"
user_name = "gitlab-ci"
user_key_path = ".chef.pem"
......@@ -303,9 +299,3 @@ variable "vpn_source_subnet" {
variable "vpn_shared_secret" {
type = "string"
}
variable "service_account_email" {
type = "string"
default = "[email protected]"
}
resource "google_compute_forwarding_rule" "fe_forwarding_rule_http" {
name = "gitlab-frontend-http"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_http_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "80"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_http_pool" {
project = "${var.project}"
name = "gitlab-frontend-http-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_http_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_http_health_check" "fe_lb_http_health_check" {
project = "${var.project}"
name = "fe-lb-http-health-check"
host = "gitlab.com"
port = "80"
request_path = "/help"
timeout_sec = 2
check_interval_sec = 2
healthy_threshold = 2
unhealthy_threshold = 2
}
resource "google_compute_forwarding_rule" "fe_forwarding_rule_https" {
name = "gitlab-frontend-https"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_https_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "443"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_https_pool" {
project = "${var.project}"
name = "gitlab-frontend-https-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_https_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_forwarding_rule" "fe_forwarding_rule_ssh" {
name = "gitlab-frontend-ssh"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_ssh_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "22"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_ssh_pool" {
project = "${var.project}"
name = "gitlab-frontend-ssh-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_ssh_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_address" "fe_external_ip" {
name = "http"
project = "${var.project}"
region = "${var.region}"
address_type = "EXTERNAL"
# subnetwork = "${var.subnetwork}"
}
variable "fe_http_instances" {
type = "list"
description = "The list of instances to add to the http backend pool"
}
variable "fe_https_instances" {
type = "list"
description = "The list of instances to add to the https backend pool"
}
variable "fe_ssh_instances" {
type = "list"
description = "The list of instances to add to the ssh backend pool"
}
variable "region" {
type = "string"
description = "The target region"
}
variable "project" {
type = "string"
description = "The target project"
}
# variable "subnetwork" {
# type = "string"
# description = "The target subnetwork"
# }
This diff is collapsed.
variable "oauth2_client_id_prometheus" {}
variable "oauth2_client_secret_prometheus" {}
variable "oauth2_client_id_performance" {}
variable "oauth2_client_secret_performance" {}
variable "base_chef_run_list" {
default = "\"role[gitlab]\",\"recipe[gitlab_users::default]\",\"recipe[gitlab_sudo::default]\",\"recipe[gitlab-server::bashrc]\""
}
variable "empty_chef_run_list" {
default = "\"\""
}
variable "dns_zone_name" {
default = "gitlab.com"
}
variable "monitoring_hosts" {
type = "map"
default = {
"performance" = "80"
"prometheus" = "9090"
"prometheus-app" = "9090"
"kibana" = "80"
"alerts" = "9093"
}
}
#### GCP load balancing
# The top level domain record for the GitLab deployment.
# For production this should be set to "gitlab.com"
variable "lb_fqdn" {
default = "gstg.gitlab.com"
}
#
# For every name there must be a corresponding
# forwarding port range and health check port
#
variable "tcp_lbs" {
type = "map"
default = {
"names" = ["http", "https", "ssh"]
"forwarding_port_ranges" = ["80", "443", "22"]
"health_check_ports" = ["8001", "8002", "8003"]
}
}
#######################
variable "public_ports" {
type = "map"
default = {
"api" = [22]
"consul" = [22]
"deploy" = [22]
"runner" = [22]
"db" = [22]
"pgb" = [22]
"fe-lb" = [22, 80, 443, 2222]
"geodb" = [22]
"git" = [22]
"mailroom" = [22]
"redis" = [22]
"redis-cache" = [22]
"registry" = [22]
"sidekiq" = [22]
"stor" = [22]
"web" = [22]
"monitoring" = [22]
}
}
variable "environment" {
default = "gstg"
}
variable "format_data_disk" {
default = "true"
}
variable "project" {
default = "gitlab-staging-1"
}
variable "region" {
default = "us-east1"
}
variable "chef_provision" {
type = "map"
description = "Configuration details for chef server"
default = {
bootstrap_bucket = "gitlab-gstg-chef-boostrap"
bootstrap_key = "gitlab-gstg-bootstrap-validation"
bootstrap_keyring = "gitlab-gstg-bootstrap"
server_url = "https://chef.gitlab.com/organizations/gitlab/"
user_name = "gitlab-ci"
user_key_path = ".chef.pem"
version = "12.19.36"
}
}
variable "chef_version" {
default = "12.19.36"
}
variable "machine_types" {
type = "map"
default = {
"api" = "n1-standard-4"
"consul" = "n1-standard-4"
"deploy" = "n1-standard-2"
"runner" = "n1-standard-2"
"db" = "n1-standard-8"
"fe-lb" = "n1-standard-4"