Commit d25ffb59 authored by John Jarvis's avatar John Jarvis

Creates tcp lb module for http, https and ssh.

parent f0d7e2c1
resource "google_compute_forwarding_rule" "fe_forwarding_rule_http" {
name = "gitlab-frontend-http"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_http_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "80"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_http_pool" {
project = "${var.project}"
name = "gitlab-frontend-http-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_http_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_http_health_check" "fe_lb_http_health_check" {
project = "${var.project}"
name = "fe-lb-http-health-check"
host = "gitlab.com"
port = "80"
request_path = "/help"
timeout_sec = 2
check_interval_sec = 2
healthy_threshold = 2
unhealthy_threshold = 2
}
resource "google_compute_forwarding_rule" "fe_forwarding_rule_https" {
name = "gitlab-frontend-https"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_https_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "443"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_https_pool" {
project = "${var.project}"
name = "gitlab-frontend-https-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_https_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_forwarding_rule" "fe_forwarding_rule_ssh" {
name = "gitlab-frontend-ssh"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.fe_lb_ssh_pool.self_link}"
load_balancing_scheme = "EXTERNAL"
port_range = "22"
ip_address = "${google_compute_address.fe_external_ip.address}"
}
resource "google_compute_target_pool" "fe_lb_ssh_pool" {
project = "${var.project}"
name = "gitlab-frontend-ssh-pool"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.fe_ssh_instances}"]
health_checks = [
"${google_compute_http_health_check.fe_lb_http_health_check.self_link}",
]
}
resource "google_compute_address" "fe_external_ip" {
name = "http"
project = "${var.project}"
region = "${var.region}"
address_type = "EXTERNAL"
# subnetwork = "${var.subnetwork}"
}
variable "fe_http_instances" {
type = "list"
description = "The list of instances to add to the http backend pool"
}
variable "fe_https_instances" {
type = "list"
description = "The list of instances to add to the https backend pool"
}
variable "fe_ssh_instances" {
type = "list"
description = "The list of instances to add to the ssh backend pool"
}
variable "region" {
type = "string"
description = "The target region"
}
variable "project" {
type = "string"
description = "The target project"
}
# variable "subnetwork" {
# type = "string"
# description = "The target subnetwork"
# }
......@@ -319,7 +319,7 @@ module "sidekiq" {
##################################
#
# mailroom
# Mailroom
#
##################################
......@@ -497,13 +497,25 @@ module "fe-lb" {
vpc = "${module.network.self_link}"
}
module "google_load_balancers" {
source = "./load-balancers"
project = "${var.project}"
region = "${var.region}"
fe_http_instances = "${module.fe-lb.instances_without_attached_disk_self_link}"
fe_https_instances = "${module.fe-lb.instances_without_attached_disk_self_link}"
fe_ssh_instances = "${module.fe-lb.instances_without_attached_disk_self_link}"
##################################
#
# GCP TCP LoadBalancers
#
##################################
module "gcp-tcp-lb" {
lb_count = "${length(var.tcp_lbs["names"])}"
names = "${var.tcp_lbs["names"]}"
fqdn = "${var.lb_fqdn}"
gitlab_com_zone_id = "${var.gitlab_com_zone_id}"
environment = "${var.environment}"
region = "${var.region}"
project = "${var.project}"
source = "../../modules/google/tcp-lb"
targets = ["fe"]
forwarding_port_ranges = "${var.tcp_lbs["forwarding_port_ranges"]}"
health_check_ports = "${var.tcp_lbs["health_check_ports"]}"
instances = ["${module.fe-lb.instances_without_attached_disk_self_link}"]
}
##################################
......
......@@ -16,6 +16,32 @@ variable "monitoring_hosts" {
}
}
#### GCP load balancing
# The top level domain record for the GitLab deployment.
# For production this should be set to "gitlab.com"
variable "lb_fqdn" {
default = "lb-test.gprd.gitlab.com"
}
#
# For every name there must be a corresponding
# forwarding port range and health check port
#
variable "tcp_lbs" {
type = "map"
default = {
"names" = ["http", "https", "ssh"]
"forwarding_port_ranges" = ["80", "443", "22"]
"health_check_ports" = ["8001", "8002", "8003"]
}
}
#######################
variable "base_chef_run_list" {
default = "\"role[gitlab]\",\"recipe[gitlab_users::default]\",\"recipe[gitlab_sudo::default]\",\"recipe[gitlab-server::bashrc]\""
}
......
data "google_compute_lb_ip_ranges" "ranges" {}
resource "aws_route53_record" "default" {
zone_id = "${var.gitlab_com_zone_id}"
name = "${var.fqdn}"
type = "A"
ttl = "300"
records = ["${google_compute_address.default.address}"]
}
resource "google_compute_address" "default" {
name = "http"
project = "${var.project}"
region = "${var.region}"
address_type = "EXTERNAL"
}
resource "google_compute_firewall" "default" {
name = "${format("%v-tcp-lb", var.environment)}"
network = "${var.environment}"
allow {
protocol = "tcp"
ports = ["${var.health_check_ports}"]
}
source_ranges = ["${data.google_compute_lb_ip_ranges.ranges.network}"]
target_tags = ["${var.targets}"]
}
resource "google_compute_forwarding_rule" "default" {
count = "${var.lb_count}"
name = "${format("%v-tcp-lb-%v", var.environment, var.names[count.index])}"
project = "${var.project}"
region = "${var.region}"
target = "${google_compute_target_pool.default.*.self_link[count.index]}"
load_balancing_scheme = "EXTERNAL"
port_range = "${var.forwarding_port_ranges[count.index]}"
ip_address = "${google_compute_address.default.address}"
}
resource "google_compute_target_pool" "default" {
count = "${var.lb_count}"
name = "${format("%v-tcp-lb-%v", var.environment, var.names[count.index])}"
project = "${var.project}"
region = "${var.region}"
session_affinity = "NONE"
instances = ["${var.instances}"]
health_checks = [
"${google_compute_http_health_check.default.*.self_link[count.index]}",
]
}
resource "google_compute_http_health_check" "default" {
count = "${var.lb_count}"
name = "${format("%v-tcp-lb-%v", var.environment, var.names[count.index])}"
project = "${var.project}"
port = "${var.health_check_ports[count.index]}"
request_path = "/healthz-${var.names[count.index]}"
timeout_sec = 2
check_interval_sec = 2
healthy_threshold = 2
unhealthy_threshold = 2
}
variable "lb_count" {}
variable "fqdn" {}
variable "health_check_ports" {
type = "list"
}
variable "forwarding_port_ranges" {
type = "list"
}
variable "gitlab_com_zone_id" {}
variable "instances" {
type = "list"
}
variable "targets" {
type = "list"
description = "target tags for the load balancer"
}
variable "environment" {
type = "string"
description = "The environment name"
}
variable "names" {
type = "list"
description = "Names for the lbs"
}
variable "project" {
type = "string"
description = "The project name"
}
variable "region" {
type = "string"
description = "The target region"
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment