Commit 7f42afea authored by John Skarbek's avatar John Skarbek

Lets recreate the pre cluster as desired

* Creates a private cluster
* Creates the necessary network bits to allow a private cluster to be
fully operational
* Upgrades the GKE module for this cluster to provide the ability to
create a private and regional cluster
parent 98cf17a2
...@@ -14,7 +14,7 @@ variable "gitlab_net_zone_id" {} ...@@ -14,7 +14,7 @@ variable "gitlab_net_zone_id" {}
## Google ## Google
provider "google" { provider "google" {
version = "~> 2.6.0" version = "~> 2.7.0"
project = "${var.project}" project = "${var.project}"
region = "${var.region}" region = "${var.region}"
} }
...@@ -283,31 +283,58 @@ module "gke-runner" { ...@@ -283,31 +283,58 @@ module "gke-runner" {
################################## ##################################
# #
# GKE Cluster for testing # GKE Cluster for pre.gitlab.com GitLab services
# #
################################## ##################################
# After provisioning you will need to configure # IP address for the GitLab application
resource "google_compute_address" "gitlab-com-static-ip" {
name = "gitlab-com"
description = "gitlab-com"
}
resource "google_compute_address" "pre-gke-pre-static-ip" { # IP address for NAT
name = "pre-gke-pre" resource "google_compute_address" "gke-cloud-nat-ip" {
description = "pre-gke-pre" name = "gitlab-gke"
description = "gitlab-gke"
} }
module "gke-pre" { resource "google_compute_router" "nat-router" {
environment = "${var.environment}" name = "gitlab-gke"
name = "gke-pre" network = "${module.network.self_link}"
vpc = "${module.network.self_link}" }
source = "git::ssh://[email protected]/gitlab-com/gl-infra/terraform-modules/google/gke.git?ref=v2.0.0"
initial_node_count = 1 resource "google_compute_router_nat" "gke-nat" {
ip_cidr_range = "${var.subnetworks["gke-pre"]}" name = "gitlab-gke"
dns_zone_name = "${var.dns_zone_name}" router = "${google_compute_router.nat-router.name}"
machine_type = "${var.machine_types["gke-pre"]}" nat_ip_allocate_option = "MANUAL_ONLY"
preemptible = "true" nat_ips = ["${google_compute_address.gke-cloud-nat-ip.self_link}"]
project = "${var.project}" source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
region = "${var.region}"
pod_ip_cidr_range = "${var.subnetworks["gke-pre-pod-cidr"]}" subnetwork {
service_ip_cidr_range = "${var.subnetworks["gke-pre-service-cidr"]}" name = "${module.gitlab-gke.subnetwork_self_link}"
source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
}
}
module "gitlab-gke" {
environment = "${var.environment}"
name = "gitlab-gke"
vpc = "${module.network.self_link}"
source = "git::ssh://[email protected]/gitlab-com/gl-infra/terraform-modules/google/gke.git?ref=v4.0.0"
ip_cidr_range = "${var.subnetworks["gitlab-gke"]}"
disable_network_policy = "false"
dns_zone_name = "${var.dns_zone_name}"
machine_type = "${var.machine_types["gitlab-gke"]}"
max_node_count = "3"
node_disk_size = "50"
preemptible = "true"
private_cluster = "true"
private_master_cidr = "${var.master_cidr_subnets["gitlab-gke"]}"
project = "${var.project}"
region = "${var.region}"
pod_ip_cidr_range = "${var.subnetworks["gitlab-gke-pod-cidr"]}"
service_ip_cidr_range = "${var.subnetworks["gitlab-gke-service-cidr"]}"
} }
################################## ##################################
...@@ -351,7 +378,7 @@ resource "google_logging_project_sink" "pubsub" { ...@@ -351,7 +378,7 @@ resource "google_logging_project_sink" "pubsub" {
# There is only a single pubsub topic for gke # There is only a single pubsub topic for gke
destination = "pubsub.googleapis.com/projects/${var.project}/topics/${module.pubsubbeat.topic_names[0]}" destination = "pubsub.googleapis.com/projects/${var.project}/topics/${module.pubsubbeat.topic_names[0]}"
filter = "resource.labels.cluster_name = pre-gke-pre" filter = "resource.labels.cluster_name = pre-gitlab-gke"
# Use a unique writer (creates a unique service account used for writing) # Use a unique writer (creates a unique service account used for writing)
unique_writer_identity = true unique_writer_identity = true
......
...@@ -39,7 +39,7 @@ variable "machine_types" { ...@@ -39,7 +39,7 @@ variable "machine_types" {
"gitlab-pre" = "n1-standard-16" "gitlab-pre" = "n1-standard-16"
"monitoring" = "n1-standard-2" "monitoring" = "n1-standard-2"
"sd-exporter" = "n1-standard-1" "sd-exporter" = "n1-standard-1"
"gke-pre" = "n1-standard-1" "gitlab-gke" = "n1-standard-1"
"gke-runner" = "n1-standard-2" "gke-runner" = "n1-standard-2"
"web" = "n1-standard-1" "web" = "n1-standard-1"
"git" = "n1-standard-1" "git" = "n1-standard-1"
...@@ -124,14 +124,14 @@ variable "subnetworks" { ...@@ -124,14 +124,14 @@ variable "subnetworks" {
"web-pages" = "10.232.17.0/24" "web-pages" = "10.232.17.0/24"
"gitaly" = "10.232.18.0/24" "gitaly" = "10.232.18.0/24"
"deploy" = "10.232.19.0/24" "deploy" = "10.232.19.0/24"
"gke-pre" = "10.232.20.0/24" "gitlab-gke" = "10.232.20.0/24"
"web-puma" = "10.232.21.0/24" "web-puma" = "10.232.21.0/24"
"consul" = "10.232.22.0/24" "consul" = "10.232.22.0/24"
"pubsubbeat" = "10.232.23.0/24" "pubsubbeat" = "10.232.23.0/24"
"proxy" = "10.232.24.0/24" "proxy" = "10.232.24.0/24"
"gke-pre-pod-cidr" = "10.235.0.0/16" "gitlab-gke-pod-cidr" = "10.235.0.0/16"
"gke-pre-service-cidr" = "10.236.0.0/16" "gitlab-gke-service-cidr" = "10.236.0.0/16"
# /mnt/storage # /mnt/storage
"filestore-storage" = "10.237.0.0/29" "filestore-storage" = "10.237.0.0/29"
...@@ -141,6 +141,14 @@ variable "subnetworks" { ...@@ -141,6 +141,14 @@ variable "subnetworks" {
} }
} }
variable "master_cidr_subnets" {
type = "map"
default = {
"gitlab-gke" = "172.16.0.0/28"
}
}
################## ##################
# Network Peering # Network Peering
################## ##################
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment