Skip to content

G
gitlab-com-infrastructure
Commit f9901ebe authored by John Jarvis's avatar John Jarvis
Browse files
Options

Merge branch 'jarv/create-asset-buckets' into jarv/asset-buckets-pre

parents cad066f9 0c704cdc
Hide whitespace changes
Inline Side-by-side
Showing with 53 additions and 4 deletions
environments/gprd/variables.tf
View file @ f9901ebe
...@@ -250,6 +250,7 @@ variable "public_ports" { ...@@ -250,6 +250,7 @@ variable "public_ports" {
"deploy" = [] "deploy" = []
"runner" = [] "runner" = []
"db-dr" = [] "db-dr" = []
"db-zfs" = []
"pgb" = [] "pgb" = []
"fe-lb" = [22, 80, 443] "fe-lb" = [22, 80, 443]
"git" = [] "git" = []
...@@ -332,6 +333,7 @@ variable "machine_types" { ...@@ -332,6 +333,7 @@ variable "machine_types" {
"contributors" = "n1-standard-4" "contributors" = "n1-standard-4"
"contributors-db" = "db-custom-1-4096" "contributors-db" = "db-custom-1-4096"
"db-dr" = "n1-standard-8" "db-dr" = "n1-standard-8"
"db-zfs" = "n1-highmem-64"
"console" = "n1-standard-1" "console" = "n1-standard-1"
"deploy" = "n1-standard-2" "deploy" = "n1-standard-2"
"fe-lb" = "n1-standard-4" "fe-lb" = "n1-standard-4"
...@@ -381,6 +383,7 @@ variable "node_count" { ...@@ -381,6 +383,7 @@ variable "node_count" {
"console" = 1 "console" = 1
"consul" = 5 "consul" = 5
"db-dr" = 2 "db-dr" = 2
"db-zfs" = 1
"deploy" = 1 "deploy" = 1
"fe-lb" = 16 "fe-lb" = 16
"fe-lb-altssh" = 2 "fe-lb-altssh" = 2
...@@ -441,6 +444,7 @@ variable "subnetworks" { ...@@ -441,6 +444,7 @@ variable "subnetworks" {
"redis" = "10.217.2.0/24" "redis" = "10.217.2.0/24"
"db-dr-delayed" = "10.217.3.0/24" "db-dr-delayed" = "10.217.3.0/24"
"db-dr-archive" = "10.217.7.0/24" "db-dr-archive" = "10.217.7.0/24"
"db-zfs" = "10.220.19.0/24"
"patroni" = "10.220.16.0/24" "patroni" = "10.220.16.0/24"
"pgb" = "10.217.4.0/24" "pgb" = "10.217.4.0/24"
"redis-cache" = "10.217.5.0/24" "redis-cache" = "10.217.5.0/24"
...@@ -518,7 +522,7 @@ variable "deploy_egress_ports" { ...@@ -518,7 +522,7 @@ variable "deploy_egress_ports" {
default = [] default = []
} }
variable "web_egress_ports" { variable "console_egress_ports" {
type = "list" type = "list"
default = [] default = []
} }
......
environments/gstg/variables.tf
View file @ f9901ebe
...@@ -242,6 +242,7 @@ variable "public_ports" { ...@@ -242,6 +242,7 @@ variable "public_ports" {
"deploy" = [] "deploy" = []
"runner" = [] "runner" = []
"db-dr" = [] "db-dr" = []
"db-zfs" = []
"pgb" = [] "pgb" = []
"fe-lb" = [22, 80, 443] "fe-lb" = [22, 80, 443]
"git" = [] "git" = []
...@@ -327,6 +328,7 @@ variable "machine_types" { ...@@ -327,6 +328,7 @@ variable "machine_types" {
"deploy" = "n1-standard-2" "deploy" = "n1-standard-2"
"runner" = "n1-standard-2" "runner" = "n1-standard-2"
"db-dr" = "n1-standard-8" "db-dr" = "n1-standard-8"
"db-zfs" = "n1-highmem-64"
"fe-lb" = "n1-standard-4" "fe-lb" = "n1-standard-4"
"git" = "n1-standard-16" "git" = "n1-standard-16"
"influxdb" = "n1-standard-4" "influxdb" = "n1-standard-4"
...@@ -377,6 +379,7 @@ variable "node_count" { ...@@ -377,6 +379,7 @@ variable "node_count" {
"runner" = 1 "runner" = 1
"consul" = 5 "consul" = 5
"db-dr" = 2 "db-dr" = 2
"db-zfs" = 2
"fe-lb" = 3 "fe-lb" = 3
"fe-lb-pages" = 2 "fe-lb-pages" = 2
"fe-lb-altssh" = 2 "fe-lb-altssh" = 2
...@@ -431,6 +434,7 @@ variable "subnetworks" { ...@@ -431,6 +434,7 @@ variable "subnetworks" {
"consul" = "10.224.4.0/24" "consul" = "10.224.4.0/24"
"db-dr-delayed" = "10.224.24.0/24" "db-dr-delayed" = "10.224.24.0/24"
"db-dr-archive" = "10.224.25.0/24" "db-dr-archive" = "10.224.25.0/24"
"db-zfs" = "10.226.6.0/24"
"deploy" = "10.224.15.0/24" "deploy" = "10.224.15.0/24"
"fe-lb" = "10.224.14.0/24" "fe-lb" = "10.224.14.0/24"
"fe-lb-altssh" = "10.224.19.0/24" "fe-lb-altssh" = "10.224.19.0/24"
...@@ -514,7 +518,7 @@ variable "deploy_egress_ports" { ...@@ -514,7 +518,7 @@ variable "deploy_egress_ports" {
default = ["80", "443", "22"] default = ["80", "443", "22"]
} }
variable "web_egress_ports" { variable "console_egress_ports" {
type = "list" type = "list"
default = ["80", "443", "9243"] default = ["80", "443", "9243"]
} }
......
environments/ops/main.tf
View file @ f9901ebe
...@@ -996,3 +996,17 @@ module "postgres-backup" { ...@@ -996,3 +996,17 @@ module "postgres-backup" {
source = "git::ssh://git@ops.gitlab.net/gitlab-com/gl-infra/terraform-modules/google/database-backup-bucket.git?ref=v1.0.0" source = "git::ssh://git@ops.gitlab.net/gitlab-com/gl-infra/terraform-modules/google/database-backup-bucket.git?ref=v1.0.0"
retention_days = "${var.postgres_backup_retention_days}" retention_days = "${var.postgres_backup_retention_days}"
} }
##################################
#
# Service accounts
#
##################################
## Service account used for granting ops
## write access to asset buckets
resource "google_service_account" "assets" {
account_id = "asset-uploader"
display_name = "Service account that allows ops to write to assets buckets in other projects"
}
shared/gstg-gprd/main.tf
View file @ f9901ebe
...@@ -101,7 +101,7 @@ module "web" { ...@@ -101,7 +101,7 @@ module "web" {
chef_provision = "${var.chef_provision}" chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-fe-web]\"" chef_run_list = "\"role[${var.environment}-base-fe-web]\""
dns_zone_name = "${var.dns_zone_name}" dns_zone_name = "${var.dns_zone_name}"
egress_ports = "${var.web_egress_ports}" egress_ports = "${var.egress_ports}"
environment = "${var.environment}" environment = "${var.environment}"
health_check = "tcp" health_check = "tcp"
ip_cidr_range = "${var.subnetworks["web"]}" ip_cidr_range = "${var.subnetworks["web"]}"
...@@ -421,6 +421,33 @@ module "postgres-dr-delayed" { ...@@ -421,6 +421,33 @@ module "postgres-dr-delayed" {
os_disk_size = 100 os_disk_size = 100
} }
module "postgres-zfs" {
bootstrap_version = "9"
chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-db-postgres-zfs]\""
data_disk_count = 3
data_disk_size = 2000
data_disk_type = "pd-ssd"
dns_zone_name = "${var.dns_zone_name}"
environment = "${var.environment}"
ip_cidr_range = "${var.subnetworks["db-zfs"]}"
kernel_version = "4.18.0-1007"
machine_type = "${var.machine_types["db-zfs"]}"
name = "postgres-zfs"
node_count = "${var.node_count["db-zfs"]}"
os_boot_image = "ubuntu-os-cloud/ubuntu-1804-bionic-v20190307"
os_disk_size = 32
os_disk_type = "pd-ssd"
project = "${var.project}"
public_ports = "${var.public_ports["db-zfs"]}"
region = "${var.region}"
service_account_email = "${var.service_account_email}"
source = "git::ssh://git@ops.gitlab.net/gitlab-com/gl-infra/terraform-modules/google/generic-stor.git?ref=zfs"
tier = "db"
use_new_node_name = true
vpc = "${module.network.self_link}"
}
module "postgres-backup" { module "postgres-backup" {
environment = "${var.environment}" environment = "${var.environment}"
gcs_postgres_backup_service_account = "${var.gcs_postgres_backup_service_account}" gcs_postgres_backup_service_account = "${var.gcs_postgres_backup_service_account}"
...@@ -1446,7 +1473,7 @@ module "console" { ...@@ -1446,7 +1473,7 @@ module "console" {
chef_provision = "${var.chef_provision}" chef_provision = "${var.chef_provision}"
chef_run_list = "\"role[${var.environment}-base-console-node]\"" chef_run_list = "\"role[${var.environment}-base-console-node]\""
dns_zone_name = "${var.dns_zone_name}" dns_zone_name = "${var.dns_zone_name}"
egress_ports = "${var.egress_ports}" egress_ports = "${var.console_egress_ports}"
environment = "${var.environment}" environment = "${var.environment}"
health_check = "tcp" health_check = "tcp"
ip_cidr_range = "${var.subnetworks["console"]}" ip_cidr_range = "${var.subnetworks["console"]}"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment