Add terraform

2020-09-03 16:02:48 +08:00 · 2020-09-03 16:02:48 +08:00 · 56f1f94694
commit 56f1f94694
parent 0d635b9a0e
6 changed files with 173 additions and 1 deletions
--- a/terraform/dev/gke.tf
+++ b/terraform/dev/gke.tf
@ -0,0 +1,31 @@
+module "gke" {
+  source     = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
+  project_id = var.project_id
+
+  name = var.gke_name
+
+  regional = false
+  region   = var.region
+  zones    = [var.zone]
+
+  network    = module.vpc.network_name
+  subnetwork = module.vpc.subnets["${var.region}/${var.gke_subnet_name}"].name
+
+  ip_range_pods     = "secondary-range-pods"
+  ip_range_services = "secondary-range-services"
+
+  create_service_account = false
+  service_account        = null
+
+  enable_private_endpoint = false
+  enable_private_nodes    = true
+
+  master_ipv4_cidr_block = var.gke_cidr_range_master
+
+  master_authorized_networks = [
+    {
+      cidr_block   = "0.0.0.0/0"
+      display_name = "Public"
+    },
+  ]
+}
--- a/terraform/dev/network.tf
+++ b/terraform/dev/network.tf
@ -0,0 +1,32 @@
+module "vpc" {
+  source  = "terraform-google-modules/network/google"
+  version = "~> 2.5"
+
+  project_id   = var.project_id
+  network_name = var.network_name
+  routing_mode = "GLOBAL"
+
+  subnets = [
+    {
+      subnet_name           = var.gke_subnet_name
+      subnet_ip             = var.gke_subnet_cidr_range
+      subnet_region         = var.region
+      subnet_private_access = "true"
+      subnet_flow_logs      = "true"
+      description           = "Gke subnet for microservices demo"
+    },
+  ]
+
+  secondary_ranges = {
+    "${var.gke_subnet_name}" = [
+      {
+        range_name    = "secondary-range-pods"
+        ip_cidr_range = var.gke_subnet_cidr_range_pod
+      },
+      {
+        range_name    = "secondary-range-services"
+        ip_cidr_range = var.gke_subnet_cidr_range_services
+      },
+    ]
+  }
+}
--- a/terraform/dev/outputs.tf
+++ b/terraform/dev/outputs.tf
@ -0,0 +1,7 @@
+output "vpc" {
+  value       = module.vpc
+}
+
+output "gke" {
+  value       = module.gke
+}
--- a/terraform/dev/terraform.tfvars
+++ b/terraform/dev/terraform.tfvars
@ -0,0 +1,17 @@
+## Project
+project_id = "cloudcover-sandbox"
+region     = "asia-southeast1"
+zone       = "asia-southeast1-a"
+
+## Network
+network_name = "microservice-demo"
+
+## GKE
+### Subnet
+gke_subnet_name                = "gke-subnet"
+gke_subnet_cidr_range          = "10.10.10.0/24"
+gke_subnet_cidr_range_pod      = "192.168.0.0/22"
+gke_subnet_cidr_range_services = "192.168.4.0/22"
+### Config
+gke_name              = "microservices-demo-gke"
+gke_cidr_range_master = "172.16.0.0/28"
--- a/terraform/dev/variables.tf
+++ b/terraform/dev/variables.tf
@ -0,0 +1,50 @@
+variable "project_id" {
+  description = "Project id"
+  type        = string
+}
+
+variable "region" {
+  description = "Project region"
+  type        = string
+}
+
+variable "zone" {
+  description = "Project zone"
+  type        = string
+}
+
+variable "network_name" {
+  description = "Name of the vpc network"
+  type        = string
+}
+
+variable "gke_subnet_name" {
+  description = "Name of the gke subnet"
+  type        = string
+}
+
+variable "gke_subnet_cidr_range" {
+  description = "Cidr range for gke subnet"
+  type        = string
+}
+
+variable "gke_subnet_cidr_range_pod" {
+  description = "Cidr range for gke subnet pods"
+  type        = string
+}
+
+variable "gke_subnet_cidr_range_services" {
+  description = "Cidr range for gke subnet services"
+  type        = string
+}
+
+variable "gke_cidr_range_master" {
+  description = "Cidr range for gke subnet master ipv4"
+  type        = string
+}
+
+variable "gke_name" {
+  description = "Name for GKE cluster"
+  type        = string
+}
+