Add terraform

2020-09-03 16:02:48 +08:00 · 2020-09-03 16:02:48 +08:00 · 56f1f94694
commit 56f1f94694
parent 0d635b9a0e
6 changed files with 173 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,4 +10,39 @@ pkg/
 .skaffold-*.yaml
 .kubernetes-manifests-*/
 .project
-.eclipse.buildship.core.prefs
+.eclipse.buildship.core.prefs
 # Local .terraform directories
 **/.terraform/*
 # .tfstate files
 *.tfstate
 *.tfstate.*
 # Crash log files
 crash.log
 # Exclude all .tfvars files, which are likely to contain sentitive data, such as
 # password, private keys, and other secrets. These should not be part of version
 # control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 #
 *.tfvars
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 #
 # !example_override.tf
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
--- a/terraform/dev/gke.tf
+++ b/terraform/dev/gke.tf
@ -0,0 +1,31 @@
 module "gke" {
  source     = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
  project_id = var.project_id
  name = var.gke_name
  regional = false
  region   = var.region
  zones    = [var.zone]
  network    = module.vpc.network_name
  subnetwork = module.vpc.subnets["${var.region}/${var.gke_subnet_name}"].name
  ip_range_pods     = "secondary-range-pods"
  ip_range_services = "secondary-range-services"
  create_service_account = false
  service_account        = null
  enable_private_endpoint = false
  enable_private_nodes    = true
  master_ipv4_cidr_block = var.gke_cidr_range_master
  master_authorized_networks = [
    {
      cidr_block   = "0.0.0.0/0"
      display_name = "Public"
    },
  ]
 }
--- a/terraform/dev/network.tf
+++ b/terraform/dev/network.tf
@ -0,0 +1,32 @@
 module "vpc" {
  source  = "terraform-google-modules/network/google"
  version = "~> 2.5"
  project_id   = var.project_id
  network_name = var.network_name
  routing_mode = "GLOBAL"
  subnets = [
    {
      subnet_name           = var.gke_subnet_name
      subnet_ip             = var.gke_subnet_cidr_range
      subnet_region         = var.region
      subnet_private_access = "true"
      subnet_flow_logs      = "true"
      description           = "Gke subnet for microservices demo"
    },
  ]
  secondary_ranges = {
    "${var.gke_subnet_name}" = [
      {
        range_name    = "secondary-range-pods"
        ip_cidr_range = var.gke_subnet_cidr_range_pod
      },
      {
        range_name    = "secondary-range-services"
        ip_cidr_range = var.gke_subnet_cidr_range_services
      },
    ]
  }
 }
--- a/terraform/dev/outputs.tf
+++ b/terraform/dev/outputs.tf
@ -0,0 +1,7 @@
 output "vpc" {
  value       = module.vpc
 }
 output "gke" {
  value       = module.gke
 }
--- a/terraform/dev/terraform.tfvars
+++ b/terraform/dev/terraform.tfvars
@ -0,0 +1,17 @@
 ## Project
 project_id = "cloudcover-sandbox"
 region     = "asia-southeast1"
 zone       = "asia-southeast1-a"
 ## Network
 network_name = "microservice-demo"
 ## GKE
 ### Subnet
 gke_subnet_name                = "gke-subnet"
 gke_subnet_cidr_range          = "10.10.10.0/24"
 gke_subnet_cidr_range_pod      = "192.168.0.0/22"
 gke_subnet_cidr_range_services = "192.168.4.0/22"
 ### Config
 gke_name              = "microservices-demo-gke"
 gke_cidr_range_master = "172.16.0.0/28"
--- a/terraform/dev/variables.tf
+++ b/terraform/dev/variables.tf
@ -0,0 +1,50 @@
 variable "project_id" {
  description = "Project id"
  type        = string
 }
 variable "region" {
  description = "Project region"
  type        = string
 }
 variable "zone" {
  description = "Project zone"
  type        = string
 }
 variable "network_name" {
  description = "Name of the vpc network"
  type        = string
 }
 variable "gke_subnet_name" {
  description = "Name of the gke subnet"
  type        = string
 }
 variable "gke_subnet_cidr_range" {
  description = "Cidr range for gke subnet"
  type        = string
 }
 variable "gke_subnet_cidr_range_pod" {
  description = "Cidr range for gke subnet pods"
  type        = string
 }
 variable "gke_subnet_cidr_range_services" {
  description = "Cidr range for gke subnet services"
  type        = string
 }
 variable "gke_cidr_range_master" {
  description = "Cidr range for gke subnet master ipv4"
  type        = string
 }
 variable "gke_name" {
  description = "Name for GKE cluster"
  type        = string
 }