Skip to content

Commit

Permalink
working gcp setup
Browse files Browse the repository at this point in the history
  • Loading branch information
@michaeljguarino
michaeljguarino committed Dec 26, 2023
1 parent e140bd4 commit 4aa4e61
Show file tree
Hide file tree
Showing 43 changed files with 430 additions and 90 deletions.
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,5 @@ override.tf.json
# Ignore CLI configuration files
.terraformrc
terraform.rc

helm-values
4 changes: 2 additions & 2 deletions charts/runtime/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: runtime
description: Sets up the basic dependencies needed to get a network stack running
type: application
version: 0.1.2
appVersion: "1.16.0"
version: 0.1.3
appVersion: "0.1.0"
dependencies:
- name: external-dns
version: 6.14.5
Expand Down
2 changes: 2 additions & 0 deletions charts/runtime/charts/plural-certmanager-webhook/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ metadata:
chart: {{ include "plural-webhook.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
replicas: {{ .Values.replicaCount }}
selector:
Expand Down
13 changes: 0 additions & 13 deletions charts/runtime/charts/plural-certmanager-webhook/templates/logtail.yaml
View file

This file was deleted.

8 changes: 8 additions & 0 deletions charts/runtime/charts/plural-certmanager-webhook/templates/pki.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ metadata:
chart: {{ include "plural-webhook.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
selfSigned: {}

Expand All @@ -27,6 +29,8 @@ metadata:
chart: {{ include "plural-webhook.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
secretName: {{ include "plural-webhook.rootCACertificate" . }}
duration: 43800h # 5y
Expand All @@ -48,6 +52,8 @@ metadata:
chart: {{ include "plural-webhook.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
ca:
secretName: {{ include "plural-webhook.rootCACertificate" . }}
Expand All @@ -65,6 +71,8 @@ metadata:
chart: {{ include "plural-webhook.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
secretName: {{ include "plural-webhook.servingCertificate" . }}
duration: 8760h # 1y
Expand Down
8 changes: 8 additions & 0 deletions charts/runtime/templates/helmrepositories.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: bitnami
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
interval: 5m0s
type: oci
Expand All @@ -11,6 +13,8 @@ apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: flagger
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
interval: 5m0s
url: https://flagger.app
Expand All @@ -19,6 +23,8 @@ apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: console
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
interval: 5m0s
url: https://pluralsh.github.io/console
Expand All @@ -27,6 +33,8 @@ apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: bootstrap
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
interval: 5m0s
url: https://pluralsh.github.io/bootstrap
25 changes: 24 additions & 1 deletion charts/runtime/templates/issuer.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,35 @@ apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
acme:
email: {{ .Values.ownerEmail }}
server: {{ .Values.letsencryptServer }}
privateKeySecretRef:
name: letsencryt-prod-key
solvers:
- http01:
ingress:
ingressClassName: nginx
{{ if and .Values.acmeEAB.kid .Values.dnsSolver }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: plural
annotations:
"helm.sh/hook": post-install,post-upgrade
spec:
acme:
# You must replace this email address with your own.
Expand All @@ -30,4 +52,5 @@ spec:
# Add a single challenge solver, dns01, configured using the appropriate cloud dns setup
solvers:
- dns01:
{{ .Values.dnsSolver | toYaml | nindent 8 }}
{{ .Values.dnsSolver | toYaml | nindent 8 }}
{{ end }}
5 changes: 3 additions & 2 deletions charts/runtime/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ external-dns:

ownerEmail: [email protected]
acmeServer: https://acme.zerossl.com/v2/DV90
letsencryptServer: https://acme-v02.api.letsencrypt.org/directory

dnsSolver:
webhook:
Expand Down Expand Up @@ -116,7 +117,7 @@ ingress-nginx:
prometheus.io/path: "/metrics"
prometheus.io/scheme: http
serviceMonitor:
enabled: true
enabled: false
prometheusRule:
enabled: false

Expand Down Expand Up @@ -188,7 +189,7 @@ ingress-nginx-private:
prometheus.io/path: "/metrics"
prometheus.io/scheme: http
serviceMonitor:
enabled: true
enabled: false
prometheusRule:
enabled: false

Expand Down
6 changes: 0 additions & 6 deletions clouds/aws/runtime.tf
View file

This file was deleted.

10 changes: 8 additions & 2 deletions providers/aws.tf
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
terraform {
required_version = ">= 1.0"

backend "s3" {
bucket = "{{ .Bucket }}"
key = "{{ .Cluster }}/terraform.tfstate"
region = "{{ .Region }}"
}

required_providers {
aws = {
source = "hashicorp/aws"
Expand All @@ -22,5 +28,5 @@ terraform {
}

provider "aws" {
region = "us-east-2"
}
region = "{{ .Region }}"
}
12 changes: 12 additions & 0 deletions providers/azure.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
terraform {
required_version = ">=1.3"

backend "azurerm" {
storage_account_name = "{{ .Context.StorageAccount }}"
resource_group_name = "{{ .Project }}"
container_name = "{{ .Bucket }}"
key = "{{ .Cluster }}/terraform.tfstate"
}

required_providers {
azurerm = {
source = "hashicorp/azurerm"
Expand All @@ -9,6 +17,10 @@ terraform {
source = "anschoewe/curl"
version = "1.0.2"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = ">= 2.10"
}
random = {
source = "hashicorp/random"
version = "3.3.2"
Expand Down
6 changes: 6 additions & 0 deletions providers/gcp.tf
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,16 @@
terraform {
backend "gcs" {
bucket = "{{ .Bucket }}"
prefix = "{{ .Cluster }}/bootstrap"
}

required_providers {
google = {
source = "hashicorp/google"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = ">= 2.10"
}
random = {
source = "hashicorp/random"
Expand Down
26 changes: 0 additions & 26 deletions setup/main.tf
View file

This file was deleted.

8 changes: 0 additions & 8 deletions setup/variables.tf
View file

This file was deleted.

2 changes: 1 addition & 1 deletion clouds/aws/eks.tf → terraform/clouds/aws/eks.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module "eks" {
version = "~> 19.0"

cluster_name = var.cluster_name
cluster_version = var.cluster_version
cluster_version = var.kubernetes_version

cluster_endpoint_public_access = var.public

Expand Down
0 clouds/aws/kubernetes.tf → terraform/clouds/aws/kubernetes.tf
View file
File renamed without changes.
3 changes: 3 additions & 0 deletions terraform/clouds/aws/locals.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
locals {
db_url = format("postgresql://console:%s@%s:5432/console", random_password.password.result, module.db.db_instance_address)
}
0 clouds/aws/vpc.tf → terraform/clouds/aws/network.tf
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion clouds/aws/outputs.tf → terraform/clouds/aws/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,6 @@ output "db" {
}

output "db_url" {
value = format("postgresql://console:%s@%s:5432/console", random_password.password.result, module.db.db_instance_address)
value = local.db_url
sensitive = true
}
2 changes: 1 addition & 1 deletion clouds/aws/postgres.tf → terraform/clouds/aws/postgres.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ module "db" {
]

# Database Deletion Protection
deletion_protection = true
deletion_protection = var.deletion_protection
}

module "security_group" {
Expand Down
11 changes: 11 additions & 0 deletions clouds/aws/addons.tf → terraform/clouds/aws/runtime.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,15 @@ module "eks_blueprints_addons" {
enable_aws_load_balancer_controller = true
enable_cluster_proportional_autoscaler = true
enable_metrics_server = true
}

resource "helm_release" "runtime" {
name = "runtime"
namespace = "plural-runtime"
chart = "../../../charts/runtime"
create_namespace = true
timeout = 300
values = [
file(var.runtime_values_file)
]
}
12 changes: 11 additions & 1 deletion clouds/aws/variables.tf → terraform/clouds/aws/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ variable "cluster_name" {
default = "plural"
}

variable "cluster_version" {
variable "kubernetes_version" {
type = string
default = "1.27"
}
Expand Down Expand Up @@ -36,4 +36,14 @@ variable "public_subnets" {
variable "install_runtime" {
type = bool
default = true
}

variable "deletion_protection" {
type = bool
default = true
}

variable "runtime_values_file" {
type = string
default = "../../helm-values/runtime.yaml"
}
2 changes: 1 addition & 1 deletion clouds/azure/aks.tf → terraform/clouds/azure/aks.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ module "aks" {
source = "Azure/aks/azurerm"
version = "7.5.0"

kubernetes_version = "1.27.3"
kubernetes_version = var.kubernetes_version
cluster_name = var.cluster_name
resource_group_name = local.resource_group.name
os_disk_size_gb = 60
Expand Down
6 changes: 6 additions & 0 deletions terraform/clouds/azure/kubernetes.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
provider "kubernetes" {
host = module.aks.cluster_fqdn
cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate)
client_certificate = base64decode(module.aks.client_certificate)
client_key = base64decode(module.aks.client_key)
}
1 change: 1 addition & 0 deletions clouds/azure/locals.tf → terraform/clouds/azure/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,5 @@ locals {
name = var.create_resource_group ? azurerm_resource_group.main[0].name : var.resource_group_name
location = var.location
}
db_url = format("postgresql://console:%s@%s:5432/console", random_password.password.result, module.postgresql.server_fqdn)
}
0 clouds/azure/network.tf → terraform/clouds/azure/network.tf
View file
File renamed without changes.
Loading

0 comments on commit 4aa4e61

Please sign in to comment.