diff --git a/blueprints/gke/autopilot/README.md b/blueprints/gke/autopilot/README.md
index 02178e5ff9..aa67956f49 100644
--- a/blueprints/gke/autopilot/README.md
+++ b/blueprints/gke/autopilot/README.md
@@ -1,6 +1,6 @@
# Load testing an application running on an autopilot cluster
-This blueprint creates an Autopilot cluster with Google-managed Prometheus enabled and install an application that scales as the traffic that is hitting the load balancer exposing it grows. It also installs the tooling required to distributed load test with [locust](https://locust.io) on that application and the monitoring tooling required to observe how things evolve in the cluster during the load test. Ansible is used to install the application and all the tooling on a management VM.
+This blueprint creates an Autopilot cluster with Google-managed Prometheus enabled and installs an application that scales as the traffic that is hitting the load balancer exposing it grows. It also installs the tooling required to distributed load test with [locust](https://locust.io) on that application and the monitoring tooling required to observe how things evolve in the cluster during the load test. Ansible is used to install the application and all the tooling on a management VM.
The diagram below depicts the architecture.
@@ -64,13 +64,14 @@ Alternatively you can also check all the above using the dashboards available in
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [project_id](variables.tf#L75) | Project ID. | string | ✓ | |
+| [project_id](variables.tf#L68) | Project ID. | string | ✓ | |
| [cluster_network_config](variables.tf#L17) | Cluster network configuration. | object({…}) | | {…} |
| [mgmt_server_config](variables.tf#L37) | Management server configuration. | object({…}) | | {…} |
| [mgmt_subnet_cidr_block](variables.tf#L53) | Management subnet IP CIDR range. | string | | "10.0.2.0/24" |
-| [network](variables.tf#L59) | VPC name. | string | | "vpc" |
-| [project_create](variables.tf#L66) | Parameters for the creation of the new project. | object({…}) | | null |
-| [region](variables.tf#L80) | Region. | string | | "europe-west1" |
+| [project_create](variables.tf#L59) | Parameters for the creation of the new project. | object({…}) | | null |
+| [region](variables.tf#L73) | Region. | string | | "europe-west1" |
+| [vpc_create](variables.tf#L79) | Flag indicating whether the VPC should be created or not. | bool | | true |
+| [vpc_name](variables.tf#L85) | VPC name. | string | | "vpc" |
## Outputs
@@ -90,5 +91,5 @@ module "test" {
}
project_id = "my-project"
}
-# tftest modules=10 resources=30
+# tftest modules=11 resources=34
```
\ No newline at end of file
diff --git a/blueprints/gke/autopilot/bundle/app/nginx.yaml b/blueprints/gke/autopilot/bundle/app/nginx.yaml
index 48a9d2c156..85f707f078 100644
--- a/blueprints/gke/autopilot/bundle/app/nginx.yaml
+++ b/blueprints/gke/autopilot/bundle/app/nginx.yaml
@@ -70,11 +70,12 @@ spec:
initialDelaySeconds: 2
periodSeconds: 2
failureThreshold: 1
- requests:
- cpu: 10m
- memory: 10Mi
- limits:
- memory: 10Mi
+ resources:
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ limits:
+ memory: 10Mi
- name: nginx-prometheus-exporter
image: nginx/nginx-prometheus-exporter:0.10.0
ports:
@@ -83,11 +84,12 @@ spec:
env:
- name: SCRAPE_URI
value: http://localhost:8080/stub_status
- requests:
- cpu: 5m
- memory: 5Mi
- limits:
- memory: 5Mi
+ resources:
+ requests:
+ cpu: 5m
+ memory: 5Mi
+ limits:
+ memory: 5Mi
volumes:
- name: nginx-config
configMap:
diff --git a/blueprints/gke/autopilot/bundle/locust/workers.yaml b/blueprints/gke/autopilot/bundle/locust/workers.yaml
index 7d6b41fe56..d69a0dc9dd 100644
--- a/blueprints/gke/autopilot/bundle/locust/workers.yaml
+++ b/blueprints/gke/autopilot/bundle/locust/workers.yaml
@@ -44,8 +44,9 @@ spec:
value: worker
- name: LOCUST_MASTER
value: locust-master
- requests:
- cpu: 20m
- memory: 50Mi
- limits:
- memory: 50Mi
\ No newline at end of file
+ resources:
+ requests:
+ cpu: 20m
+ memory: 50Mi
+ limits:
+ memory: 50Mi
\ No newline at end of file
diff --git a/blueprints/gke/autopilot/main.tf b/blueprints/gke/autopilot/main.tf
index 9856dfaa23..3244b86899 100644
--- a/blueprints/gke/autopilot/main.tf
+++ b/blueprints/gke/autopilot/main.tf
@@ -29,7 +29,8 @@ module "project" {
services = [
"artifactregistry.googleapis.com",
"cloudbuild.googleapis.com",
- "container.googleapis.com"
+ "container.googleapis.com",
+ "compute.googleapis.com"
]
iam = {
"roles/monitoring.viewer" = [module.monitoring_sa.iam_email]
diff --git a/blueprints/gke/autopilot/mgmt.tf b/blueprints/gke/autopilot/mgmt.tf
index 81b7d1dbbe..3b9e4a6d0c 100644
--- a/blueprints/gke/autopilot/mgmt.tf
+++ b/blueprints/gke/autopilot/mgmt.tf
@@ -36,4 +36,5 @@ module "mgmt_server" {
type = var.mgmt_server_config.disk_type
size = var.mgmt_server_config.disk_size
}
-}
\ No newline at end of file
+ tags = ["ssh"]
+}
diff --git a/blueprints/gke/autopilot/variables.tf b/blueprints/gke/autopilot/variables.tf
index 785cb48ea5..dcd40c8d83 100644
--- a/blueprints/gke/autopilot/variables.tf
+++ b/blueprints/gke/autopilot/variables.tf
@@ -56,13 +56,6 @@ variable "mgmt_subnet_cidr_block" {
default = "10.0.2.0/24"
}
-variable "network" {
- description = "VPC name."
- type = string
- default = "vpc"
- nullable = false
-}
-
variable "project_create" {
description = "Parameters for the creation of the new project."
type = object({
@@ -81,4 +74,17 @@ variable "region" {
description = "Region."
type = string
default = "europe-west1"
+}
+
+variable "vpc_create" {
+ description = "Flag indicating whether the VPC should be created or not."
+ type = bool
+ default = true
+}
+
+variable "vpc_name" {
+ description = "VPC name."
+ type = string
+ nullable = false
+ default = "vpc"
}
\ No newline at end of file
diff --git a/blueprints/gke/autopilot/vpc.tf b/blueprints/gke/autopilot/vpc.tf
index c7cc95260f..b7400162ce 100644
--- a/blueprints/gke/autopilot/vpc.tf
+++ b/blueprints/gke/autopilot/vpc.tf
@@ -17,8 +17,8 @@
module "vpc" {
source = "../../../modules/net-vpc"
project_id = module.project.project_id
- name = var.network
- vpc_create = (var.project_create != null)
+ name = var.vpc_name
+ vpc_create = var.vpc_create
subnets = [
{
ip_cidr_range = var.mgmt_subnet_cidr_block
@@ -37,6 +37,12 @@ module "vpc" {
]
}
+module "firewall" {
+ source = "../../../modules/net-vpc-firewall"
+ project_id = module.project.project_id
+ network = module.vpc.name
+}
+
module "nat" {
source = "../../../modules/net-cloudnat"
project_id = module.project.project_id