diff --git a/Makefile b/Makefile index fb48fdc..e1b8f69 100644 --- a/Makefile +++ b/Makefile @@ -21,24 +21,24 @@ ifneq (,$(ZONE)) DEFAULT_ZONE := $(ZONE) endif -export TF_VAR_domain ?= $(DOMAIN_NAME) -export TF_VAR_base_domain ?= $(BASE_DOMAIN) -export TF_VAR_project ?= $(PROJECT) -export TF_VAR_location ?= $(LOCATION) +export TF_VAR_domain ?= $(DOMAIN_NAME) +export TF_VAR_base_domain ?= $(BASE_DOMAIN) +export TF_VAR_project ?= $(PROJECT) +export TF_VAR_location ?= $(LOCATION) export TF_VAR_cluster_name := $(or $(CLUSTER_NAME),$(NAME2)) -export TF_VAR_node_machine_type ?= g1-small +export TF_VAR_node_machine_type ?= e2-small export TF_VAR_min_node_count ?= 1 export TF_VAR_max_node_count ?= 3 export TF_VAR_preemptible ?= export TF_VAR_addons_istio ?= false -terraform ?= terraform-v0.11 +terraform ?= terraform-v0.12 -export TF_LOG ?= info export TF_DATA_DIR ?= .terraform/$(DOMAIN_NAME) export TF_LOG_PATH ?= $(TF_DATA_DIR)/terraform.log -TF_CLI_ARGS := -no-color -input=false -lock=false -TFPLAN := $(TF_DATA_DIR)/$(DOMAIN_NAME).tfplan + +TF_CLI_ARGS ?= -input=false +TFPLAN := $(TF_DATA_DIR)/$(DOMAIN_NAME).tfplan gcloud ?= gcloud kubectl ?= kubectl --context=gke_$(PROJECT)_$(LOCATION)_$(TF_VAR_cluster_name) @@ -53,12 +53,11 @@ init: .PHONY: init plan: - $(terraform) plan $(TF_CLI_ARGS) \ - -refresh=true -module-depth=-1 -out=$(TFPLAN) + $(terraform) plan $(TF_CLI_ARGS) -out=$(TFPLAN) .PHONY: plan apply: - $(terraform) apply $(TF_CLI_ARGS) -Xshadow=false $(TFPLAN) + $(terraform) apply $(TF_CLI_ARGS) $(TFPLAN) @echo .PHONY: apply @@ -90,9 +89,9 @@ region: .PHONY: region import: - -$(terraform) import -provider=google $(TF_OPTS) google_dns_managed_zone.main $$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g') - -$(terraform) import -provider=google $(TF_OPTS) google_dns_managed_zone.internal i-$$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g') - -$(terraform) import -provider=google $(TF_OPTS) google_compute_network.gke_vpc $(TF_VAR_cluster_name)-vpc + -$(terraform) import -provider=google $(TF_CLI_ARGS) google_dns_managed_zone.main $$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g') + -$(terraform) import -provider=google $(TF_CLI_ARGS) google_dns_managed_zone.internal i-$$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g') + -$(terraform) import -provider=google $(TF_CLI_ARGS) google_compute_network.gke_vpc $(TF_VAR_cluster_name)-vpc .PHONY: import output: diff --git a/dns.tf b/dns.tf index 860f0a7..2c74517 100644 --- a/dns.tf +++ b/dns.tf @@ -1,58 +1,58 @@ data "google_dns_managed_zone" "base" { - name = "${replace(var.base_domain, ".", "-")}" - project = "${var.project}" + name = replace(var.base_domain, ".", "-") + project = var.project } resource "google_dns_managed_zone" "main" { - name = "${replace(var.domain, ".", "-")}" + name = replace(var.domain, ".", "-") dns_name = "${var.domain}." description = "${var.cluster_name} GKE Cluster DNS Zone" - project = "${var.project}" + project = var.project labels = { - foo = "${var.cluster_name}" + foo = var.cluster_name } } resource "google_dns_record_set" "parent" { name = "${var.domain}." - managed_zone = "${data.google_dns_managed_zone.base.name}" + managed_zone = data.google_dns_managed_zone.base.name type = "NS" ttl = 300 - rrdatas = ["${google_dns_managed_zone.main.name_servers}"] + rrdatas = google_dns_managed_zone.main.name_servers } resource "google_dns_managed_zone" "internal" { name = "i-${replace(var.domain, ".", "-")}" dns_name = "i.${var.domain}." description = "${var.cluster_name} GKE Cluster internal DNS Zone" - project = "${var.project}" + project = var.project visibility = "private" private_visibility_config { networks { - network_url = "${google_compute_network.gke_vpc.self_link}" + network_url = google_compute_network.gke_vpc.self_link } } labels = { - foo = "${var.cluster_name}" + foo = var.cluster_name } } resource "google_dns_record_set" "internal" { name = "i.${var.domain}." - managed_zone = "${google_dns_managed_zone.main.name}" + managed_zone = google_dns_managed_zone.main.name type = "NS" ttl = 300 - rrdatas = ["${google_dns_managed_zone.internal.name_servers}"] + rrdatas = google_dns_managed_zone.internal.name_servers } resource "google_dns_record_set" "api" { name = "api.${var.domain}." - managed_zone = "${google_dns_managed_zone.main.name}" + managed_zone = google_dns_managed_zone.main.name type = "A" ttl = 300 - rrdatas = ["${google_container_cluster.primary.endpoint}"] + rrdatas = [google_container_cluster.primary.endpoint] } diff --git a/k8s.tf b/k8s.tf index 009f789..33ee010 100644 --- a/k8s.tf +++ b/k8s.tf @@ -1,20 +1,21 @@ data "google_container_engine_versions" "latest" { - location = "${var.location}" + location = var.location + # Since this is just a string match, it's recommended that you append a . after minor versions # Details: https://www.terraform.io/docs/providers/google/d/google_container_engine_versions.html#version_prefix version_prefix = "${var.gke_kubernetes_version_prefix}." } resource "google_container_cluster" "primary" { - provider = "google-beta" + provider = google-beta - name = "${var.cluster_name}" - location = "${var.location}" - project = "${var.project}" - network = "${google_compute_network.gke_vpc.name}" + name = var.cluster_name + location = var.location + project = var.project + network = google_compute_network.gke_vpc.name remove_default_node_pool = true - min_master_version = "${data.google_container_engine_versions.latest.latest_node_version}" - node_version = "${data.google_container_engine_versions.latest.latest_node_version}" + min_master_version = data.google_container_engine_versions.latest.latest_node_version + node_version = data.google_container_engine_versions.latest.latest_node_version initial_node_count = 1 @@ -29,34 +30,34 @@ resource "google_container_cluster" "primary" { addons_config { istio_config { - disabled = "${var.addons_istio == "true" ? false : true}" + disabled = !var.addons_istio } } } resource "google_container_node_pool" "primary_nodes" { - name = "${var.cluster_name}" - location = "${var.location}" - cluster = "${google_container_cluster.primary.name}" + name = var.cluster_name + location = var.location + cluster = google_container_cluster.primary.name - initial_node_count = "${var.min_node_count}" - version = "${data.google_container_engine_versions.latest.latest_node_version}" + initial_node_count = var.min_node_count + version = data.google_container_engine_versions.latest.latest_node_version autoscaling { - min_node_count = "${var.min_node_count}" - max_node_count = "${var.max_node_count}" + min_node_count = var.min_node_count + max_node_count = var.max_node_count } node_config { - preemptible = "${var.preemptible}" - machine_type = "${var.node_machine_type}" - disk_size_gb = "${var.volume_size}" + preemptible = var.preemptible + machine_type = var.node_machine_type + disk_size_gb = var.volume_size - metadata { + metadata = { disable-legacy-endpoints = "true" } - oauth_scopes = "${var.asi_oauth_scopes}" + oauth_scopes = var.asi_oauth_scopes } timeouts { @@ -65,6 +66,8 @@ resource "google_container_node_pool" "primary_nodes" { } resource "local_file" "cluster_ca_certificate" { - content = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}" + content = base64decode( + google_container_cluster.primary.master_auth[0].cluster_ca_certificate, + ) filename = "${path.cwd}/.terraform/${var.domain}/cluster_ca_certificate.pem" } diff --git a/outputs.tf b/outputs.tf index 8c2bf23..951adfc 100644 --- a/outputs.tf +++ b/outputs.tf @@ -3,9 +3,9 @@ output "api_ca_crt" { } output "endpoint" { - value = "${google_container_cluster.primary.endpoint}" + value = google_container_cluster.primary.endpoint } output "network_name" { - value = "${google_compute_network.gke_vpc.name}" + value = google_compute_network.gke_vpc.name } diff --git a/providers.tf b/providers.tf index 67ae1db..38d29a7 100644 --- a/providers.tf +++ b/providers.tf @@ -1,16 +1,16 @@ terraform { - required_version = ">= 0.11.10" + required_version = ">= 0.12" backend "gcs" {} } provider "google" { - project = "${var.project}" - version = "2.20.1" + project = var.project + version = "3.42.0" } provider "google-beta" { - project = "${var.project}" - version = "2.20.1" + project = var.project + version = "3.42.0" } provider "local" { diff --git a/variables.tf b/variables.tf index ceadd69..69102ad 100644 --- a/variables.tf +++ b/variables.tf @@ -1,28 +1,55 @@ -variable "project" {} +variable "project" { + type = string +} -variable "location" {} +variable "location" { + type = string +} -variable "cluster_name" {} -variable "node_machine_type" {} -variable "min_node_count" {} -variable "max_node_count" {} -variable "domain" {} -variable "base_domain" {} -variable "preemptible" {} -variable "volume_size" {} +variable "cluster_name" { + type = string +} + +variable "node_machine_type" { + type = string +} + +variable "min_node_count" { + type = number +} + +variable "max_node_count" { + type = number +} + +variable "domain" { + type = string +} + +variable "base_domain" { + type = string +} + +variable "preemptible" { + type = bool + default = false +} + +variable "volume_size" { + type = number +} variable "addons_istio" { - type = "string" - default = "disabled" + type = bool + default = false } variable "asi_oauth_scopes" { - type = "list" + type = list(string) # https://developers.google.com/identity/protocols/googlescopes default = [ "https://www.googleapis.com/auth/cloud-platform", - # "https://www.googleapis.com/auth/cloud-platform.read-only", "https://www.googleapis.com/auth/bigquery", "https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/datastore", @@ -36,6 +63,6 @@ variable "asi_oauth_scopes" { } variable "gke_kubernetes_version_prefix" { - type = "string" + type = string default = "1.17" } diff --git a/vpc.tf b/vpc.tf index 169b3b6..fc999a2 100644 --- a/vpc.tf +++ b/vpc.tf @@ -1,5 +1,5 @@ resource "google_compute_network" "gke_vpc" { name = "${var.cluster_name}-vpc" - project = "${var.project}" + project = var.project auto_create_subnetworks = true }