Add helm terraform config

Deploying agones from default chart.
googleforgames · Apr 16, 2019 · 7827d0c · 7827d0c
1 parent 6d6524a
commit 7827d0c
Show file tree

Hide file tree

Showing 5 changed files with 308 additions and 8 deletions.
diff --git a/build/cluster.tf b/build/cluster.tf
@@ -13,10 +13,14 @@
 # limitations under the License.
 
 provider "google-beta" {
+  version = "~> 2.4"
   zone      = "${lookup(var.cluster, "zone")}"
 }
 
 
+provider "google" {
+  version = "~> 2.4"
+}
 # Password for the Kubernetes API.
 # Could be defined using GKE_PASSWORD env variable
 # or by setting `password="somepass"` string in build/terraform.tfvars
@@ -63,7 +67,7 @@ locals {
 # before creating the cluster to avoid 
 # unfinished configurations
 resource "null_resource" "check-password-length" {
-  count = "${length(var.password) >= 16 || length(var.password) == 0 ? 0 : 1}"
+  count = "${length(var.password) >= 16 ? 0 : 1}"
   "Password must be more than 16 chars in length" = true
 }
 
@@ -155,7 +159,7 @@ resource "google_container_cluster" "primary" {
 }
 
 resource "google_compute_firewall" "default" {
-  name    = "game-server-firewall-firewall"
+  name    = "game-server-firewall-firewall-${lookup(var.cluster, "name")}"
   project = "${lookup(var.cluster, "project")}"
   network = "${google_compute_network.default.name}"
 
@@ -169,7 +173,7 @@ resource "google_compute_firewall" "default" {
 
 resource "google_compute_network" "default" {
   project = "${lookup(var.cluster, "project")}"
-  name    = "agones-network"
+  name    = "agones-network-${lookup(var.cluster, "name")}"
 }
 
 

diff --git a/build/helm.tf b/build/helm.tf
@@ -0,0 +1,168 @@
+# Copyright 2019 Google LLC All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+resource "kubernetes_service_account" "tiller" {
+  metadata {
+    name      = "tiller"
+    namespace = "kube-system"
+  }
+  depends_on = ["google_container_cluster.primary"]
+
+  automount_service_account_token = true
+}
+
+resource "kubernetes_cluster_role_binding" "tiller" {
+  depends_on = ["kubernetes_service_account.tiller"]
+  metadata {
+    name = "tiller"
+  }
+
+  role_ref {
+    kind      = "ClusterRole"
+    name      = "cluster-admin"
+    api_group = "rbac.authorization.k8s.io"
+  }
+
+  subject {
+    kind = "ServiceAccount"
+    name = "tiller"
+
+    api_group = ""
+    namespace = "kube-system"
+  }
+}
+variable "chart" {
+  default = "../install/helm/agones/chart"
+}
+
+variable "agones_version" {
+  default = "0.9.0"
+}
+
+variable "crd_cleanup" {
+  default = "true"
+}
+variable "image_registry" {
+  default = "gcr.io/agones-images"
+}
+variable "pull_policy" {
+  default = "Always"
+}
+variable "always_pull_sidecar" {
+  default = "true"
+}
+variable "image_pull_secret" {
+  default = ""
+}
+variable "ping_service_type" {
+  default = "LoadBalancer"
+}
+
+variable "values_file" {
+  default = "$${file("../install/helm/agones/values.yaml")}"
+}
+data "google_client_config" "default" {}
+
+provider "kubernetes" {
+  version = "~> 1.5"
+  load_config_file       = false
+  host                   = "https://${google_container_cluster.primary.endpoint}"
+  token                  =  "${data.google_client_config.default.access_token}"
+  cluster_ca_certificate = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}"
+}
+
+provider "helm" {
+  version = "~> 0.7"
+
+  debug           = true
+  install_tiller  = true
+  service_account = "${kubernetes_service_account.tiller.metadata.0.name}"
+  tiller_image    = "gcr.io/kubernetes-helm/tiller:v2.12.3"
+
+  kubernetes {
+  load_config_file = false
+    host                   = "https://${google_container_cluster.primary.endpoint}"
+  token = "${data.google_client_config.default.access_token}"
+  cluster_ca_certificate = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}"
+  }
+}
+
+data "google_client_config" "current" {}
+
+data "helm_repository" "agones" {
+  depends_on = ["kubernetes_cluster_role_binding.tiller"]
+    name = "agones"
+    url  = "https://agones.dev/chart/stable"
+}
+
+resource "helm_release" "agones" {
+  depends_on = ["null_resource.helm_init", "kubernetes_cluster_role_binding.tiller"]
+  name  = "agones"
+  force_update = "true"
+  repository = "${data.helm_repository.agones.metadata.0.name}"
+  chart = "${var.chart}"
+  timeout = 180
+  values = [
+    "${var.values_file}"
+  ]
+
+  set {
+    name  = "crds.CleanupOnDelete"
+    value = "${var.crd_cleanup}"
+  }
+  set {
+    name = "agones.image.tag"
+    value = "${var.agones_version}"
+  }
+  set {
+    name  = "agones.image.registry"
+    value = "${var.image_registry}"
+  }
+  set {
+    name  = "agones.image.controller.pullPolicy"
+    value = "${var.pull_policy}"
+  }
+  set {
+    name  = "agones.image.sdk.alwaysPull"
+    value = "${var.always_pull_sidecar}"
+  }
+  set {
+    name  = "agones.image.controller.pullSecret"
+    value = "${var.image_pull_secret}"
+  }
+  set {
+    name  = " agones.ping.http.serviceType"
+    value = "${var.ping_service_type}"
+  }
+  set {
+    name  = "agones.ping.udp.serviceType"
+    value = "${var.ping_service_type}"
+  }
+  version = "${var.agones_version}"
+  namespace  = "agones-system"
+}
+
+provider "null" {
+  version = "~> 2.1"
+}
+
+# Creates folder with repositories so that helm provider would not fail
+resource "null_resource" "helm_init" {
+  triggers = {
+    always_run = "${timestamp()}"
+  }
+  provisioner "local-exec" {
+    command = "helm init --client-only"
+  }
+}
diff --git a/build/includes/google-cloud.mk b/build/includes/google-cloud.mk
@@ -33,7 +33,6 @@ gcloud-test-cluster: $(ensure-build-image)
 		--properties cluster.zone:$(GCP_CLUSTER_ZONE),cluster.name:$(GCP_CLUSTER_NAME),cluster.nodePool.initialNodeCount:$(GCP_CLUSTER_NODEPOOL_INITIALNODECOUNT),cluster.nodePool.machineType:$(GCP_CLUSTER_NODEPOOL_MACHINETYPE),cluster.legacyAbac:$(GCP_CLUSTER_LEGACYABAC)\
 		--template=$(mount_path)/build/gke-test-cluster/cluster.yml.jinja
 	$(MAKE) gcloud-auth-cluster
-	$(MAKE) setup-test-cluster
 
 clean-gcloud-test-cluster: $(ensure-build-image)
 	docker run --rm -it $(common_mounts) $(DOCKER_RUN_ARGS) $(build_tag) gcloud \
@@ -48,23 +47,47 @@ terraform-clean:
 	rm -r ./.terraform
 	rm ./terraform.tfstate*
 
-
+# Creates a cluster and install release version of Agones controller
+# Version could be specified by AGONES_VERSION
 gcloud-terraform-cluster: GCP_CLUSTER_LEGACYABAC ?= false
 gcloud-terraform-cluster: GCP_CLUSTER_NODEPOOL_INITIALNODECOUNT ?= 4
 gcloud-terraform-cluster: GCP_CLUSTER_NODEPOOL_MACHINETYPE ?= n1-standard-4
+gcloud-terraform-cluster: AGONES_VERSION ?= 0.9.0
 gcloud-terraform-cluster: $(ensure-build-image)
 gcloud-terraform-cluster:
 ifndef GCP_PROJECT
 	$(eval GCP_PROJECT=$(shell sh -c "gcloud config get-value project 2> /dev/null"))
 endif
-	$(DOCKER_RUN) bash -c 'export TF_VAR_password=$(GKE_PASSWORD) && \
-		cd $(mount_path)/build && terraform apply -auto-approve  \
+	$(DOCKER_RUN) bash -c 'export TF_VAR_agones_version=$(AGONES_VERSION) && \
+	    export TF_VAR_password=$(GKE_PASSWORD) && \
+		cd $(mount_path)/build && terraform apply -auto-approve -var values_file="" \
+		-var chart="agones" \
 	 	-var "cluster={name=\"$(GCP_CLUSTER_NAME)\", machineType=\"$(GCP_CLUSTER_NODEPOOL_MACHINETYPE)\", \
 		 zone=\"$(GCP_CLUSTER_ZONE)\", project=\"$(GCP_PROJECT)\", \
 		 initialNodeCount=\"$(GCP_CLUSTER_NODEPOOL_INITIALNODECOUNT)\", \
 		 legacyABAC=\"$(GCP_CLUSTER_LEGACYABAC)\"}"'
 	$(MAKE) gcloud-auth-cluster
-	$(MAKE) setup-test-cluster
+
+# Creates a cluster and install current version of Agones controller
+# Set all necessary variables as `make install` does
+gcloud-terraform-install: GCP_CLUSTER_LEGACYABAC ?= false
+gcloud-terraform-install: GCP_CLUSTER_NODEPOOL_INITIALNODECOUNT ?= 4
+gcloud-terraform-install: GCP_CLUSTER_NODEPOOL_MACHINETYPE ?= n1-standard-4
+gcloud-terraform-install:
+ifndef GCP_PROJECT
+	$(eval GCP_PROJECT=$(shell sh -c "gcloud config get-value project 2> /dev/null"))
+endif
+	$(DOCKER_RUN) bash -c 'export TF_VAR_password=$(GKE_PASSWORD) && \
+		cd $(mount_path)/build && terraform apply -auto-approve -var agones_version="$(VERSION)" -var image_registry="$(REGISTRY)" \
+		-var pull_policy="$(IMAGE_PULL_POLICY)" \
+		-var always_pull_sidecar="$(ALWAYS_PULL_SIDECAR)" \
+		-var image_pull_secret="$(IMAGE_PULL_SECRET)" \
+		-var ping_service_type="$(PING_SERVICE_TYPE)" \
+		-var crd_cleanup="$(CRD_CLEANUP)" \
+		-var "cluster={name=\"$(GCP_CLUSTER_NAME)\", machineType=\"$(GCP_CLUSTER_NODEPOOL_MACHINETYPE)\", \
+		 zone=\"$(GCP_CLUSTER_ZONE)\", project=\"$(GCP_PROJECT)\", \
+		 initialNodeCount=\"$(GCP_CLUSTER_NODEPOOL_INITIALNODECOUNT)\", \
+		 legacyABAC=\"$(GCP_CLUSTER_LEGACYABAC)\"}"'
 
 gcloud-terraform-destroy-cluster:
 	$(DOCKER_RUN) bash -c 'cd $(mount_path)/build && \

diff --git a/examples/terraform-submodule/module.tf b/examples/terraform-submodule/module.tf
@@ -0,0 +1,40 @@
+// Copyright 2019 Google LLC All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+// Run:
+//  terraform apply -var agones_version="0.9.0"
+variable "password" {
+   default= ""
+}
+variable "agones-version" {
+  default="0.9.0"
+}
+module "agones" {
+  #source = "git::https://github.com/GoogleCloudPlatform/agones.git//build/?ref=master"
+  source = "git::https://github.com/alekser/agones.git//build/?ref=feature/helm-terraform"
+
+  password     = "${var.password}"
+  cluster = {
+      "zone"             = "us-west1-c"
+      "name"             = "test-cluster"
+      "machineType"      = "n1-standard-4"
+      "initialNodeCount" = "4"
+      "legacyAbac"       = false
+      "project"          = "${var.project}"
+  }
+  agones_version = "${var.agones_version}"
+  values_file=""
+  chart="agones"
+}
diff --git a/site/content/en/docs/Installation/terraform.md b/site/content/en/docs/Installation/terraform.md
@@ -0,0 +1,65 @@
+---
+title: "Install Agones using Terraform"
+linkTitle: "Install with Terraform"
+weight: 4
+description: >
+  This chart install the Agones application and defines deployment on a [Kubernetes](http://kubernetes.io) cluster using the Terraform.
+
+---
+
+## Prerequisites
+
+- Terraform v0.11.13
+- [Helm](https://docs.helm.sh/helm/) package manager 2.10.0+
+- Access to Google Cloud Kubernetes Engine
+- `gcloud` utility installed
+- Git
+
+## Installing the Agones as Terraform submodule
+
+You can use Terraform to provision your GKE cluster and install agones on it using Helm Terraform provider.
+
+The example of submodule configuration could be found here:
+ {{< ghlink href="examples/terraform-submodule/module.tf" >}}Terraform configuration with Agones submodule{{< /ghlink >}}
+
+First you should run:
+```
+terraform init
+```
+
+It would use git to clone the current master of Agones, and use `./build` folder as starting point of Agones submodule, which contains all necessary Terraform configuration files.
+
+Next step you should make sure that you authenticate using gcloud:
+```
+gcloud auth application-default login
+```
+
+Now you are able to deploy properly configured GKE cluster and specify release version of Agones you want to use:
+```
+terraform apply -var password="1234567890123456" -var project="<YOUR_GCP_ProjectID>" -var agones_version="0.9.0"
+```
+
+Run next command to setup your kubectl:
+```
+gcloud container clusters get-credentials --zone us-west1-c  test-cluster
+```
+
+You would see:
+```
+Fetching cluster endpoint and auth data.
+kubeconfig entry generated for test-cluster.
+```
+
+Check that your has access to kubernetes cluster:
+```
+kubectl get nodes
+```
+
+Make sure you have 6 nodes in `Ready` state.
+
+## Uninstall the Agones and delete GKE cluster
+
+Run next command to delete all Terraform provisioned resources:
+```
+terraform destroy -var password="1234567890123456" -var project="<YOUR_GCP_ProjectID>" -var agones_version="0.9.0"
+```