Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat!: Use operator in deploying to google #73

Open
wants to merge 15 commits into
base: main
Choose a base branch
from
3 changes: 2 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ resources that lack official modules.
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
| <a name="requirement_google"></a> [google](#requirement\_google) | ~> 4.31 |
| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 2.10 |
| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.9 |

## Providers
Expand All @@ -75,13 +76,13 @@ No providers.
| <a name="module_app_gke"></a> [app\_gke](#module\_app\_gke) | ./modules/app_gke | n/a |
| <a name="module_app_lb"></a> [app\_lb](#module\_app\_lb) | ./modules/app_lb | n/a |
| <a name="module_database"></a> [database](#module\_database) | ./modules/database | n/a |
| <a name="module_gke_app"></a> [gke\_app](#module\_gke\_app) | wandb/wandb/kubernetes | 1.6.0 |
| <a name="module_kms"></a> [kms](#module\_kms) | ./modules/kms | n/a |
| <a name="module_networking"></a> [networking](#module\_networking) | ./modules/networking | n/a |
| <a name="module_project_factory_project_services"></a> [project\_factory\_project\_services](#module\_project\_factory\_project\_services) | terraform-google-modules/project-factory/google//modules/project_services | ~> 13.0 |
| <a name="module_redis"></a> [redis](#module\_redis) | ./modules/redis | n/a |
| <a name="module_service_accounts"></a> [service\_accounts](#module\_service\_accounts) | ./modules/service_accounts | n/a |
| <a name="module_storage"></a> [storage](#module\_storage) | ./modules/storage | n/a |
| <a name="module_wandb"></a> [wandb](#module\_wandb) | wandb/wandb/helm | 1.0.0 |

## Resources

Expand Down
10 changes: 9 additions & 1 deletion examples/public-dns-with-cloud-dns/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,14 @@ provider "kubernetes" {
token = data.google_client_config.current.access_token
}

provider "helm" {
kubernetes {
host = "https://${module.wandb.cluster_endpoint}"
cluster_ca_certificate = base64decode(module.wandb.cluster_ca_certificate)
token = data.google_client_config.current.access_token
}
}

# Spin up all required services
module "wandb" {
source = "../../"
Expand All @@ -32,7 +40,7 @@ module "wandb" {
wandb_version = var.wandb_version
wandb_image = var.wandb_image

create_redis = false
create_redis = true
use_internal_queue = true
force_ssl = var.force_ssl

Expand Down
71 changes: 71 additions & 0 deletions examples/use-exsisting-k8s/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
provider "google" {
project = var.project_id
region = var.region
zone = var.zone
}

provider "google-beta" {
project = var.project_id
region = var.region
zone = var.zone
}

data "google_client_config" "current" {}

data "google_container_cluster" "primary" {
name = var.cluster_name
location = var.cluster_location
project = var.project_id
}

provider "kubernetes" {
host = "https://${data.google_container_cluster.primary.endpoint}"
cluster_ca_certificate = base64decode(data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
token = data.google_client_config.current.access_token
}



# Spin up all required services
module "wandb" {
source = "../../"

namespace = var.namespace
license = var.license
domain_name = var.domain_name
subdomain = var.subdomain

gke_machine_type = var.gke_machine_type

wandb_version = var.wandb_version
wandb_image = var.wandb_image

network = var.network
subnetwork = var.subnetwork
allowed_inbound_cidr = var.allowed_inbound_cidr

create_redis = false
use_internal_queue = true
force_ssl = var.force_ssl

deletion_protection = false

database_sort_buffer_size = var.database_sort_buffer_size
database_machine_type = var.database_machine_type

disable_code_saving = var.disable_code_saving
}

# You'll want to update your DNS with the provisioned IP address

output "url" {
value = module.wandb.url
}

output "address" {
value = module.wandb.address
}

output "bucket_name" {
value = module.wandb.bucket_name
}
88 changes: 55 additions & 33 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -130,37 +130,59 @@ locals {
bucket_queue = var.use_internal_queue ? "internal://" : "pubsub:/${module.storage.0.bucket_queue_name}"
}

module "gke_app" {
source = "wandb/wandb/kubernetes"
version = "1.6.0"

license = var.license

host = local.url
bucket = "gs://${local.bucket}"
bucket_queue = local.bucket_queue
database_connection_string = module.database.connection_string
redis_connection_string = local.redis_connection_string
redis_ca_cert = local.redis_certificate

oidc_client_id = var.oidc_client_id
oidc_issuer = var.oidc_issuer
oidc_auth_method = var.oidc_auth_method
oidc_secret = var.oidc_secret
local_restore = var.local_restore
other_wandb_env = merge({
"GORILLA_DISABLE_CODE_SAVING" = var.disable_code_saving
}, var.other_wandb_env)

wandb_image = var.wandb_image
wandb_version = var.wandb_version

# If we dont wait, tf will start trying to deploy while the work group is
# still spinning up
depends_on = [
module.database,
module.redis,
module.storage,
module.app_gke
]
module "wandb" {
source = "wandb/wandb/helm"
version = "1.2.0"

spec = {
values = {
global = {
host = local.url

storage = { connectionString = "gs://${local.bucket}" }

mysql = {
name = module.database.database_name
user = module.database.username
password = module.database.password
database = module.database.database_name
host = module.database.private_ip_address
port = 3306
}

redis = var.create_redis ? {
password = module.redis.0.auth_string
host = module.redis.0.host
port = module.redis.0.port
caCert = module.redis.0.ca_cert
params = {
tls = true
ttlInSeconds = 604800
caCertPath = "/etc/ssl/certs/redis_ca.pem"
}
} : null
}

app = {
extraEnvs = {
"BUCKET_QUEUE" = local.bucket_queue
"GORILLA_DISABLE_CODE_SAVING" = tostring(var.disable_code_saving)
}
}

ingress = {
issuer = { create = true, type = "google" }
annotations = {
"kubernetes.io/ingress.global-static-ip-name" = module.app_lb.address_name
"kubernetes.io/ingress.class" = "gce"
}
}

redis = { install = false }
mysql = { install = false }
}
}

operator_chart_version = "1.1.0"
controller_image_tag = "1.8.9"
}
1 change: 0 additions & 1 deletion modules/app_gke/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ resource "google_container_cluster" "default" {
evaluation_mode = "PROJECT_SINGLETON_POLICY_ENFORCE"
}


ip_allocation_policy {
cluster_ipv4_cidr_block = "/14"
services_ipv4_cidr_block = "/19"
Expand Down
14 changes: 0 additions & 14 deletions modules/app_lb/http/main.tf

This file was deleted.

18 changes: 0 additions & 18 deletions modules/app_lb/http/variables.tf

This file was deleted.

38 changes: 0 additions & 38 deletions modules/app_lb/https/main.tf

This file was deleted.

18 changes: 0 additions & 18 deletions modules/app_lb/https/redirect.tf

This file was deleted.

22 changes: 0 additions & 22 deletions modules/app_lb/https/variables.tf

This file was deleted.

34 changes: 0 additions & 34 deletions modules/app_lb/main.tf
Original file line number Diff line number Diff line change
@@ -1,37 +1,3 @@
resource "google_compute_global_address" "default" {
name = "${var.namespace}-address"
}

# Create a URL map that points to the GKE service
module "url_map" {
source = "./url_map"
namespace = var.namespace
group = var.group
target_port = var.target_port
network = var.network
ip_address = google_compute_global_address.default.address
allowed_inbound_cidr = var.allowed_inbound_cidr
}

module "http" {
count = var.ssl ? 0 : 1

source = "./http"
namespace = var.namespace
url_map = module.url_map.app
ip_address = google_compute_global_address.default.address

labels = var.labels
}

module "https" {
count = var.ssl ? 1 : 0

source = "./https"
fqdn = var.fqdn
namespace = var.namespace
url_map = module.url_map.app
ip_address = google_compute_global_address.default.address

labels = var.labels
}
4 changes: 4 additions & 0 deletions modules/app_lb/outputs.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
output "address_name" {
value = google_compute_global_address.default.name
}

output "address" {
value = google_compute_global_address.default.address
}
Loading
Loading