From 71174dc857388ad7f1f475ead614c72909df7d3a Mon Sep 17 00:00:00 2001 From: Nandaja Varma Date: Fri, 9 Sep 2022 05:10:38 +0000 Subject: [PATCH] [terraform] Add k3s setup for tests Co-authored-by: Adrien Thebo --- install/infra/modules/k3s/output.tf | 21 ++- install/infra/single-cluster/k3s/Makefile | 123 ++++++++++++++++++ install/infra/single-cluster/k3s/cluster.tf | 16 +++ install/infra/single-cluster/k3s/local.tf | 3 + install/infra/single-cluster/k3s/main.tf | 20 +++ install/infra/single-cluster/k3s/output.tf | 22 ++++ .../infra/single-cluster/k3s/terraform.tfvars | 16 +++ install/infra/single-cluster/k3s/tools.tf | 19 +++ install/infra/single-cluster/k3s/variables.tf | 48 +++++++ 9 files changed, 287 insertions(+), 1 deletion(-) create mode 100644 install/infra/single-cluster/k3s/Makefile create mode 100644 install/infra/single-cluster/k3s/cluster.tf create mode 100644 install/infra/single-cluster/k3s/local.tf create mode 100644 install/infra/single-cluster/k3s/main.tf create mode 100644 install/infra/single-cluster/k3s/output.tf create mode 100644 install/infra/single-cluster/k3s/terraform.tfvars create mode 100644 install/infra/single-cluster/k3s/tools.tf create mode 100644 install/infra/single-cluster/k3s/variables.tf diff --git a/install/infra/modules/k3s/output.tf b/install/infra/modules/k3s/output.tf index ce026272a23897..c60c23b233cbfe 100644 --- a/install/infra/modules/k3s/output.tf +++ b/install/infra/modules/k3s/output.tf @@ -4,6 +4,25 @@ output "database" { instance = "${var.gcp_project}:${var.gcp_region}:${google_sql_database_instance.gitpod.name}" username = "${google_sql_user.users.name}" password = random_password.password.result - service_account_key = "Upload the JSON file corresponding the service account credentials" + service_account_key_path = var.credentials }, "No database created") } + +output "registry" { + sensitive = true + value = try({ + url = "gcr.io/${var.gcp_project}" + server = "gcr.io" + username = "_json_key" + password_file_path = var.credentials + }, "No container registry created") +} + +output "storage" { + sensitive = true + value = try({ + region = var.gcp_region + project = var.gcp_project + service_account_key_path = var.credentials + }, "No GCS bucket created for object storage") +} diff --git a/install/infra/single-cluster/k3s/Makefile b/install/infra/single-cluster/k3s/Makefile new file mode 100644 index 00000000000000..d3481f13881a1d --- /dev/null +++ b/install/infra/single-cluster/k3s/Makefile @@ -0,0 +1,123 @@ +## +# Terraform AWS reference architecture +# + +.PHONY: init +init: + @terraform init + +touch-kubeconfig: + @touch kubeconfig + +cleanup-kubeconfig: + @rm kubeconfig + +.PHONY: plan +plan: touch-kubeconfig plan-cluster plan-cm-edns cleanup-kubeconfig + +.PHONY: apply +apply: apply-cluster apply-tools + +.PHONY: destroy +destroy: destroy-tools destroy-cluster + +.PHONY: refresh +refresh: + @echo "Refreshing terraform state" + @terraform refresh + @echo "" + @echo "Done!" + +.PHONY: output +output: refresh output-done-msg output-url output-registry output-database output-storage output-issuer + +output-done-msg: + @echo "" + @echo "" + @echo "==========================" + @echo "๐ŸŽ‰๐Ÿฅณ๐Ÿ”ฅ๐Ÿงก๐Ÿš€" + @echo "Your cloud infrastructure is ready to install Gitpod. Please visit" + @echo "https://www.gitpod.io/docs/self-hosted/latest/getting-started#step-4-install-gitpod" + @echo "for your next steps." + @echo "=================" + @echo "Config Parameters" + @echo "=================" + +output-url: + @echo "" + @echo "Gitpod domain name:" + @echo "=================" + @terraform output -json url | jq + +output-storage: + @echo "" + @echo "Object storage:" + @echo "==============" + @terraform output -json storage | jq + +output-registry: + @echo "" + @echo "GCR registry:" + @echo "==================" + @terraform output -json registry | jq + +output-database: + @echo "" + @echo "Database:" + @echo "========" + @echo "Tick the option 'Use Google Cloud SQL Proxy' if using this database" + @terraform output -json database | jq + @echo "" + +output-issuer: + @echo "" + @echo "ClusterIssuer name:" + @echo "=================" + @terraform output -json cluster_issuer | jq + +.PHONY: plan-cluster +plan-cluster: + @terraform plan -target=module.k3s + +.PHONY: plan-tools +plan-tools: plan-cm-edns plan-cluster-issuer + +.PHONY: plan-cm-edns +plan-cm-edns: + @terraform plan -target=module.certmanager -target=module.externaldns + +.PHONY: plan-cluster-issuer +plan-cluster-issuer: + @terraform plan -target=module.cluster-issuer + +.PHONY: apply-cluster +apply-cluster: + @terraform apply -target=module.k3s --auto-approve + +.PHONY: apply-tools +apply-tools: install-cm-edns install-cluster-issuer + +.PHONY: install-cm-edns +install-cm-edns: + @terraform apply -target=module.certmanager -target=module.externaldns --auto-approve + +.PHONY: install-cluster-issuer +install-cluster-issuer: + @terraform apply -target=module.cluster-issuer --auto-approve + +.PHONY: destroy-cluster +destroy-cluster: + @terraform destroy -target=module.k3s --auto-approve + +.PHONY: destroy-tools +destroy-tools: destroy-cluster-issuer destroy-cm-edns + +.PHONY: destroy-cm-edns +destroy-cm-edns: + @terraform destroy -target=module.certmanager -target=module.externaldns --auto-approve + +.PHONY: destroy-cluster-issuer +destroy-cluster-issuer: + @terraform destroy -target=module.cluster-issuer --auto-approve || echo "Could not remove cluster-issuer" + +# end diff --git a/install/infra/single-cluster/k3s/cluster.tf b/install/infra/single-cluster/k3s/cluster.tf new file mode 100644 index 00000000000000..91ff3429e4dfb2 --- /dev/null +++ b/install/infra/single-cluster/k3s/cluster.tf @@ -0,0 +1,16 @@ +module "k3s" { + source = "../../modules/k3s" + + name = var.name + gcp_project = var.project + gcp_region = var.region + gcp_zone = var.zone + credentials = var.credentials_path + kubeconfig = var.kubeconfig + dns_sa_creds = var.credentials_path + dns_project = var.project + managed_dns_zone = var.managed_dns_zone + domain_name = var.domain_name + cluster_version = var.cluster_version + image_id = var.image_id +} diff --git a/install/infra/single-cluster/k3s/local.tf b/install/infra/single-cluster/k3s/local.tf new file mode 100644 index 00000000000000..7b7b66d5b4711d --- /dev/null +++ b/install/infra/single-cluster/k3s/local.tf @@ -0,0 +1,3 @@ +locals { + credentials = "${file(var.credentials_path)}" +} diff --git a/install/infra/single-cluster/k3s/main.tf b/install/infra/single-cluster/k3s/main.tf new file mode 100644 index 00000000000000..98833f0f4143f6 --- /dev/null +++ b/install/infra/single-cluster/k3s/main.tf @@ -0,0 +1,20 @@ +terraform { + backend "gcs" { + bucket = "gitpod-tf" + prefix = "k3s/terraform.state" + } + + required_providers { + google = { + source = "hashicorp/google" + } + + kubernetes = { + source = "hashicorp/kubernetes" + } + + helm = { + source = "hashicorp/helm" + } + } +} diff --git a/install/infra/single-cluster/k3s/output.tf b/install/infra/single-cluster/k3s/output.tf new file mode 100644 index 00000000000000..88ba92e2ab5048 --- /dev/null +++ b/install/infra/single-cluster/k3s/output.tf @@ -0,0 +1,22 @@ +output "database" { + sensitive = true + value = module.k3s.database +} + +output "registry" { + sensitive = true + value = module.k3s.registry +} + +output "storage" { + sensitive = true + value = module.k3s.storage +} + +output "url" { + value = var.domain_name +} + +output "cluster_issuer" { + value = module.cluster-issuer.cluster_issuer +} diff --git a/install/infra/single-cluster/k3s/terraform.tfvars b/install/infra/single-cluster/k3s/terraform.tfvars new file mode 100644 index 00000000000000..bb26b3412ef5fc --- /dev/null +++ b/install/infra/single-cluster/k3s/terraform.tfvars @@ -0,0 +1,16 @@ +name = "gitpod" + +domain_name = + +region = "europe-west1" +zone = "europe-west1-b" +project = +credentials_path = "key.json" + +cluster_version = "v1.22.12+k3s1" + +image_id = "ubuntu-2204-jammy-v20220712a" + +kubeconfig = "./kubeconfig" + +managed_dns_zone = diff --git a/install/infra/single-cluster/k3s/tools.tf b/install/infra/single-cluster/k3s/tools.tf new file mode 100644 index 00000000000000..02d49eda867e0e --- /dev/null +++ b/install/infra/single-cluster/k3s/tools.tf @@ -0,0 +1,19 @@ +module "certmanager" { + source = "../../modules/tools/cert-manager" + + kubeconfig = var.kubeconfig +} + +module "cluster-issuer" { + source = "../../modules/tools/issuer" + kubeconfig = var.kubeconfig + gcp_credentials = local.credentials + issuer_name = "cloudDNS" + cert_manager_issuer = { + project = var.project + serviceAccountSecretRef = { + name = "clouddns-dns01-solver" + key = "keys.json" + } + } +} diff --git a/install/infra/single-cluster/k3s/variables.tf b/install/infra/single-cluster/k3s/variables.tf new file mode 100644 index 00000000000000..3fbd7c042bf6d5 --- /dev/null +++ b/install/infra/single-cluster/k3s/variables.tf @@ -0,0 +1,48 @@ +variable "kubeconfig" { + description = "The KUBECONFIG file path to store the resulting KUBECONFIG file to" + default = "./kubeconfig" +} + +variable "project" { + description = "Google cloud Region to perform operations in" +} + +variable "region" { + description = "Google cloud Region to perform operations in" + default = "europe-west1" +} + +variable "zone" { + description = "Google cloud Zone to perform operations in" + default = "europe-west1-b" +} + +variable "credentials_path" { + description = "Path to the JSON file storing Google service account credentials" + default = "" +} + +variable "name" { + description = "Prefix name for the nodes and firewall" + default = "k3s" +} + +variable "image_id" { + description = "Node image ID to be used to provision EC2 instances" + default = "ubuntu-2004-focal-v20220419" +} + +variable "cluster_version" { + description = "Kubernetes version to use to provision the cluster" + default = "v1.22.12+k3s1" +} + +variable "domain_name" { + description = "Domain name to add to add DNS map to" + default = null +} + +variable "managed_dns_zone" { + description = "The Cloud DNS managed zone where Gitpod A records will be created" + default = null +}