Initial commit

terraform/README.md

@@ -0,0 +1,97 @@
+<!-- Copyright 2022 Google LLC
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License. -->
+
+# Use Terraform to deploy Online Boutique on a GKE cluster
+
+This page walks you through the steps required to deploy the [Online Boutique](https://github.com/GoogleCloudPlatform/microservices-demo) sample application on a [Google Kubernetes Engine (GKE)](https://cloud.google.com/kubernetes-engine) cluster using Terraform.
+
+## Prerequisites
+
+1. [Create a new project or use an existing project](https://cloud.google.com/resource-manager/docs/creating-managing-projects#console) on Google Cloud, and ensure [billing is enabled](https://cloud.google.com/billing/docs/how-to/verify-billing-enabled) on the project.
+
+## Deploy the sample application
+
+1. Clone the Github repository.
+
+    ```bash
+    git clone https://github.com/GoogleCloudPlatform/microservices-demo.git
+    ```
+
+1. Move into the `terraform/` directory which contains the Terraform installation scripts.
+
+    ```bash
+    cd microservices-demo/terraform
+    ```
+
+1. Open the `terraform.tfvars` file and replace `<project_id_here>` with the [GCP Project ID](https://cloud.google.com/resource-manager/docs/creating-managing-projects?hl=en#identifying_projects) for the `gcp_project_id` variable.
+
+1. (Optional) If you want to provision a [Google Cloud Memorystore (Redis)](https://cloud.google.com/memorystore) instance, you can change the value of `memorystore = false` to `memorystore = true` in this `terraform.tfvars` file.
+
+1. Initialize Terraform.
+
+    ```bash
+    terraform init
+    ```
+
+1. See what resources will be created.
+
+    ```bash
+    terraform plan
+    ```
+
+1. Create the resources and deploy the sample.
+
+    ```bash
+    terraform apply
+    ```
+
+    1. If there is a confirmation prompt, type `yes` and hit Enter/Return.
+
+    Note: This step can take about 10 minutes. Do not interrupt the process.
+
+Once the Terraform script has finished, you can locate the frontend's external IP address to access the sample application.
+
+- Option 1:
+
+    ```bash
+    kubectl get service frontend-external | awk '{print $4}'
+    ```
+
+- Option 2: On Google Cloud Console, navigate to "Kubernetes Engine" and then "Services & Ingress" to locate the Endpoint associated with "frontend-external".
+
+## Clean up
+
+To avoid incurring charges to your Google Cloud account for the resources used in this sample application, either delete the project that contains the resources, or keep the project and delete the individual resources.
+
+To remove the individual resources created for by Terraform without deleting the project:
+
+1. Navigate to the `terraform/` directory.
+
+1. Set `deletion_protection` to `false` for the `google_container_cluster` resource (GKE cluster).
+
+   ```bash
+   # Uncomment the line: "deletion_protection = false"
+   sed -i "s/# deletion_protection/deletion_protection/g" main.tf
+
+   # Re-apply the Terraform to update the state
+   terraform apply
+   ```
+
+1. Run the following command:
+
+   ```bash
+   terraform destroy
+   ```
+
+   1. If there is a confirmation prompt, type `yes` and hit Enter/Return.

terraform/main.tf

@@ -0,0 +1,100 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Definition of local variables
+locals {
+  base_apis = [
+    "container.googleapis.com",
+    "monitoring.googleapis.com",
+    "cloudtrace.googleapis.com",
+    "cloudprofiler.googleapis.com"
+  ]
+  memorystore_apis = ["redis.googleapis.com"]
+  cluster_name     = google_container_cluster.my_cluster.name
+}
+
+# Enable Google Cloud APIs
+module "enable_google_apis" {
+  source  = "terraform-google-modules/project-factory/google//modules/project_services"
+  version = "~> 18.0"
+
+  project_id                  = var.gcp_project_id
+  disable_services_on_destroy = false
+
+  # activate_apis is the set of base_apis and the APIs required by user-configured deployment options
+  activate_apis = concat(local.base_apis, var.memorystore ? local.memorystore_apis : [])
+}
+
+# Create GKE cluster
+resource "google_container_cluster" "my_cluster" {
+
+  name     = var.name
+  location = var.region
+
+  # Enable autopilot for this cluster
+  enable_autopilot = true
+
+  # Set an empty ip_allocation_policy to allow autopilot cluster to spin up correctly
+  ip_allocation_policy {
+  }
+
+  # Avoid setting deletion_protection to false
+  # until you're ready (and certain you want) to destroy the cluster.
+  # deletion_protection = false
+
+  depends_on = [
+    module.enable_google_apis
+  ]
+}
+
+# Get credentials for cluster
+module "gcloud" {
+  source  = "terraform-google-modules/gcloud/google"
+  version = "~> 4.0"
+
+  platform              = "linux"
+  additional_components = ["kubectl", "beta"]
+
+  create_cmd_entrypoint = "gcloud"
+  # Module does not support explicit dependency
+  # Enforce implicit dependency through use of local variable
+  create_cmd_body = "container clusters get-credentials ${local.cluster_name} --zone=${var.region} --project=${var.gcp_project_id}"
+}
+
+# Apply YAML kubernetes-manifest configurations
+resource "null_resource" "apply_deployment" {
+  provisioner "local-exec" {
+    interpreter = ["bash", "-exc"]
+    command     = "kubectl apply -k ${var.filepath_manifest} -n ${var.namespace}"
+  }
+
+  depends_on = [
+    module.gcloud
+  ]
+}
+
+# Wait condition for all Pods to be ready before finishing
+resource "null_resource" "wait_conditions" {
+  provisioner "local-exec" {
+    interpreter = ["bash", "-exc"]
+    command     = <<-EOT
+    kubectl wait --for=condition=AVAILABLE apiservice/v1beta1.metrics.k8s.io --timeout=180s
+    kubectl wait --for=condition=ready pods --all -n ${var.namespace} --timeout=280s
+    EOT
+  }
+
+  depends_on = [
+    resource.null_resource.apply_deployment
+  ]
+}

terraform/memorystore.tf

@@ -0,0 +1,47 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Create the Memorystore (redis) instance
+resource "google_redis_instance" "redis-cart" {
+  name           = "redis-cart"
+  memory_size_gb = 1
+  region         = var.region
+
+  # count specifies the number of instances to create;
+  # if var.memorystore is true then the resource is enabled
+  count          = var.memorystore ? 1 : 0
+
+  redis_version  = "REDIS_7_0"
+  project        = var.gcp_project_id
+
+  depends_on = [
+    module.enable_google_apis
+  ]
+}
+
+# Edit contents of Memorystore kustomization.yaml file to target new Memorystore (redis) instance
+resource "null_resource" "kustomization-update" {
+  provisioner "local-exec" {
+    interpreter = ["bash", "-exc"]
+    command     = "sed -i \"s/REDIS_CONNECTION_STRING/${google_redis_instance.redis-cart[0].host}:${google_redis_instance.redis-cart[0].port}/g\" ../kustomize/components/memorystore/kustomization.yaml"
+  }
+
+  # count specifies the number of instances to create;
+  # if var.memorystore is true then the resource is enabled
+  count          = var.memorystore ? 1 : 0
+
+  depends_on = [
+    resource.google_redis_instance.redis-cart
+  ]
+}

terraform/output.tf

@@ -0,0 +1,23 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+output "cluster_location" {
+  description = "Location of the cluster"
+  value       = resource.google_container_cluster.my_cluster.location
+}
+
+output "cluster_name" {
+  description = "Name of the cluster"
+  value       = resource.google_container_cluster.my_cluster.name
+}

terraform/providers.tf

@@ -0,0 +1,27 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "7.16.0"
+    }
+  }
+}
+
+provider "google" {
+  project = var.gcp_project_id
+  region  = var.region
+}

terraform/variables.tf

@@ -0,0 +1,47 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+variable "gcp_project_id" {
+  type        = string
+  description = "The GCP project ID to apply this config to"
+}
+
+variable "name" {
+  type        = string
+  description = "Name given to the new GKE cluster"
+  default     = "online-boutique"
+}
+
+variable "region" {
+  type        = string
+  description = "Region of the new GKE cluster"
+  default     = "us-central1"
+}
+
+variable "namespace" {
+  type        = string
+  description = "Kubernetes Namespace in which the Online Boutique resources are to be deployed"
+  default     = "default"
+}
+
+variable "filepath_manifest" {
+  type        = string
+  description = "Path to Online Boutique's Kubernetes resources, written using Kustomize"
+  default     = "../kustomize/"
+}
+
+variable "memorystore" {
+  type        = bool
+  description = "If true, Online Boutique's in-cluster Redis cache will be replaced with a Google Cloud Memorystore Redis cache"
+}