diff options
author | Vincent Ambo <tazjin@google.com> | 2019-08-16T15·52+0100 |
---|---|---|
committer | Vincent Ambo <tazjin@google.com> | 2019-08-16T15·52+0100 |
commit | ba063178361db71731e3f9ba8292848255303643 (patch) | |
tree | 279c49664ad97c40ea79a9ac6c8a450c41eab61a | |
parent | 27036e18f5b8aa9c15da52dfd6906670977f4183 (diff) |
feat(infra/gcp): Add Terraform configuration for GKE & friends r/35
Sets up Terraform itself, a GKE cluster, a storage bucket and all the other little things required to get the basics running.
-rw-r--r-- | infra/gcp/.gitignore | 3 | ||||
-rw-r--r-- | infra/gcp/default.tf | 87 |
2 files changed, 90 insertions, 0 deletions
diff --git a/infra/gcp/.gitignore b/infra/gcp/.gitignore new file mode 100644 index 000000000000..96c7538dda8a --- /dev/null +++ b/infra/gcp/.gitignore @@ -0,0 +1,3 @@ +.terraform +*.tfstate +*.tfstate.backup diff --git a/infra/gcp/default.tf b/infra/gcp/default.tf new file mode 100644 index 000000000000..8174dc25157b --- /dev/null +++ b/infra/gcp/default.tf @@ -0,0 +1,87 @@ +# Terraform configuration for the GCP project 'tazjins-infrastructure' + +provider "google" { + project = "tazjins-infrastructure" + region = "europe-north1" +} + +# Configure a storage bucket in which to keep Terraform state and +# other data, such as Nixery's layers. +resource "google_storage_bucket" "tazjins-data" { + name = "tazjins-data" + location = "EU" +} + +terraform { + backend "gcs" { + bucket = "tazjins-data" + prefix = "terraform" + } +} + +# Configure enabled APIs +resource "google_project_services" "primary" { + project = "tazjins-infrastructure" + services = [ + "bigquery-json.googleapis.com", + "bigquerystorage.googleapis.com", + "cloudapis.googleapis.com", + "clouddebugger.googleapis.com", + "cloudtrace.googleapis.com", + "datastore.googleapis.com", + "logging.googleapis.com", + "monitoring.googleapis.com", + "servicemanagement.googleapis.com", + "serviceusage.googleapis.com", + "sql-component.googleapis.com", + "storage-api.googleapis.com", + "storage-component.googleapis.com", + "container.googleapis.com", + "iam.googleapis.com", + "compute.googleapis.com", + "iamcredentials.googleapis.com", + "oslogin.googleapis.com", + "pubsub.googleapis.com", + "containerregistry.googleapis.com", + "sourcerepo.googleapis.com", + ] +} + + +# Configure the main Kubernetes cluster in which services are deployed +resource "google_container_cluster" "primary" { + name = "tazjin-cluster" + location = "europe-north1" + + remove_default_node_pool = true + initial_node_count = 1 +} + +resource "google_container_node_pool" "primary_nodes" { + name = "primary-nodes" + location = "europe-north1" + cluster = google_container_cluster.primary.name + node_count = 1 + + node_config { + preemptible = true + machine_type = "n1-standard-2" + + oauth_scopes = [ + "storage-rw", + "logging-write", + "monitoring", + ] + } +} + +# Configure a service account for which GCS URL signing keys can be created. +resource "google_service_account" "nixery" { + account_id = "nixery" + display_name = "Nixery service account" +} + +# Configure a git repository in which to store my monorepo +resource "google_sourcerepo_repository" "monorepo" { + name = "monorepo" +} |