From ba063178361db71731e3f9ba8292848255303643 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Fri, 16 Aug 2019 16:52:06 +0100 Subject: feat(infra/gcp): Add Terraform configuration for GKE & friends Sets up Terraform itself, a GKE cluster, a storage bucket and all the other little things required to get the basics running. --- infra/gcp/default.tf | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 infra/gcp/default.tf (limited to 'infra/gcp/default.tf') diff --git a/infra/gcp/default.tf b/infra/gcp/default.tf new file mode 100644 index 000000000000..8174dc25157b --- /dev/null +++ b/infra/gcp/default.tf @@ -0,0 +1,87 @@ +# Terraform configuration for the GCP project 'tazjins-infrastructure' + +provider "google" { + project = "tazjins-infrastructure" + region = "europe-north1" +} + +# Configure a storage bucket in which to keep Terraform state and +# other data, such as Nixery's layers. +resource "google_storage_bucket" "tazjins-data" { + name = "tazjins-data" + location = "EU" +} + +terraform { + backend "gcs" { + bucket = "tazjins-data" + prefix = "terraform" + } +} + +# Configure enabled APIs +resource "google_project_services" "primary" { + project = "tazjins-infrastructure" + services = [ + "bigquery-json.googleapis.com", + "bigquerystorage.googleapis.com", + "cloudapis.googleapis.com", + "clouddebugger.googleapis.com", + "cloudtrace.googleapis.com", + "datastore.googleapis.com", + "logging.googleapis.com", + "monitoring.googleapis.com", + "servicemanagement.googleapis.com", + "serviceusage.googleapis.com", + "sql-component.googleapis.com", + "storage-api.googleapis.com", + "storage-component.googleapis.com", + "container.googleapis.com", + "iam.googleapis.com", + "compute.googleapis.com", + "iamcredentials.googleapis.com", + "oslogin.googleapis.com", + "pubsub.googleapis.com", + "containerregistry.googleapis.com", + "sourcerepo.googleapis.com", + ] +} + + +# Configure the main Kubernetes cluster in which services are deployed +resource "google_container_cluster" "primary" { + name = "tazjin-cluster" + location = "europe-north1" + + remove_default_node_pool = true + initial_node_count = 1 +} + +resource "google_container_node_pool" "primary_nodes" { + name = "primary-nodes" + location = "europe-north1" + cluster = google_container_cluster.primary.name + node_count = 1 + + node_config { + preemptible = true + machine_type = "n1-standard-2" + + oauth_scopes = [ + "storage-rw", + "logging-write", + "monitoring", + ] + } +} + +# Configure a service account for which GCS URL signing keys can be created. +resource "google_service_account" "nixery" { + account_id = "nixery" + display_name = "Nixery service account" +} + +# Configure a git repository in which to store my monorepo +resource "google_sourcerepo_repository" "monorepo" { + name = "monorepo" +} -- cgit 1.4.1