Skip to content
Snippets Groups Projects
Commit 792de803 authored by João Alexandre Cunha's avatar João Alexandre Cunha
Browse files

Add fixes to docs, gke resource and CI

- Explain in docs how to customize resources
- Explain in docs how to set up the SA
- Fix CI with dollar sign for env var
- Fix gke.tf with google provider required header
- Make GKE default simpler regarding the location
parent 19bff854
No related branches found
No related tags found
No related merge requests found
......@@ -9,4 +9,4 @@ variables:
# TF_ROOT: terraform/production
before_script:
- export GOOGLE_CREDENTIALS=$(echo BASE64_GOOGLE_CREDENTIALS | base64 -d)
- export GOOGLE_CREDENTIALS=$(echo $BASE64_GOOGLE_CREDENTIALS | base64 -d)
......@@ -28,14 +28,19 @@ your group. It is advised that you create them through the UI and not inside the
them in your code.
- `GITLAB_TOKEN`: [GitLab personal access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) to add K8s clusters to your GitLab your group
- `BASE64_GOOGLE_CREDENTIALS`: You must create [GCP service account](https://cloud.google.com/docs/authentication/getting-started), with a json service account key. After downloading this json file, encode it with: `base64 /path/to/sa-key.json | tr -d \\n`. Copy this value and use it to create your CI environment variable.
- `BASE64_GOOGLE_CREDENTIALS`:
- You must create [GCP service account](https://cloud.google.com/docs/authentication/getting-started) with the following roles: `Compute Network Viewer`, `Kubernetes Engine Admin`, `Service Account User`.
- As described in the above link, also create a json service account key.
- After downloading the json file for the key, encode it with: `base64 /path/to/sa-key.json | tr -d \\n`. Copy this value and use it to create your CI environment variable.
## Other optional configuration
## Configure your deployment
In the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) you will find other ways to configure your cluster throught environment variables. Here's
a couple of suggestions:
Some defaults in this sample need to be configured to match your desired infrastructure.
| Variable Name | required | Description |
| ------ | ------ | ------ |
| GOOGLE_PROJECT | optional | The default name of the GCP project. See the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) |
| GOOGLE_REGION | optional | The default region of your desired cluster. See the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) |
- In the [`gke.tf`](gke.tf) file.
- **(required)** Override the GCP `project` name under the [`gke.tf`](gke.rf) file.
- **(optional)** Choose also the `region` and `zone` that you would like to deploy your cluster to.
- In the [`group_cluster.tf`](group_cluster.tf) file.
- **(required)** Override the full_path to point to your GitLab desired group name.
You can refer to the [GitLab Terraform provider](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs) and the [Google Terraform provider](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) for further resource options.
// Configure the Google Cloud resources
provider "google" {
project = "gcp-project" // Override to use your GCP project
region = "us-central1" // Override to use your preferred regtion
zone = "us-central1-c" // Override to use your preferred zone
}
resource "google_container_cluster" "primary" {
name = "iac-demo-gke"
location = "us-west1-a"
name = "iac-demo-gke" // Override to your preferred cluster name
remove_default_node_pool = true
initial_node_count = 1
min_master_version = "1.19"
......@@ -9,7 +14,6 @@ resource "google_container_cluster" "primary" {
resource "google_container_node_pool" "primary_preemptible_nodes" {
name = "my-node-pool"
location = "us-west1-a"
cluster = google_container_cluster.primary.name
node_count = 3
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment