Skip to content

Commit 6719829

Browse files
f0sself0ssel
committed
non-dynamic providers
1 parent ddbfc3e commit 6719829

File tree

9 files changed

+226
-116
lines changed

9 files changed

+226
-116
lines changed

scaletest/terraform/new/cf_dns.tf

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
resource "cloudflare_record" "coder" {
2+
zone_id = var.cloudflare_zone_id
3+
name = local.coder_subdomain
4+
content = google_compute_address.coder["primary"].address
5+
type = "A"
6+
ttl = 3600
7+
}

scaletest/terraform/new/gcp_cluster.tf

Lines changed: 32 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -4,35 +4,39 @@ data "google_compute_default_service_account" "default" {
44
}
55

66
locals {
7-
node_pools = flatten([ for i, deployment in var.deployments : [
8-
{
9-
name = "${var.name}-${deployment.name}-coder"
10-
zone = deployment.zone
11-
size = deployment.coder_node_pool_size
12-
cluster_i = i
13-
},
14-
{
15-
name = "${var.name}-${deployment.name}-workspaces"
16-
zone = deployment.zone
17-
size = deployment.workspaces_node_pool_size
18-
cluster_i = i
19-
},
20-
{
21-
name = "${var.name}-${deployment.name}-misc"
22-
zone = deployment.zone
23-
size = deployment.misc_node_pool_size
24-
cluster_i = i
7+
clusters = {
8+
primary = {
9+
region = "us-east1"
10+
zone = "us-east1-c"
11+
cidr = "10.200.0.0/24"
2512
}
26-
] ])
13+
}
14+
node_pools = {
15+
primary_coder = {
16+
name = "coder"
17+
cluster = "primary"
18+
size = 1
19+
}
20+
primary_workspaces = {
21+
name = "workspaces"
22+
cluster = "primary"
23+
size = 1
24+
}
25+
primary_misc = {
26+
name = "misc"
27+
cluster = "primary"
28+
size = 1
29+
}
30+
}
2731
}
2832

2933
resource "google_container_cluster" "cluster" {
30-
count = length(var.deployments)
31-
name = "${var.name}-${var.deployments[count.index].name}"
32-
location = var.deployments[count.index].zone
34+
for_each = local.clusters
35+
name = "${var.name}-${each.key}"
36+
location = each.value.zone
3337
project = var.project_id
3438
network = google_compute_network.vpc.name
35-
subnetwork = google_compute_subnetwork.subnet[count.index].name
39+
subnetwork = google_compute_subnetwork.subnet[each.key].name
3640
networking_mode = "VPC_NATIVE"
3741
default_max_pods_per_node = 256
3842
ip_allocation_policy { # Required with networking_mode=VPC_NATIVE
@@ -72,14 +76,14 @@ resource "google_container_cluster" "cluster" {
7276
}
7377

7478
resource "google_container_node_pool" "node_pool" {
75-
count = length(local.node_pools)
76-
name = local.node_pools[count.index].name
77-
location = local.node_pools[count.index].zone
79+
for_each = local.node_pools
80+
name = each.value.name
81+
location = local.clusters[each.value.cluster].zone
7882
project = var.project_id
79-
cluster = google_container_cluster.cluster[local.node_pools[count.index].cluster_i].name
83+
cluster = google_container_cluster.cluster[each.value.cluster].name
8084
autoscaling {
8185
min_node_count = 1
82-
max_node_count = local.node_pools[count.index].size
86+
max_node_count = each.value.size
8387
}
8488
node_config {
8589
oauth_scopes = [

scaletest/terraform/new/gcp_db.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
resource "google_sql_database_instance" "db" {
22
name = "${var.name}-coder"
33
project = var.project_id
4-
region = var.deployments[0].region
4+
region = local.clusters.primary.region
55
database_version = var.cloudsql_version
66
deletion_protection = false
77

@@ -13,7 +13,7 @@ resource "google_sql_database_instance" "db" {
1313
availability_type = "ZONAL"
1414

1515
location_preference {
16-
zone = var.deployments[0].zone
16+
zone = local.clusters.primary.zone
1717
}
1818

1919
database_flags {

scaletest/terraform/new/gcp_vpc.tf

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
12
resource "google_compute_network" "vpc" {
23
project = var.project_id
34
name = var.name
@@ -8,19 +9,19 @@ resource "google_compute_network" "vpc" {
89
}
910

1011
resource "google_compute_subnetwork" "subnet" {
11-
count = length(var.deployments)
12-
name = "${var.name}-${var.deployments[count.index].name}"
12+
for_each = local.clusters
13+
name = "${var.name}-${each.key}"
1314
project = var.project_id
14-
region = var.deployments[count.index].region
15+
region = each.value.region
1516
network = google_compute_network.vpc.name
16-
ip_cidr_range = var.deployments[count.index].subnet_cidr
17+
ip_cidr_range = each.value.cidr
1718
}
1819

1920
resource "google_compute_address" "coder" {
20-
count = length(var.deployments)
21+
for_each = local.clusters
2122
project = var.project_id
22-
region = var.deployments[count.index].region
23-
name = "${var.name}-${var.deployments[count.index].name}-coder"
23+
region = each.value.region
24+
name = "${var.name}-${each.key}-coder"
2425
address_type = "EXTERNAL"
2526
network_tier = "PREMIUM"
2627
}

scaletest/terraform/new/k8s_certmanager.tf

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ locals {
88
}
99

1010
resource "kubernetes_secret" "cloudflare-api-key" {
11+
provider = kubernetes.primary
12+
1113
metadata {
1214
name = "cloudflare-api-key-secret"
1315
namespace = local.cert_manager_namespace
@@ -18,12 +20,16 @@ resource "kubernetes_secret" "cloudflare-api-key" {
1820
}
1921

2022
resource "kubernetes_namespace" "cert-manager-namespace" {
23+
provider = kubernetes.primary
24+
2125
metadata {
2226
name = local.cert_manager_namespace
2327
}
2428
}
2529

2630
resource "helm_release" "cert-manager" {
31+
provider = helm.primary
32+
2733
repository = local.cert_manager_helm_repo
2834
chart = local.cert_manager_helm_chart
2935
name = local.cert_manager_release_name
@@ -35,6 +41,8 @@ EOF
3541
}
3642

3743
resource "kubectl_manifest" "cloudflare-cluster-issuer" {
44+
provider = kubectl.primary
45+
3846
depends_on = [ helm_release.cert-manager ]
3947
yaml_body = <<YAML
4048
apiVersion: cert-manager.io/v1

scaletest/terraform/new/k8s_coder.tf

Lines changed: 72 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,12 @@
11
data "google_client_config" "default" {}
22

33
locals {
4-
coder_url = "https://${var.name}-${var.deployments[0].name}-scaletest.${var.cloudflare_domain}"
4+
coder_subdomain = "${var.name}-primary-scaletest"
5+
coder_url = "https://${local.coder_subdomain}.${var.cloudflare_domain}"
56
coder_admin_email = "admin@coder.com"
7+
coder_admin_full_name = "Coder Admin"
68
coder_admin_user = "coder"
9+
coder_admin_password = "SomeSecurePassword!"
710
coder_helm_repo = "https://helm.coder.com/v2"
811
coder_helm_chart = "coder"
912
coder_namespace = "coder-${var.name}"
@@ -14,6 +17,8 @@ locals {
1417
}
1518

1619
resource "kubernetes_namespace" "coder_namespace" {
20+
provider = kubernetes.primary
21+
1722
metadata {
1823
name = local.coder_namespace
1924
}
@@ -41,6 +46,8 @@ resource "kubernetes_secret" "coder-db" {
4146
}
4247

4348
resource "kubernetes_secret" "provisionerd_psk" {
49+
provider = kubernetes.primary
50+
4451
type = "Opaque"
4552
metadata {
4653
name = "coder-provisioner-psk"
@@ -56,13 +63,16 @@ resource "kubernetes_secret" "provisionerd_psk" {
5663

5764
# OIDC secret needs to be manually provisioned for now.
5865
data "kubernetes_secret" "coder_oidc" {
66+
provider = kubernetes.primary
5967
metadata {
6068
namespace = kubernetes_namespace.coder_namespace.metadata.0.name
6169
name = "coder-oidc"
6270
}
6371
}
6472

6573
resource "kubectl_manifest" "coder_certificate" {
74+
provider = kubectl.primary
75+
6676
depends_on = [ helm_release.cert-manager ]
6777
yaml_body = <<YAML
6878
apiVersion: cert-manager.io/v1
@@ -81,6 +91,8 @@ YAML
8191
}
8292

8393
data "kubernetes_secret" "coder_tls" {
94+
provider = kubernetes.primary
95+
8496
metadata {
8597
namespace = kubernetes_namespace.coder_namespace.metadata.0.name
8698
name = "${var.name}-tls"
@@ -89,6 +101,8 @@ data "kubernetes_secret" "coder_tls" {
89101
}
90102

91103
resource "helm_release" "coder-chart" {
104+
provider = helm.primary
105+
92106
repository = local.coder_helm_repo
93107
chart = local.coder_helm_chart
94108
name = local.coder_release_name
@@ -103,7 +117,7 @@ coder:
103117
- matchExpressions:
104118
- key: "cloud.google.com/gke-nodepool"
105119
operator: "In"
106-
values: ["${google_container_node_pool.node_pool[0].name}"]
120+
values: ["${google_container_node_pool.node_pool["primary_coder"].name}"]
107121
podAntiAffinity:
108122
preferredDuringSchedulingIgnoredDuringExecution:
109123
- weight: 1
@@ -196,7 +210,7 @@ coder:
196210
service:
197211
enable: true
198212
sessionAffinity: None
199-
loadBalancerIP: "${google_compute_address.coder[0].address}"
213+
loadBalancerIP: "${google_compute_address.coder["primary"].address}"
200214
volumeMounts:
201215
- mountPath: "/tmp"
202216
name: cache
@@ -224,7 +238,7 @@ coder:
224238
- matchExpressions:
225239
- key: "cloud.google.com/gke-nodepool"
226240
operator: "In"
227-
values: ["${google_container_node_pool.node_pool[0].name}"]
241+
values: ["${google_container_node_pool.node_pool["primary_coder"].name}"]
228242
podAntiAffinity:
229243
preferredDuringSchedulingIgnoredDuringExecution:
230244
- weight: 1
@@ -278,3 +292,57 @@ coder:
278292
EOF
279293
]
280294
}
295+
296+
data "http" "coder_healthy" {
297+
url = "http://${local.coder_subdomain}.${var.cloudflare_domain}"
298+
// Wait up to 5 minutes for DNS to propogate
299+
retry {
300+
attempts = 30
301+
min_delay_ms = 10000
302+
}
303+
304+
lifecycle {
305+
postcondition {
306+
condition = self.status_code == 200
307+
error_message = "${self.url} returned an unhealthy status code"
308+
}
309+
}
310+
311+
depends_on = [ helm_release.coder-chart, cloudflare_record.coder ]
312+
}
313+
314+
resource "terraform_data" "proxy_tokens" {
315+
count = 1
316+
provisioner "local-exec" {
317+
interpreter = [ "/bin/bash", "-c" ]
318+
command = <<EOF
319+
curl 'http://${local.coder_subdomain}.${var.cloudflare_domain}/api/v2/users/first' \
320+
--data-raw $'{"email":"${local.coder_admin_email}","password":"${local.coder_admin_password}","username":"${local.coder_admin_user}","name":"${local.coder_admin_full_name}","trial":false}' \
321+
--insecure --silent --output /dev/null
322+
323+
token=$(curl 'http://${local.coder_subdomain}.${var.cloudflare_domain}/api/v2/users/login' \
324+
--data-raw $'{"email":"${local.coder_admin_email}","password":"${local.coder_admin_password}"}' \
325+
--insecure --silent | jq -r .session_token)
326+
327+
curl 'http://${local.coder_subdomain}.${var.cloudflare_domain}/api/v2/licenses' \
328+
-H "Coder-Session-Token: $${token}" \
329+
--data-raw '{"license":"${var.coder_license}"}' \
330+
--insecure --silent --output /dev/null
331+
332+
europe_token=$(curl 'http://${local.coder_subdomain}.${var.cloudflare_domain}/api/v2/workspaceproxies' \
333+
-H "Coder-Session-Token: $${token}" \
334+
--data-raw '{"name":"europe"}' \
335+
--insecure --silent | jq -r .proxy_token)
336+
337+
asia_token=$(curl 'http://${local.coder_subdomain}.${var.cloudflare_domain}/api/v2/workspaceproxies' \
338+
-H "Coder-Session-Token: $${token}" \
339+
--data-raw '{"name":"asia"}' \
340+
--insecure --silent | jq -r .proxy_token)
341+
342+
echo "{\"europe\": \"$${europe_token}\", \"asia\": \"$${asia_token}\"}"
343+
EOF
344+
}
345+
346+
depends_on = [ data.http.coder_healthy ]
347+
}
348+

0 commit comments

Comments
 (0)