From fa4c0411348c2c9ed874734fd124d753b757354e Mon Sep 17 00:00:00 2001 From: Simone Rodigari Date: Thu, 6 Feb 2025 18:50:39 +0000 Subject: [PATCH] test(mc): Multi-Cloud multi-cluster single Grafana --- .../examples/grafana/.terraform.lock.hcl | 30 ++++++++ test/multicloud/examples/grafana/main.tf | 9 +++ test/multicloud/examples/grafana/providers.tf | 15 ++++ test/multicloud/examples/grafana/variables.tf | 4 ++ .../live/retina-aks/.terraform.lock.hcl | 50 ++++++++++++- test/multicloud/live/retina-aks/locals.tf | 65 +++++++++++++++++ test/multicloud/live/retina-aks/main.tf | 54 ++++++++++---- test/multicloud/live/retina-aks/outputs.tf | 20 +----- test/multicloud/live/retina-aks/providers.tf | 21 ++++++ test/multicloud/live/retina-aks/variables.tf | 71 +------------------ .../live/retina-gke/.terraform.lock.hcl | 50 ++++++++++++- test/multicloud/live/retina-gke/locals.tf | 44 ++++++++++++ test/multicloud/live/retina-gke/main.tf | 52 +++++++++++--- test/multicloud/live/retina-gke/providers.tf | 27 ++++++- test/multicloud/live/retina-gke/variables.tf | 68 ++---------------- .../live/retina-kind/.terraform.lock.hcl | 36 ---------- test/multicloud/live/retina-kind/main.tf | 14 ---- test/multicloud/live/retina-kind/providers.tf | 26 ------- test/multicloud/live/retina-kind/variables.tf | 51 ------------- test/multicloud/modules/aks-nsg/main.tf | 35 +++++++++ test/multicloud/modules/aks-nsg/provider.tf | 9 +++ test/multicloud/modules/aks-nsg/variables.tf | 25 +++++++ test/multicloud/modules/aks/main.tf | 15 ++++ test/multicloud/modules/aks/variables.tf | 20 ++++-- test/multicloud/modules/gke-firewall/main.tf | 31 ++++++++ .../modules/gke-firewall/variables.tf | 36 ++++++++++ test/multicloud/modules/gke/main.tf | 19 ++++- test/multicloud/modules/gke/variables.tf | 54 ++++++++++++-- test/multicloud/modules/grafana/main.tf | 7 ++ test/multicloud/modules/grafana/providers.tf | 10 +++ test/multicloud/modules/grafana/variables.tf | 8 +++ test/multicloud/modules/helm-release/main.tf | 9 +-- .../modules/helm-release/variables.tf | 5 +- test/multicloud/modules/kubernetes-lb/main.tf | 17 +++++ .../modules/kubernetes-lb/outputs.tf | 3 + .../modules/kubernetes-lb/providers.tf | 9 +++ .../modules/kubernetes-lb/variables.tf | 19 +++++ 37 files changed, 707 insertions(+), 331 deletions(-) create mode 100644 test/multicloud/examples/grafana/.terraform.lock.hcl create mode 100644 test/multicloud/examples/grafana/main.tf create mode 100644 test/multicloud/examples/grafana/providers.tf create mode 100644 test/multicloud/examples/grafana/variables.tf create mode 100644 test/multicloud/live/retina-aks/locals.tf create mode 100644 test/multicloud/live/retina-gke/locals.tf delete mode 100644 test/multicloud/live/retina-kind/.terraform.lock.hcl delete mode 100644 test/multicloud/live/retina-kind/main.tf delete mode 100644 test/multicloud/live/retina-kind/providers.tf delete mode 100644 test/multicloud/live/retina-kind/variables.tf create mode 100644 test/multicloud/modules/aks-nsg/main.tf create mode 100644 test/multicloud/modules/aks-nsg/provider.tf create mode 100644 test/multicloud/modules/aks-nsg/variables.tf create mode 100644 test/multicloud/modules/gke-firewall/main.tf create mode 100644 test/multicloud/modules/gke-firewall/variables.tf create mode 100644 test/multicloud/modules/grafana/main.tf create mode 100644 test/multicloud/modules/grafana/providers.tf create mode 100644 test/multicloud/modules/grafana/variables.tf create mode 100644 test/multicloud/modules/kubernetes-lb/main.tf create mode 100644 test/multicloud/modules/kubernetes-lb/outputs.tf create mode 100644 test/multicloud/modules/kubernetes-lb/providers.tf create mode 100644 test/multicloud/modules/kubernetes-lb/variables.tf diff --git a/test/multicloud/examples/grafana/.terraform.lock.hcl b/test/multicloud/examples/grafana/.terraform.lock.hcl new file mode 100644 index 0000000000..814d628dca --- /dev/null +++ b/test/multicloud/examples/grafana/.terraform.lock.hcl @@ -0,0 +1,30 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/grafana/grafana" { + version = "3.18.3" + constraints = "3.18.3" + hashes = [ + "h1:h8jsFjj3XT5GveS9eb8+KxgErmQLE8ZKe0Cdgbi+11Q=", + "zh:15f8db87fb9d9627b2d94c7d578f96dbfd1bd8e178e984cfd1ff619ac4b2312e", + "zh:202cb8bb6b0f99b57847d7bd463c7d465e7a5f6ebd8930563b77a564a263232f", + "zh:2589bc9d77c3004b79caa9cb82821034b92cb771f9e77dbbc2717d16ee010877", + "zh:4d0811400a9d8c5147f56e6e6365649464b9d939c8e4b3e804fa33a7172e615d", + "zh:576c93474d7a7a15133e443b742a09e73c49ba8397dd1db0a3bc1615e8ed941f", + "zh:659ba97fbfaf2971b4206442aad9950ef80a9d184ee9acb1353d4bd744ef76c4", + "zh:695cbbcaaf0fb51576383ace67e75b80c2fae6c0ee9c2acf427265390dd9400a", + "zh:6dbea832d760eedffb37ee1a87c179b6ede7f236a48c85e569fccbf17ceb44e1", + "zh:786d51a46995dc81b574049f1257fc9c60137949bb1fc65ebc8b9a99537d0333", + "zh:80243a2876c4c499da80caf13fc38be2d13ec4fbcf83b150a4243a671cb25854", + "zh:8d395cd587e3f2587f90dca698cfe498577a606b27cdc83b75d35ab2425ad092", + "zh:a7a209802774b24aebec6ad4d1cf98257f30270c3493e551b7129f076a8f2198", + "zh:ac269db542be25bb525a5a9dd398ef7a72f2a81a21543182e7d2b7855e10b0de", + "zh:c8669f217de2878a9b503caa465941576155002ce9f0f48c071ecc9348a4b0ab", + "zh:d2b6205399085d22ed81345b78ebc66e8ca8703e93da6c3f1e418174ecdc71f0", + "zh:ddde96484350a433f16d23cf7649d142aa5764e122cf5f7f12d3d2b162960b56", + "zh:de14ef67291555620720bb067754d16c8a4a457ca0ea52907479ea5d91f0e9b3", + "zh:e84f064e3cf21c2445bf064a1a98d3e7cd092f8dc3a78812e4fb8a8bcde935d3", + "zh:e9281573351e6ecddf72bbec9bcd9d6f30003fdbf675a02b0b60bd0ce6a70b04", + "zh:ff3b499b47a69f3c2ad27ad8b5a6ccd0b437cae126a9b9e99d0f97d349bf5cfd", + ] +} diff --git a/test/multicloud/examples/grafana/main.tf b/test/multicloud/examples/grafana/main.tf new file mode 100644 index 0000000000..4ff0c9f541 --- /dev/null +++ b/test/multicloud/examples/grafana/main.tf @@ -0,0 +1,9 @@ +module "grafana" { + source = "../../modules/grafana" + prometheus_endpoints = { + # This is obviously wrong, but it's just an example + # and you can check on GrafanaCloud to validate the + # data source was created + some = "http://example.com:1234" + } +} \ No newline at end of file diff --git a/test/multicloud/examples/grafana/providers.tf b/test/multicloud/examples/grafana/providers.tf new file mode 100644 index 0000000000..1b8a0eb7ba --- /dev/null +++ b/test/multicloud/examples/grafana/providers.tf @@ -0,0 +1,15 @@ +# Terraform Grafana provider configuration +terraform { + required_version = "1.8.3" + required_providers { + grafana = { + source = "grafana/grafana" + version = "3.18.3" + } + } +} + +# Initialize the Grafana provider +provider "grafana" { + url = var.grafana_url +} \ No newline at end of file diff --git a/test/multicloud/examples/grafana/variables.tf b/test/multicloud/examples/grafana/variables.tf new file mode 100644 index 0000000000..5eeb127cf9 --- /dev/null +++ b/test/multicloud/examples/grafana/variables.tf @@ -0,0 +1,4 @@ +variable "grafana_url" { + description = "The URL of the Grafana instance" + type = string +} diff --git a/test/multicloud/live/retina-aks/.terraform.lock.hcl b/test/multicloud/live/retina-aks/.terraform.lock.hcl index 5c20d26e2a..ddcb5ac6b1 100644 --- a/test/multicloud/live/retina-aks/.terraform.lock.hcl +++ b/test/multicloud/live/retina-aks/.terraform.lock.hcl @@ -1,11 +1,38 @@ # This file is maintained automatically by "tofu init". # Manual edits may be lost in future updates. +provider "registry.opentofu.org/grafana/grafana" { + version = "3.18.3" + constraints = "3.18.3" + hashes = [ + "h1:h8jsFjj3XT5GveS9eb8+KxgErmQLE8ZKe0Cdgbi+11Q=", + "zh:15f8db87fb9d9627b2d94c7d578f96dbfd1bd8e178e984cfd1ff619ac4b2312e", + "zh:202cb8bb6b0f99b57847d7bd463c7d465e7a5f6ebd8930563b77a564a263232f", + "zh:2589bc9d77c3004b79caa9cb82821034b92cb771f9e77dbbc2717d16ee010877", + "zh:4d0811400a9d8c5147f56e6e6365649464b9d939c8e4b3e804fa33a7172e615d", + "zh:576c93474d7a7a15133e443b742a09e73c49ba8397dd1db0a3bc1615e8ed941f", + "zh:659ba97fbfaf2971b4206442aad9950ef80a9d184ee9acb1353d4bd744ef76c4", + "zh:695cbbcaaf0fb51576383ace67e75b80c2fae6c0ee9c2acf427265390dd9400a", + "zh:6dbea832d760eedffb37ee1a87c179b6ede7f236a48c85e569fccbf17ceb44e1", + "zh:786d51a46995dc81b574049f1257fc9c60137949bb1fc65ebc8b9a99537d0333", + "zh:80243a2876c4c499da80caf13fc38be2d13ec4fbcf83b150a4243a671cb25854", + "zh:8d395cd587e3f2587f90dca698cfe498577a606b27cdc83b75d35ab2425ad092", + "zh:a7a209802774b24aebec6ad4d1cf98257f30270c3493e551b7129f076a8f2198", + "zh:ac269db542be25bb525a5a9dd398ef7a72f2a81a21543182e7d2b7855e10b0de", + "zh:c8669f217de2878a9b503caa465941576155002ce9f0f48c071ecc9348a4b0ab", + "zh:d2b6205399085d22ed81345b78ebc66e8ca8703e93da6c3f1e418174ecdc71f0", + "zh:ddde96484350a433f16d23cf7649d142aa5764e122cf5f7f12d3d2b162960b56", + "zh:de14ef67291555620720bb067754d16c8a4a457ca0ea52907479ea5d91f0e9b3", + "zh:e84f064e3cf21c2445bf064a1a98d3e7cd092f8dc3a78812e4fb8a8bcde935d3", + "zh:e9281573351e6ecddf72bbec9bcd9d6f30003fdbf675a02b0b60bd0ce6a70b04", + "zh:ff3b499b47a69f3c2ad27ad8b5a6ccd0b437cae126a9b9e99d0f97d349bf5cfd", + ] +} + provider "registry.opentofu.org/hashicorp/azurerm" { version = "4.15.0" - constraints = ">= 2.0.0" + constraints = "4.15.0" hashes = [ - "h1:0YxkmS5jTUl1LIG+71sgKg/YdlgAoHNr3wyyZjJO8vY=", "h1:xE74Yb3iZZF2F1hQy4B8YVCk0gLAp99pJgZX4eIXYMg=", "zh:0a104acfc45de410d9786bdbf540009dbb7db5632fe7c6846fdb5f865007d0b4", "zh:186f20452ca913e84de0fc9b2dc7872c6480813afe11ea076bd60c45aa2d66d0", @@ -25,7 +52,6 @@ provider "registry.opentofu.org/hashicorp/helm" { constraints = "2.17.0" hashes = [ "h1:69PnHoYrrDrm7C8+8PiSvRGPI55taqL14SvQR/FGM+g=", - "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=", "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b", "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a", "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0", @@ -38,3 +64,21 @@ provider "registry.opentofu.org/hashicorp/helm" { "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0", ] } + +provider "registry.opentofu.org/hashicorp/kubernetes" { + version = "2.35.1" + constraints = "2.35.1" + hashes = [ + "h1:HvgGiweJx159xJsHIgkMQl1eVTcISwGvd8ADXFU46Rk=", + "zh:0a569918d9e81755bdacb2380e70ed304c442e957a029984cbcd9ec88e5d3635", + "zh:1d4d1241cf51d7d4a036c774add1384bb1ba9ca16146334d17c730e1b41ad3e0", + "zh:243219f415f5d8caf32a4e6b6bf596c11cf7db5501ccb4ae77cc0b084bb5d108", + "zh:2f3a33cba73918adc6f580c76b252881f22beb75277df8ca26a01eb5411348f9", + "zh:3b5247f69e72d1e94ac965fa570f448436cedb278f3f29836f6a345aa1bbd5b6", + "zh:4206bca7bf30708e235535af50529565b14f30262dc43142153a1774ee5086af", + "zh:490c80454b8808bb937498aea98e4076a74887446b05feb6e200015613b5e065", + "zh:5e39824289f7b29711681bce98fbb6c27ed221b071a8c78fd0de7f6c2dae4371", + "zh:a7bf7892217bdb0464664f62485d89d014874b0dfb564e99c364fc6dd20c6a3b", + "zh:e8251170bad1c3e2d9c22d0f4dae7239f1a364f05732f7dff5c8e4ec76a95c5a", + ] +} diff --git a/test/multicloud/live/retina-aks/locals.tf b/test/multicloud/live/retina-aks/locals.tf new file mode 100644 index 0000000000..62d8160740 --- /dev/null +++ b/test/multicloud/live/retina-aks/locals.tf @@ -0,0 +1,65 @@ +locals { + location = "uksouth" + resource_group_name = "mc-rg" + prefix = "mc" + + retina_release_name = "retina" + retina_repository_url = "oci://ghcr.io/microsoft/retina/charts" + retina_chart_version = "v0.0.24" + retina_chart_name = "retina" + retina_values = [jsonencode( + { + image = { + tag = "v0.0.24" + } + logLevel = "info" + operator = { + tag = "v0.0.24" + } + } + )] + + prometheus_release_name = "prometheus" + prometheus_repository_url = "https://prometheus-community.github.io/helm-charts" + prometheus_chart_version = "68.4.3" + prometheus_chart_name = "kube-prometheus-stack" + prometheus_values = [ + "${file("../../../../deploy/standard/prometheus/values.yaml")}" + ] + + aks_security_rules = [ + { + name = "Allow_Prometheus_Inbound" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + source_address_prefix = "*" + destination_port_range = "9090" + destination_address_prefix = module.prometheus_lb_aks.ip + }, + { + name = "Allow_Prometheus_Outbound" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "9090" + source_address_prefix = module.prometheus_lb_aks.ip + destination_port_range = "*" + destination_address_prefix = "*" + }, + ] + + default_node_pool = { + name = "agentpool" + node_count = 2 + vm_size = "standard_a2_v2" + os_disk_size_gb = 128 + os_disk_type = "Managed" + max_pods = 110 + type = "VirtualMachineScaleSets" + node_labels = {} + } +} \ No newline at end of file diff --git a/test/multicloud/live/retina-aks/main.tf b/test/multicloud/live/retina-aks/main.tf index 60a7200e6c..b3d572bb4e 100644 --- a/test/multicloud/live/retina-aks/main.tf +++ b/test/multicloud/live/retina-aks/main.tf @@ -1,21 +1,51 @@ module "aks" { source = "../../modules/aks" - location = var.location - resource_group_name = var.resource_group_name - prefix = var.prefix - labels = var.labels + location = local.location + resource_group_name = local.resource_group_name + prefix = local.prefix + default_node_pool = local.default_node_pool } -module "retina" { +module "retina_aks" { depends_on = [module.aks] source = "../../modules/helm-release" - release_name = var.retina_release_name - repository_url = var.retina_repository_url - chart_version = var.retina_chart_version - chart_name = var.retina_chart_name - values = var.retina_values + chart_version = local.retina_chart_version + release_name = local.retina_release_name + repository_url = local.retina_repository_url + chart_name = local.retina_chart_name + values = local.retina_values } -output "kubeconfig_command" { - value = module.aks.azure_get_kubeconfig +module "prometheus_aks" { + depends_on = [module.aks] + source = "../../modules/helm-release" + chart_version = local.prometheus_chart_version + values = local.prometheus_values + release_name = local.prometheus_release_name + repository_url = local.prometheus_repository_url + chart_name = local.prometheus_chart_name +} + +module "prometheus_lb_aks" { + depends_on = [ + module.aks, + module.prometheus_aks + ] + source = "../../modules/kubernetes-lb" } + +module "aks_nsg" { + depends_on = [module.aks] + source = "../../modules/aks-nsg" + prefix = local.prefix + resource_group_name = local.resource_group_name + security_rules = local.aks_security_rules +} + +module "grafana" { + depends_on = [module.prometheus_lb_aks] + source = "../../modules/grafana" + prometheus_endpoints = { + aks = "http://${module.prometheus_lb_aks.ip}:9090" + } +} \ No newline at end of file diff --git a/test/multicloud/live/retina-aks/outputs.tf b/test/multicloud/live/retina-aks/outputs.tf index 154ce0721b..55d6e04bd4 100644 --- a/test/multicloud/live/retina-aks/outputs.tf +++ b/test/multicloud/live/retina-aks/outputs.tf @@ -1,19 +1,3 @@ -output "host" { - value = module.aks.host - sensitive = true +output "kubeconfig_command" { + value = module.aks.azure_get_kubeconfig } - -output "client_certificate" { - value = module.aks.client_certificate - sensitive = true -} - -output "client_key" { - value = module.aks.client_key - sensitive = true -} - -output "cluster_ca_certificate" { - value = module.aks.cluster_ca_certificate - sensitive = true -} \ No newline at end of file diff --git a/test/multicloud/live/retina-aks/providers.tf b/test/multicloud/live/retina-aks/providers.tf index 264d724c95..9fd6fbc9c8 100644 --- a/test/multicloud/live/retina-aks/providers.tf +++ b/test/multicloud/live/retina-aks/providers.tf @@ -9,6 +9,14 @@ terraform { source = "hashicorp/helm" version = "2.17.0" } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.35.1" + } + grafana = { + source = "grafana/grafana" + version = "3.18.3" + } } } @@ -32,3 +40,16 @@ provider "helm" { cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate) } } + +# Initialize the Kubernetes provider +provider "kubernetes" { + host = module.aks.host + client_certificate = base64decode(module.aks.client_certificate) + client_key = base64decode(module.aks.client_key) + cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate) +} + +# Initialize the Grafana provider +provider "grafana" { + url = var.grafana_url +} diff --git a/test/multicloud/live/retina-aks/variables.tf b/test/multicloud/live/retina-aks/variables.tf index 901734c889..b74d1f9594 100644 --- a/test/multicloud/live/retina-aks/variables.tf +++ b/test/multicloud/live/retina-aks/variables.tf @@ -8,72 +8,7 @@ variable "tenant_id" { type = string } -variable "location" { - description = "The Azure Cloud location where AKS will be deployed to." +variable "grafana_url" { + description = "The URL of the Grafana instance" type = string - default = "uksouth" -} - -variable "resource_group_name" { - description = "The name of the resource group." - type = string - default = "mc-rg" -} - -variable "prefix" { - description = "A prefix to add to all resources." - type = string - default = "mc" -} - -variable "labels" { - description = "A map of labels to add to all resources." - type = map(string) - default = {} -} - -variable "retina_release_name" { - description = "The name of the Helm release." - type = string - default = "retina" -} - -variable "retina_repository_url" { - description = "The URL of the Helm repository." - type = string - default = "oci://ghcr.io/microsoft/retina/charts" -} - -variable "retina_chart_version" { - description = "The version of the Helm chart to install." - type = string - default = "v0.0.24" -} - -variable "retina_chart_name" { - description = "The name of the Helm chart to install." - type = string - default = "retina" -} - -variable "retina_values" { - description = "Configuration for set blocks, this corresponds to Helm values.yaml" - type = list(object({ - name = string - value = string - })) - default = [ - { - name = "image.tag" - value = "v0.0.24" - }, - { - name = "operator.tag" - value = "v0.0.24" - }, - { - name = "logLevel" - value = "info" - } - ] -} +} \ No newline at end of file diff --git a/test/multicloud/live/retina-gke/.terraform.lock.hcl b/test/multicloud/live/retina-gke/.terraform.lock.hcl index ed3aacfe1c..4b286d4122 100644 --- a/test/multicloud/live/retina-gke/.terraform.lock.hcl +++ b/test/multicloud/live/retina-gke/.terraform.lock.hcl @@ -1,11 +1,38 @@ # This file is maintained automatically by "tofu init". # Manual edits may be lost in future updates. +provider "registry.opentofu.org/grafana/grafana" { + version = "3.18.3" + constraints = "3.18.3" + hashes = [ + "h1:h8jsFjj3XT5GveS9eb8+KxgErmQLE8ZKe0Cdgbi+11Q=", + "zh:15f8db87fb9d9627b2d94c7d578f96dbfd1bd8e178e984cfd1ff619ac4b2312e", + "zh:202cb8bb6b0f99b57847d7bd463c7d465e7a5f6ebd8930563b77a564a263232f", + "zh:2589bc9d77c3004b79caa9cb82821034b92cb771f9e77dbbc2717d16ee010877", + "zh:4d0811400a9d8c5147f56e6e6365649464b9d939c8e4b3e804fa33a7172e615d", + "zh:576c93474d7a7a15133e443b742a09e73c49ba8397dd1db0a3bc1615e8ed941f", + "zh:659ba97fbfaf2971b4206442aad9950ef80a9d184ee9acb1353d4bd744ef76c4", + "zh:695cbbcaaf0fb51576383ace67e75b80c2fae6c0ee9c2acf427265390dd9400a", + "zh:6dbea832d760eedffb37ee1a87c179b6ede7f236a48c85e569fccbf17ceb44e1", + "zh:786d51a46995dc81b574049f1257fc9c60137949bb1fc65ebc8b9a99537d0333", + "zh:80243a2876c4c499da80caf13fc38be2d13ec4fbcf83b150a4243a671cb25854", + "zh:8d395cd587e3f2587f90dca698cfe498577a606b27cdc83b75d35ab2425ad092", + "zh:a7a209802774b24aebec6ad4d1cf98257f30270c3493e551b7129f076a8f2198", + "zh:ac269db542be25bb525a5a9dd398ef7a72f2a81a21543182e7d2b7855e10b0de", + "zh:c8669f217de2878a9b503caa465941576155002ce9f0f48c071ecc9348a4b0ab", + "zh:d2b6205399085d22ed81345b78ebc66e8ca8703e93da6c3f1e418174ecdc71f0", + "zh:ddde96484350a433f16d23cf7649d142aa5764e122cf5f7f12d3d2b162960b56", + "zh:de14ef67291555620720bb067754d16c8a4a457ca0ea52907479ea5d91f0e9b3", + "zh:e84f064e3cf21c2445bf064a1a98d3e7cd092f8dc3a78812e4fb8a8bcde935d3", + "zh:e9281573351e6ecddf72bbec9bcd9d6f30003fdbf675a02b0b60bd0ce6a70b04", + "zh:ff3b499b47a69f3c2ad27ad8b5a6ccd0b437cae126a9b9e99d0f97d349bf5cfd", + ] +} + provider "registry.opentofu.org/hashicorp/google" { version = "6.17.0" - constraints = ">= 6.17.0" + constraints = "6.17.0" hashes = [ - "h1:7m+L8x7ClWUFAd4uJJENXp9O4K8HtpL50434jPR9pqs=", "h1:aZkLSXbqbNThCCLAX1x0g8KTJANQAIosYq3xpy8JhFQ=", "zh:0614cc52deb5914795253aecf19b4cbb5aa7e8a186839a33907ce5c35e23d537", "zh:0b28ea31ec3b119aafc4c37a5992c29266c876db288dfc5bbfbde36631a533f1", @@ -25,7 +52,6 @@ provider "registry.opentofu.org/hashicorp/helm" { constraints = "2.17.0" hashes = [ "h1:69PnHoYrrDrm7C8+8PiSvRGPI55taqL14SvQR/FGM+g=", - "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=", "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b", "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a", "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0", @@ -38,3 +64,21 @@ provider "registry.opentofu.org/hashicorp/helm" { "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0", ] } + +provider "registry.opentofu.org/hashicorp/kubernetes" { + version = "2.35.1" + constraints = "2.35.1" + hashes = [ + "h1:HvgGiweJx159xJsHIgkMQl1eVTcISwGvd8ADXFU46Rk=", + "zh:0a569918d9e81755bdacb2380e70ed304c442e957a029984cbcd9ec88e5d3635", + "zh:1d4d1241cf51d7d4a036c774add1384bb1ba9ca16146334d17c730e1b41ad3e0", + "zh:243219f415f5d8caf32a4e6b6bf596c11cf7db5501ccb4ae77cc0b084bb5d108", + "zh:2f3a33cba73918adc6f580c76b252881f22beb75277df8ca26a01eb5411348f9", + "zh:3b5247f69e72d1e94ac965fa570f448436cedb278f3f29836f6a345aa1bbd5b6", + "zh:4206bca7bf30708e235535af50529565b14f30262dc43142153a1774ee5086af", + "zh:490c80454b8808bb937498aea98e4076a74887446b05feb6e200015613b5e065", + "zh:5e39824289f7b29711681bce98fbb6c27ed221b071a8c78fd0de7f6c2dae4371", + "zh:a7bf7892217bdb0464664f62485d89d014874b0dfb564e99c364fc6dd20c6a3b", + "zh:e8251170bad1c3e2d9c22d0f4dae7239f1a364f05732f7dff5c8e4ec76a95c5a", + ] +} diff --git a/test/multicloud/live/retina-gke/locals.tf b/test/multicloud/live/retina-gke/locals.tf new file mode 100644 index 0000000000..fec46e343a --- /dev/null +++ b/test/multicloud/live/retina-gke/locals.tf @@ -0,0 +1,44 @@ +locals { + prefix = "mc" + location = "europe-west2" + + machine_type = "e2-standard-4" + + retina_release_name = "retina" + retina_repository_url = "oci://ghcr.io/microsoft/retina/charts" + retina_chart_version = "v0.0.24" + retina_chart_name = "retina" + retina_values = [jsonencode( + { + image = { + tag = "v0.0.24" + } + logLevel = "info" + operator = { + tag = "v0.0.24" + } + } + )] + + prometheus_release_name = "prometheus" + prometheus_repository_url = "https://prometheus-community.github.io/helm-charts" + prometheus_chart_version = "68.4.3" + prometheus_chart_name = "kube-prometheus-stack" + prometheus_values = [ + "${file("../../../../deploy/standard/prometheus/values.yaml")}" + ] + gke_firwall_rules = { + inbound = { + protocol = "tcp" + ports = ["9090"] + source_ranges = [module.prometheus_lb_gke.ip] + destination_ranges = ["0.0.0.0/0"] + } + outbound = { + protocol = "tcp" + ports = ["9090"] + source_ranges = ["0.0.0.0/0"] + destination_ranges = [module.prometheus_lb_gke.ip] + } + } +} \ No newline at end of file diff --git a/test/multicloud/live/retina-gke/main.tf b/test/multicloud/live/retina-gke/main.tf index 3862ba858d..db0e5c8f2b 100644 --- a/test/multicloud/live/retina-gke/main.tf +++ b/test/multicloud/live/retina-gke/main.tf @@ -1,17 +1,51 @@ module "gke" { source = "../../modules/gke" - location = var.location - prefix = var.prefix + location = local.location + prefix = local.prefix project = var.project - machine_type = var.machine_type + machine_type = local.machine_type } -module "retina" { +module "retina_gke" { depends_on = [module.gke] source = "../../modules/helm-release" - release_name = var.retina_release_name - repository_url = var.retina_repository_url - chart_version = var.retina_chart_version - chart_name = var.retina_chart_name - values = var.retina_values + chart_version = local.retina_chart_version + release_name = local.retina_release_name + repository_url = local.retina_repository_url + chart_name = local.retina_chart_name + values = local.retina_values } + +module "prometheus_gke" { + depends_on = [module.gke] + source = "../../modules/helm-release" + chart_version = local.prometheus_chart_version + values = local.prometheus_values + release_name = local.prometheus_release_name + repository_url = local.prometheus_repository_url + chart_name = local.prometheus_chart_name +} + +module "prometheus_lb_gke" { + depends_on = [ + module.gke, + module.prometheus_gke + ] + source = "../../modules/kubernetes-lb" +} + +module "gke_firewall" { + depends_on = [module.gke] + source = "../../modules/gke-firewall" + prefix = local.prefix + inbound_firewall_rule = local.gke_firwall_rules.inbound + outbound_firewall_rule = local.gke_firwall_rules.outbound +} + +module "grafana" { + depends_on = [module.prometheus_lb_gke] + source = "../../modules/grafana" + prometheus_endpoints = { + gke = "http://${module.prometheus_lb_gke.ip}:9090" + } +} \ No newline at end of file diff --git a/test/multicloud/live/retina-gke/providers.tf b/test/multicloud/live/retina-gke/providers.tf index ac23c59c0e..77fdc2ebe6 100644 --- a/test/multicloud/live/retina-gke/providers.tf +++ b/test/multicloud/live/retina-gke/providers.tf @@ -9,16 +9,23 @@ terraform { source = "hashicorp/helm" version = "2.17.0" } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.35.1" + } + grafana = { + source = "grafana/grafana" + version = "3.18.3" + } } } # Initialize the Google provider provider "google" { project = var.project - region = var.location + region = local.location } -data "google_client_config" "current" {} # Initialize the Helm provider provider "helm" { @@ -27,4 +34,18 @@ provider "helm" { host = module.gke.host cluster_ca_certificate = base64decode(module.gke.cluster_ca_certificate) } -} \ No newline at end of file +} + +data "google_client_config" "current" {} + +# Initialize the Kubernetes provider for GKE +provider "kubernetes" { + token = data.google_client_config.current.access_token + host = module.gke.host + cluster_ca_certificate = base64decode(module.gke.cluster_ca_certificate) +} + +# Initialize the Grafana provider +provider "grafana" { + url = var.grafana_url +} diff --git a/test/multicloud/live/retina-gke/variables.tf b/test/multicloud/live/retina-gke/variables.tf index c9299aa6ba..224f66b35d 100644 --- a/test/multicloud/live/retina-gke/variables.tf +++ b/test/multicloud/live/retina-gke/variables.tf @@ -1,69 +1,9 @@ variable "project" { - description = "The Google Cloud project where resources will be deployed." + description = "Project ID" type = string - default = "mc-retina" } -variable "location" { - description = "The Google Cloud location where GKE will be deployed to." +variable "grafana_url" { + description = "The URL of the Grafana instance" type = string - default = "eu-central1" -} - -variable "prefix" { - description = "A prefix to add to all resources." - type = string - default = "mc" -} - -variable "machine_type" { - description = "The machine type to use for the GKE nodes." - type = string - default = "e2-standard-4" -} - -variable "retina_release_name" { - description = "The name of the Helm release." - type = string - default = "retina" -} - -variable "retina_repository_url" { - description = "The URL of the Helm repository." - type = string - default = "oci://ghcr.io/microsoft/retina/charts" -} - -variable "retina_chart_version" { - description = "The version of the Helm chart to install." - type = string - default = "v0.0.24" -} - -variable "retina_chart_name" { - description = "The name of the Helm chart to install." - type = string - default = "retina" -} - -variable "retina_values" { - description = "Configuration for set blocks, this corresponds to Helm values.yaml" - type = list(object({ - name = string - value = string - })) - default = [ - { - name = "image.tag" - value = "v0.0.24" - }, - { - name = "operator.tag" - value = "v0.0.24" - }, - { - name = "logLevel" - value = "info" - } - ] -} +} \ No newline at end of file diff --git a/test/multicloud/live/retina-kind/.terraform.lock.hcl b/test/multicloud/live/retina-kind/.terraform.lock.hcl deleted file mode 100644 index afc28ace1d..0000000000 --- a/test/multicloud/live/retina-kind/.terraform.lock.hcl +++ /dev/null @@ -1,36 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/helm" { - version = "2.17.0" - constraints = "2.17.0" - hashes = [ - "h1:69PnHoYrrDrm7C8+8PiSvRGPI55taqL14SvQR/FGM+g=", - "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=", - "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b", - "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a", - "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0", - "zh:3976400ceba6dda4636e1d297e3097e1831de5628afa534a166de98a70d1dcbe", - "zh:54440ef14f342b41d75c1aded7487bfcc3f76322b75894235b47b7e89ac4bfa4", - "zh:6512e2ab9f2fa31cbb90d9249647b5c5798f62eb1215ec44da2cdaa24e38ad25", - "zh:795f327ca0b8c5368af0ed03d5d4f6da7260692b4b3ca0bd004ed542e683464d", - "zh:ba659e1d94f224bc3f1fd34cbb9d2663e3a8e734108e5a58eb49eda84b140978", - "zh:c5c8575c4458835c2acbc3d1ed5570589b14baa2525d8fbd04295c097caf41eb", - "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0", - ] -} - -provider "registry.opentofu.org/tehcyx/kind" { - version = "0.7.0" - constraints = "0.7.0" - hashes = [ - "h1:9ci1+3JBxvMRZ0pnzoVNmw7NrBCAfzqOPyhm+I8Rxag=", - "h1:nFhFHmE5+dCd9S9dEMwnMNWzyxoVipYobkhXYoDbhgA=", - "zh:171a2fb0137bfbdebd56cd65afd2e0e2167315fe4cb6a07a218db40cb17339c3", - "zh:3260b078b7997ddfd03845326ffaeed7f678eeaaf7918430356f22e299e36f22", - "zh:4066ab3feb482a0dd1bfff6590d89a0ec30478f63c9d8253cfdadb4b8db2234d", - "zh:537af73261d53f4840d1f89d8e5835c52ddb97102e6314f6aea9b8e49c43d610", - "zh:d63e94d828ba0339600d992b0a6695cff939b0aaac1c39b31d38e3c4f3823674", - "zh:f971c617bf6b37d07a5042f13a9ab02b42d0ceb14934174eecc81abeec233c40", - ] -} diff --git a/test/multicloud/live/retina-kind/main.tf b/test/multicloud/live/retina-kind/main.tf deleted file mode 100644 index 256374b30c..0000000000 --- a/test/multicloud/live/retina-kind/main.tf +++ /dev/null @@ -1,14 +0,0 @@ -module "kind" { - source = "../../modules/kind" - prefix = var.prefix -} - -module "retina" { - depends_on = [module.kind] - source = "../../modules/helm-release" - release_name = var.retina_release_name - repository_url = var.retina_repository_url - chart_version = var.retina_chart_version - chart_name = var.retina_chart_name - values = var.retina_values -} diff --git a/test/multicloud/live/retina-kind/providers.tf b/test/multicloud/live/retina-kind/providers.tf deleted file mode 100644 index 7b8baf2518..0000000000 --- a/test/multicloud/live/retina-kind/providers.tf +++ /dev/null @@ -1,26 +0,0 @@ -terraform { - required_version = "1.8.3" - required_providers { - kind = { - source = "tehcyx/kind" - version = "0.7.0" - } - helm = { - source = "hashicorp/helm" - version = "2.17.0" - } - } -} - -# Initialize the kind provider -provider "kind" {} - -# Initialize the Helm provider -provider "helm" { - kubernetes { - host = module.kind.host - client_certificate = module.kind.client_certificate - client_key = module.kind.client_key - cluster_ca_certificate = module.kind.cluster_ca_certificate - } -} \ No newline at end of file diff --git a/test/multicloud/live/retina-kind/variables.tf b/test/multicloud/live/retina-kind/variables.tf deleted file mode 100644 index 06b49ab3ab..0000000000 --- a/test/multicloud/live/retina-kind/variables.tf +++ /dev/null @@ -1,51 +0,0 @@ -variable "prefix" { - description = "A prefix to add to all resources." - type = string - default = "mc" -} - -variable "retina_release_name" { - description = "The name of the Helm release." - type = string - default = "retina" -} - -variable "retina_repository_url" { - description = "The URL of the Helm repository." - type = string - default = "oci://ghcr.io/microsoft/retina/charts" -} - -variable "retina_chart_version" { - description = "The version of the Helm chart to install." - type = string - default = "v0.0.24" -} - -variable "retina_chart_name" { - description = "The name of the Helm chart to install." - type = string - default = "retina" -} - -variable "retina_values" { - description = "Configuration for set blocks, this corresponds to Helm values.yaml" - type = list(object({ - name = string - value = string - })) - default = [ - { - name = "image.tag" - value = "v0.0.24" - }, - { - name = "operator.tag" - value = "v0.0.24" - }, - { - name = "logLevel" - value = "info" - } - ] -} diff --git a/test/multicloud/modules/aks-nsg/main.tf b/test/multicloud/modules/aks-nsg/main.tf new file mode 100644 index 0000000000..d688a7985b --- /dev/null +++ b/test/multicloud/modules/aks-nsg/main.tf @@ -0,0 +1,35 @@ +data "azurerm_resource_group" "aks_rg" { + name = var.resource_group_name +} + +data "azurerm_subnet" "aks_subnet" { + name = "${var.prefix}-subnet" + resource_group_name = var.resource_group_name + virtual_network_name = "${var.prefix}-vnet" +} + +resource "azurerm_network_security_group" "aks_nsg" { + name = "${var.prefix}-nsg" + location = data.azurerm_resource_group.aks_rg.location + resource_group_name = data.azurerm_resource_group.aks_rg.name + + dynamic "security_rule" { + for_each = var.security_rules + content { + name = security_rule.value.name + priority = security_rule.value.priority + direction = security_rule.value.direction + access = security_rule.value.access + protocol = security_rule.value.protocol + source_port_range = security_rule.value.source_port_range + destination_port_range = security_rule.value.destination_port_range + source_address_prefix = security_rule.value.source_address_prefix + destination_address_prefix = security_rule.value.destination_address_prefix + } + } +} + +resource "azurerm_subnet_network_security_group_association" "aks_subnet_nsg" { + subnet_id = data.azurerm_subnet.aks_subnet.id + network_security_group_id = azurerm_network_security_group.aks_nsg.id +} \ No newline at end of file diff --git a/test/multicloud/modules/aks-nsg/provider.tf b/test/multicloud/modules/aks-nsg/provider.tf new file mode 100644 index 0000000000..33705925cf --- /dev/null +++ b/test/multicloud/modules/aks-nsg/provider.tf @@ -0,0 +1,9 @@ +terraform { + required_version = "1.8.3" + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "4.15.0" + } + } +} diff --git a/test/multicloud/modules/aks-nsg/variables.tf b/test/multicloud/modules/aks-nsg/variables.tf new file mode 100644 index 0000000000..c8a59f995d --- /dev/null +++ b/test/multicloud/modules/aks-nsg/variables.tf @@ -0,0 +1,25 @@ +variable "resource_group_name" { + description = "The name of the resource group." + type = string +} + +variable "prefix" { + description = "A prefix to add to all resources." + type = string +} + +variable "security_rules" { + description = "A list of security rules to add to the network security group." + type = list(object({ + name = string + priority = number + direction = string + access = string + protocol = string + source_port_range = string + destination_port_range = string + source_address_prefix = string + destination_address_prefix = string + })) + default = [] +} \ No newline at end of file diff --git a/test/multicloud/modules/aks/main.tf b/test/multicloud/modules/aks/main.tf index a7352bd589..082b7a9947 100644 --- a/test/multicloud/modules/aks/main.tf +++ b/test/multicloud/modules/aks/main.tf @@ -3,6 +3,20 @@ resource "azurerm_resource_group" "aks_rg" { location = var.location } +resource "azurerm_virtual_network" "aks_vnet" { + name = "${var.prefix}-vnet" + address_space = var.vnet_address_space + location = azurerm_resource_group.aks_rg.location + resource_group_name = azurerm_resource_group.aks_rg.name +} + +resource "azurerm_subnet" "aks_subnet" { + name = "${var.prefix}-subnet" + resource_group_name = azurerm_resource_group.aks_rg.name + virtual_network_name = azurerm_virtual_network.aks_vnet.name + address_prefixes = var.subnet_address_space +} + resource "azurerm_kubernetes_cluster" "aks" { name = "${var.prefix}-aks" location = azurerm_resource_group.aks_rg.location @@ -21,6 +35,7 @@ resource "azurerm_kubernetes_cluster" "aks" { max_pods = default_node_pool.value.max_pods type = default_node_pool.value.type node_labels = default_node_pool.value.node_labels + vnet_subnet_id = azurerm_subnet.aks_subnet.id } } diff --git a/test/multicloud/modules/aks/variables.tf b/test/multicloud/modules/aks/variables.tf index d5a5ebb597..e2d89fded9 100644 --- a/test/multicloud/modules/aks/variables.tf +++ b/test/multicloud/modules/aks/variables.tf @@ -1,7 +1,6 @@ variable "location" { - description = "The VM location." + description = "Location of the AKS cluster." type = string - default = "UK South" } variable "resource_group_name" { @@ -12,7 +11,6 @@ variable "resource_group_name" { variable "prefix" { description = "A prefix to add to all resources." type = string - default = "example-vm" } variable "labels" { @@ -41,8 +39,8 @@ variable "network_profile" { managed_outbound_ip_count = 1 } pod_cidr = "10.244.0.0/16" - service_cidr = "10.0.0.0/16" - dns_service_ip = "10.0.0.10" + service_cidr = "10.1.0.0/16" + dns_service_ip = "10.1.0.10" outbound_type = "loadBalancer" } } @@ -71,6 +69,18 @@ variable "default_node_pool" { } } +variable "vnet_address_space" { + description = "The address space for the virtual network." + type = list(string) + default = ["10.0.0.0/16"] +} + +variable "subnet_address_space" { + description = "The address space for the subnet." + type = list(string) + default = ["10.0.1.0/24"] +} + variable "kubernetes_version" { description = "The version of Kubernetes to use for the AKS cluster." type = string diff --git a/test/multicloud/modules/gke-firewall/main.tf b/test/multicloud/modules/gke-firewall/main.tf new file mode 100644 index 0000000000..329edab896 --- /dev/null +++ b/test/multicloud/modules/gke-firewall/main.tf @@ -0,0 +1,31 @@ +data "google_compute_network" "vpc_network" { + name = "${var.prefix}-vpc-network" +} + +resource "google_compute_firewall" "gke_inbound_rule" { + name = "${var.prefix}-gke-inbound" + network = data.google_compute_network.vpc_network.id + + allow { + protocol = var.inbound_firewall_rule.protocol + ports = var.inbound_firewall_rule.ports + } + + source_ranges = var.inbound_firewall_rule.source_ranges + destination_ranges = var.inbound_firewall_rule.destination_ranges + target_tags = ["${var.prefix}-gke-cluster"] +} + +resource "google_compute_firewall" "gke_outbound_rule" { + name = "${var.prefix}-gke-outbound" + network = data.google_compute_network.vpc_network.id + + allow { + protocol = var.outbound_firewall_rule.protocol + ports = var.outbound_firewall_rule.ports + } + + source_ranges = var.outbound_firewall_rule.source_ranges + destination_ranges = var.outbound_firewall_rule.destination_ranges + target_tags = ["${var.prefix}-gke-cluster"] +} \ No newline at end of file diff --git a/test/multicloud/modules/gke-firewall/variables.tf b/test/multicloud/modules/gke-firewall/variables.tf new file mode 100644 index 0000000000..20cd31fa0a --- /dev/null +++ b/test/multicloud/modules/gke-firewall/variables.tf @@ -0,0 +1,36 @@ +variable "prefix" { + description = "Prefix for resource names" + type = string +} + +variable "inbound_firewall_rule" { + description = "Configuration for inbound firewall rule" + type = object({ + protocol = string + ports = list(string) + source_ranges = list(string) + destination_ranges = list(string) + }) + default = { + protocol = "tcp" + ports = [] + source_ranges = [] + destination_ranges = [] + } +} + +variable "outbound_firewall_rule" { + description = "Configuration for outbound firewall rule" + type = object({ + protocol = string + ports = list(string) + source_ranges = list(string) + destination_ranges = list(string) + }) + default = { + protocol = "tcp" + ports = [] + source_ranges = [] + destination_ranges = [] + } +} diff --git a/test/multicloud/modules/gke/main.tf b/test/multicloud/modules/gke/main.tf index 8de256d40e..8828006e59 100644 --- a/test/multicloud/modules/gke/main.tf +++ b/test/multicloud/modules/gke/main.tf @@ -3,6 +3,20 @@ resource "google_service_account" "default" { display_name = "GKE Service Account for ${var.project}" } +// Create VPC network +resource "google_compute_network" "vpc_network" { + name = "${var.prefix}-vpc-network" + auto_create_subnetworks = false +} + +// Create subnet within the VPC network +resource "google_compute_subnetwork" "subnet" { + name = "${var.prefix}-subnet" + ip_cidr_range = var.subnet_cidr + region = var.location + network = google_compute_network.vpc_network.id +} + // https://cloud.google.com/kubernetes-engine/docs/concepts/network-overview resource "google_container_cluster" "gke" { name = "${var.prefix}-gke-cluster" @@ -14,6 +28,9 @@ resource "google_container_cluster" "gke" { remove_default_node_pool = true initial_node_count = 1 deletion_protection = false + + network = google_compute_network.vpc_network.id + subnetwork = google_compute_subnetwork.subnet.id } resource "google_container_node_pool" "gke_preemptible_nodes" { @@ -32,4 +49,4 @@ resource "google_container_node_pool" "gke_preemptible_nodes" { "https://www.googleapis.com/auth/cloud-platform" ] } -} \ No newline at end of file +} diff --git a/test/multicloud/modules/gke/variables.tf b/test/multicloud/modules/gke/variables.tf index 9971acce00..764743685b 100644 --- a/test/multicloud/modules/gke/variables.tf +++ b/test/multicloud/modules/gke/variables.tf @@ -1,19 +1,61 @@ +variable "prefix" { + description = "Prefix for resource names" + type = string +} + variable "project" { - description = "The Google Cloud project where resources will be deployed." + description = "Project ID" type = string } variable "location" { - description = "The Google Cloud location where GKE will be deployed to." + description = "Region for the GKE cluster and subnet" type = string } -variable "prefix" { - description = "A prefix to add to all resources." +variable "machine_type" { + description = "Machine type for the GKE node pool" type = string } -variable "machine_type" { - description = "The machine type to use for the GKE nodes." +variable "subnet_cidr" { + description = "CIDR range for the subnet" type = string + default = "10.0.0.0/24" +} + +variable "inbound_protocol" { + description = "Protocol for inbound firewall rule" + type = string + default = "tcp" +} + +variable "inbound_ports" { + description = "Ports for inbound firewall rule" + type = list(string) + default = [] +} + +variable "inbound_source_ranges" { + description = "Source IP ranges for inbound firewall rule" + type = list(string) + default = [] +} + +variable "outbound_protocol" { + description = "Protocol for outbound firewall rule" + type = string + default = "tcp" +} + +variable "outbound_ports" { + description = "Ports for outbound firewall rule" + type = list(string) + default = [] +} + +variable "outbound_destination_ranges" { + description = "Destination IP ranges for outbound firewall rule" + type = list(string) + default = [] } \ No newline at end of file diff --git a/test/multicloud/modules/grafana/main.tf b/test/multicloud/modules/grafana/main.tf new file mode 100644 index 0000000000..fda875b6d4 --- /dev/null +++ b/test/multicloud/modules/grafana/main.tf @@ -0,0 +1,7 @@ +resource "grafana_data_source" "prometheus" { + for_each = var.prometheus_endpoints + + name = each.key + type = "prometheus" + url = each.value +} \ No newline at end of file diff --git a/test/multicloud/modules/grafana/providers.tf b/test/multicloud/modules/grafana/providers.tf new file mode 100644 index 0000000000..358ffc729c --- /dev/null +++ b/test/multicloud/modules/grafana/providers.tf @@ -0,0 +1,10 @@ +# Terraform Grafana provider configuration +terraform { + required_version = "1.8.3" + required_providers { + grafana = { + source = "grafana/grafana" + version = "3.18.3" + } + } +} diff --git a/test/multicloud/modules/grafana/variables.tf b/test/multicloud/modules/grafana/variables.tf new file mode 100644 index 0000000000..18b84859f2 --- /dev/null +++ b/test/multicloud/modules/grafana/variables.tf @@ -0,0 +1,8 @@ +variable "prometheus_endpoints" { + description = "A map of Prometheus endpoints to add as data sources." + type = map(string) + default = { + aks = "http://85.210.188.53:9090" + kind = "http://127.0.0.1:9090" + } +} diff --git a/test/multicloud/modules/helm-release/main.tf b/test/multicloud/modules/helm-release/main.tf index 26d03457b7..cc8a65d9da 100644 --- a/test/multicloud/modules/helm-release/main.tf +++ b/test/multicloud/modules/helm-release/main.tf @@ -3,12 +3,5 @@ resource "helm_release" "release" { repository = var.repository_url chart = var.chart_name version = var.chart_version - - dynamic "set" { - for_each = var.values - content { - name = set.value.name - value = set.value.value - } - } + values = var.values } \ No newline at end of file diff --git a/test/multicloud/modules/helm-release/variables.tf b/test/multicloud/modules/helm-release/variables.tf index d2c9caa3aa..a06cdb17aa 100644 --- a/test/multicloud/modules/helm-release/variables.tf +++ b/test/multicloud/modules/helm-release/variables.tf @@ -20,8 +20,5 @@ variable "chart_name" { variable "values" { description = "Configuration for set blocks, this corresponds to Helm values.yaml" - type = list(object({ - name = string - value = string - })) + type = list(string) } diff --git a/test/multicloud/modules/kubernetes-lb/main.tf b/test/multicloud/modules/kubernetes-lb/main.tf new file mode 100644 index 0000000000..e9b4ceae05 --- /dev/null +++ b/test/multicloud/modules/kubernetes-lb/main.tf @@ -0,0 +1,17 @@ +resource "kubernetes_service" "load_balancer_service" { + metadata { + name = var.name + } + + spec { + type = "LoadBalancer" + + port { + port = var.port + target_port = var.port + protocol = "TCP" + } + + selector = var.label_selector + } +} \ No newline at end of file diff --git a/test/multicloud/modules/kubernetes-lb/outputs.tf b/test/multicloud/modules/kubernetes-lb/outputs.tf new file mode 100644 index 0000000000..c7d3e1ec2e --- /dev/null +++ b/test/multicloud/modules/kubernetes-lb/outputs.tf @@ -0,0 +1,3 @@ +output "ip" { + value = element(kubernetes_service.load_balancer_service.status[0].load_balancer[0].ingress, 0).ip +} diff --git a/test/multicloud/modules/kubernetes-lb/providers.tf b/test/multicloud/modules/kubernetes-lb/providers.tf new file mode 100644 index 0000000000..749c77ee69 --- /dev/null +++ b/test/multicloud/modules/kubernetes-lb/providers.tf @@ -0,0 +1,9 @@ +terraform { + required_version = "1.8.3" + required_providers { + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.35.1" + } + } +} diff --git a/test/multicloud/modules/kubernetes-lb/variables.tf b/test/multicloud/modules/kubernetes-lb/variables.tf new file mode 100644 index 0000000000..2da295dc85 --- /dev/null +++ b/test/multicloud/modules/kubernetes-lb/variables.tf @@ -0,0 +1,19 @@ +variable "name" { + description = "Name for the LoadBalancer service" + type = string + default = "prometheus" +} + +variable "label_selector" { + description = "Label selector for the backend pods" + type = map(string) + default = { + "app.kubernetes.io/name" = "prometheus" + } +} + +variable "port" { + description = "Port for the LoadBalancer service and targetPort for the pod" + type = number + default = 9090 +} \ No newline at end of file