Sab/tf rework1#2
Open
ThatDevopsGuy wants to merge 19 commits into
Open
Conversation
* Updated welcome message to be more friendly * Created functions to execute command checking and config checking * Added check for Terraform binary * Added warning about existing .terraform directory (see below) * Reworked gcloud variable state checking (see below) * Updated Terraform bucket name to include "cloudlamp" * Preflight now calls `terraform init` Existing Terraform Directory ---------------------------- If an existing .terraform directory is present, there is a chance TF will attempt to reconcile state with a nonexistent project (or components therein). Discarding the local file alleviates the need to check these parameters. Useful in debugging. Gcloud Variable Checking ------------------------ Upon testing in Cloud Shell, it turns out it emits a message which begins with "Your active configuration", which was not present on other CLI clients. Now we use wildcard matching to ensure the right variables are set prior to execution.
Cleanup, new process, etc.
ThatDevopsGuy
added
bug
* Removed check for kubectl * Fixed asinine STDOUT/STDERR gcloud config get-value behavior
Preflight now handles API enablement, due to odd Terraform action. It does this by gathering required APIs, and then enabling them in parallel, through a single extra `gcloud` invocation. The script will *NOT* enable an already-enabled API, which saves a lot of time in execution, as while `gcloud services enable` does take multiple parameters, it executes each in series. This might introduce odd behavior in hierarchical API requests, but I'm not sure. i.e. does 'containers' require 'compute'? If so, There will be one more superfluous call made to the API endpoint. However, API enablement calls are idempotent, so calling 'enable' more than once per API will not have an noticable effect. Also things operate in groups now, with slightly more output, which looks nicer. :)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Omnibus Update
Oh, rejoice we shall!
Massive Changes
Wordpress Migration
Due to some bugs inherent in the Bitnami Drupal container's initialization methods, I'm disinclined to continue using their image (namely, leveraging their MYSQL client bootstrapping portion (which establishes the database and users) requires you have a WORDPRESS variable set (meaning they didn't get around to cleaning up their script).
Moreover, I wasn't able to get it to pick up the right environment variables in a timely fashion. Wordpress, on the other hand, is not only well-documented in this respect, but also is used in our official GKE/CloudSQL documentation.
Initialization Procedure
Things are properly templated in Terraform variables, and default TFVARS, courtesy of the preflight script. To get things working properly, the only requirement is the presences of these executable binaries:
terraformgcloudAnd to have the proper settings inside of
gcloud, namely authentication, project, region/zone.Minor Changes
NFS GCE VM
I've upgraded the version of Ubuntu to 18.04 LTS, after playing around with Debian 9. There's some packaging post-install issues in Debian which don't really start NFS properly for us. I've also reworked the script substantially to both increase ease of comprehension and ease of use by internal and external users.
Housekeeping
Some files were moved around, renamed, and/or cleaned-up. Unused variables were removed. Unnecessary TF outputs were removed. Comments were tidied. The .gitignore file was updated. Stuff like this.
Kubernetes Stuff
The replica count is now 1. I suppose we can add a delay as was present, but to keep things simpler and let the user scale the deployment at their behest also seems attractive.
I've also added variable names to prevent metadata scrubbing (meaning it's easier to read by referencing 1 variable, rather than the output of another command which defines its name there (anti-pattern).
Last but not least, we're actually using secrets properly for the DB connection. Terraform didn't have adequate documentation, but in looking at their source code, it turns out secrets in environment variables are in fact resolvable.
Testing and Verification
From a blank-ish project:
And then things are accessible at the LB IP, where you can install Wordpress and login!