Migrated MIG example to TF 0.12 syntax and compatible modules

ref: terraform-google-modules#28 ``` [/workspace/google/terraform-google-container-vm/examples/managed_instance_group]$ terraform apply -auto-approve module.gce-container.data.external.spec_as_yaml: Refreshing state... module.mig.data.google_compute_zones.available: Refreshing state... module.mig_template.data.google_compute_image.image_family: Refreshing state... module.gce-container.data.google_compute_image.coreos: Refreshing state... module.mig_template.data.google_compute_image.image: Refreshing state... module.cloud-nat.random_string.name_suffix: Creating... module.http-lb.google_compute_global_address.default: Creating... module.cloud-nat.random_string.name_suffix: Creation complete after 0s [id=725bw2] module.http-lb.google_compute_http_health_check.default[0]: Creating... google_compute_network.default: Creating... google_compute_firewall.lb-to-instances: Creating... module.http-lb.google_compute_http_health_check.default[0]: Creation complete after 5s [id=mig-test-lb-backend-0] module.http-lb.google_compute_global_address.default: Creation complete after 5s [id=mig-test-lb-address] google_compute_network.default: Still creating... [10s elapsed] google_compute_firewall.lb-to-instances: Still creating... [10s elapsed] google_compute_firewall.lb-to-instances: Creation complete after 18s [id=mig-test-firewall-lb-to-instances] google_compute_network.default: Still creating... [20s elapsed] google_compute_network.default: Creation complete after 28s [id=mig-net] google_compute_router.default: Creating... google_compute_subnetwork.default: Creating... module.http-lb.google_compute_firewall.default-hc[0]: Creating... google_compute_router.default: Creation complete after 5s [id=us-east4/mig-net-gw-group1] module.cloud-nat.google_compute_router_nat.main: Creating... google_compute_subnetwork.default: Still creating... [10s elapsed] module.http-lb.google_compute_firewall.default-hc[0]: Still creating... [10s elapsed] module.cloud-nat.google_compute_router_nat.main: Still creating... [10s elapsed] module.http-lb.google_compute_firewall.default-hc[0]: Creation complete after 17s [id=mig-test-lb-hc-0] google_compute_subnetwork.default: Still creating... [20s elapsed] module.cloud-nat.google_compute_router_nat.main: Creation complete after 17s [id=us-east4/mig-net-gw-group1/mig-net-cloud-nat-group1] google_compute_subnetwork.default: Creation complete after 30s [id=us-east4/mig-net] module.mig_template.google_compute_instance_template.tpl: Creating... module.mig_template.google_compute_instance_template.tpl: Creation complete after 4s [id=mig-net-20190911232353889100000001] module.mig.google_compute_region_instance_group_manager.mig: Creating... module.mig.google_compute_region_instance_group_manager.mig: Still creating... [10s elapsed] module.mig.google_compute_region_instance_group_manager.mig: Creation complete after 20s [id=gl-ivankorniienko-seed-251912/us-east4/mig-net-mig] module.http-lb.google_compute_backend_service.default[0]: Creating... module.http-lb.google_compute_backend_service.default[0]: Creation complete after 8s [id=mig-test-lb-backend-0] module.http-lb.google_compute_url_map.default[0]: Creating... module.http-lb.google_compute_url_map.default[0]: Creation complete after 5s [id=mig-test-lb-url-map] module.http-lb.google_compute_target_http_proxy.default[0]: Creating... module.http-lb.google_compute_target_http_proxy.default[0]: Creation complete after 4s [id=mig-test-lb-http-proxy] module.http-lb.google_compute_global_forwarding_rule.http[0]: Creating... module.http-lb.google_compute_global_forwarding_rule.http[0]: Still creating... [10s elapsed] module.http-lb.google_compute_global_forwarding_rule.http[0]: Creation complete after 18s [id=mig-test-lb] Apply complete! Resources: 15 added, 0 changed, 0 destroyed. Outputs: container = { "image" = "gcr.io/google-samples/hello-app:1.0" } http_address = 34.102.132.47 http_port = 80 project_id = gl-ivankorniienko-seed-251912 vm_container_label = cos-stable-76-12239-60-0 volumes = [] ```
ivankorn · Sep 11, 2019 · 4ff9f7f · 4ff9f7f
1 parent eea19bd
commit 4ff9f7f
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 52 deletions.
diff --git a/examples/managed_instance_group/main.tf b/examples/managed_instance_group/main.tf
@@ -19,10 +19,18 @@ locals {
     "130.211.0.0/22",
     "35.191.0.0/16",
   ]
+  target_tags                    = [
+    "container-vm-test-mig"]
 }
 
 provider "google" {
-  region = var.region
+  project = var.project_id
+  version = "~> 2.7.0"
+}
+
+provider "google-beta" {
+  project = var.project_id
+  version = "~> 2.7.0"
 }
 
 module "gce-container" {
@@ -33,43 +41,76 @@ module "gce-container" {
   }
 }
 
-module "mig" {
-  source             = "GoogleCloudPlatform/managed-instance-group/google"
-  version            = "1.1.14"
-  project            = var.project_id
-  region             = var.region
-  zone               = var.zone
-  name               = var.mig_name
-  machine_type       = var.machine_type
-  compute_image      = module.gce-container.source_image
-  size               = var.mig_instance_count
-  service_port       = var.image_port
-  service_port_name  = "http"
-  http_health_check  = "true"
-  subnetwork         = var.subnetwork
-  subnetwork_project = var.subnetwork_project
-  ssh_source_ranges  = ["0.0.0.0/0"]
-  target_tags        = ["container-vm-test-mig"]
-
-  metadata = merge(var.additional_metadata, map("gce-container-declaration", module.gce-container.metadata_value))
-
-  instance_labels = {
+resource "google_compute_network" "default" {
+  name                    = var.network
+  auto_create_subnetworks = "false"
+}
+
+resource "google_compute_subnetwork" "default" {
+  name                     = var.network
+  ip_cidr_range            = "10.125.0.0/20"
+  network                  = google_compute_network.default.self_link
+  region                   = var.region
+  private_ip_google_access = true
+}
+
+# Router and Cloud NAT are required for installing packages from repos (apache, php etc)
+resource "google_compute_router" "default" {
+  name    = "${var.network}-gw-group1"
+  network = google_compute_network.default.self_link
+  region  = var.region
+}
+
+module "cloud-nat" {
+  source     = "terraform-google-modules/cloud-nat/google"
+  version    = "1.0.0"
+  router     = google_compute_router.default.name
+  project_id = var.project_id
+  region     = var.region
+  name       = "${var.network}-cloud-nat-group1"
+}
+
+module "mig_template" {
+  source               = "terraform-google-modules/vm/google//modules/instance_template"
+  version              = "1.0.0"
+  network              = google_compute_network.default.self_link
+  subnetwork           = google_compute_subnetwork.default.self_link
+  service_account      = var.service_account
+  name_prefix          = var.network
+  source_image_family  = "cos-stable"
+  source_image_project = "cos-cloud"
+  source_image         = reverse(split("/", module.gce-container.source_image))[0]
+  metadata             = merge(var.additional_metadata, map("gce-container-declaration", module.gce-container.metadata_value))
+  tags                 = [
+    "container-vm-test-mig"]
+  labels               = {
     "container-vm" = module.gce-container.vm_container_label
   }
+}
 
-  service_account_scopes = [
-    "https://www.googleapis.com/auth/cloud-platform",
-  ]
-
-  wait_for_instances = true
+module "mig" {
+  source            = "terraform-google-modules/vm/google//modules/mig"
+  version           = "1.0.0"
+  instance_template = module.mig_template.self_link
+  region            = var.region
+  hostname          = var.network
+  target_size       = var.mig_instance_count
+  named_ports       = [
+    {
+      name = "http",
+      port = var.image_port
+    }]
+  network           = google_compute_network.default.self_link
+  subnetwork        = var.subnetwork
 }
 
 module "http-lb" {
-  source            = "github.com/GoogleCloudPlatform/terraform-google-lb-http"
+  source            = "../../../terraform-google-lb-http/"
   project           = var.project_id
   name              = "${var.mig_name}-lb"
-  firewall_networks = []
-  target_tags       = [module.mig.target_tags]
+  firewall_networks = [
+    google_compute_network.default.self_link]
+  target_tags       = local.target_tags
 
   backends = {
     "0" = [
@@ -91,9 +132,10 @@ resource "google_compute_firewall" "lb-to-instances" {
 
   allow {
     protocol = "tcp"
-    ports    = [var.image_port]
+    ports    = [
+      var.image_port]
   }
 
-  source_ranges = [local.google_load_balancer_ip_ranges]
-  target_tags   = [module.mig.target_tags]
+  source_ranges = local.google_load_balancer_ip_ranges
+  target_tags   = local.target_tags
 }
diff --git a/examples/managed_instance_group/outputs.tf b/examples/managed_instance_group/outputs.tf
@@ -19,11 +19,6 @@ output "project_id" {
   value       = var.project_id
 }
 
-output "zone" {
-  description = "The zone the GCE instance was deployed into"
-  value       = var.zone
-}
-
 output "vm_container_label" {
   description = "The instance label containing container configuration"
   value       = module.gce-container.vm_container_label

diff --git a/examples/managed_instance_group/variables.tf b/examples/managed_instance_group/variables.tf
@@ -18,12 +18,9 @@ variable "project_id" {
   description = "The project ID to deploy resource into"
 }
 
-variable "subnetwork_project" {
-  description = "The project ID where the desired subnetwork is provisioned"
-}
-
 variable "subnetwork" {
   description = "The name of the subnetwork to deploy instances into"
+  default     = "mig-subnet"
 }
 
 variable "mig_name" {
@@ -38,30 +35,37 @@ variable "mig_instance_count" {
 
 variable "image" {
   description = "The Docker image to deploy to GCE instances"
+  default     = "gcr.io/google-samples/hello-app:1.0"
 }
 
 variable "image_port" {
   description = "The port the image exposes for HTTP requests"
-}
-
-variable "restart_policy" {
-  description = "The desired Docker restart policy for the deployed image"
-}
-
-variable "machine_type" {
-  description = "The GCP machine type to deploy"
+  default     = 80
 }
 
 variable "region" {
   description = "The GCP region to deploy instances into"
 }
 
-variable "zone" {
-  description = "The GCP zone to deploy instances into"
+variable "network" {
+  description = "The GCP network"
+  default     = "mig-net"
 }
 
 variable "additional_metadata" {
   type        = "map"
   description = "Additional metadata to attach to the instance"
   default     = {}
 }
+
+variable "service_account" {
+  type    = object({
+    email  = string,
+    scopes = list(string)
+  })
+  default = {
+    email  = ""
+    scopes = [
+      "cloud-platform"]
+  }
+}