feat: add support for GCP to bootstrap

verbotenj · verbotenj · commit 2ca79e3b550a · 2024-09-10T08:32:15.000-04:00
Signed-off-by: Ales Verbic &lt;averbic@applause.com&gt;
diff --git a/bootstrap/feature/main.tf b/bootstrap/feature/main.tf
@@ -31,9 +31,10 @@ variable "api_key_salt" {
 variable "dcu_per_frame" {
   type = map(string)
   default = {
-    "mainnet" = "10"
-    "preprod" = "5"
-    "preview" = "5"
+    "mainnet"        = "10"
+    "preprod"        = "5"
+    "preview"        = "5"
+    "vector-testnet" = "5"
   }
 }
 
diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -32,6 +32,9 @@ module "ogmios_v1_proxy" {
   proxy_image_tag = var.proxy_blue_image_tag
   extension_name  = var.extension_name
   networks        = var.networks
+  cloud_provider  = var.cloud_provider
+  dns_zone        = var.dns_zone
+  cluster_issuer  = var.cluster_issuer
   name            = "proxy"
 }
 
@@ -44,6 +47,9 @@ module "ogmios_v1_proxy_green" {
   extension_name  = var.extension_name
   networks        = ["mainnet", "preprod", "preview", "vector-testnet"]
   environment     = "green"
+  cloud_provider  = var.cloud_provider
+  dns_zone        = var.dns_zone
+  cluster_issuer  = var.cluster_issuer
   name            = "proxy-green"
 }
 
diff --git a/bootstrap/proxy/cert.tf b/bootstrap/proxy/cert.tf
@@ -25,7 +25,7 @@ resource "kubernetes_manifest" "certificate_cluster_wildcard_tls" {
 
       "issuerRef" = {
         "kind" = "ClusterIssuer"
-        "name" = "letsencrypt"
+        "name" = var.cluster_issuer
       }
       "secretName" = local.cert_secret_name
     }
diff --git a/bootstrap/proxy/main.tf b/bootstrap/proxy/main.tf
@@ -80,3 +80,18 @@ variable "dns_zone" {
   type    = string
   default = "demeter.run"
 }
+
+variable "cluster_issuer" {
+  type    = string
+  default = "letsencrypt"
+}
+
+variable "cloud_provider" {
+  type    = string
+  default = "aws"
+}
+
+variable "healthcheck_port" {
+  type    = number
+  default = null
+}
diff --git a/bootstrap/proxy/service.tf b/bootstrap/proxy/service.tf
@@ -1,13 +1,15 @@
-resource "kubernetes_service_v1" "proxy_service" {
+resource "kubernetes_service_v1" "proxy_service_aws" {
+  for_each = toset([for n in toset(["loadbalancer"]) : n if var.cloud_provider == "aws"])
   metadata {
     name      = local.name
     namespace = var.namespace
     annotations = {
       "service.beta.kubernetes.io/aws-load-balancer-nlb-target-type" : "instance"
       "service.beta.kubernetes.io/aws-load-balancer-scheme" : "internet-facing"
       "service.beta.kubernetes.io/aws-load-balancer-type" : "external"
-      "service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol" : "HTTPS"
+      "service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol" : "HTTP"
       "service.beta.kubernetes.io/aws-load-balancer-healthcheck-path" : "/healthz"
+      "service.beta.kubernetes.io/aws-load-balancer-healthcheck-port" : var.healthcheck_port != null ? var.healthcheck_port : "traffic-port"
     }
   }
 
@@ -17,11 +19,51 @@ resource "kubernetes_service_v1" "proxy_service" {
 
     port {
       name        = "proxy"
-      port        = 443
+      port        = 9443
       target_port = local.proxy_port
       protocol    = "TCP"
     }
 
+
+    port {
+      name        = "health"
+      port        = 80
+      target_port = local.prometheus_port
+      protocol    = "TCP"
+    }
+
+    type = "LoadBalancer"
+  }
+}
+
+resource "kubernetes_service_v1" "proxy_service_gcp" {
+  for_each = toset([for n in toset(["loadbalancer"]) : n if var.cloud_provider == "gcp"])
+  metadata {
+    name      = local.name
+    namespace = var.namespace
+    annotations = {
+      "cloud.google.com/l4-rbs" : "enabled"
+    }
+  }
+
+  spec {
+    external_traffic_policy = "Local"
+    selector                = local.proxy_labels
+
+    port {
+      name        = "proxy"
+      port        = 9443
+      target_port = local.proxy_port
+      protocol    = "TCP"
+    }
+
+    port {
+      name        = "health"
+      port        = 80
+      target_port = local.prometheus_port
+      protocol    = "TCP"
+    }
+
     type = "LoadBalancer"
   }
 }
diff --git a/bootstrap/variables.tf b/bootstrap/variables.tf
@@ -7,11 +7,20 @@ variable "dns_zone" {
   default = "demeter.run"
 }
 
+variable "cluster_issuer" {
+  type    = string
+  default = "letsencrypt"
+}
+
 variable "extension_name" {
   type    = string
   default = "ogmios-m1"
 }
 
+variable "cloud_provider" {
+  type    = string
+  default = "aws"
+}
 
 variable "networks" {
   type    = list(string)
@@ -37,9 +46,10 @@ variable "api_key_salt" {
 variable "dcu_per_frame" {
   type = map(string)
   default = {
-    "mainnet" = "10"
-    "preprod" = "5"
-    "preview" = "5"
+    "mainnet"        = "10"
+    "preprod"        = "5"
+    "preview"        = "5"
+    "vector-testnet" = "5"
   }
 }
 
@@ -128,7 +138,6 @@ variable "proxy_resources" {
   }
 }
 
-
 variable "instances" {
   type = map(object({
     salt             = string

Original file line number	Diff line number	Diff line change
`@@ -31,9 +31,10 @@ variable "api_key_salt" {`
`31`	`31`	`variable "dcu_per_frame" {`
`32`	`32`	`type = map(string)`
`33`	`33`	`default = {`
`34`		`- "mainnet" = "10"`
`35`		`- "preprod" = "5"`
`36`		`- "preview" = "5"`
	`34`	`+ "mainnet" = "10"`
	`35`	`+ "preprod" = "5"`
	`36`	`+ "preview" = "5"`
	`37`	`+ "vector-testnet" = "5"`
`37`	`38`	`}`
`38`	`39`	`}`
`39`	`40`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ resource "kubernetes_manifest" "certificate_cluster_wildcard_tls" {`
`25`	`25`
`26`	`26`	`"issuerRef" = {`
`27`	`27`	`"kind" = "ClusterIssuer"`
`28`		`- "name" = "letsencrypt"`
	`28`	`+ "name" = var.cluster_issuer`
`29`	`29`	`}`
`30`	`30`	`"secretName" = local.cert_secret_name`
`31`	`31`	`}`