diff --git a/main.tf b/main.tf index cab46cb..437f434 100644 --- a/main.tf +++ b/main.tf @@ -15,51 +15,58 @@ */ resource "google_compute_instance_template" "default" { - count = "${var.module_enabled ? 1 : 0}" - project = "${var.project}" + count = var.module_enabled ? 1 : 0 + project = var.project name_prefix = "default-" - machine_type = "${var.machine_type}" + machine_type = var.machine_type - region = "${var.region}" + region = var.region - tags = ["${concat(list("allow-ssh"), var.target_tags)}"] + tags = concat(["allow-ssh"], var.target_tags) - labels = "${var.instance_labels}" + labels = var.instance_labels network_interface { - network = "${var.subnetwork == "" ? var.network : ""}" - subnetwork = "${var.subnetwork}" - access_config = ["${var.access_config}"] - address = "${var.network_ip}" - subnetwork_project = "${var.subnetwork_project == "" ? var.project : var.subnetwork_project}" + network = var.subnetwork == "" ? var.network : "" + subnetwork = var.subnetwork + dynamic "access_config" { + for_each = [var.access_config] + content { + } + } + network_ip = var.network_ip + subnetwork_project = var.subnetwork_project == "" ? var.project : var.subnetwork_project } - can_ip_forward = "${var.can_ip_forward}" + can_ip_forward = var.can_ip_forward disk { - auto_delete = "${var.disk_auto_delete}" + auto_delete = var.disk_auto_delete boot = true - source_image = "${var.compute_image}" + source_image = var.compute_image type = "PERSISTENT" - disk_type = "${var.disk_type}" - disk_size_gb = "${var.disk_size_gb}" - mode = "${var.mode}" + disk_type = var.disk_type + disk_size_gb = var.disk_size_gb + mode = var.mode } service_account { - email = "${var.service_account_email}" - scopes = ["${var.service_account_scopes}"] + email = var.service_account_email + scopes = var.service_account_scopes } - metadata = "${merge( - map("startup-script", "${var.startup_script}", "tf_depends_id", "${var.depends_id}"), - var.metadata - )}" + metadata = merge( + { + "startup-script" = var.startup_script + "tf_depends_id" = var.depends_id + }, + var.metadata, + ) scheduling { - preemptible = "${var.preemptible}" - automatic_restart = "${var.automatic_restart}" + preemptible = var.preemptible + automatic_restart = var.automatic_restart } lifecycle { @@ -68,217 +75,221 @@ resource "google_compute_instance_template" "default" { } resource "google_compute_instance_group_manager" "default" { - count = "${var.module_enabled && var.zonal ? 1 : 0}" - project = "${var.project}" - name = "${var.name}" + count = var.module_enabled && var.zonal ? 1 : 0 + project = var.project + name = var.name description = "compute VM Instance Group" - wait_for_instances = "${var.wait_for_instances}" + wait_for_instances = var.wait_for_instances - base_instance_name = "${var.name}" + base_instance_name = var.name - instance_template = "${google_compute_instance_template.default.self_link}" + instance_template = google_compute_instance_template.default[0].self_link - zone = "${var.zone}" + zone = var.zone - update_strategy = "${var.update_strategy}" + update_strategy = var.update_strategy - rolling_update_policy = ["${var.rolling_update_policy}"] - - target_pools = ["${var.target_pools}"] + target_pools = var.target_pools // There is no way to unset target_size when autoscaling is true so for now, jsut use the min_replicas value. // Issue: https://github.com/terraform-providers/terraform-provider-google/issues/667 - target_size = "${var.autoscaling ? var.min_replicas : var.size}" + target_size = var.autoscaling ? var.min_replicas : var.size named_port { - name = "${var.service_port_name}" - port = "${var.service_port}" - } - - auto_healing_policies = { - health_check = "${var.http_health_check ? element(concat(google_compute_health_check.mig-health-check.*.self_link, list("")), 0) : ""}" - initial_delay_sec = "${var.hc_initial_delay}" + name = var.service_port_name + port = var.service_port } provisioner "local-exec" { - when = "destroy" - command = "${var.local_cmd_destroy}" + when = destroy + command = var.local_cmd_destroy } provisioner "local-exec" { - when = "create" - command = "${var.local_cmd_create}" + when = create + command = var.local_cmd_create } } resource "google_compute_autoscaler" "default" { - count = "${var.module_enabled && var.autoscaling && var.zonal ? 1 : 0}" - name = "${var.name}" - zone = "${var.zone}" - project = "${var.project}" - target = "${google_compute_instance_group_manager.default.self_link}" - - autoscaling_policy = { - max_replicas = "${var.max_replicas}" - min_replicas = "${var.min_replicas}" - cooldown_period = "${var.cooldown_period}" - cpu_utilization = ["${var.autoscaling_cpu}"] - metric = ["${var.autoscaling_metric}"] - load_balancing_utilization = ["${var.autoscaling_lb}"] + count = var.module_enabled && var.autoscaling && var.zonal ? 1 : 0 + name = var.name + zone = var.zone + project = var.project + target = google_compute_instance_group_manager.default[0].self_link + + autoscaling_policy { + max_replicas = var.max_replicas + min_replicas = var.min_replicas + cooldown_period = var.cooldown_period } } data "google_compute_zones" "available" { - project = "${var.project}" - region = "${var.region}" + project = var.project + region = var.region } locals { distribution_zones = { - default = ["${data.google_compute_zones.available.names}"] - user = ["${var.distribution_policy_zones}"] + default = [data.google_compute_zones.available.names] + user = [var.distribution_policy_zones] } - dependency_id = "${element(concat(null_resource.region_dummy_dependency.*.id, list("disabled")), 0)}" + dependency_id = element( + concat(null_resource.region_dummy_dependency.*.id, ["disabled"]), + 0, + ) } resource "google_compute_region_instance_group_manager" "default" { - count = "${var.module_enabled && ! var.zonal ? 1 : 0}" - project = "${var.project}" - name = "${var.name}" + count = var.module_enabled && false == var.zonal ? 1 : 0 + project = var.project + name = var.name description = "compute VM Instance Group" - wait_for_instances = "${var.wait_for_instances}" - - base_instance_name = "${var.name}" - - instance_template = "${google_compute_instance_template.default.self_link}" + wait_for_instances = var.wait_for_instances - region = "${var.region}" + base_instance_name = var.name - update_strategy = "${var.update_strategy}" + instance_template = google_compute_instance_template.default[0].self_link - rolling_update_policy = ["${var.rolling_update_policy}"] + region = var.region - distribution_policy_zones = ["${local.distribution_zones["${length(var.distribution_policy_zones) == 0 ? "default" : "user"}"]}"] + distribution_policy_zones = [local.distribution_zones[length(var.distribution_policy_zones) == 0 ? "default" : "user"]] - target_pools = ["${var.target_pools}"] + target_pools = var.target_pools // There is no way to unset target_size when autoscaling is true so for now, jsut use the min_replicas value. // Issue: https://github.com/terraform-providers/terraform-provider-google/issues/667 - target_size = "${var.autoscaling ? var.min_replicas : var.size}" + target_size = var.autoscaling ? var.min_replicas : var.size auto_healing_policies { - health_check = "${var.http_health_check ? element(concat(google_compute_health_check.mig-health-check.*.self_link, list("")), 0) : ""}" - initial_delay_sec = "${var.hc_initial_delay}" + health_check = var.http_health_check ? element( + concat( + google_compute_health_check.mig-health-check.*.self_link, + [""], + ), + 0, + ) : "" + initial_delay_sec = var.hc_initial_delay } named_port { - name = "${var.service_port_name}" - port = "${var.service_port}" + name = var.service_port_name + port = var.service_port } provisioner "local-exec" { - when = "destroy" - command = "${var.local_cmd_destroy}" + when = destroy + command = var.local_cmd_destroy } provisioner "local-exec" { - when = "create" - command = "${var.local_cmd_create}" + when = create + command = var.local_cmd_create } // Initial instance verification can take 10-15m when a health check is present. - timeouts = { - create = "${var.http_health_check ? "15m" : "5m"}" + timeouts { + create = var.http_health_check ? "15m" : "5m" } } resource "google_compute_region_autoscaler" "default" { - count = "${var.module_enabled && var.autoscaling && ! var.zonal ? 1 : 0}" - name = "${var.name}" - region = "${var.region}" - project = "${var.project}" - target = "${google_compute_region_instance_group_manager.default.self_link}" - - autoscaling_policy = { - max_replicas = "${var.max_replicas}" - min_replicas = "${var.min_replicas}" - cooldown_period = "${var.cooldown_period}" - cpu_utilization = ["${var.autoscaling_cpu}"] - metric = ["${var.autoscaling_metric}"] - load_balancing_utilization = ["${var.autoscaling_lb}"] + count = var.module_enabled && var.autoscaling && false == var.zonal ? 1 : 0 + name = var.name + region = var.region + project = var.project + target = google_compute_region_instance_group_manager.default[0].self_link + + autoscaling_policy { + max_replicas = var.max_replicas + min_replicas = var.min_replicas + cooldown_period = var.cooldown_period } } resource "null_resource" "dummy_dependency" { - count = "${var.module_enabled && var.zonal ? 1 : 0}" - depends_on = ["google_compute_instance_group_manager.default"] + count = var.module_enabled && var.zonal ? 1 : 0 + depends_on = [google_compute_instance_group_manager.default] triggers = { - instance_template = "${element(google_compute_instance_template.default.*.self_link, 0)}" + instance_template = element(google_compute_instance_template.default.*.self_link, 0) } } resource "null_resource" "region_dummy_dependency" { - count = "${var.module_enabled && ! var.zonal ? 1 : 0}" - depends_on = ["google_compute_region_instance_group_manager.default"] + count = var.module_enabled && false == var.zonal ? 1 : 0 + depends_on = [google_compute_region_instance_group_manager.default] triggers = { - instance_template = "${element(google_compute_instance_template.default.*.self_link, 0)}" + instance_template = element(google_compute_instance_template.default.*.self_link, 0) } } resource "google_compute_firewall" "default-ssh" { - count = "${var.module_enabled && var.ssh_fw_rule ? 1 : 0}" - project = "${var.subnetwork_project == "" ? var.project : var.subnetwork_project}" + count = var.module_enabled && var.ssh_fw_rule ? 1 : 0 + project = var.subnetwork_project == "" ? var.project : var.subnetwork_project name = "${var.name}-vm-ssh" - network = "${var.network}" + network = var.network allow { protocol = "tcp" ports = ["22"] } - source_ranges = ["${var.ssh_source_ranges}"] + source_ranges = var.ssh_source_ranges target_tags = ["allow-ssh"] } resource "google_compute_health_check" "mig-health-check" { - count = "${var.module_enabled && var.http_health_check ? 1 : 0}" - name = "${var.name}" - project = "${var.project}" + count = var.module_enabled && var.http_health_check ? 1 : 0 + name = var.name + project = var.project - check_interval_sec = "${var.hc_interval}" - timeout_sec = "${var.hc_timeout}" - healthy_threshold = "${var.hc_healthy_threshold}" - unhealthy_threshold = "${var.hc_unhealthy_threshold}" + check_interval_sec = var.hc_interval + timeout_sec = var.hc_timeout + healthy_threshold = var.hc_healthy_threshold + unhealthy_threshold = var.hc_unhealthy_threshold http_health_check { - port = "${var.hc_port == "" ? var.service_port : var.hc_port}" - request_path = "${var.hc_path}" + port = var.hc_port == "" ? var.service_port : var.hc_port + request_path = var.hc_path } } resource "google_compute_firewall" "mig-health-check" { - count = "${var.module_enabled && var.http_health_check ? 1 : 0}" - project = "${var.subnetwork_project == "" ? var.project : var.subnetwork_project}" + count = var.module_enabled && var.http_health_check ? 1 : 0 + project = var.subnetwork_project == "" ? var.project : var.subnetwork_project name = "${var.name}-vm-hc" - network = "${var.network}" + network = var.network allow { protocol = "tcp" - ports = ["${var.hc_port == "" ? var.service_port : var.hc_port}"] + ports = [var.hc_port == "" ? var.service_port : var.hc_port] } source_ranges = ["130.211.0.0/22", "35.191.0.0/16"] - target_tags = ["${var.target_tags}"] + target_tags = var.target_tags } data "google_compute_instance_group" "zonal" { - count = "${var.zonal ? 1 : 0}" - zone = "${var.zone}" - project = "${var.project}" + count = var.zonal ? 1 : 0 + zone = var.zone + project = var.project // Use the dependency id which is recreated whenever the instance template changes to signal when to re-read the data source. - name = "${element(split("|", "${local.dependency_id}|${element(concat(google_compute_instance_group_manager.default.*.name, list("unused")), 0)}"), 1)}" + name = element( + split( + "|", + "${local.dependency_id}|${element( + concat( + google_compute_instance_group_manager.default.*.name, + ["unused"], + ), + 0, + )}", + ), + 1, + ) } diff --git a/outputs.tf b/outputs.tf index ae66a06..90b01d3 100644 --- a/outputs.tf +++ b/outputs.tf @@ -14,62 +14,80 @@ * limitations under the License. */ -output name { +output "name" { description = "Pass through of input `name`." - value = "${var.name}" + value = var.name } -output instance_template { +output "instance_template" { description = "Link to the instance_template for the group" - value = "${google_compute_instance_template.default.*.self_link}" + value = google_compute_instance_template.default.*.self_link } -output instance_group { +output "instance_group" { description = "Link to the `instance_group` property of the instance group manager resource." - value = "${element(concat(google_compute_instance_group_manager.default.*.instance_group, list("")), 0)}" + value = element( + concat( + google_compute_instance_group_manager.default.*.instance_group, + [""], + ), + 0, + ) } -output instances { +output "instances" { description = "List of instances in the instance group. Note that this can change dynamically depending on the current number of instances in the group and may be empty the first time read." - value = "${data.google_compute_instance_group.zonal.*.instances}" + value = data.google_compute_instance_group.zonal.*.instances } -output region_instance_group { +output "region_instance_group" { description = "Link to the `instance_group` property of the region instance group manager resource." - value = "${element(concat(google_compute_region_instance_group_manager.default.*.instance_group, list("")), 0)}" + value = element( + concat( + google_compute_region_instance_group_manager.default.*.instance_group, + [""], + ), + 0, + ) } -output target_tags { +output "target_tags" { description = "Pass through of input `target_tags`." - value = "${var.target_tags}" + value = var.target_tags } -output service_port { +output "service_port" { description = "Pass through of input `service_port`." - value = "${var.service_port}" + value = var.service_port } -output service_port_name { +output "service_port_name" { description = "Pass through of input `service_port_name`." - value = "${var.service_port_name}" + value = var.service_port_name } -output depends_id { +output "depends_id" { description = "Id of the dummy dependency created used for intra-module dependency creation with zonal groups." - value = "${element(concat(null_resource.dummy_dependency.*.id, list("")), 0)}" + value = element(concat(null_resource.dummy_dependency.*.id, [""]), 0) } -output region_depends_id { +output "region_depends_id" { description = "Id of the dummy dependency created used for intra-module dependency creation with regional groups." - value = "${element(concat(null_resource.region_dummy_dependency.*.id, list("")), 0)}" + value = element(concat(null_resource.region_dummy_dependency.*.id, [""]), 0) } -output network_ip { +output "network_ip" { description = "Pass through of input `network_ip`." - value = "${var.network_ip}" + value = var.network_ip } -output health_check { +output "health_check" { description = "The healthcheck for the managed instance group" - value = "${element(concat(google_compute_health_check.mig-health-check.*.self_link, list("")), 0)}" + value = element( + concat( + google_compute_health_check.mig-health-check.*.self_link, + [""], + ), + 0, + ) } diff --git a/variables.tf b/variables.tf index 6ec5307..7e06fbf 100644 --- a/variables.tf +++ b/variables.tf @@ -14,155 +14,155 @@ * limitations under the License. */ -variable module_enabled { +variable "module_enabled" { description = "" default = true } -variable project { +variable "project" { description = "The project to deploy to, if not set the default provider project is used." default = "" } -variable region { +variable "region" { description = "Region for cloud resources." default = "us-central1" } -variable zone { +variable "zone" { description = "Zone for managed instance groups." default = "us-central1-f" } -variable network { +variable "network" { description = "Name of the network to deploy instances to." default = "default" } -variable subnetwork { +variable "subnetwork" { description = "The subnetwork to deploy to" default = "default" } -variable subnetwork_project { +variable "subnetwork_project" { description = "The project the subnetwork belongs to. If not set, var.project is used instead." default = "" } -variable name { +variable "name" { description = "Name of the managed instance group." } -variable size { +variable "size" { description = "Target size of the managed instance group." default = 1 } -variable startup_script { +variable "startup_script" { description = "Content of startup-script metadata passed to the instance template." default = "" } -variable access_config { +variable "access_config" { description = "The access config block for the instances. Set to [] to remove external IP." - type = "list" + type = any default = [ - {}, + {} ] } -variable metadata { +variable "metadata" { description = "Map of metadata values to pass to instances." - type = "map" + type = map(string) default = {} } -variable can_ip_forward { +variable "can_ip_forward" { description = "Allow ip forwarding." default = false } -variable network_ip { +variable "network_ip" { description = "Set the network IP of the instance in the template. Useful for instance groups of size 1." default = "" } -variable machine_type { +variable "machine_type" { description = "Machine type for the VMs in the instance group." default = "f1-micro" } -variable compute_image { +variable "compute_image" { description = "Image used for compute VMs." default = "projects/debian-cloud/global/images/family/debian-9" } -variable wait_for_instances { +variable "wait_for_instances" { description = "Wait for all instances to be created/updated before returning" default = false } -variable update_strategy { +variable "update_strategy" { description = "The strategy to apply when the instance template changes." default = "NONE" } -variable rolling_update_policy { +variable "rolling_update_policy" { description = "The rolling update policy when update_strategy is ROLLING_UPDATE" - type = "list" + type = list(string) default = [] } -variable service_port { +variable "service_port" { description = "Port the service is listening on." } -variable service_port_name { +variable "service_port_name" { description = "Name of the port the service is listening on." } -variable target_tags { +variable "target_tags" { description = "Tag added to instances for firewall and networking." - type = "list" + type = list(string) default = ["allow-service"] } -variable instance_labels { +variable "instance_labels" { description = "Labels added to instances." - type = "map" + type = map(string) default = {} } -variable target_pools { +variable "target_pools" { description = "The target load balancing pools to assign this group to." - type = "list" + type = list(string) default = [] } -variable depends_id { +variable "depends_id" { description = "The ID of a resource that the instance group depends on." default = "" } -variable local_cmd_create { +variable "local_cmd_create" { description = "Command to run on create as local-exec provisioner for the instance group manager." default = ":" } -variable local_cmd_destroy { +variable "local_cmd_destroy" { description = "Command to run on destroy as local-exec provisioner for the instance group manager." default = ":" } -variable service_account_email { +variable "service_account_email" { description = "The email of the service account for the instance template." default = "default" } -variable service_account_scopes { +variable "service_account_scopes" { description = "List of scopes for the instance template service account" - type = "list" + type = list(string) default = [ "https://www.googleapis.com/auth/compute", @@ -172,39 +172,39 @@ variable service_account_scopes { ] } -variable zonal { +variable "zonal" { description = "Create a single-zone managed instance group. If false, a regional managed instance group is created." default = true } -variable distribution_policy_zones { +variable "distribution_policy_zones" { description = "The distribution policy for this managed instance group when zonal=false. Default is all zones in given region." - type = "list" + type = list(string) default = [] } -variable ssh_source_ranges { +variable "ssh_source_ranges" { description = "Network ranges to allow SSH from" - type = "list" + type = list(string) default = ["0.0.0.0/0"] } -variable disk_auto_delete { +variable "disk_auto_delete" { description = "Whether or not the disk should be auto-deleted." default = true } -variable disk_type { +variable "disk_type" { description = "The GCE disk type. Can be either pd-ssd, local-ssd, or pd-standard." default = "pd-ssd" } -variable disk_size_gb { +variable "disk_size_gb" { description = "The size of the image in gigabytes. If not specified, it will inherit the size of its base image." default = 0 } -variable mode { +variable "mode" { description = "The mode in which to attach this disk, either READ_WRITE or READ_ONLY." default = "READ_WRITE" } @@ -220,86 +220,86 @@ variable "automatic_restart" { } /* Autoscaling */ -variable autoscaling { +variable "autoscaling" { description = "Enable autoscaling." default = false } -variable max_replicas { +variable "max_replicas" { description = "Autoscaling, max replicas." default = 5 } -variable min_replicas { +variable "min_replicas" { description = "Autoscaling, min replics." default = 1 } -variable cooldown_period { +variable "cooldown_period" { description = "Autoscaling, cooldown period in seconds." default = 60 } -variable autoscaling_cpu { +variable "autoscaling_cpu" { description = "Autoscaling, cpu utilization policy block as single element array. https://www.terraform.io/docs/providers/google/r/compute_autoscaler.html#cpu_utilization" - type = "list" + type = list(string) default = [] } -variable autoscaling_metric { +variable "autoscaling_metric" { description = "Autoscaling, metric policy block as single element array. https://www.terraform.io/docs/providers/google/r/compute_autoscaler.html#metric" - type = "list" + type = list(string) default = [] } -variable autoscaling_lb { +variable "autoscaling_lb" { description = "Autoscaling, load balancing utilization policy block as single element array. https://www.terraform.io/docs/providers/google/r/compute_autoscaler.html#load_balancing_utilization" - type = "list" + type = list(string) default = [] } /* Health checks */ -variable http_health_check { +variable "http_health_check" { description = "Enable or disable the http health check for auto healing." default = true } -variable hc_initial_delay { +variable "hc_initial_delay" { description = "Health check, intial delay in seconds." default = 30 } -variable hc_interval { +variable "hc_interval" { description = "Health check, check interval in seconds." default = 30 } -variable hc_timeout { +variable "hc_timeout" { description = "Health check, timeout in seconds." default = 10 } -variable hc_healthy_threshold { +variable "hc_healthy_threshold" { description = "Health check, healthy threshold." default = 1 } -variable hc_unhealthy_threshold { +variable "hc_unhealthy_threshold" { description = "Health check, unhealthy threshold." default = 10 } -variable hc_port { +variable "hc_port" { description = "Health check, health check port, if different from var.service_port, if not given, var.service_port is used." default = "" } -variable hc_path { +variable "hc_path" { description = "Health check, the http path to check." default = "/" } -variable ssh_fw_rule { +variable "ssh_fw_rule" { description = "Whether or not the SSH Firewall Rule should be created" default = true }