-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathmain.tf
More file actions
208 lines (176 loc) · 5.91 KB
/
main.tf
File metadata and controls
208 lines (176 loc) · 5.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
terraform {
required_version = ">= 1.0"
required_providers {
google = {
source = "hashicorp/google"
version = ">= 6.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "~> 2.0"
}
helm = {
source = "hashicorp/helm"
version = "~> 2.0"
}
random = {
source = "hashicorp/random"
version = "~> 3.0"
}
}
}
provider "google" {
project = var.project_id
region = var.region
}
# Configure kubernetes provider with GKE cluster credentials
data "google_client_config" "default" {}
provider "kubernetes" {
host = "https://${module.materialize.gke_cluster.endpoint}"
token = data.google_client_config.default.access_token
cluster_ca_certificate = base64decode(module.materialize.gke_cluster.ca_certificate)
}
provider "helm" {
kubernetes {
host = "https://${module.materialize.gke_cluster.endpoint}"
token = data.google_client_config.default.access_token
cluster_ca_certificate = base64decode(module.materialize.gke_cluster.ca_certificate)
}
}
module "materialize" {
# Referencing the root module directory:
source = "../.."
# Alternatively, you can use the GitHub source URL:
# source = "github.com/MaterializeInc/terraform-google-materialize?ref=v0.1.0"
project_id = var.project_id
region = var.region
prefix = var.prefix
network_config = {
subnet_cidr = "10.0.0.0/20"
pods_cidr = "10.48.0.0/14"
services_cidr = "10.52.0.0/20"
}
database_config = {
tier = "db-custom-2-4096"
version = "POSTGRES_15"
password = random_password.pass.result
}
labels = {
environment = "simple"
example = "true"
}
# System node group configuration
system_node_group_node_count = 2
system_node_group_machine_type = "n2-standard-4"
system_node_group_disk_size_gb = 100
system_node_group_min_nodes = 2
system_node_group_max_nodes = 2
# Materialize node group configuration
materialize_node_group_machine_type = "n2-highmem-8"
materialize_node_group_disk_size_gb = 100
materialize_node_group_min_nodes = 1
materialize_node_group_max_nodes = 2
materialize_node_group_local_ssd_count = 1
install_materialize_operator = true
operator_version = var.operator_version
orchestratord_version = var.orchestratord_version
install_cert_manager = var.install_cert_manager
use_self_signed_cluster_issuer = var.use_self_signed_cluster_issuer
# Once the operator is installed, you can define your Materialize instances here.
materialize_instances = var.materialize_instances
providers = {
google = google
kubernetes = kubernetes
helm = helm
}
}
variable "project_id" {
description = "GCP Project ID"
type = string
}
variable "region" {
description = "GCP Region"
type = string
default = "us-central1"
}
variable "prefix" {
description = "Used to prefix the names of the resources"
type = string
default = "mz-simple"
}
resource "random_password" "pass" {
length = 20
special = false
}
resource "random_password" "analytics_mz_system" {
length = 20
special = true
}
output "gke_cluster" {
description = "GKE cluster details"
value = module.materialize.gke_cluster
sensitive = true
}
output "service_accounts" {
description = "Service account details"
value = module.materialize.service_accounts
}
output "connection_strings" {
description = "Connection strings for metadata and persistence backends"
value = module.materialize.connection_strings
sensitive = true
}
output "load_balancer_details" {
description = "Details of the Materialize instance load balancers."
value = module.materialize.load_balancer_details
}
variable "operator_version" {
description = "Version of the Materialize operator to install"
type = string
default = null
}
output "network" {
description = "Network details"
value = module.materialize.network
}
variable "orchestratord_version" {
description = "Version of the Materialize orchestrator to install"
type = string
default = null
}
variable "materialize_instances" {
description = "List of Materialize instances to be created."
type = list(object({
name = string
namespace = optional(string)
database_name = string
create_database = optional(bool, true)
create_load_balancer = optional(bool, true)
internal_load_balancer = optional(bool, true)
environmentd_version = optional(string)
cpu_request = optional(string, "1")
memory_request = optional(string, "1Gi")
memory_limit = optional(string, "1Gi")
in_place_rollout = optional(bool, false)
request_rollout = optional(string)
force_rollout = optional(string)
balancer_memory_request = optional(string, "256Mi")
balancer_memory_limit = optional(string, "256Mi")
balancer_cpu_request = optional(string, "100m")
license_key = optional(string)
external_login_password_mz_system = optional(string, null)
authenticator_kind = optional(string, "None")
environmentd_extra_args = optional(list(string), [])
}))
default = []
}
variable "install_cert_manager" {
description = "Whether to install cert-manager."
type = bool
default = true
}
variable "use_self_signed_cluster_issuer" {
description = "Whether to install and use a self-signed ClusterIssuer for TLS. To work around limitations in Terraform, this will be treated as `false` if no materialize instances are defined."
type = bool
default = true
}