DO NOT MERGE: Prototype GCP installer-provisioned-infra #1109
Conversation
This wires a minimum of create logic and behavior to enable a new platform 'google' (name should be 'gcp', but terraform fails when platform name != terraform-cloud-provider name). The destroy function is wired directly to terraform for now and is considered a bare minimum step. The terraform steps are consistent with AWS and the 3.11 provisioning playbooks in openshift-ansible - roughly: 1. Create bootstrap in zone[1], masters in zones[1..3] 2. Use internal network load balancer for masters 3. Use TCP proxy for external load balancer 4. (no domain name setup yet) 5. Directly inject bootstrap.ign to user-data since we can on GCP 6. Using a hardcoded maipo image since we don't have a continuous run 7. Create a service account for the bootstrap 8. Wire through instance size, disk, and disk size
openshift-ci-robot
added
the
size/XXL
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: smarterclayton The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
@flaper87 Didn't you write some docs tracking everything that was needed for OpenStack that could possibly help with the documentation goal written here? |
|
please comment on #1112 |
| err := survey.Ask([]*survey.Question{ | ||
| { | ||
| Prompt: &survey.Input{ | ||
| Message: "AWS Access Key ID", |
There was a problem hiding this comment.
yeah, I don't take credentials yet. Once we settle on behavior of the various operators on unrecognized clouds I'm going to go open a bunch of PRs /bugs and then push through more.
| user-data = "${var.ignition}" | ||
| } | ||
|
|
||
| tags = ["ocp", "ocp-master"] |
There was a problem hiding this comment.
I recommend adding the the ability for a user to add additional tags to this list. This will be necessary for environments with restrictive GCP firewalls that require specific tags to be set to allow network communication.
|
|
||
| network_interface = { | ||
| network = "${var.subnetwork != "" ? "" : var.network}" | ||
| subnetwork = "${var.subnetwork}" |
There was a problem hiding this comment.
Some environments may require using a GCP Shared VPC. The above code will not work with a Shared VPC.
| @@ -0,0 +1,75 @@ | |||
| resource "google_compute_instance" "master" { | |||
There was a problem hiding this comment.
You might want to consider adding a scheduling block to the master GCE instance. Something like this ...
scheduling {
automatic_restart = "true"
on_host_maintenance = "MIGRATE"
preemptible = "false"
}
By default the Terraform Google Cloud Provider will not enable automatic_restart if you don't explicitly set it. Looks like this will be be fixed in version 2.0 of the provider. See hashicorp/terraform-provider-google#2638 for details.
|
|
||
| network_interface = { | ||
| network = "${var.subnetwork != "" ? "" : var.network}" | ||
| subnetwork = "${var.subnetwork}" |
There was a problem hiding this comment.
Similar comment as above regarding GCP Shared VPC. Some users may require using a Shared VPC.
| health_checks = ["${google_compute_health_check.masters.self_link}"] | ||
| } | ||
|
|
||
| resource "google_compute_target_tcp_proxy" "master" { |
There was a problem hiding this comment.
It looks like this load balancer is Internet facing. Do you have plans to support a GCP ILB at some point in the future?
| @@ -0,0 +1,163 @@ | |||
| // Package aws collects AWS-specific configuration. | |||
There was a problem hiding this comment.
Maybe change this to // Package google collects GCP-specfic configuration.
| Logger logrus.FieldLogger | ||
| } | ||
|
|
||
| // New returns an OpenStack destroyer from ClusterMetadata. |
| ) | ||
|
|
||
| var ( | ||
| // Regions is a map of the known AWS regions. The key of the map is |
| // the short name of the region. The value of the map is the long | ||
| // name of the region. | ||
| Regions = map[string]string{ | ||
| "us-central1": "Ohio", |
There was a problem hiding this comment.
Probably doesn't matter, but us-central1 is in Iowa.
|
@smarterclayton: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
needs-rebase
|
@smarterclayton: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
IPI for GCP was implemented using this. and this is now obsolete. /close |
|
@abhinavdahiya: Closed this PR. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
6 participants
This is a prototype to assist in documenting how someone would add a new platform to OpenShift.
STATUS: Currently blocked because MCO panics with no such platform
This wires a minimum of create logic and behavior to enable a new platform 'google' (name should be 'gcp', but terraform fails when platform name != terraform-cloud-provider name). The destroy function is wired directly to terraform for now and is considered a bare minimum step.
The terraform steps are consistent with AWS and the 3.11 provisioning playbooks in openshift-ansible - roughly:
TODO: